Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/sandbox_mac.mm

Issue 5580002: Mac: Tell the GPU sandbox to deny a few things. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: browser tests pass Created 10 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/browser/gpu.sb ('K') | « chrome/common/sandbox_mac.h ('k') | chrome/common/sandbox_mac_unittest_helper.mm » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/sandbox_mac.h" 5 #include "chrome/common/sandbox_mac.h"
6 6
7 #include "base/debug_util.h" 7 #include "base/debug_util.h"
8 8
9 #import <Cocoa/Cocoa.h> 9 #import <Cocoa/Cocoa.h>
10 #import <OpenGL/OpenGL.h>
11
10 extern "C" { 12 extern "C" {
11 #include <sandbox.h> 13 #include <sandbox.h>
12 } 14 }
15 #include <signal.h>
13 #include <sys/param.h> 16 #include <sys/param.h>
14 17
18 #include "app/gfx/gl/gl_context.h"
15 #include "base/basictypes.h" 19 #include "base/basictypes.h"
20 #include "base/chrome_application_mac.h"
16 #include "base/command_line.h" 21 #include "base/command_line.h"
17 #include "base/file_util.h" 22 #include "base/file_util.h"
18 #include "base/mac_util.h" 23 #include "base/mac_util.h"
19 #include "base/rand_util_c.h" 24 #include "base/rand_util_c.h"
20 #include "base/mac/scoped_cftyperef.h" 25 #include "base/mac/scoped_cftyperef.h"
21 #include "base/mac/scoped_nsautorelease_pool.h" 26 #include "base/mac/scoped_nsautorelease_pool.h"
22 #include "base/string16.h" 27 #include "base/string16.h"
23 #include "base/string_util.h" 28 #include "base/string_util.h"
24 #include "base/sys_info.h" 29 #include "base/sys_info.h"
25 #include "base/sys_string_conversions.h" 30 #include "base/sys_string_conversions.h"
(...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after
170 175
171 // Warm up System APIs that empirically need to be accessed before the Sandbox 176 // Warm up System APIs that empirically need to be accessed before the Sandbox
172 // is turned on. 177 // is turned on.
173 // This method is layed out in blocks, each one containing a separate function 178 // This method is layed out in blocks, each one containing a separate function
174 // that needs to be warmed up. The OS version on which we found the need to 179 // that needs to be warmed up. The OS version on which we found the need to
175 // enable the function is also noted. 180 // enable the function is also noted.
176 // This function is tested on the following OS versions: 181 // This function is tested on the following OS versions:
177 // 10.5.6, 10.6.0 182 // 10.5.6, 10.6.0
178 183
179 // static 184 // static
180 void Sandbox::SandboxWarmup() { 185 void Sandbox::SandboxWarmup(SandboxProcessType sandbox_type) {
181 base::mac::ScopedNSAutoreleasePool scoped_pool; 186 base::mac::ScopedNSAutoreleasePool scoped_pool;
182 187
183 { // CGColorSpaceCreateWithName(), CGBitmapContextCreate() - 10.5.6 188 { // CGColorSpaceCreateWithName(), CGBitmapContextCreate() - 10.5.6
184 base::mac::ScopedCFTypeRef<CGColorSpaceRef> rgb_colorspace( 189 base::mac::ScopedCFTypeRef<CGColorSpaceRef> rgb_colorspace(
185 CGColorSpaceCreateWithName(kCGColorSpaceGenericRGB)); 190 CGColorSpaceCreateWithName(kCGColorSpaceGenericRGB));
186 191
187 // Allocate a 1x1 image. 192 // Allocate a 1x1 image.
188 char data[4]; 193 char data[4];
189 base::mac::ScopedCFTypeRef<CGContextRef> context( 194 base::mac::ScopedCFTypeRef<CGContextRef> context(
190 CGBitmapContextCreate(data, 1, 1, 8, 1 * 4, 195 CGBitmapContextCreate(data, 1, 1, 8, 1 * 4,
(...skipping 30 matching lines...) Expand all
221 // Create a png with just enough data to get everything warmed up... 226 // Create a png with just enough data to get everything warmed up...
222 char png_header[] = {0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A}; 227 char png_header[] = {0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A};
223 NSData* data = [NSData dataWithBytes:png_header 228 NSData* data = [NSData dataWithBytes:png_header
224 length:arraysize(png_header)]; 229 length:arraysize(png_header)];
225 base::mac::ScopedCFTypeRef<CGImageSourceRef> img( 230 base::mac::ScopedCFTypeRef<CGImageSourceRef> img(
226 CGImageSourceCreateWithData((CFDataRef)data, 231 CGImageSourceCreateWithData((CFDataRef)data,
227 NULL)); 232 NULL));
228 CGImageSourceGetStatus(img); 233 CGImageSourceGetStatus(img);
229 } 234 }
230 235
231 { // Native Client access to /dev/random. 236 // Process-type dependent warm-up.
232 GetUrandomFD(); 237 switch (sandbox_type) {
238 case SANDBOX_TYPE_NACL_LOADER:
239 {
240 // Native Client access to /dev/random.
241 GetUrandomFD();
242 }
243 break;
244
245 case SANDBOX_TYPE_GPU:
246 { // GPU-related stuff is very slow without this, probably because
247 // the sandbox prevents loading graphics drivers or some such.
248 CGLPixelFormatAttribute attribs[] = { (CGLPixelFormatAttribute)0 };
249 CGLPixelFormatObj format;
250 GLint n;
251 CGLChoosePixelFormat(attribs, &format, &n);
252 if (format)
253 CGLReleasePixelFormat(format);
254 }
255
256 {
257 // Preload either the desktop GL or the osmesa so, depending on the
258 // --use-gl flag.
259 gfx::GLContext::InitializeOneOff();
260 }
261
262 {
263 // Access to /dev/random is required for the field trial code.
264 GetUrandomFD();
265 }
266
267 { // Without this, the GPU process dies during [CrApplication init].
268 [CrApplication sharedApplication];
269 }
270 break;
271
272 default:
273 // To shut up a gcc warning.
274 break;
233 } 275 }
234 } 276 }
235 277
236 // static 278 // static
237 NSString* Sandbox::BuildAllowDirectoryAccessSandboxString( 279 NSString* Sandbox::BuildAllowDirectoryAccessSandboxString(
238 const FilePath& allowed_dir, 280 const FilePath& allowed_dir,
239 SandboxVariableSubstitions* substitutions) { 281 SandboxVariableSubstitions* substitutions) {
240 // A whitelist is used to determine which directories can be statted 282 // A whitelist is used to determine which directories can be statted
241 // This means that in the case of an /a/b/c/d/ directory, we may be able to 283 // This means that in the case of an /a/b/c/d/ directory, we may be able to
242 // stat the leaf directory, but not it's parent. 284 // stat the leaf directory, but not it's parent.
(...skipping 298 matching lines...) Expand 10 before | Expand all | Expand 10 after
541 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { 583 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) {
542 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " 584 PLOG(FATAL) << "GetCanonicalSandboxPath() failed for: "
543 << path->value(); 585 << path->value();
544 return; 586 return;
545 } 587 }
546 588
547 *path = FilePath(canonical_path); 589 *path = FilePath(canonical_path);
548 } 590 }
549 591
550 } // namespace sandbox 592 } // namespace sandbox
OLDNEW
« chrome/browser/gpu.sb ('K') | « chrome/common/sandbox_mac.h ('k') | chrome/common/sandbox_mac_unittest_helper.mm » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698