OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/common/sandbox_mac.h" | 5 #include "chrome/common/sandbox_mac.h" |
6 | 6 |
7 #include "base/debug_util.h" | 7 #include "base/debug_util.h" |
8 | 8 |
9 #import <Cocoa/Cocoa.h> | 9 #import <Cocoa/Cocoa.h> |
10 extern "C" { | 10 extern "C" { |
(...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
307 sandbox_config_filename = @"worker"; | 307 sandbox_config_filename = @"worker"; |
308 break; | 308 break; |
309 case Sandbox::SANDBOX_TYPE_UTILITY: | 309 case Sandbox::SANDBOX_TYPE_UTILITY: |
310 sandbox_config_filename = @"utility"; | 310 sandbox_config_filename = @"utility"; |
311 break; | 311 break; |
312 case Sandbox::SANDBOX_TYPE_NACL_LOADER: | 312 case Sandbox::SANDBOX_TYPE_NACL_LOADER: |
313 // The Native Client loader is used for safeguarding the user's | 313 // The Native Client loader is used for safeguarding the user's |
314 // untrusted code within Native Client. | 314 // untrusted code within Native Client. |
315 sandbox_config_filename = @"nacl_loader"; | 315 sandbox_config_filename = @"nacl_loader"; |
316 break; | 316 break; |
| 317 case Sandbox::SANDBOX_TYPE_GPU: |
| 318 sandbox_config_filename = @"gpu"; |
| 319 break; |
317 default: | 320 default: |
318 NOTREACHED(); | 321 NOTREACHED(); |
319 return nil; | 322 return nil; |
320 } | 323 } |
321 | 324 |
322 // Read in the sandbox profile and the common prefix file. | 325 // Read in the sandbox profile and the common prefix file. |
323 NSString* common_sandbox_prefix_path = | 326 NSString* common_sandbox_prefix_path = |
324 [mac_util::MainAppBundle() pathForResource:@"common" | 327 [mac_util::MainAppBundle() pathForResource:@"common" |
325 ofType:@"sb"]; | 328 ofType:@"sb"]; |
326 NSString* common_sandbox_prefix_data = | 329 NSString* common_sandbox_prefix_data = |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
458 sandbox_data = [sandbox_data | 461 sandbox_data = [sandbox_data |
459 stringByReplacingOccurrencesOfString:@";ENABLE_DIRECTORY_ACCESS" | 462 stringByReplacingOccurrencesOfString:@";ENABLE_DIRECTORY_ACCESS" |
460 withString:allowed_dir_sandbox_command]; | 463 withString:allowed_dir_sandbox_command]; |
461 } | 464 } |
462 } | 465 } |
463 | 466 |
464 NSMutableArray* tokens_to_remove = [NSMutableArray array]; | 467 NSMutableArray* tokens_to_remove = [NSMutableArray array]; |
465 | 468 |
466 // Enable verbose logging if enabled on the command line. (See common.sb | 469 // Enable verbose logging if enabled on the command line. (See common.sb |
467 // for details). | 470 // for details). |
468 const CommandLine *command_line = CommandLine::ForCurrentProcess(); | 471 const CommandLine* command_line = CommandLine::ForCurrentProcess(); |
469 bool enable_logging = | 472 bool enable_logging = |
470 command_line->HasSwitch(switches::kEnableSandboxLogging);; | 473 command_line->HasSwitch(switches::kEnableSandboxLogging);; |
471 if (enable_logging) { | 474 if (enable_logging) { |
472 [tokens_to_remove addObject:@";ENABLE_LOGGING"]; | 475 [tokens_to_remove addObject:@";ENABLE_LOGGING"]; |
473 } | 476 } |
474 | 477 |
475 bool snow_leopard_or_higher; | 478 bool snow_leopard_or_higher; |
476 GetOSVersion(&snow_leopard_or_higher); | 479 GetOSVersion(&snow_leopard_or_higher); |
477 | 480 |
478 // Without this, the sandbox will print a message to the system log every | 481 // Without this, the sandbox will print a message to the system log every |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
538 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { | 541 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { |
539 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " | 542 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " |
540 << path->value(); | 543 << path->value(); |
541 return; | 544 return; |
542 } | 545 } |
543 | 546 |
544 *path = FilePath(canonical_path); | 547 *path = FilePath(canonical_path); |
545 } | 548 } |
546 | 549 |
547 } // namespace sandbox | 550 } // namespace sandbox |
OLD | NEW |