Google Git
Sign in
chromium / chromium / src / dfdde660bba559dec7b5baffb5544e634447e0dc / . / content / common / sandbox_mac.h
blob: 5296851aae2f470f3d670dc953fbed548dde70b0 [file] [log] [blame]
[email protected]c5d463e2012-03-15 21:05:56[diff] [blame]1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
[email protected]810d6402009-10-09 16:23:10[diff] [blame]2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
[email protected]415c2cd2011-03-11 21:56:11[diff] [blame]5#ifndef CONTENT_COMMON_SANDBOX_MAC_H_
6#define CONTENT_COMMON_SANDBOX_MAC_H_
[email protected]810d6402009-10-09 16:23:10[diff] [blame]7
kerrnele46995f2015-07-16 15:41:30[diff] [blame]8#include <map>
[email protected]722d0822010-11-02 09:27:03[diff] [blame]9#include <string>
10
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]11#include "base/basictypes.h"
[email protected]14c1c232013-06-11 17:52:44[diff] [blame]12#include "base/containers/hash_tables.h"
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]13#include "base/gtest_prod_util.h"
[email protected]c5d463e2012-03-15 21:05:56[diff] [blame]14#include "content/common/content_export.h"
wfh182da09c2015-06-24 19:23:03[diff] [blame]15#include "content/public/common/sandbox_type.h"
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]16
[email protected]a3ef4832013-02-02 05:12:33[diff] [blame]17namespace base {
[email protected]864b1362010-08-19 03:49:38[diff] [blame]18class FilePath;
[email protected]a3ef4832013-02-02 05:12:33[diff] [blame]19}
[email protected]882f1d562009-11-05 14:04:48[diff] [blame]20
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]21#if __OBJC__
22@class NSArray;
23@class NSString;
24#else
25class NSArray;
26class NSString;
27#endif
28
[email protected]e25b04c92012-10-23 20:05:06[diff] [blame]29namespace content {
[email protected]810d6402009-10-09 16:23:10[diff] [blame]30
kerrnele46995f2015-07-16 15:41:30[diff] [blame]31// This class wraps the C-style sandbox APIs in a class to ensure proper
32// initialization and cleanup.
33class CONTENT_EXPORT SandboxCompiler {
[email protected]722d0822010-11-02 09:27:03[diff] [blame]34 public:
kerrnele46995f2015-07-16 15:41:30[diff] [blame]35 explicit SandboxCompiler(const std::string& profile_str);
[email protected]722d0822010-11-02 09:27:03[diff] [blame]36
kerrnele46995f2015-07-16 15:41:30[diff] [blame]37 ~SandboxCompiler();
[email protected]722d0822010-11-02 09:27:03[diff] [blame]38
kerrnele46995f2015-07-16 15:41:30[diff] [blame]39 // Inserts a boolean into the parameters key/value map. A duplicate key is not
40 // allowed, and will cause the function to return false. The value is not
41 // inserted in this case.
42 bool InsertBooleanParam(const std::string& key, bool value);
[email protected]722d0822010-11-02 09:27:03[diff] [blame]43
kerrnele46995f2015-07-16 15:41:30[diff] [blame]44 // Inserts a string into the parameters key/value map. A duplicate key is not
45 // allowed, and will cause the function to return false. The value is not
46 // inserted in this case.
47 bool InsertStringParam(const std::string& key, const std::string& value);
[email protected]722d0822010-11-02 09:27:03[diff] [blame]48
kerrnele46995f2015-07-16 15:41:30[diff] [blame]49 // Compiles and applies the profile; returns true on success.
50 bool CompileAndApplyProfile(std::string* error);
[email protected]722d0822010-11-02 09:27:03[diff] [blame]51
52 private:
kerrnele46995f2015-07-16 15:41:30[diff] [blame]53 // Frees all of the system resources allocated for the sandbox.
54 void FreeSandboxResources(void* profile, void* params, char* error);
55
56 // Storage of the key/value pairs of strings that are used in the sandbox
57 // profile.
58 std::map<std::string, std::string> params_map_;
59
60 // The sandbox profile source code.
