diff options
Diffstat (limited to '')
-rw-r--r-- | security/sandbox/linux/SandboxFilter.h | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/security/sandbox/linux/SandboxFilter.h b/security/sandbox/linux/SandboxFilter.h new file mode 100644 index 0000000000..04a37a32d4 --- /dev/null +++ b/security/sandbox/linux/SandboxFilter.h @@ -0,0 +1,46 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef mozilla_SandboxFilter_h +#define mozilla_SandboxFilter_h + +#include <vector> +#include "mozilla/Atomics.h" +#include "mozilla/Range.h" +#include "mozilla/UniquePtr.h" + +namespace sandbox { +namespace bpf_dsl { +class Policy; +} +} // namespace sandbox + +namespace mozilla { +class SandboxBrokerClient; + +struct ContentProcessSandboxParams; + +UniquePtr<sandbox::bpf_dsl::Policy> GetContentSandboxPolicy( + SandboxBrokerClient* aMaybeBroker, ContentProcessSandboxParams&& aParams); + +class SandboxOpenedFiles; + +// The SandboxOpenedFiles object must live until the process exits. +UniquePtr<sandbox::bpf_dsl::Policy> GetMediaSandboxPolicy( + const SandboxOpenedFiles* aFiles); + +UniquePtr<sandbox::bpf_dsl::Policy> GetDecoderSandboxPolicy( + SandboxBrokerClient* aMaybeBroker); + +UniquePtr<sandbox::bpf_dsl::Policy> GetSocketProcessSandboxPolicy( + SandboxBrokerClient* aMaybeBroker); + +UniquePtr<sandbox::bpf_dsl::Policy> GetUtilitySandboxPolicy( + SandboxBrokerClient* aMaybeBroker); + +} // namespace mozilla + +#endif |