diff options
Diffstat (limited to 'security/sandbox/win/src/sandboxtarget')
| -rw-r--r-- | security/sandbox/win/src/sandboxtarget/moz.build | 20 | ||||
| -rw-r--r-- | security/sandbox/win/src/sandboxtarget/sandboxTarget.cpp | 21 | ||||
| -rw-r--r-- | security/sandbox/win/src/sandboxtarget/sandboxTarget.h | 83 |
3 files changed, 124 insertions, 0 deletions
diff --git a/security/sandbox/win/src/sandboxtarget/moz.build b/security/sandbox/win/src/sandboxtarget/moz.build new file mode 100644 index 000000000..7315a34ed --- /dev/null +++ b/security/sandbox/win/src/sandboxtarget/moz.build @@ -0,0 +1,20 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +EXPORTS.mozilla += [ + 'sandboxTarget.h', +] + +SOURCES += [ + 'sandboxTarget.cpp', +] + +LOCAL_INCLUDES += [ + '/security/sandbox/chromium', + '/security/sandbox/chromium-shim', +] + +FINAL_LIBRARY = 'xul' diff --git a/security/sandbox/win/src/sandboxtarget/sandboxTarget.cpp b/security/sandbox/win/src/sandboxtarget/sandboxTarget.cpp new file mode 100644 index 000000000..a989b3625 --- /dev/null +++ b/security/sandbox/win/src/sandboxtarget/sandboxTarget.cpp @@ -0,0 +1,21 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#define TARGET_SANDBOX_EXPORTS +#include "sandboxTarget.h" + +namespace mozilla { + +// We need to define this function out of line so that clang-cl doesn't inline +// it. +/* static */ SandboxTarget* +SandboxTarget::Instance() +{ + static SandboxTarget sb; + return &sb; +} + +} diff --git a/security/sandbox/win/src/sandboxtarget/sandboxTarget.h b/security/sandbox/win/src/sandboxtarget/sandboxTarget.h new file mode 100644 index 000000000..f46a2ce70 --- /dev/null +++ b/security/sandbox/win/src/sandboxtarget/sandboxTarget.h @@ -0,0 +1,83 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef __SECURITY_SANDBOX_SANDBOXTARGET_H__ +#define __SECURITY_SANDBOX_SANDBOXTARGET_H__ + +#include <windows.h> + +#include "mozilla/Assertions.h" +#include "base/MissingBasicTypes.h" +#include "sandbox/win/src/sandbox.h" + +namespace mozilla { + +class SandboxTarget +{ +public: + /** + * Obtains a pointer to the singleton instance + */ + static SandboxTarget* Instance(); + + /** + * Used by the application to pass in the target services that provide certain + * functions to the sandboxed code. + * The target services must already be initialized. + * + * @param aTargetServices The target services that will be used + */ + void SetTargetServices(sandbox::TargetServices* aTargetServices) + { + MOZ_ASSERT(aTargetServices); + MOZ_ASSERT(!mTargetServices, + "Sandbox TargetServices must only be set once."); + + mTargetServices = aTargetServices; + } + + /** + * Called by the library that wants to "start" the sandbox, i.e. change to the + * more secure delayed / lockdown policy. + */ + void StartSandbox() + { + if (mTargetServices) { + mTargetServices->LowerToken(); + } + } + + /** + * Used to duplicate handles via the broker process. The permission for the + * handle type and target process has to have been set on the sandbox policy. + */ + bool BrokerDuplicateHandle(HANDLE aSourceHandle, DWORD aTargetProcessId, + HANDLE* aTargetHandle, DWORD aDesiredAccess, + DWORD aOptions) + { + if (!mTargetServices) { + return false; + } + + sandbox::ResultCode result = + mTargetServices->DuplicateHandle(aSourceHandle, aTargetProcessId, + aTargetHandle, aDesiredAccess, aOptions); + return (sandbox::SBOX_ALL_OK == result); + } + +protected: + SandboxTarget() : + mTargetServices(nullptr) + { + } + + sandbox::TargetServices* mTargetServices; +}; + + +} // mozilla + +#endif |