OLD | NEW |
---|---|
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <dlfcn.h> | 5 #include <dlfcn.h> |
6 #include <fcntl.h> | 6 #include <fcntl.h> |
7 #include <pthread.h> | 7 #include <pthread.h> |
8 #include <sys/epoll.h> | 8 #include <sys/epoll.h> |
9 #include <sys/prctl.h> | 9 #include <sys/prctl.h> |
10 #include <sys/signal.h> | 10 #include <sys/signal.h> |
(...skipping 571 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
582 | 582 |
583 #endif // !CHROMIUM_SELINUX | 583 #endif // !CHROMIUM_SELINUX |
584 | 584 |
585 // This function triggers the static and lazy construction of objects that need | 585 // This function triggers the static and lazy construction of objects that need |
586 // to be created before imposing the sandbox. | 586 // to be created before imposing the sandbox. |
587 static void PreSandboxInit() { | 587 static void PreSandboxInit() { |
588 base::RandUint64(); | 588 base::RandUint64(); |
589 | 589 |
590 base::SysInfo::MaxSharedMemorySize(); | 590 base::SysInfo::MaxSharedMemorySize(); |
591 | 591 |
592 // To make wcstombs/mbstowcs work in a renderer, setlocale() has to be | |
593 // called before the sandbox is triggered. It's possible to avoid calling | |
Evan Martin
2011/01/31 22:51:37
I repeated this test that prompted this extra code
| |
594 // setlocale() by pulling out the conversion between FilePath and | |
595 // WebCore String out of the renderer and using string16 in place of | |
596 // FilePath for IPC. | |
597 const char* locale = setlocale(LC_ALL, ""); | |
598 LOG_IF(WARNING, locale == NULL) << "setlocale failed."; | |
599 | |
600 // ICU DateFormat class (used in base/time_format.cc) needs to get the | 592 // ICU DateFormat class (used in base/time_format.cc) needs to get the |
601 // Olson timezone ID by accessing the zoneinfo files on disk. After | 593 // Olson timezone ID by accessing the zoneinfo files on disk. After |
602 // TimeZone::createDefault is called once here, the timezone ID is | 594 // TimeZone::createDefault is called once here, the timezone ID is |
603 // cached and there's no more need to access the file system. | 595 // cached and there's no more need to access the file system. |
604 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); | 596 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); |
605 | 597 |
606 FilePath module_path; | 598 FilePath module_path; |
607 if (PathService::Get(base::DIR_MODULE, &module_path)) | 599 if (PathService::Get(base::DIR_MODULE, &module_path)) |
608 media::InitializeMediaLibrary(module_path); | 600 media::InitializeMediaLibrary(module_path); |
609 | 601 |
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
751 VLOG(1) << "Enabling experimental Seccomp sandbox."; | 743 VLOG(1) << "Enabling experimental Seccomp sandbox."; |
752 sandbox_flags |= ZygoteHost::kSandboxSeccomp; | 744 sandbox_flags |= ZygoteHost::kSandboxSeccomp; |
753 } | 745 } |
754 } | 746 } |
755 #endif // SECCOMP_SANDBOX | 747 #endif // SECCOMP_SANDBOX |
756 | 748 |
757 Zygote zygote(sandbox_flags); | 749 Zygote zygote(sandbox_flags); |
758 // This function call can return multiple times, once per fork(). | 750 // This function call can return multiple times, once per fork(). |
759 return zygote.ProcessRequests(); | 751 return zygote.ProcessRequests(); |
760 } | 752 } |
OLD | NEW |