1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 6 #define SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 7 8 #include "base/process/kill.h" 9 #include "base/process/launch.h" 10 11 namespace sandbox { 12 13 #ifdef __MINGW32__ 14 // Map Microsoft's proprietary more-safe version of copy() back to 15 // the std::basic_string method 16 #define _Copy_s copy 17 #endif 18 19 // Operation result codes returned by the sandbox API. 20 // 21 // Note: These codes are listed in a histogram and any new codes should be added 22 // at the end. If the underlying type is changed then the forward declaration in 23 // sandbox_init.h must be updated. 24 // 25 enum ResultCode : int { 26 SBOX_ALL_OK = 0, 27 // Error is originating on the win32 layer. Call GetlastError() for more 28 // information. 29 SBOX_ERROR_GENERIC = 1, 30 // An invalid combination of parameters was given to the API. 31 SBOX_ERROR_BAD_PARAMS = 2, 32 // The desired operation is not supported at this time. 33 SBOX_ERROR_UNSUPPORTED = 3, 34 // The request requires more memory that allocated or available. 35 SBOX_ERROR_NO_SPACE = 4, 36 // The ipc service requested does not exist. 37 SBOX_ERROR_INVALID_IPC = 5, 38 // The ipc service did not complete. 39 SBOX_ERROR_FAILED_IPC = 6, 40 // The requested handle was not found. 41 SBOX_ERROR_NO_HANDLE = 7, 42 // This function was not expected to be called at this time. 43 SBOX_ERROR_UNEXPECTED_CALL = 8, 44 // WaitForAllTargets is already called. 45 SBOX_ERROR_WAIT_ALREADY_CALLED = 9, 46 // A channel error prevented DoCall from executing. 47 SBOX_ERROR_CHANNEL_ERROR = 10, 48 // Failed to create the alternate desktop. 49 SBOX_ERROR_CANNOT_CREATE_DESKTOP = 11, 50 // Failed to create the alternate window station. 51 SBOX_ERROR_CANNOT_CREATE_WINSTATION = 12, 52 // Failed to switch back to the interactive window station. 53 SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION = 13, 54 // The supplied AppContainer is not valid. 55 SBOX_ERROR_INVALID_APP_CONTAINER = 14, 56 // The supplied capability is not valid. 57 SBOX_ERROR_INVALID_CAPABILITY = 15, 58 // There is a failure initializing the AppContainer. 59 SBOX_ERROR_CANNOT_INIT_APPCONTAINER = 16, 60 // Initializing or updating ProcThreadAttributes failed. 61 SBOX_ERROR_PROC_THREAD_ATTRIBUTES = 17, 62 // Error in creating process. 63 SBOX_ERROR_CREATE_PROCESS = 18, 64 // Failure calling delegate PreSpawnTarget. 65 SBOX_ERROR_DELEGATE_PRE_SPAWN = 19, 66 // Could not assign process to job object. 67 SBOX_ERROR_ASSIGN_PROCESS_TO_JOB_OBJECT = 20, 68 // Could not assign process to job object. 69 SBOX_ERROR_SET_THREAD_TOKEN = 21, 70 // Could not get thread context of new process. 71 SBOX_ERROR_GET_THREAD_CONTEXT = 22, 72 // Could not duplicate target info of new process. 73 SBOX_ERROR_DUPLICATE_TARGET_INFO = 23, 74 // Could not set low box token. 75 SBOX_ERROR_SET_LOW_BOX_TOKEN = 24, 76 // Could not create file mapping for IPC dispatcher. 77 SBOX_ERROR_CREATE_FILE_MAPPING = 25, 78 // Could not duplicate shared section into target process for IPC dispatcher. 79 SBOX_ERROR_DUPLICATE_SHARED_SECTION = 26, 80 // Could not map view of shared memory in broker. 81 SBOX_ERROR_MAP_VIEW_OF_SHARED_SECTION = 27, 82 // Could not apply ASLR mitigations to target process. 83 SBOX_ERROR_APPLY_ASLR_MITIGATIONS = 28, 84 // Could not setup one of the required interception services. 85 SBOX_ERROR_SETUP_BASIC_INTERCEPTIONS = 29, 86 // Could not setup basic interceptions. 87 SBOX_ERROR_SETUP_INTERCEPTION_SERVICE = 30, 88 // Could not initialize interceptions. This usually means 3rd party software 89 // is stomping on our hooks, or can sometimes mean the syscall format has 90 // changed. 91 SBOX_ERROR_INITIALIZE_INTERCEPTIONS = 31, 92 // Could not setup the imports for ntdll in target process. 93 SBOX_ERROR_SETUP_NTDLL_IMPORTS = 32, 94 // Could not setup the handle closer in target process. 95 SBOX_ERROR_SETUP_HANDLE_CLOSER = 33, 96 // Cannot get the current Window Station. 97 SBOX_ERROR_CANNOT_GET_WINSTATION = 34, 98 // Cannot query the security attributes of the current Window Station. 99 SBOX_ERROR_CANNOT_QUERY_WINSTATION_SECURITY = 35, 100 // Cannot get the current Desktop. 101 SBOX_ERROR_CANNOT_GET_DESKTOP = 36, 102 // Cannot query the security attributes of the current Desktop. 