schema: 1 bugzilla: product: "Core" component: "Security: Process Sandboxing" origin: name: Chromium sandbox description: Chromium sandbox and supporting base code. url: https://chromium.googlesource.com/chromium/src/ release: 6d3cc0dac5057925e096b1329680124b19f35842 (Fri Jan 12 17:18:37 2024). revision: 6d3cc0dac5057925e096b1329680124b19f35842 license: BSD-3-Clause vendoring: url: https://chromium.googlesource.com/chromium/src/ source-hosting: googlesource flavor: individual-files tracking: commit skip-vendoring-steps: - update-moz-build individual-files-default-upstream: "" individual-files-default-destination: "{vendor_dir}/" individual-files-list: - base/allocator/partition_allocator/src/partition_alloc/allocation_guard.h - base/allocator/partition_allocator/src/partition_alloc/flags.h - base/allocator/partition_allocator/src/partition_alloc/oom.h - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_base/augmentations/compiler_specific.h - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_base/compiler_specific.h - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_base/component_export.h - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_base/cxx20_is_constant_evaluated.h - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_base/thread_annotations.h - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_base/win/win_handle_types.h - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_base/win/win_handle_types_list.inc - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_base/win/windows_types.h - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_config.h - base/allocator/partition_allocator/src/partition_alloc/partition_alloc_forward.h - base/allocator/partition_allocator/src/partition_alloc/pointers/raw_ptr.h - base/allocator/partition_allocator/src/partition_alloc/pointers/raw_ptr_exclusion.h - base/allocator/partition_allocator/src/partition_alloc/pointers/raw_ptr_noop_impl.h - base/allocator/partition_allocator/src/partition_alloc/pointers/raw_ref.h - base/at_exit.cc - base/at_exit.h - base/atomic_ref_count.h - base/atomicops.h - base/atomicops_internals_portable.h - base/auto_reset.h - base/base_export.h - base/bit_cast.h - base/bits.h - base/check.cc - base/check.h - base/check_op.cc - base/check_op.h - base/compiler_specific.h - base/containers/adapters.h - base/containers/checked_iterators.h - base/containers/circular_deque.h - base/containers/contains.h - base/containers/contiguous_iterator.h - base/containers/cxx20_erase.h - base/containers/cxx20_erase_deque.h - base/containers/cxx20_erase_forward_list.h - base/containers/cxx20_erase_internal.h - base/containers/cxx20_erase_list.h - base/containers/cxx20_erase_map.h - base/containers/cxx20_erase_set.h - base/containers/cxx20_erase_string.h - base/containers/cxx20_erase_unordered_map.h - base/containers/cxx20_erase_unordered_set.h - base/containers/cxx20_erase_vector.h - base/containers/flat_map.h - base/containers/flat_tree.h - base/containers/linked_list.h - base/containers/queue.h - base/containers/span.h - base/containers/stack.h - base/containers/util.h - base/containers/vector_buffer.h - base/cpu.cc - base/cpu.h - base/cxx20_is_constant_evaluated.h - base/cxx20_to_address.h - base/dcheck_is_on.h - base/debug/alias.cc - base/debug/alias.h - base/debug/crash_logging.cc - base/debug/crash_logging.h - base/debug/dump_without_crashing.h - base/debug/leak_annotations.h - base/debug/profiler.h - base/environment.cc - base/environment.h - base/features.h - base/files/file_path.h - base/format_macros.h - base/functional/bind.h - base/functional/bind_internal.h - base/functional/callback.h - base/functional/callback_forward.h - base/functional/callback_helpers.h - base/functional/callback_internal.cc - base/functional/callback_internal.h - base/functional/callback_tags.h - base/functional/disallow_unretained.h - base/functional/function_ref.h - base/functional/identity.h - base/functional/invoke.h - base/functional/not_fn.h - base/functional/unretained_traits.h - base/hash/hash.cc - base/hash/hash.h - base/immediate_crash.h - base/lazy_instance.h - base/lazy_instance_helpers.cc - base/lazy_instance_helpers.h - base/location.cc - base/location.h - base/logging.h - base/macros/concat.h - base/macros/uniquify.h - base/memory/free_deleter.h - base/memory/memory_pressure_listener.h - base/memory/platform_shared_memory_handle.h - base/memory/platform_shared_memory_region.h - base/memory/ptr_util.h - base/memory/raw_ptr.h - base/memory/raw_ptr_asan_bound_arg_tracker.h - base/memory/raw_ptr_exclusion.h - base/memory/raw_ref.h - base/memory/raw_scoped_refptr_mismatch_checker.h - base/memory/ref_counted.cc - base/memory/ref_counted.h - base/memory/safe_ref_traits.h - base/memory/scoped_refptr.h - base/memory/shared_memory_mapper.h - base/memory/shared_memory_mapping.h - base/memory/singleton.h - base/memory/unsafe_shared_memory_region.h - base/memory/weak_ptr.h - base/message_loop/message_pump.h - base/message_loop/message_pump_for_io.h - base/message_loop/message_pump_for_ui.h - base/message_loop/message_pump_libevent.h - base/message_loop/message_pump_type.h - base/message_loop/message_pump_win.h - base/message_loop/watchable_io_message_pump_posix.h - base/metrics/field_trial_params.h - base/no_destructor.h - base/notreached.h - base/numerics/checked_math.h - base/numerics/checked_math_impl.h - base/numerics/clamped_math.h - base/numerics/clamped_math_impl.h - base/numerics/safe_conversions.h - base/numerics/safe_conversions_arm_impl.h - base/numerics/safe_conversions_impl.h - base/numerics/safe_math.h - base/numerics/safe_math_arm_impl.h - base/numerics/safe_math_clang_gcc_impl.h - base/numerics/safe_math_shared_impl.h - base/numerics/wrapping_math.h - base/observer_list.h - base/observer_list_internal.h - base/observer_list_types.h - base/pending_task.h - base/posix/can_lower_nice_to.cc - base/posix/can_lower_nice_to.h - base/posix/eintr_wrapper.h - base/posix/safe_strerror.cc - base/posix/safe_strerror.h - base/process/environment_internal.cc - base/process/environment_internal.h - base/process/kill.h - base/process/memory.h - base/process/process.h - base/process/process_handle.h - base/rand_util.cc - base/rand_util.h - base/rand_util_win.cc - base/ranges/algorithm.h - base/ranges/functional.h - base/ranges/ranges.h - base/scoped_clear_last_error.h - base/scoped_clear_last_error_win.cc - base/sequence_checker.h - base/sequence_checker_impl.h - base/sequence_token.h - base/strings/safe_sprintf.cc - base/strings/safe_sprintf.h - base/strings/string_number_conversions.cc - base/strings/string_number_conversions.h - base/strings/string_number_conversions_internal.h - base/strings/string_number_conversions_win.h - base/strings/string_piece.h - base/strings/string_piece_forward.h - base/strings/string_split.cc - base/strings/string_split.h - base/strings/string_split_internal.h - base/strings/string_split_win.h - base/strings/string_util.cc - base/strings/string_util.h - base/strings/string_util_constants.cc - base/strings/string_util_impl_helpers.h - base/strings/string_util_internal.h - base/strings/string_util_posix.h - base/strings/string_util_win.cc - base/strings/string_util_win.h - base/strings/stringprintf.cc - base/strings/stringprintf.h - base/strings/to_string.h - base/strings/utf_ostream_operators.cc - base/strings/utf_ostream_operators.h - base/strings/utf_string_conversion_utils.cc - base/strings/utf_string_conversion_utils.h - base/strings/utf_string_conversions.cc - base/strings/utf_string_conversions.h - base/synchronization/atomic_flag.h - base/synchronization/condition_variable.h - base/synchronization/condition_variable_posix.cc - base/synchronization/lock.cc - base/synchronization/lock.h - base/synchronization/lock_impl.h - base/synchronization/lock_impl_posix.cc - base/synchronization/lock_impl_win.cc - base/synchronization/waitable_event.h - base/synchronization/waitable_event_posix.cc - base/task/current_thread.h - base/task/delay_policy.h - base/task/delayed_task_handle.h - base/task/post_task_and_reply_with_result_internal.h - base/task/sequence_manager/task_time_observer.h - base/task/sequenced_task_runner.h - base/task/sequenced_task_runner_helpers.h - base/task/single_thread_task_runner.h - base/task/task_observer.h - base/task/task_runner.h - base/template_util.h - base/third_party/cityhash/city.cc - base/third_party/cityhash/city.h - base/third_party/cityhash/COPYING - base/third_party/icu/icu_utf.h - base/third_party/icu/LICENSE - base/third_party/superfasthash/LICENSE - base/third_party/superfasthash/README.chromium - base/third_party/superfasthash/superfasthash.c - base/thread_annotations.h - base/threading/hang_watcher.h - base/threading/platform_thread.cc - base/threading/platform_thread.h - base/threading/platform_thread_internal_posix.cc - base/threading/platform_thread_internal_posix.h - base/threading/platform_thread_posix.cc - base/threading/platform_thread_ref.cc - base/threading/platform_thread_ref.h - base/threading/platform_thread_win.cc - base/threading/platform_thread_win.h - base/threading/scoped_thread_priority.h - base/threading/simple_thread.h - base/threading/thread_checker.h - base/threading/thread_checker_impl.h - base/threading/thread_collision_warner.cc - base/threading/thread_collision_warner.h - base/threading/thread_id_name_manager.cc - base/threading/thread_id_name_manager.h - base/threading/thread_local.h - base/threading/thread_local_internal.h - base/threading/thread_local_storage.cc - base/threading/thread_local_storage.h - base/threading/thread_local_storage_posix.cc - base/threading/thread_local_storage_win.cc - base/threading/thread_restrictions.cc - base/threading/thread_restrictions.h - base/threading/threading_features.h - base/time/tick_clock.h - base/time/time.cc - base/time/time.h - base/time/time_now_posix.cc - base/time/time_override.h - base/time/time_win.cc - base/token.h - base/trace_event/base_tracing.h - base/trace_event/base_tracing_forward.h - base/trace_event/common/trace_event_common.h - base/trace_event/memory_allocator_dump_guid.h - base/trace_event/trace_event_stub.cc - base/trace_event/trace_event_stub.h - base/types/always_false.h - base/types/pass_key.h - base/types/strong_alias.h - base/types/supports_ostream_operator.h - base/unguessable_token.h - base/version.cc - base/version.h - base/win/access_control_list.cc - base/win/access_control_list.h - base/win/access_token.cc - base/win/access_token.h - base/win/current_module.h - base/win/message_window.h - base/win/pe_image.cc - base/win/pe_image.h - base/win/scoped_handle.cc - base/win/scoped_handle.h - base/win/scoped_handle_verifier.cc - base/win/scoped_handle_verifier.h - base/win/scoped_localalloc.h - base/win/scoped_process_information.cc - base/win/scoped_process_information.h - base/win/security_descriptor.cc - base/win/security_descriptor.h - base/win/security_util.cc - base/win/security_util.h - base/win/sid.cc - base/win/sid.h - base/win/startup_information.cc - base/win/startup_information.h - base/win/static_constants.cc - base/win/static_constants.h - base/win/win_handle_types.h - base/win/win_handle_types_list.inc - base/win/windows_types.h - base/win/windows_version.cc - base/win/windows_version.h - build/build_config.h - build/buildflag.h - LICENSE - sandbox/features.cc - sandbox/features.h - sandbox/linux/bpf_dsl/bpf_dsl.cc - sandbox/linux/bpf_dsl/bpf_dsl.h - sandbox/linux/bpf_dsl/bpf_dsl_forward.h - sandbox/linux/bpf_dsl/bpf_dsl_impl.h - sandbox/linux/bpf_dsl/codegen.cc - sandbox/linux/bpf_dsl/codegen.h - sandbox/linux/bpf_dsl/cons.h - sandbox/linux/bpf_dsl/dump_bpf.cc - sandbox/linux/bpf_dsl/dump_bpf.h - sandbox/linux/bpf_dsl/errorcode.h - sandbox/linux/bpf_dsl/linux_syscall_ranges.h - sandbox/linux/bpf_dsl/policy.cc - sandbox/linux/bpf_dsl/policy.h - sandbox/linux/bpf_dsl/policy_compiler.cc - sandbox/linux/bpf_dsl/policy_compiler.h - sandbox/linux/bpf_dsl/seccomp_macros.h - sandbox/linux/bpf_dsl/syscall_set.cc - sandbox/linux/bpf_dsl/syscall_set.h - sandbox/linux/bpf_dsl/trap_registry.h - sandbox/linux/seccomp-bpf/die.cc - sandbox/linux/seccomp-bpf/die.h - sandbox/linux/seccomp-bpf/syscall.cc - sandbox/linux/seccomp-bpf/syscall.h - sandbox/linux/seccomp-bpf/trap.cc - sandbox/linux/seccomp-bpf/trap.h - sandbox/linux/services/syscall_wrappers.cc - sandbox/linux/services/syscall_wrappers.h - sandbox/linux/system_headers/arm64_linux_syscalls.h - sandbox/linux/system_headers/arm_linux_syscalls.h - sandbox/linux/system_headers/capability.h - sandbox/linux/system_headers/linux_filter.h - sandbox/linux/system_headers/linux_seccomp.h - sandbox/linux/system_headers/linux_signal.h - sandbox/linux/system_headers/linux_stat.h - sandbox/linux/system_headers/linux_syscalls.h - sandbox/linux/system_headers/x86_32_linux_syscalls.h - sandbox/linux/system_headers/x86_64_linux_syscalls.h - sandbox/sandbox_export.h - sandbox/win/src/acl.cc - sandbox/win/src/acl.h - sandbox/win/src/alternate_desktop.cc - sandbox/win/src/alternate_desktop.h - sandbox/win/src/app_container.h - sandbox/win/src/app_container_base.cc - sandbox/win/src/app_container_base.h - sandbox/win/src/broker_services.cc - sandbox/win/src/broker_services.h - sandbox/win/src/crosscall_client.h - sandbox/win/src/crosscall_params.h - sandbox/win/src/crosscall_server.cc - sandbox/win/src/crosscall_server.h - sandbox/win/src/eat_resolver.cc - sandbox/win/src/eat_resolver.h - sandbox/win/src/filesystem_dispatcher.cc - sandbox/win/src/filesystem_dispatcher.h - sandbox/win/src/filesystem_interception.cc - sandbox/win/src/filesystem_interception.h - sandbox/win/src/filesystem_policy.cc - sandbox/win/src/filesystem_policy.h - sandbox/win/src/handle_closer.cc - sandbox/win/src/handle_closer.h - sandbox/win/src/handle_closer_agent.cc - sandbox/win/src/handle_closer_agent.h - sandbox/win/src/heap_helper.cc - sandbox/win/src/heap_helper.h - sandbox/win/src/interception.cc - sandbox/win/src/interception.h - sandbox/win/src/interception_agent.cc - sandbox/win/src/interception_agent.h - sandbox/win/src/interception_internal.h - sandbox/win/src/interceptors.h - sandbox/win/src/interceptors_64.cc - sandbox/win/src/interceptors_64.h - sandbox/win/src/internal_types.h - sandbox/win/src/ipc_args.cc - sandbox/win/src/ipc_args.h - sandbox/win/src/ipc_tags.h - sandbox/win/src/job.cc - sandbox/win/src/job.h - sandbox/win/src/named_pipe_dispatcher.cc - sandbox/win/src/named_pipe_dispatcher.h - sandbox/win/src/named_pipe_interception.cc - sandbox/win/src/named_pipe_interception.h - sandbox/win/src/named_pipe_policy.cc - sandbox/win/src/named_pipe_policy.h - sandbox/win/src/nt_internals.h - sandbox/win/src/policy_broker.cc - sandbox/win/src/policy_broker.h - sandbox/win/src/policy_engine_opcodes.cc - sandbox/win/src/policy_engine_opcodes.h - sandbox/win/src/policy_engine_params.h - sandbox/win/src/policy_engine_processor.cc - sandbox/win/src/policy_engine_processor.h - sandbox/win/src/policy_low_level.cc - sandbox/win/src/policy_low_level.h - sandbox/win/src/policy_params.h - sandbox/win/src/policy_target.cc - sandbox/win/src/policy_target.h - sandbox/win/src/process_mitigations.cc - sandbox/win/src/process_mitigations.h - sandbox/win/src/process_mitigations_win32k_dispatcher.cc - sandbox/win/src/process_mitigations_win32k_dispatcher.h - sandbox/win/src/process_mitigations_win32k_interception.cc - sandbox/win/src/process_mitigations_win32k_interception.h - sandbox/win/src/process_mitigations_win32k_policy.cc - sandbox/win/src/process_mitigations_win32k_policy.h - sandbox/win/src/process_thread_dispatcher.cc - sandbox/win/src/process_thread_dispatcher.h - sandbox/win/src/process_thread_interception.cc - sandbox/win/src/process_thread_interception.h - sandbox/win/src/process_thread_policy.cc - sandbox/win/src/process_thread_policy.h - sandbox/win/src/resolver.cc - sandbox/win/src/resolver.h - sandbox/win/src/resolver_32.cc - sandbox/win/src/resolver_64.cc - sandbox/win/src/restricted_token.cc - sandbox/win/src/restricted_token.h - sandbox/win/src/restricted_token_utils.cc - sandbox/win/src/restricted_token_utils.h - sandbox/win/src/sandbox.cc - sandbox/win/src/sandbox.h - sandbox/win/src/sandbox_factory.h - sandbox/win/src/sandbox_globals.cc - sandbox/win/src/sandbox_nt_types.h - sandbox/win/src/sandbox_nt_util.cc - sandbox/win/src/sandbox_nt_util.h - sandbox/win/src/sandbox_policy.h - sandbox/win/src/sandbox_policy_base.cc - sandbox/win/src/sandbox_policy_base.h - sandbox/win/src/sandbox_types.h - sandbox/win/src/security_capabilities.cc - sandbox/win/src/security_capabilities.h - sandbox/win/src/security_level.h - sandbox/win/src/service_resolver.cc - sandbox/win/src/service_resolver.h - sandbox/win/src/service_resolver_32.cc - sandbox/win/src/service_resolver_64.cc - sandbox/win/src/sharedmem_ipc_client.cc - sandbox/win/src/sharedmem_ipc_client.h - sandbox/win/src/sharedmem_ipc_server.cc - sandbox/win/src/sharedmem_ipc_server.h - sandbox/win/src/signed_dispatcher.cc - sandbox/win/src/signed_dispatcher.h - sandbox/win/src/signed_interception.cc - sandbox/win/src/signed_interception.h - sandbox/win/src/signed_policy.cc - sandbox/win/src/signed_policy.h - sandbox/win/src/startup_information_helper.cc - sandbox/win/src/startup_information_helper.h - sandbox/win/src/target_interceptions.cc - sandbox/win/src/target_interceptions.h - sandbox/win/src/target_process.cc - sandbox/win/src/target_process.h - sandbox/win/src/target_services.cc - sandbox/win/src/target_services.h - sandbox/win/src/threadpool.cc - sandbox/win/src/threadpool.h - sandbox/win/src/top_level_dispatcher.cc - sandbox/win/src/top_level_dispatcher.h - sandbox/win/src/win_utils.cc - sandbox/win/src/win_utils.h - sandbox/win/src/window.cc - sandbox/win/src/window.h - third_party/libevent/event-config.h - third_party/libevent/event.h - third_party/libevent/evutil.h - third_party/libevent/LICENSE - third_party/libevent/linux/event-config.h # Apply patches that are taken from upstream first as these will not be # needed at some point, so we want subsequent patches to work after the # upstream fix. patches: - ../chromium-shim/patches/upstream/*.patch - ../chromium-shim/patches/*.patch