summaryrefslogtreecommitdiffstats
path: root/security/sandbox/chromium-shim
diff options
context:
space:
mode:
Diffstat (limited to 'security/sandbox/chromium-shim')
-rw-r--r--security/sandbox/chromium-shim/base/MissingBasicTypes.h25
-rw-r--r--security/sandbox/chromium-shim/base/debug/debugging_flags.h19
-rw-r--r--security/sandbox/chromium-shim/base/file_version_info_win.h29
-rw-r--r--security/sandbox/chromium-shim/base/files/file_path.cpp19
-rw-r--r--security/sandbox/chromium-shim/base/gtest_prod_util.h17
-rw-r--r--security/sandbox/chromium-shim/base/logging.cpp156
-rw-r--r--security/sandbox/chromium-shim/base/third_party/nspr/prtime.h8
-rw-r--r--security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h8
-rw-r--r--security/sandbox/chromium-shim/base/tracked_objects.h19
-rw-r--r--security/sandbox/chromium-shim/base/win/registry.h34
-rw-r--r--security/sandbox/chromium-shim/base/win/sdkdecls.h191
-rw-r--r--security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h107
-rw-r--r--security/sandbox/chromium-shim/sandbox/win/loggingTypes.h27
-rw-r--r--security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp82
-rw-r--r--security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h51
15 files changed, 792 insertions, 0 deletions
diff --git a/security/sandbox/chromium-shim/base/MissingBasicTypes.h b/security/sandbox/chromium-shim/base/MissingBasicTypes.h
new file mode 100644
index 000000000..20eef00ab
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/MissingBasicTypes.h
@@ -0,0 +1,25 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef security_sandbox_MissingBasicTypes_h__
+#define security_sandbox_MissingBasicTypes_h__
+
+#include <stdint.h>
+
+// These types are still used by the Chromium sandbox code. When referencing
+// Chromium sandbox code from Gecko we can't use the normal base/basictypes.h as
+// it clashes with the one from ipc/chromium/src/base/. These types have been
+// removed from the one in ipc/chromium/src/base/.
+typedef int8_t int8;
+typedef uint8_t uint8;
+typedef int16_t int16;
+typedef uint16_t uint16;
+typedef int32_t int32;
+typedef uint32_t uint32;
+typedef int64_t int64;
+typedef uint64_t uint64;
+
+#endif // security_sandbox_MissingBasicTypes_h__
diff --git a/security/sandbox/chromium-shim/base/debug/debugging_flags.h b/security/sandbox/chromium-shim/base/debug/debugging_flags.h
new file mode 100644
index 000000000..ebb96dfca
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/debug/debugging_flags.h
@@ -0,0 +1,19 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// This is a copy of a file that is generated by the chromium build.
+
+// Generated by build/write_buildflag_header.py
+// From "//base:debugging_flags"
+
+#ifndef BASE_DEBUG_DEBUGGING_FLAGS_H_
+#define BASE_DEBUG_DEBUGGING_FLAGS_H_
+
+#include "build/buildflag.h"
+
+#define BUILDFLAG_INTERNAL_ENABLE_PROFILING() (0)
+
+#endif // BASE_DEBUG_DEBUGGING_FLAGS_H_
diff --git a/security/sandbox/chromium-shim/base/file_version_info_win.h b/security/sandbox/chromium-shim/base/file_version_info_win.h
new file mode 100644
index 000000000..8276900bd
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/file_version_info_win.h
@@ -0,0 +1,29 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// This is a dummy version of Chromium source file base/file_version_info_win.h
+// Within our copy of Chromium files FileVersionInfoWin is only used in
+// base/win/windows_version.cc in GetVersionFromKernel32, which we don't use.
+
+#ifndef BASE_FILE_VERSION_INFO_WIN_H_
+#define BASE_FILE_VERSION_INFO_WIN_H_
+
+struct tagVS_FIXEDFILEINFO;
+typedef tagVS_FIXEDFILEINFO VS_FIXEDFILEINFO;
+
+namespace base {
+class FilePath;
+}
+
+class FileVersionInfoWin {
+ public:
+ static FileVersionInfoWin*
+ CreateFileVersionInfo(const base::FilePath& file_path) { return nullptr; }
+
+ VS_FIXEDFILEINFO* fixed_file_info() { return nullptr; }
+};
+
+#endif // BASE_FILE_VERSION_INFO_WIN_H_
diff --git a/security/sandbox/chromium-shim/base/files/file_path.cpp b/security/sandbox/chromium-shim/base/files/file_path.cpp
new file mode 100644
index 000000000..245118f9e
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/files/file_path.cpp
@@ -0,0 +1,19 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// This is a dummy version of Chromium source file base/file/file_path.cc.
