Chromium Code Reviews Chromium Code Reviews
Issue 8566026:
Implement skia sandbox callback (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/renderer/renderer_main_platform_delegate.h" | 5 #include "content/renderer/renderer_main_platform_delegate.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "content/common/injection_test_dll.h" | 10 #include "content/common/injection_test_dll.h" |
| 11 #include "content/public/common/content_switches.h" | 11 #include "content/public/common/content_switches.h" |
| 12 #include "sandbox/src/sandbox.h" | 12 #include "sandbox/src/sandbox.h" |
| 13 #include "unicode/timezone.h" | 13 #include "unicode/timezone.h" |
| 14 | 14 |
| 15 #if defined (USE_SKIA) | |
|
vandebo (ex-Chrome)
2011/11/22 01:15:08
nit: defined(USE_SKIA)
arthurhsu
2011/11/22 18:10:47
Done.
| |
| 16 #include "content/public/renderer/render_thread.h" | |
| 17 #include "skia/ext/skia_sandbox_support_win.h" | |
| 18 #endif | |
| 19 | |
| 15 namespace { | 20 namespace { |
| 16 | 21 |
| 17 // In order to have Theme support, we need to connect to the theme service. | 22 // In order to have Theme support, we need to connect to the theme service. |
| 18 // This needs to be done before we lock down the renderer. Officially this | 23 // This needs to be done before we lock down the renderer. Officially this |
| 19 // can be done with OpenThemeData() but it fails unless you pass a valid | 24 // can be done with OpenThemeData() but it fails unless you pass a valid |
| 20 // window at least the first time. Interestingly, the very act of creating a | 25 // window at least the first time. Interestingly, the very act of creating a |
| 21 // window also sets the connection to the theme service. | 26 // window also sets the connection to the theme service. |
| 22 void EnableThemeSupportForRenderer(bool no_sandbox) { | 27 void EnableThemeSupportForRenderer(bool no_sandbox) { |
| 23 HWINSTA current = NULL; | 28 HWINSTA current = NULL; |
| 24 HWINSTA winsta0 = NULL; | 29 HWINSTA winsta0 = NULL; |
| (...skipping 27 matching lines...) Expand all Loading... | |
| 52 | 57 |
| 53 if (!::CloseWindowStation(winsta0)) { | 58 if (!::CloseWindowStation(winsta0)) { |
| 54 // We might be leaking a winsta0 handle. This is a security risk, but | 59 // We might be leaking a winsta0 handle. This is a security risk, but |
| 55 // since we allow fail over to no desktop protection in low memory | 60 // since we allow fail over to no desktop protection in low memory |
| 56 // condition, this is not a big risk. | 61 // condition, this is not a big risk. |
| 57 NOTREACHED(); | 62 NOTREACHED(); |
| 58 } | 63 } |
| 59 } | 64 } |
| 60 } | 65 } |
| 61 | 66 |
| 67 // Windows-only skia sandbox support | |
| 68 #if defined (USE_SKIA) | |
| 69 void skia_ensure_font_load(LOGFONT logfont) { | |
|
vandebo (ex-Chrome)
2011/11/22 01:15:08
nit: match one of the names, i.e. either skia_pre_
jam
2011/11/22 01:21:23
chrome style is CamelCase
arthurhsu
2011/11/22 18:10:47
Done.
arthurhsu
2011/11/22 18:10:47
Done.
