1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef SERVICES_SERVICE_MANAGER_SANDBOX_SANDBOX_TYPE_H_
6 #define SERVICES_SERVICE_MANAGER_SANDBOX_SANDBOX_TYPE_H_
7 
8 #include <string>
9 
10 #include "base/command_line.h"
11 #include "build/build_config.h"
12 #include "services/service_manager/sandbox/export.h"
13 
14 namespace service_manager {
15 
16 // Defines the sandbox types known within the servicemanager.
17 enum class SandboxType {
18   // Not a valid sandbox type.
19   kInvalid = -1,
20 
21   // Do not apply any sandboxing to the process.
22   kNoSandbox,
23 
24 #if defined(OS_WIN)
25   // Do not apply any sandboxing and elevate the privileges of the process.
26   kNoSandboxAndElevatedPrivileges,
27 
28   // The XR Compositing process.
29   kXrCompositing,
30 
31   // The proxy resolver process.
32   kProxyResolver,
33 
34   // The PDF conversion service process used in printing.
35   kPdfConversion,
36 #endif
37 
38 #if defined(OS_FUCHSIA)
39   // Sandbox type for the web::Context process on Fuchsia. Functionally it's an
40   // equivalent of the browser process on other platforms.
41   kWebContext,
42 #endif
43 
44   // Renderer or worker process. Most common case.
45   kRenderer,
46 
47   // Utility processes. Used by most isolated services.
48   kUtility,
49 
50   // GPU process.
51   kGpu,
52 
53   // The PPAPI plugin process.
54   kPpapi,
55 
56   // The network service process.
57   kNetwork,
58 
59   // The CDM service process.
60   kCdm,
61 
62 #if defined(OS_MACOSX)
63   // The NaCl loader process.
64   kNaClLoader,
65 #endif  // defined(OS_MACOSX)
66 
67   // The print compositor service process.
68   kPrintCompositor,
69 
70   // The audio service process.
71   kAudio,
72 
73 #if defined(OS_CHROMEOS)
74   kIme,
75 #endif  // defined(OS_CHROMEOS)
76 
77 #if !defined(OS_MACOSX)
78   // Hosts WebRTC for Sharing Service, uses kUtility on OS_MACOSX.
79   kSharingService,
80 #endif
81 
82   // The Speech On-Device API service process.
83   kSoda,
84 
85   kMaxValue = kSoda
86 };
87 
88 SERVICE_MANAGER_SANDBOX_EXPORT bool IsUnsandboxedSandboxType(
89     SandboxType sandbox_type);
90 
91 SERVICE_MANAGER_SANDBOX_EXPORT void SetCommandLineFlagsForSandboxType(
92     base::CommandLine* command_line,
93     SandboxType sandbox_type);
94 
95 SERVICE_MANAGER_SANDBOX_EXPORT SandboxType
96 SandboxTypeFromCommandLine(const base::CommandLine& command_line);
97 
98 SERVICE_MANAGER_SANDBOX_EXPORT std::string StringFromUtilitySandboxType(
99     SandboxType sandbox_type);
100 
101 SERVICE_MANAGER_SANDBOX_EXPORT SandboxType
102 UtilitySandboxTypeFromString(const std::string& sandbox_string);
103 
104 SERVICE_MANAGER_SANDBOX_EXPORT void EnableAudioSandbox(bool enable);
105 
106 SERVICE_MANAGER_SANDBOX_EXPORT bool IsAudioSandboxEnabled();
107 
108 }  // namespace service_manager
109 
110 #endif  // SERVICES_SERVICE_MANAGER_SANDBOX_SANDBOX_TYPE_H_
111