+// To provide the functions required in base/win/windows_version.cc
+// GetVersionFromKernel32, which we don't use.
+
+#include "base/files/file_path.h"
+
+namespace base {
+
+FilePath::FilePath(FilePath::StringPieceType path) {
+}
+
+FilePath::~FilePath() {
+}
+
+} // namespace base
diff --git a/security/sandbox/chromium-shim/base/gtest_prod_util.h b/security/sandbox/chromium-shim/base/gtest_prod_util.h
new file mode 100644
index 000000000..3eb93fa2a
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/gtest_prod_util.h
@@ -0,0 +1,17 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef FRIEND_TEST
+#define FRIEND_TEST(A, B)
+#endif
+
+#ifndef FRIEND_TEST_ALL_PREFIXES
+#define FRIEND_TEST_ALL_PREFIXES(test_case_name, test_name)
+#endif
+
+#ifndef FORWARD_DECLARE_TEST
+#define FORWARD_DECLARE_TEST(test_case_name, test_name)
+#endif
diff --git a/security/sandbox/chromium-shim/base/logging.cpp b/security/sandbox/chromium-shim/base/logging.cpp
new file mode 100644
index 000000000..9c2113dcb
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/logging.cpp
@@ -0,0 +1,156 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// This is a stripped down version of the Chromium source file base/logging.cc
+// This prevents dependency on the Chromium logging and dependency creep in
+// general.
+// At some point we should find a way to hook this into our own logging see
+// bug 1013988.
+// The formatting in this file matches the original Chromium file to aid future
+// merging.
+
+#include "base/logging.h"
+
+#if defined(OS_WIN)
+#include <windows.h>
+#endif
+
+#if defined(OS_POSIX)
+#include <errno.h>
+#endif
+
+#if defined(OS_WIN)
+#include "base/strings/utf_string_conversions.h"
+#endif
+
+#include <algorithm>
+
+namespace logging {
+
+namespace {
+
+int g_min_log_level = 0;
+
+LoggingDestination g_logging_destination = LOG_DEFAULT;
+
+// For LOG_ERROR and above, always print to stderr.
+const int kAlwaysPrintErrorLevel = LOG_ERROR;
+
+// A log message handler that gets notified of every log message we process.
+LogMessageHandlerFunction log_message_handler = nullptr;
+
+} // namespace
+
+void SetMinLogLevel(int level) {
+ g_min_log_level = std::min(LOG_FATAL, level);
+}
+
+int GetMinLogLevel() {
+ return g_min_log_level;
+}
+
+bool ShouldCreateLogMessage(int severity) {
+ if (severity < g_min_log_level)
+ return false;
+
+ // Return true here unless we know ~LogMessage won't do anything. Note that
+ // ~LogMessage writes to stderr if severity_ >= kAlwaysPrintErrorLevel, even
+ // when g_logging_destination is LOG_NONE.
+ return g_logging_destination != LOG_NONE || log_message_handler ||
+ severity >= kAlwaysPrintErrorLevel;
+}
+
+int GetVlogLevelHelper(const char* file, size_t N) {
+ return 0;
+}
+
+// Explicit instantiations for commonly used comparisons.