| |
| 70 content::RenderThread* render_thread = content::RenderThread::Get(); | |
| 71 if (render_thread) { | |
| 72 render_thread->PreCacheFont(logfont); | |
| 73 } | |
| 74 } | |
| 75 #endif | |
| 76 | |
| 62 } // namespace | 77 } // namespace |
| 63 | 78 |
| 64 RendererMainPlatformDelegate::RendererMainPlatformDelegate( | 79 RendererMainPlatformDelegate::RendererMainPlatformDelegate( |
| 65 const content::MainFunctionParams& parameters) | 80 const content::MainFunctionParams& parameters) |
| 66 : parameters_(parameters), | 81 : parameters_(parameters), |
| 67 sandbox_test_module_(NULL) { | 82 sandbox_test_module_(NULL) { |
| 68 } | 83 } |
| 69 | 84 |
| 70 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { | 85 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { |
| 71 } | 86 } |
| 72 | 87 |
| 73 void RendererMainPlatformDelegate::PlatformInitialize() { | 88 void RendererMainPlatformDelegate::PlatformInitialize() { |
| 74 // Be mindful of what resources you acquire here. They can be used by | 89 // Be mindful of what resources you acquire here. They can be used by |
| 75 // malicious code if the renderer gets compromised. | 90 // malicious code if the renderer gets compromised. |
| 76 const CommandLine& command_line = parameters_.command_line; | 91 const CommandLine& command_line = parameters_.command_line; |
| 77 bool no_sandbox = command_line.HasSwitch(switches::kNoSandbox); | 92 bool no_sandbox = command_line.HasSwitch(switches::kNoSandbox); |
| 78 EnableThemeSupportForRenderer(no_sandbox); | 93 EnableThemeSupportForRenderer(no_sandbox); |
| 79 | 94 |
| 80 if (!no_sandbox) { | 95 if (!no_sandbox) { |
| 81 // ICU DateFormat class (used in base/time_format.cc) needs to get the | 96 // ICU DateFormat class (used in base/time_format.cc) needs to get the |
| 82 // Olson timezone ID by accessing the registry keys under | 97 // Olson timezone ID by accessing the registry keys under |
| 83 // HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones. | 98 // HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones. |
| 84 // After TimeZone::createDefault is called once here, the timezone ID is | 99 // After TimeZone::createDefault is called once here, the timezone ID is |
| 85 // cached and there's no more need to access the registry. If the sandbox | 100 // cached and there's no more need to access the registry. If the sandbox |
| 86 // is disabled, we don't have to make this dummy call. | 101 // is disabled, we don't have to make this dummy call. |
| 87 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); | 102 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); |
| 103 if (!g_skia_sandbox_support) { | |
| 104 g_skia_sandbox_support = skia_ensure_font_load; | |
|
jam
2011/11/22 01:21:23
this won't work in the component build. you'd need
arthurhsu
2011/11/22 18:10:47
Done.
| |
| 105 } | |
| 88 } | 106 } |
| 89 } | 107 } |
| 90 | 108 |
| 91 void RendererMainPlatformDelegate::PlatformUninitialize() { | 109 void RendererMainPlatformDelegate::PlatformUninitialize() { |
| 92 } | 110 } |
| 93 | 111 |
| 94 bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { | 112 bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { |
| 95 const CommandLine& command_line = parameters_.command_line; | 113 const CommandLine& command_line = parameters_.command_line; |
| 96 | 114 |
| 97 DVLOG(1) << "Started renderer with " << command_line.GetCommandLineString(); | 115 DVLOG(1) << "Started renderer with " << command_line.GetCommandLineString(); |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 138 kRenderTestCall)); | 156 kRenderTestCall)); |
| 139 DCHECK(run_security_tests); | 157 DCHECK(run_security_tests); |
| 140 if (run_security_tests) { | 158 if (run_security_tests) { |
| 141 int test_count = 0; | 159 int test_count = 0; |
| 142 DVLOG(1) << "Running renderer security tests"; | 160 DVLOG(1) << "Running renderer security tests"; |
| 143 BOOL result = run_security_tests(&test_count); | 161 BOOL result = run_security_tests(&test_count); |
| 144 CHECK(result) << "Test number " << test_count << " has failed."; | 162 CHECK(result) << "Test number " << test_count << " has failed."; |
| 145 } | 163 } |
| 146 } | 164 } |
| 147 } | 165 } |
| OLD | NEW |