61 const std::string profile_str_;
62
63 DISALLOW_COPY_AND_ASSIGN(SandboxCompiler);
[email protected]722d0822010-11-02 09:27:03[diff] [blame]64};
65
[email protected]c5d463e2012-03-15 21:05:56[diff] [blame]66class CONTENT_EXPORT Sandbox {
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]67 public:
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]68
[email protected]dbd825842011-11-25 20:55:24[diff] [blame]69 // Warm up System APIs that empirically need to be accessed before the
70 // sandbox is turned on. |sandbox_type| is the type of sandbox to warm up.
71 // Valid |sandbox_type| values are defined by the enum SandboxType, or can be
72 // defined by the embedder via
73 // ContentClient::GetSandboxProfileForProcessType().
74 static void SandboxWarmup(int sandbox_type);
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]75
76 // Turns on the OS X sandbox for this process.
[email protected]dbd825842011-11-25 20:55:24[diff] [blame]77 // |sandbox_type| - type of Sandbox to use. See SandboxWarmup() for legal
78 // values.
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]79 // |allowed_dir| - directory to allow access to, currently the only sandbox
80 // profile that supports this is SANDBOX_TYPE_UTILITY .
81 //
82 // Returns true on success, false if an error occurred enabling the sandbox.
[email protected]dbd825842011-11-25 20:55:24[diff] [blame]83 static bool EnableSandbox(int sandbox_type,
[email protected]a3ef4832013-02-02 05:12:33[diff] [blame]84 const base::FilePath& allowed_dir);
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]85
[email protected]4f997822013-03-14 22:05:53[diff] [blame]86 // Returns true if the sandbox has been enabled for the current process.
87 static bool SandboxIsCurrentlyActive();
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]88
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]89 // Escape |src_utf8| for use in a plain string variable in a sandbox
90 // configuraton file. On return |dst| is set to the quoted output.
91 // Returns: true on success, false otherwise.
92 static bool QuotePlainString(const std::string& src_utf8, std::string* dst);
93
94 // Escape |str_utf8| for use in a regex literal in a sandbox
95 // configuraton file. On return |dst| is set to the utf-8 encoded quoted
96 // output.
97 //
98 // The implementation of this function is based on empirical testing of the
99 // OS X sandbox on 10.5.8 & 10.6.2 which is undocumented and subject to
100 // change.
101 //
102 // Note: If str_utf8 contains any characters < 32 || >125 then the function
103 // fails and false is returned.
104 //
105 // Returns: true on success, false otherwise.
106 static bool QuoteStringForRegex(const std::string& str_utf8,
107 std::string* dst);
108
kerrnele46995f2015-07-16 15:41:30[diff] [blame]109 private:
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]110 // Convert provided path into a "canonical" path matching what the Sandbox
111 // expects i.e. one without symlinks.
112 // This path is not necessarily unique e.g. in the face of hardlinks.
[email protected]a3ef4832013-02-02 05:12:33[diff] [blame]113 static base::FilePath GetCanonicalSandboxPath(const base::FilePath& path);
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]114
[email protected]225020ce2011-11-29 14:45:53[diff] [blame]115 FRIEND_TEST_ALL_PREFIXES(MacDirAccessSandboxTest, StringEscape);
116 FRIEND_TEST_ALL_PREFIXES(MacDirAccessSandboxTest, RegexEscape);
[email protected]7995d0f92012-05-09 21:57:38[diff] [blame]117 FRIEND_TEST_ALL_PREFIXES(MacDirAccessSandboxTest, SandboxAccess);
[email protected]846798e2c2010-11-07 07:38:31[diff] [blame]118
119 DISALLOW_IMPLICIT_CONSTRUCTORS(Sandbox);
120};
121
[email protected]e25b04c92012-10-23 20:05:06[diff] [blame]122} // namespace content
[email protected]810d6402009-10-09 16:23:10[diff] [blame]123
[email protected]415c2cd2011-03-11 21:56:11[diff] [blame]124#endif // CONTENT_COMMON_SANDBOX_MAC_H_