+template std::string* MakeCheckOpString<int, int>(
+ const int&, const int&, const char* names);
+template std::string* MakeCheckOpString<unsigned long, unsigned long>(
+ const unsigned long&, const unsigned long&, const char* names);
+template std::string* MakeCheckOpString<unsigned long, unsigned int>(
+ const unsigned long&, const unsigned int&, const char* names);
+template std::string* MakeCheckOpString<unsigned int, unsigned long>(
+ const unsigned int&, const unsigned long&, const char* names);
+template std::string* MakeCheckOpString<std::string, std::string>(
+ const std::string&, const std::string&, const char* name);
+
+#if defined(OS_WIN)
+LogMessage::SaveLastError::SaveLastError() : last_error_(::GetLastError()) {
+}
+
+LogMessage::SaveLastError::~SaveLastError() {
+ ::SetLastError(last_error_);
+}
+#endif // defined(OS_WIN)
+
+LogMessage::LogMessage(const char* file, int line, LogSeverity severity)
+ : severity_(severity), file_(file), line_(line) {
+}
+
+LogMessage::LogMessage(const char* file, int line, const char* condition)
+ : severity_(LOG_FATAL), file_(file), line_(line) {
+}
+
+LogMessage::LogMessage(const char* file, int line, std::string* result)
+ : severity_(LOG_FATAL), file_(file), line_(line) {
+ delete result;
+}
+
+LogMessage::LogMessage(const char* file, int line, LogSeverity severity,
+ std::string* result)
+ : severity_(severity), file_(file), line_(line) {
+ delete result;
+}
+
+LogMessage::~LogMessage() {
+}
+
+SystemErrorCode GetLastSystemErrorCode() {
+#if defined(OS_WIN)
+ return ::GetLastError();
+#elif defined(OS_POSIX)
+ return errno;
+#else
+#error Not implemented
+#endif
+}
+
+#if defined(OS_WIN)
+Win32ErrorLogMessage::Win32ErrorLogMessage(const char* file,
+ int line,
+ LogSeverity severity,
+ SystemErrorCode err)
+ : err_(err),
+ log_message_(file, line, severity) {
+}
+
+Win32ErrorLogMessage::~Win32ErrorLogMessage() {
+}
+#elif defined(OS_POSIX)
+ErrnoLogMessage::ErrnoLogMessage(const char* file,
+ int line,
+ LogSeverity severity,
+ SystemErrorCode err)
+ : err_(err),
+ log_message_(file, line, severity) {
+}
+
+ErrnoLogMessage::~ErrnoLogMessage() {
+}
+#endif // OS_WIN
+
+void RawLog(int level, const char* message) {
+}
+
+} // namespace logging
+
+#if defined(OS_WIN)
+std::ostream& std::operator<<(std::ostream& out, const wchar_t* wstr) {
+ return out << base::WideToUTF8(std::wstring(wstr));
+}
+#endif
diff --git a/security/sandbox/chromium-shim/base/third_party/nspr/prtime.h b/security/sandbox/chromium-shim/base/third_party/nspr/prtime.h
new file mode 100644
index 000000000..9a18a3637
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/third_party/nspr/prtime.h
@@ -0,0 +1,8 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// Grab the copy from in our tree
+#include "pr/include/prtime.h"
diff --git a/security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h b/security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h
new file mode 100644
index 000000000..6aec5e08f
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h
@@ -0,0 +1,8 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// Grab the copy from in our tree
+#include "pr/include/prtypes.h"
diff --git a/security/sandbox/chromium-shim/base/tracked_objects.h b/security/sandbox/chromium-shim/base/tracked_objects.h
new file mode 100644
index 000000000..837705ee9
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/tracked_objects.h
@@ -0,0 +1,19 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECURITY_SANDBOX_TRACKED_OBJECTS_H_
+#define _SECURITY_SANDBOX_TRACKED_OBJECTS_H_
+namespace tracked_objects
+{
+ class ThreadData
+ {
+ public:
+ static void InitializeThreadContext(const std::string& name)
+ {
+ }
+ };
+}
+#endif
diff --git a/security/sandbox/chromium-shim/base/win/registry.h b/security/sandbox/chromium-shim/base/win/registry.h
new file mode 100644
index 000000000..9fba57277
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/win/registry.h
@@ -0,0 +1,34 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// This is a stripped down version of Chromium source file base/win/registry.h
+// Within our copy of Chromium files this is only used in base/win/windows_version.cc
+// in OSInfo::processor_model_name, which we don't use.
+
+#ifndef BASE_WIN_REGISTRY_H_
+#define BASE_WIN_REGISTRY_H_
+
+namespace base {
+namespace win {
+
+class BASE_EXPORT RegKey {
+ public:
+ RegKey(HKEY rootkey, const wchar_t* subkey, REGSAM access) {}
+ ~RegKey() {}
+
+ LONG ReadValue(const wchar_t* name, std::wstring* out_value) const
+ {
+ return 0;
+ }
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(RegKey);
+};
+
+} // namespace win
+} // namespace base
+
+#endif // BASE_WIN_REGISTRY_H_
diff --git a/security/sandbox/chromium-shim/base/win/sdkdecls.h b/security/sandbox/chromium-shim/base/win/sdkdecls.h
new file mode 100644
index 000000000..e999ab967
--- /dev/null
+++ b/security/sandbox/chromium-shim/base/win/sdkdecls.h
@@ -0,0 +1,191 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
+#define _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
+
+#include <windows.h>
+
+// This file contains definitions required for things dynamically loaded
+// while building or targetting lower platform versions or lower SDKs.
