sandbox/mac/policy.cc

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "sandbox/mac/policy.h"
   6
   7 namespace sandbox {
   8
   9 Rule::Rule()
  10     : result(POLICY_DECISION_INVALID),
  11       substitute_port(MACH_PORT_NULL) {
  12 }
  13
  14 Rule::Rule(PolicyDecision result)
  15     : result(result),
  16       substitute_port(MACH_PORT_NULL) {
  17 }
  18
  19 Rule::Rule(mach_port_t override_port)
  20     : result(POLICY_SUBSTITUTE_PORT),
  21       substitute_port(override_port) {
  22 }
  23
  24 BootstrapSandboxPolicy::BootstrapSandboxPolicy()
  25     : default_rule(POLICY_DENY_ERROR) {
  26 }
  27
  28 BootstrapSandboxPolicy::~BootstrapSandboxPolicy() {}
  29
  30 static bool IsRuleValid(const Rule& rule) {
  31   if (!(rule.result > POLICY_DECISION_INVALID &&
  32         rule.result < POLICY_DECISION_LAST)) {
  33     return false;
  34   }
  35   if (rule.result == POLICY_SUBSTITUTE_PORT) {
  36     if (rule.substitute_port == MACH_PORT_NULL)
  37       return false;
  38   } else {
  39     if (rule.substitute_port != MACH_PORT_NULL)
  40       return false;
  41   }
  42   return true;
  43 }
  44
  45 bool IsPolicyValid(const BootstrapSandboxPolicy& policy) {
  46   if (!IsRuleValid(policy.default_rule))
  47     return false;
  48
  49   for (const auto& pair : policy.rules) {
  50     if (!IsRuleValid(pair.second))
  51       return false;
  52   }
  53   return true;
  54 }
  55
  56 }  // namespace sandbox