Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(440)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/sandbox_mac.mm

Issue 5491001: Mac: Sandbox GPU process. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: make tests work for now Created 10 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/common/chrome_switches.cc ('K') | « chrome/common/sandbox_mac.h ('k') | chrome/common/sandbox_mac_unittest_helper.mm » ('j') | chrome/common/sandbox_mac_unittest_helper.mm » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/sandbox_mac.h" 5 #include "chrome/common/sandbox_mac.h"
6 6
7 #include "base/debug_util.h" 7 #include "base/debug_util.h"
8 8
9 #import <Cocoa/Cocoa.h> 9 #import <Cocoa/Cocoa.h>
10 extern "C" { 10 extern "C" {
(...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after
307 sandbox_config_filename = @"worker"; 307 sandbox_config_filename = @"worker";
308 break; 308 break;
309 case Sandbox::SANDBOX_TYPE_UTILITY: 309 case Sandbox::SANDBOX_TYPE_UTILITY:
310 sandbox_config_filename = @"utility"; 310 sandbox_config_filename = @"utility";
311 break; 311 break;
312 case Sandbox::SANDBOX_TYPE_NACL_LOADER: 312 case Sandbox::SANDBOX_TYPE_NACL_LOADER:
313 // The Native Client loader is used for safeguarding the user's 313 // The Native Client loader is used for safeguarding the user's
314 // untrusted code within Native Client. 314 // untrusted code within Native Client.
315 sandbox_config_filename = @"nacl_loader"; 315 sandbox_config_filename = @"nacl_loader";
316 break; 316 break;
317 case Sandbox::SANDBOX_TYPE_GPU:
318 sandbox_config_filename = @"gpu";
319 break;
317 default: 320 default:
318 NOTREACHED(); 321 NOTREACHED();
319 return nil; 322 return nil;
320 } 323 }
321 324
322 // Read in the sandbox profile and the common prefix file. 325 // Read in the sandbox profile and the common prefix file.
323 NSString* common_sandbox_prefix_path = 326 NSString* common_sandbox_prefix_path =
324 [mac_util::MainAppBundle() pathForResource:@"common" 327 [mac_util::MainAppBundle() pathForResource:@"common"
325 ofType:@"sb"]; 328 ofType:@"sb"];
326 NSString* common_sandbox_prefix_data = 329 NSString* common_sandbox_prefix_data =
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after
458 sandbox_data = [sandbox_data 461 sandbox_data = [sandbox_data
459 stringByReplacingOccurrencesOfString:@";ENABLE_DIRECTORY_ACCESS" 462 stringByReplacingOccurrencesOfString:@";ENABLE_DIRECTORY_ACCESS"
460 withString:allowed_dir_sandbox_command]; 463 withString:allowed_dir_sandbox_command];
461 } 464 }
462 } 465 }
463 466
464 NSMutableArray* tokens_to_remove = [NSMutableArray array]; 467 NSMutableArray* tokens_to_remove = [NSMutableArray array];
465 468
466 // Enable verbose logging if enabled on the command line. (See common.sb 469 // Enable verbose logging if enabled on the command line. (See common.sb
467 // for details). 470 // for details).
468 const CommandLine *command_line = CommandLine::ForCurrentProcess(); 471 const CommandLine* command_line = CommandLine::ForCurrentProcess();
469 bool enable_logging = 472 bool enable_logging =
470 command_line->HasSwitch(switches::kEnableSandboxLogging);; 473 command_line->HasSwitch(switches::kEnableSandboxLogging);;
471 if (enable_logging) { 474 if (enable_logging) {
472 [tokens_to_remove addObject:@";ENABLE_LOGGING"]; 475 [tokens_to_remove addObject:@";ENABLE_LOGGING"];
473 } 476 }
474 477
475 bool snow_leopard_or_higher; 478 bool snow_leopard_or_higher;
476 GetOSVersion(&snow_leopard_or_higher); 479 GetOSVersion(&snow_leopard_or_higher);
477 480
478 // Without this, the sandbox will print a message to the system log every 481 // Without this, the sandbox will print a message to the system log every
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
538 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { 541 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) {
539 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " 542 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: "
540 << path->value(); 543 << path->value();
541 return; 544 return;
542 } 545 }
543 546
544 *path = FilePath(canonical_path); 547 *path = FilePath(canonical_path);
545 } 548 }
546 549
547 } // namespace sandbox 550 } // namespace sandbox
OLDNEW
« chrome/common/chrome_switches.cc ('K') | « chrome/common/sandbox_mac.h ('k') | chrome/common/sandbox_mac_unittest_helper.mm » ('j') | chrome/common/sandbox_mac_unittest_helper.mm » ('J')

Powered by Google App Engine
This is Rietveld 408576698