+
+#if (_WIN32_WINNT < 0x0600)
+typedef struct _STARTUPINFOEXA {
+ STARTUPINFOA StartupInfo;
+ LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList;
+} STARTUPINFOEXA, *LPSTARTUPINFOEXA;
+typedef struct _STARTUPINFOEXW {
+ STARTUPINFOW StartupInfo;
+ LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList;
+} STARTUPINFOEXW, *LPSTARTUPINFOEXW;
+#ifdef UNICODE
+typedef STARTUPINFOEXW STARTUPINFOEX;
+typedef LPSTARTUPINFOEXW LPSTARTUPINFOEX;
+#else
+typedef STARTUPINFOEXA STARTUPINFOEX;
+typedef LPSTARTUPINFOEXA LPSTARTUPINFOEX;
+#endif // UNICODE
+
+#define PROC_THREAD_ATTRIBUTE_NUMBER 0x0000FFFF
+#define PROC_THREAD_ATTRIBUTE_THREAD 0x00010000 // Attribute may be used with thread creation
+#define PROC_THREAD_ATTRIBUTE_INPUT 0x00020000 // Attribute is input only
+#define PROC_THREAD_ATTRIBUTE_ADDITIVE 0x00040000 // Attribute may be "accumulated," e.g. bitmasks, counters, etc.
+
+#define ProcThreadAttributeValue(Number, Thread, Input, Additive) \
+ (((Number) & PROC_THREAD_ATTRIBUTE_NUMBER) | \
+ ((Thread != FALSE) ? PROC_THREAD_ATTRIBUTE_THREAD : 0) | \
+ ((Input != FALSE) ? PROC_THREAD_ATTRIBUTE_INPUT : 0) | \
+ ((Additive != FALSE) ? PROC_THREAD_ATTRIBUTE_ADDITIVE : 0))
+
+#define ProcThreadAttributeHandleList 2
+
+#define PROC_THREAD_ATTRIBUTE_HANDLE_LIST \
+ ProcThreadAttributeValue (ProcThreadAttributeHandleList, FALSE, TRUE, FALSE)
+
+#define PROCESS_DEP_ENABLE 0x00000001
+#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
+
+// They dynamically load these, but they still use the functions to describe the
+// function pointers!
+WINBASEAPI
+int
+WINAPI
+GetUserDefaultLocaleName(
+ _Out_writes_(cchLocaleName) LPWSTR lpLocaleName,
+ _In_ int cchLocaleName
+);
+
+WINBASEAPI
+BOOL
+WINAPI
+QueryThreadCycleTime(
+ _In_ HANDLE ThreadHandle,
+ _Out_ PULONG64 CycleTime
+ );
+
+#endif // (_WIN32_WINNT >= 0x0600)
+
+#if (_WIN32_WINNT < 0x0601)
+#define ProcThreadAttributeMitigationPolicy 7
+#define PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY \
+ ProcThreadAttributeValue (ProcThreadAttributeMitigationPolicy, FALSE, TRUE, FALSE)
+
+#define PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE 0x01
+#define PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE 0x02
+#define PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE 0x04
+#endif // (_WIN32_WINNT >= 0x0601)
+
+#if (_WIN32_WINNT < 0x0602)
+#define ProcThreadAttributeSecurityCapabilities 9
+#define PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES \
+ ProcThreadAttributeValue (ProcThreadAttributeSecurityCapabilities, FALSE, TRUE, FALSE)
+
+#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_MASK (0x00000003 << 8)
+#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_DEFER (0x00000000 << 8)
+#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON (0x00000001 << 8)
+#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_OFF (0x00000002 << 8)
+#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON_REQ_RELOCS (0x00000003 << 8)
+#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_MASK (0x00000003 << 12)
+#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_DEFER (0x00000000 << 12)
+#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_ON (0x00000001 << 12)
+#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_OFF (0x00000002 << 12)
+#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_RESERVED (0x00000003 << 12)
+#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_MASK (0x00000003 << 16)
+#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_DEFER (0x00000000 << 16)
+#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON (0x00000001 << 16)
+#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF (0x00000002 << 16)
+#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_RESERVED (0x00000003 << 16)
+#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_MASK (0x00000003 << 20)
+#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_DEFER (0x00000000 << 20)
+#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON (0x00000001 << 20)
+#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_OFF (0x00000002 << 20)
+#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_RESERVED (0x00000003 << 20)