103 SBOX_ERROR_CANNOT_QUERY_DESKTOP_SECURITY = 37, 104 // Cannot setup the interception manager config buffer. 105 SBOX_ERROR_CANNOT_SETUP_INTERCEPTION_CONFIG_BUFFER = 38, 106 // Cannot copy data to the child process. 107 SBOX_ERROR_CANNOT_COPY_DATA_TO_CHILD = 39, 108 // Cannot setup the interception thunk. 109 SBOX_ERROR_CANNOT_SETUP_INTERCEPTION_THUNK = 40, 110 // Cannot resolve the interception thunk. 111 SBOX_ERROR_CANNOT_RESOLVE_INTERCEPTION_THUNK = 41, 112 // Cannot write interception thunk to child process. 113 SBOX_ERROR_CANNOT_WRITE_INTERCEPTION_THUNK = 42, 114 // Cannot find the base address of the new process. 115 SBOX_ERROR_CANNOT_FIND_BASE_ADDRESS = 43, 116 // Cannot create the AppContainer profile. 117 SBOX_ERROR_CREATE_APPCONTAINER_PROFILE = 44, 118 // Cannot create the AppContainer as the main executable can't be accessed. 119 SBOX_ERROR_CREATE_APPCONTAINER_PROFILE_ACCESS_CHECK = 45, 120 // Cannot create the AppContainer as adding a capability failed. 121 SBOX_ERROR_CREATE_APPCONTAINER_PROFILE_CAPABILITY = 46, 122 // Cannot initialize a job object. 123 SBOX_ERROR_CANNOT_INIT_JOB = 47, 124 // Invalid LowBox SID string. 125 SBOX_ERROR_INVALID_LOWBOX_SID = 48, 126 // Cannot create restricted token. 127 SBOX_ERROR_CANNOT_CREATE_RESTRICTED_TOKEN = 49, 128 // Cannot set the integrity level on a desktop object. 129 SBOX_ERROR_CANNOT_SET_DESKTOP_INTEGRITY = 50, 130 // Cannot create a LowBox token. 131 SBOX_ERROR_CANNOT_CREATE_LOWBOX_TOKEN = 51, 132 // Cannot modify LowBox token's DACL. 133 SBOX_ERROR_CANNOT_MODIFY_LOWBOX_TOKEN_DACL = 52, 134 // Cannot create restricted impersonation token. 135 SBOX_ERROR_CANNOT_CREATE_RESTRICTED_IMP_TOKEN = 53, 136 // Cannot duplicate target process handle. 137 SBOX_ERROR_CANNOT_DUPLICATE_PROCESS_HANDLE = 54, 138 // Cannot load executable for variable transfer. 139 SBOX_ERROR_CANNOT_LOADLIBRARY_EXECUTABLE = 55, 140 // Cannot find variable address for transfer. 141 SBOX_ERROR_CANNOT_FIND_VARIABLE_ADDRESS = 56, 142 // Cannot write variable value. 143 SBOX_ERROR_CANNOT_WRITE_VARIABLE_VALUE = 57, 144 // Short write to variable. 145 SBOX_ERROR_INVALID_WRITE_VARIABLE_SIZE = 58, 146 // Cannot initialize BrokerServices. 147 SBOX_ERROR_CANNOT_INIT_BROKERSERVICES = 59, 148 // Placeholder for last item of the enum. 149 SBOX_ERROR_LAST 150 }; 151 152 // If the sandbox cannot create a secure environment for the target, the 153 // target will be forcibly terminated. These are the process exit codes. 154 enum TerminationCodes { 155 SBOX_FATAL_INTEGRITY = 7006, // Could not set the integrity level. 156 SBOX_FATAL_DROPTOKEN = 7007, // Could not lower the token. 157 SBOX_FATAL_FLUSHANDLES = 7008, // Failed to flush registry handles. 158 SBOX_FATAL_CACHEDISABLE = 7009, // Failed to forbid HCKU caching. 159 SBOX_FATAL_CLOSEHANDLES = 7010, // Failed to close pending handles. 160 SBOX_FATAL_MITIGATION = 7011, // Could not set the mitigation policy. 161 SBOX_FATAL_MEMORY_EXCEEDED = 7012, // Exceeded the job memory limit. 162 SBOX_FATAL_WARMUP = 7013, // Failed to warmup. 163 SBOX_FATAL_LAST 164 }; 165 166 #if !defined(SANDBOX_FUZZ_TARGET) 167 static_assert(SBOX_FATAL_MEMORY_EXCEEDED == 168 base::win::kSandboxFatalMemoryExceeded, 169 "Value for SBOX_FATAL_MEMORY_EXCEEDED must match base."); 170 #endif // !defined(SANDBOX_FUZZ_TARGET) 171 172 class BrokerServices; 173 class TargetServices; 174 175 // Contains the pointer to a target or broker service. 176 struct SandboxInterfaceInfo { 177 BrokerServices* broker_services; 178 TargetServices* target_services; 179 }; 180 181 #if SANDBOX_EXPORTS 182 #define SANDBOX_INTERCEPT extern "C" __declspec(dllexport) 183 #else 184 #define SANDBOX_INTERCEPT extern "C" 185 #endif 186 187 enum InterceptionType { 188 INTERCEPTION_INVALID = 0, 189 INTERCEPTION_SERVICE_CALL, // Trampoline of an NT native call 190 INTERCEPTION_EAT, 191 INTERCEPTION_SIDESTEP, // Preamble patch 192 INTERCEPTION_SMART_SIDESTEP, // Preamble patch but bypass internal calls 193 INTERCEPTION_UNLOAD_MODULE, // Unload the module (don't patch) 194 INTERCEPTION_LAST // Placeholder for last item in the enumeration 195 }; 196 197 } // namespace sandbox 198 199 #endif // SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 200