tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

sandboxBroker.h (2674B)

      1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* vim: set ts=2 et sw=2 tw=80: */
      3 /* This Source Code Form is subject to the terms of the Mozilla Public
      4 * License, v. 2.0. If a copy of the MPL was not distributed with this
      5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      6 
      7 #ifndef __SECURITY_SANDBOX_SANDBOXBROKER_H__
      8 #define __SECURITY_SANDBOX_SANDBOXBROKER_H__
      9 
     10 #include <stdint.h>
     11 #include <windows.h>
     12 
     13 #include "mozilla/ipc/EnvironmentMap.h"
     14 #include "nsCOMPtr.h"
     15 #include "nsXULAppAPI.h"
     16 #include "nsISupportsImpl.h"
     17 
     18 #include "mozilla/ipc/UtilityProcessSandboxing.h"
     19 #include "mozilla/ipc/LaunchError.h"
     20 #include "mozilla/Result.h"
     21 
     22 namespace sandbox {
     23 class BrokerServices;
     24 class TargetPolicy;
     25 }  // namespace sandbox
     26 
     27 namespace mozilla {
     28 
     29 enum GMPSandboxKind { Default, Widevine, Clearkey, Fake };
     30 
     31 class SandboxBroker {
     32 public:
     33  SandboxBroker();
     34 
     35  static void Initialize(sandbox::BrokerServices* aBrokerServices,
     36                         const nsAString& aBinDir);
     37 
     38  static void EnsureLpacPermsissionsOnDir(const nsString& aDir);
     39 
     40  /**
     41   * Do initialization that depends on parts of the Gecko machinery having been
     42   * created first.
     43   */
     44  static void GeckoDependentInitialize();
     45 
     46  Result<Ok, mozilla::ipc::LaunchError> LaunchApp(
     47      const wchar_t* aPath, const wchar_t* aArguments,
     48      base::EnvironmentMap& aEnvironment, GeckoProcessType aProcessType,
     49      const bool aEnableLogging, const IMAGE_THUNK_DATA* aCachedNtdllThunk,
     50      void** aProcessHandle);
     51  ~SandboxBroker();
     52 
     53  // Security levels for different types of processes
     54  void SetSecurityLevelForContentProcess(int32_t aSandboxLevel,
     55                                         bool aIsFileProcess);
     56 
     57  void SetSecurityLevelForGPUProcess(int32_t aSandboxLevel);
     58  bool SetSecurityLevelForRDDProcess();
     59  bool SetSecurityLevelForSocketProcess();
     60 
     61  bool SetSecurityLevelForGMPlugin(GMPSandboxKind aGMPSandboxKind);
     62  bool SetSecurityLevelForUtilityProcess(mozilla::ipc::SandboxingKind aSandbox);
     63 
     64  // File system permissions
     65  bool AllowReadFile(wchar_t const* file);
     66 
     67  /**
     68   * Share a HANDLE with the child process. The HANDLE will be made available
     69   * in the child process at the memory address
     70   * |reinterpret_cast<uintptr_t>(aHandle)|. It is the caller's responsibility
     71   * to communicate this address to the child.
     72   */
     73  void AddHandleToShare(HANDLE aHandle);
     74 
     75  bool IsWin32kLockedDown();
     76 
     77  // Set up dummy interceptions via the broker, so we can log calls.
     78  void ApplyLoggingConfig();
     79 
     80 private:
     81  static bool sRunningFromNetworkDrive;
     82  std::unique_ptr<sandbox::TargetPolicy> mPolicy;
     83 };
     84 
     85 }  // namespace mozilla
     86 
     87 #endif