+#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_MASK (0x00000003 << 24)
+#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_DEFER (0x00000000 << 24)
+#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_ON (0x00000001 << 24)
+#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_OFF (0x00000002 << 24)
+#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_RESERVED (0x00000003 << 24)
+#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_MASK (0x00000003 << 28)
+#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_DEFER (0x00000000 << 28)
+#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_ON (0x00000001 << 28)
+#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_OFF (0x00000002 << 28)
+#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED (0x00000003 << 28)
+#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK (0x00000003ui64 << 32)
+#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER (0x00000000ui64 << 32)
+#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001ui64 << 32)
+#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF (0x00000002ui64 << 32)
+#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED (0x00000003ui64 << 32)
+
+// Check if we're including >= win8 winnt.h
+#ifndef NTDDI_WIN8
+
+typedef struct _SECURITY_CAPABILITIES {
+ PSID AppContainerSid;
+ PSID_AND_ATTRIBUTES Capabilities;
+ DWORD CapabilityCount;
+ DWORD Reserved;
+} SECURITY_CAPABILITIES, *PSECURITY_CAPABILITIES, *LPSECURITY_CAPABILITIES;
+
+typedef enum _PROCESS_MITIGATION_POLICY {
+ ProcessDEPPolicy,
+ ProcessASLRPolicy,
+ ProcessReserved1MitigationPolicy,
+ ProcessStrictHandleCheckPolicy,
+ ProcessSystemCallDisablePolicy,
+ ProcessMitigationOptionsMask,
+ ProcessExtensionPointDisablePolicy,
+ MaxProcessMitigationPolicy
+} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;
+
+#define LOAD_LIBRARY_SEARCH_DEFAULT_DIRS 0x00001000
+
+typedef struct _PROCESS_MITIGATION_ASLR_POLICY {
+ union {
+ DWORD Flags;
+ struct {
+ DWORD EnableBottomUpRandomization : 1;
+ DWORD EnableForceRelocateImages : 1;
+ DWORD EnableHighEntropy : 1;
+ DWORD DisallowStrippedImages : 1;
+ DWORD ReservedFlags : 28;
+ };
+ };
+} PROCESS_MITIGATION_ASLR_POLICY, *PPROCESS_MITIGATION_ASLR_POLICY;
+
+typedef struct _PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY {
+ union {
+ DWORD Flags;
+ struct {
+ DWORD RaiseExceptionOnInvalidHandleReference : 1;
+ DWORD HandleExceptionsPermanentlyEnabled : 1;
+ DWORD ReservedFlags : 30;
+ };
+ };
+} PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY, *PPROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY;
+
+typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY {
+ union {
+ DWORD Flags;
+ struct {
+ DWORD DisallowWin32kSystemCalls : 1;
+ DWORD ReservedFlags : 31;
+ };
+ };
+} PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY;
+
+typedef struct _PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY {
+ union {
+ DWORD Flags;
+ struct {
+ DWORD DisableExtensionPoints : 1;
+ DWORD ReservedFlags : 31;
+ };
+ };
+} PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY, *PPROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY;
+
+#endif // NTDDI_WIN8
+#endif // (_WIN32_WINNT < 0x0602)
+#endif // _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
diff --git a/security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h b/security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h
new file mode 100644
index 000000000..f9402c527
--- /dev/null
+++ b/security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h
@@ -0,0 +1,107 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef security_sandbox_loggingCallbacks_h__
+#define security_sandbox_loggingCallbacks_h__
+
+#include <sstream>
+#include <iostream>
+
+#include "mozilla/Logging.h"
+#include "mozilla/Preferences.h"
+#include "mozilla/sandboxing/loggingTypes.h"
+#include "nsContentUtils.h"
+
+#include "mozilla/StackWalk.h"
+
+namespace mozilla {
+
+static LazyLogModule sSandboxTargetLog("SandboxTarget");
+
+#define LOG_D(...) MOZ_LOG(sSandboxTargetLog, LogLevel::Debug, (__VA_ARGS__))
+
+namespace sandboxing {
+
+static uint32_t sStackTraceDepth = 0;
+
+// NS_WalkStackCallback to write a formatted stack frame to an ostringstream.
