1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SANDBOX_WIN_SRC_POLICY_TARGET_H_ 6 #define SANDBOX_WIN_SRC_POLICY_TARGET_H_ 7 8 #include "sandbox/win/src/ipc_tags.h" 9 #include "sandbox/win/src/nt_internals.h" 10 #include "sandbox/win/src/sandbox_types.h" 11 12 namespace sandbox { 13 14 struct CountedParameterSetBase; 15 16 // Performs a policy lookup and returns true if the request should be passed to 17 // the broker process. 18 bool QueryBroker(IpcTag ipc_id, CountedParameterSetBase* params); 19 20 extern "C" { 21 22 // Interception of NtSetInformationThread on the child process. 23 // It should never be called directly. 24 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtSetInformationThread( 25 NtSetInformationThreadFunction orig_SetInformationThread, HANDLE thread, 26 NT_THREAD_INFORMATION_CLASS thread_info_class, PVOID thread_information, 27 ULONG thread_information_bytes); 28 29 // Interception of NtOpenThreadToken on the child process. 30 // It should never be called directly 31 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThreadToken( 32 NtOpenThreadTokenFunction orig_OpenThreadToken, HANDLE thread, 33 ACCESS_MASK desired_access, BOOLEAN open_as_self, PHANDLE token); 34 35 // Interception of NtOpenThreadTokenEx on the child process. 36 // It should never be called directly 37 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThreadTokenEx( 38 NtOpenThreadTokenExFunction orig_OpenThreadTokenEx, HANDLE thread, 39 ACCESS_MASK desired_access, BOOLEAN open_as_self, ULONG handle_attributes, 40 PHANDLE token); 41 42 } // extern "C" 43 44 } // namespace sandbox 45 46 #endif // SANDBOX_WIN_SRC_POLICY_TARGET_H_ 47