OLD | NEW |
---|---|
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/common/sandbox_mac.h" | 5 #include "chrome/common/sandbox_mac.h" |
6 | 6 |
7 #include "base/debug_util.h" | 7 #include "base/debug_util.h" |
8 | 8 |
9 #import <Cocoa/Cocoa.h> | 9 #import <Cocoa/Cocoa.h> |
10 #import <OpenGL/OpenGL.h> | |
11 | |
10 extern "C" { | 12 extern "C" { |
11 #include <sandbox.h> | 13 #include <sandbox.h> |
12 } | 14 } |
15 #include <signal.h> | |
13 #include <sys/param.h> | 16 #include <sys/param.h> |
14 | 17 |
15 #include "base/basictypes.h" | 18 #include "base/basictypes.h" |
19 #include "base/chrome_application_mac.h" | |
16 #include "base/command_line.h" | 20 #include "base/command_line.h" |
17 #include "base/file_util.h" | 21 #include "base/file_util.h" |
18 #include "base/mac_util.h" | 22 #include "base/mac_util.h" |
19 #include "base/rand_util_c.h" | 23 #include "base/rand_util_c.h" |
20 #include "base/mac/scoped_cftyperef.h" | 24 #include "base/mac/scoped_cftyperef.h" |
21 #include "base/mac/scoped_nsautorelease_pool.h" | 25 #include "base/mac/scoped_nsautorelease_pool.h" |
22 #include "base/string16.h" | 26 #include "base/string16.h" |
23 #include "base/string_util.h" | 27 #include "base/string_util.h" |
24 #include "base/sys_info.h" | 28 #include "base/sys_info.h" |
25 #include "base/sys_string_conversions.h" | 29 #include "base/sys_string_conversions.h" |
(...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
170 | 174 |
171 // Warm up System APIs that empirically need to be accessed before the Sandbox | 175 // Warm up System APIs that empirically need to be accessed before the Sandbox |
172 // is turned on. | 176 // is turned on. |
173 // This method is layed out in blocks, each one containing a separate function | 177 // This method is layed out in blocks, each one containing a separate function |
174 // that needs to be warmed up. The OS version on which we found the need to | 178 // that needs to be warmed up. The OS version on which we found the need to |
175 // enable the function is also noted. | 179 // enable the function is also noted. |
176 // This function is tested on the following OS versions: | 180 // This function is tested on the following OS versions: |
177 // 10.5.6, 10.6.0 | 181 // 10.5.6, 10.6.0 |
178 | 182 |
179 // static | 183 // static |
180 void Sandbox::SandboxWarmup() { | 184 void Sandbox::SandboxWarmup(SandboxProcessType sandbox_type) { |
181 base::mac::ScopedNSAutoreleasePool scoped_pool; | 185 base::mac::ScopedNSAutoreleasePool scoped_pool; |
182 | 186 |
183 { // CGColorSpaceCreateWithName(), CGBitmapContextCreate() - 10.5.6 | 187 { // CGColorSpaceCreateWithName(), CGBitmapContextCreate() - 10.5.6 |
184 base::mac::ScopedCFTypeRef<CGColorSpaceRef> rgb_colorspace( | 188 base::mac::ScopedCFTypeRef<CGColorSpaceRef> rgb_colorspace( |
185 CGColorSpaceCreateWithName(kCGColorSpaceGenericRGB)); | 189 CGColorSpaceCreateWithName(kCGColorSpaceGenericRGB)); |
186 | 190 |
187 // Allocate a 1x1 image. | 191 // Allocate a 1x1 image. |
188 char data[4]; | 192 char data[4]; |
189 base::mac::ScopedCFTypeRef<CGContextRef> context( | 193 base::mac::ScopedCFTypeRef<CGContextRef> context( |
190 CGBitmapContextCreate(data, 1, 1, 8, 1 * 4, | 194 CGBitmapContextCreate(data, 1, 1, 8, 1 * 4, |
(...skipping 30 matching lines...) Expand all Loading... | |
221 // Create a png with just enough data to get everything warmed up... | 225 // Create a png with just enough data to get everything warmed up... |
222 char png_header[] = {0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A}; | 226 char png_header[] = {0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A}; |
223 NSData* data = [NSData dataWithBytes:png_header | 227 NSData* data = [NSData dataWithBytes:png_header |
224 length:arraysize(png_header)]; | 228 length:arraysize(png_header)]; |
225 base::mac::ScopedCFTypeRef<CGImageSourceRef> img( | 229 base::mac::ScopedCFTypeRef<CGImageSourceRef> img( |
226 CGImageSourceCreateWithData((CFDataRef)data, | 230 CGImageSourceCreateWithData((CFDataRef)data, |
227 NULL)); | 231 NULL)); |
228 CGImageSourceGetStatus(img); | 232 CGImageSourceGetStatus(img); |
229 } | 233 } |
230 | 234 |
231 { // Native Client access to /dev/random. | 235 { // Native Client access to /dev/random. |
jeremy
2010/12/03 14:22:09
Could you special case this for NaCL while you're
Nico
2010/12/04 00:26:10
Done.
| |
232 GetUrandomFD(); | 236 GetUrandomFD(); |
233 } | 237 } |
238 | |
239 if (sandbox_type == SANDBOX_TYPE_GPU) { | |
240 { // GPU-related stuff is very slow without this, probably because | |
241 // the sandbox prevents loading graphics drivers or some such. | |
242 CGLPixelFormatAttribute attribs[] = { (CGLPixelFormatAttribute)0 }; | |
243 CGLPixelFormatObj format; | |
244 GLint n; | |
245 CGLChoosePixelFormat(attribs, &format, &n); | |
246 if (format) | |
247 CGLReleasePixelFormat(format); | |
248 } | |
249 | |
250 | |
251 { // Without this, the GPU process dies during [CrApplication init]. | |
252 [CrApplication sharedApplication]; | |
jeremy
2010/12/03 14:22:09
Could you make sure you don't have access to the c
Nico
2010/12/04 00:26:10
The unit test used to fail and passes now. I think
| |
253 } | |
254 } | |
234 } | 255 } |
235 | 256 |
236 // static | 257 // static |
237 NSString* Sandbox::BuildAllowDirectoryAccessSandboxString( | 258 NSString* Sandbox::BuildAllowDirectoryAccessSandboxString( |
238 const FilePath& allowed_dir, | 259 const FilePath& allowed_dir, |
239 SandboxVariableSubstitions* substitutions) { | 260 SandboxVariableSubstitions* substitutions) { |
240 // A whitelist is used to determine which directories can be statted | 261 // A whitelist is used to determine which directories can be statted |
241 // This means that in the case of an /a/b/c/d/ directory, we may be able to | 262 // This means that in the case of an /a/b/c/d/ directory, we may be able to |
242 // stat the leaf directory, but not it's parent. | 263 // stat the leaf directory, but not it's parent. |
243 // The extension code in Chrome calls realpath() which fails if it can't call | 264 // The extension code in Chrome calls realpath() which fails if it can't call |
(...skipping 297 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
541 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { | 562 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { |
542 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " | 563 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " |
543 << path->value(); | 564 << path->value(); |
544 return; | 565 return; |
545 } | 566 } |
546 | 567 |
547 *path = FilePath(canonical_path); | 568 *path = FilePath(canonical_path); |
548 } | 569 } |
549 | 570 |
550 } // namespace sandbox | 571 } // namespace sandbox |
OLD | NEW |