+static void
+StackFrameToOStringStream(uint32_t aFrameNumber, void* aPC, void* aSP,
+ void* aClosure)
+{
+ std::ostringstream* stream = static_cast<std::ostringstream*>(aClosure);
+ MozCodeAddressDetails details;
+ char buf[1024];
+ MozDescribeCodeAddress(aPC, &details);
+ MozFormatCodeAddressDetails(buf, sizeof(buf), aFrameNumber, aPC, &details);
+ *stream << std::endl << "--" << buf;
+ stream->flush();
+}
+
+// Log to the browser console and, if DEBUG build, stderr.
+static void
+Log(const char* aMessageType,
+ const char* aFunctionName,
+ const char* aContext,
+ const bool aShouldLogStackTrace = false,
+ uint32_t aFramesToSkip = 0)
+{
+ std::ostringstream msgStream;
+ msgStream << "Process Sandbox " << aMessageType << ": " << aFunctionName;
+ if (aContext) {
+ msgStream << " for : " << aContext;
+ }
+
+ if (aShouldLogStackTrace) {
+ if (sStackTraceDepth) {
+ msgStream << std::endl << "Stack Trace:";
+ MozStackWalk(StackFrameToOStringStream, aFramesToSkip, sStackTraceDepth,
+ &msgStream, 0, nullptr);
+ }
+ }
+
+ std::string msg = msgStream.str();
+#if defined(DEBUG)
+ // Use NS_DebugBreak directly as we want child process prefix, but not source
+ // file or line number.
+ NS_DebugBreak(NS_DEBUG_WARNING, nullptr, msg.c_str(), nullptr, -1);
+#endif
+
+ if (nsContentUtils::IsInitialized()) {
+ nsContentUtils::LogMessageToConsole(msg.c_str());
+ }
+
+ // As we don't always have the facility to log to console use MOZ_LOG as well.
+ LOG_D("%s", msg.c_str());
+}
+
+// Initialize sandbox logging if required.
+static void
+InitLoggingIfRequired(ProvideLogFunctionCb aProvideLogFunctionCb)
+{
+ if (!aProvideLogFunctionCb) {
+ return;
+ }
+
+ if (Preferences::GetBool("security.sandbox.windows.log") ||
+ PR_GetEnv("MOZ_WIN_SANDBOX_LOGGING")) {
+ aProvideLogFunctionCb(Log);
+
+#if defined(MOZ_CONTENT_SANDBOX)
+ // We can only log the stack trace on process types where we know that the
+ // sandbox won't prevent it.
+ if (XRE_IsContentProcess()) {
+ Preferences::AddUintVarCache(&sStackTraceDepth,
+ "security.sandbox.windows.log.stackTraceDepth");
+ }
+#endif
+ }
+}
+
+} // sandboxing
+} // mozilla
+
+#endif // security_sandbox_loggingCallbacks_h__
diff --git a/security/sandbox/chromium-shim/sandbox/win/loggingTypes.h b/security/sandbox/chromium-shim/sandbox/win/loggingTypes.h
new file mode 100644
index 000000000..c9b74c14e
--- /dev/null
+++ b/security/sandbox/chromium-shim/sandbox/win/loggingTypes.h
@@ -0,0 +1,27 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef security_sandbox_loggingTypes_h__
+#define security_sandbox_loggingTypes_h__
+
+#include <stdint.h>
+
+namespace mozilla {
+namespace sandboxing {
+
+// We are using callbacks here that are passed in from the core code to prevent
+// a circular dependency in the linking during the build.
+typedef void (*LogFunction) (const char* aMessageType,
+ const char* aFunctionName,
+ const char* aContext,
+ const bool aShouldLogStackTrace,
+ uint32_t aFramesToSkip);
+typedef void (*ProvideLogFunctionCb) (LogFunction aLogFunction);
+
+} // sandboxing
+} // mozilla
+
+#endif // security_sandbox_loggingTypes_h__
diff --git a/security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp b/security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp
new file mode 100644
index 000000000..fa2314f69
--- /dev/null
+++ b/security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp
@@ -0,0 +1,82 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "sandboxLogging.h"
+
+#include "base/strings/utf_string_conversions.h"
+#include "sandbox/win/src/sandbox_policy.h"
+
+namespace mozilla {
+namespace sandboxing {
+
+static LogFunction sLogFunction = nullptr;
+
+void
+ProvideLogFunction(LogFunction aLogFunction)
+{
+ sLogFunction = aLogFunction;
+}
+
+void
+LogBlocked(const char* aFunctionName, const char* aContext, uint32_t aFramesToSkip)
+{
+ if (sLogFunction) {
+ sLogFunction("BLOCKED", aFunctionName, aContext,
+ /* aShouldLogStackTrace */ true, aFramesToSkip);
+ }
+}
+
+void
+LogBlocked(const char* aFunctionName, const wchar_t* aContext)
+{
+ if (sLogFunction) {
+ // Skip an extra frame to allow for this function.
+ LogBlocked(aFunctionName, base::WideToUTF8(aContext).c_str(),
+ /* aFramesToSkip */ 3);
+ }
+}
+
+void
+LogBlocked(const char* aFunctionName, const wchar_t* aContext,
+ uint16_t aLengthInBytes)
+{
+ if (sLogFunction) {
+ // Skip an extra frame to allow for this function.
+ LogBlocked(aFunctionName,
+ base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str(),
+ /* aFramesToSkip */ 3);
+ }
+}
+
+void
+LogAllowed(const char* aFunctionName, const char* aContext)
+{
+ if (sLogFunction) {
+ sLogFunction("Broker ALLOWED", aFunctionName, aContext,
+ /* aShouldLogStackTrace */ false, /* aFramesToSkip */ 0);
+ }
+}
+
+void
+LogAllowed(const char* aFunctionName, const wchar_t* aContext)
+{
+ if (sLogFunction) {
+ LogAllowed(aFunctionName, base::WideToUTF8(aContext).c_str());
+ }
+}
+
+void
+LogAllowed(const char* aFunctionName, const wchar_t* aContext,
+ uint16_t aLengthInBytes)
+{
+ if (sLogFunction) {
+ LogAllowed(aFunctionName,
+ base::WideToUTF8(std::wstring(aContext, aLengthInBytes / sizeof(wchar_t))).c_str());
+ }
+}
+
+} // sandboxing
+} // mozilla
diff --git a/security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h b/security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h
new file mode 100644
index 000000000..365afa574
--- /dev/null
+++ b/security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h
@@ -0,0 +1,51 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Set of helper methods to implement logging for Windows sandbox.
+ */
+
+#ifndef security_sandbox_sandboxLogging_h__
+#define security_sandbox_sandboxLogging_h__
+
+#include "loggingTypes.h"
+
+namespace sandbox {
+class TargetPolicy;
+}
+
+namespace mozilla {
+namespace sandboxing {
+
+// This is used to pass a LogCallback to the sandboxing code, as the logging
+// requires code to which we cannot link directly.
+void ProvideLogFunction(LogFunction aLogFunction);
+
+// Log a "BLOCKED" msg to the browser console and, if DEBUG build, stderr.
+// If the logging of a stack trace is enabled then the default aFramesToSkip
+// will start from our caller's caller, which should normally be the function
+// that triggered the interception.
+void LogBlocked(const char* aFunctionName, const char* aContext = nullptr,
+ uint32_t aFramesToSkip = 2);
+
+// Convenience functions to convert to char*.
+void LogBlocked(const char* aFunctionName, const wchar_t* aContext);
+void LogBlocked(const char* aFunctionName, const wchar_t* aContext,
+ uint16_t aLengthInBytes);
+
+// Log a "ALLOWED" msg to the browser console and, if DEBUG build, stderr.
+void LogAllowed(const char* aFunctionName, const char* aContext = nullptr);
+
+// Convenience functions to convert to char*.
+void LogAllowed(const char* aFunctionName, const wchar_t* aContext);
+void LogAllowed(const char* aFunctionName, const wchar_t* aContext,
+ uint16_t aLengthInBytes);
+
+
+} // sandboxing
+} // mozilla
+
+#endif // security_sandbox_sandboxLogging_h__