Chromium Code Reviews Chromium Code Reviews
Issue 8566026:
Implement skia sandbox callback (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/renderer/renderer_main_platform_delegate.h" | 5 #include "content/renderer/renderer_main_platform_delegate.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "content/common/injection_test_dll.h" | 10 #include "content/common/injection_test_dll.h" |
| 11 #include "content/public/common/content_switches.h" | 11 #include "content/public/common/content_switches.h" |
| 12 #include "sandbox/src/sandbox.h" | 12 #include "sandbox/src/sandbox.h" |
| 13 #include "unicode/timezone.h" | 13 #include "unicode/timezone.h" |
| 14 | 14 |
| 15 #if defined(USE_SKIA) | |
|
vandebo (ex-Chrome)
2011/11/22 18:23:41
Windows always uses Skia, you don't need this guar
arthurhsu
2011/11/22 20:39:14
Done.
| |
| 16 #include "content/public/renderer/render_thread.h" | |
| 17 #include "third_party/skia/include/core/SkPreConfig.h" | |
|
vandebo (ex-Chrome)
2011/11/22 18:23:41
Why is SkPreConfig.h included here? For SK_API?
arthurhsu
2011/11/22 20:39:14
Done.
| |
| 18 #include "skia/ext/skia_sandbox_support_win.h" | |
| 19 #endif | |
| 20 | |
| 15 namespace { | 21 namespace { |
| 16 | 22 |
| 17 // In order to have Theme support, we need to connect to the theme service. | 23 // In order to have Theme support, we need to connect to the theme service. |
| 18 // This needs to be done before we lock down the renderer. Officially this | 24 // This needs to be done before we lock down the renderer. Officially this |
| 19 // can be done with OpenThemeData() but it fails unless you pass a valid | 25 // can be done with OpenThemeData() but it fails unless you pass a valid |
| 20 // window at least the first time. Interestingly, the very act of creating a | 26 // window at least the first time. Interestingly, the very act of creating a |
| 21 // window also sets the connection to the theme service. | 27 // window also sets the connection to the theme service. |
| 22 void EnableThemeSupportForRenderer(bool no_sandbox) { | 28 void EnableThemeSupportForRenderer(bool no_sandbox) { |
| 23 HWINSTA current = NULL; | 29 HWINSTA current = NULL; |
| 24 HWINSTA winsta0 = NULL; | 30 HWINSTA winsta0 = NULL; |
| (...skipping 27 matching lines...) Expand all Loading... | |
| 52 | 58 |
| 53 if (!::CloseWindowStation(winsta0)) { | 59 if (!::CloseWindowStation(winsta0)) { |
| 54 // We might be leaking a winsta0 handle. This is a security risk, but | 60 // We might be leaking a winsta0 handle. This is a security risk, but |
| 55 // since we allow fail over to no desktop protection in low memory | 61 // since we allow fail over to no desktop protection in low memory |
| 56 // condition, this is not a big risk. | 62 // condition, this is not a big risk. |
| 57 NOTREACHED(); | 63 NOTREACHED(); |
| 58 } | 64 } |
| 59 } | 65 } |
| 60 } | 66 } |
| 61 | 67 |
| 68 // Windows-only skia sandbox support | |
| 69 #if defined(USE_SKIA) | |
|
vandebo (ex-Chrome)
2011/11/22 18:23:41
No guard here either.
arthurhsu
2011/11/22 20:39:14
Done.
| |
| 70 void SkiaPreCacheFont(LOGFONT logfont) { | |
| 71 content::RenderThread* render_thread = content::RenderThread::Get(); | |
| 72 if (render_thread) { | |
| 73 render_thread->PreCacheFont(logfont); | |
| 74 } | |
| 75 } | |
| 76 #endif | |
| 77 | |
| 62 } // namespace | 78 } // namespace |
| 63 | 79 |
| 64 RendererMainPlatformDelegate::RendererMainPlatformDelegate( | 80 RendererMainPlatformDelegate::RendererMainPlatformDelegate( |
| 65 const content::MainFunctionParams& parameters) | 81 const content::MainFunctionParams& parameters) |
| 66 : parameters_(parameters), | 82 : parameters_(parameters), |
| 67 sandbox_test_module_(NULL) { | 83 sandbox_test_module_(NULL) { |
| 68 } | 84 } |
| 69 | 85 |
| 70 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { | 86 RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { |
| 71 } | 87 } |
| 72 | 88 |
| 73 void RendererMainPlatformDelegate::PlatformInitialize() { | 89 void RendererMainPlatformDelegate::PlatformInitialize() { |
| 74 // Be mindful of what resources you acquire here. They can be used by | 90 // Be mindful of what resources you acquire here. They can be used by |
| 75 // malicious code if the renderer gets compromised. | 91 // malicious code if the renderer gets compromised. |
| 76 const CommandLine& command_line = parameters_.command_line; | 92 const CommandLine& command_line = parameters_.command_line; |
| 77 bool no_sandbox = command_line.HasSwitch(switches::kNoSandbox); | 93 bool no_sandbox = command_line.HasSwitch(switches::kNoSandbox); |
| 78 EnableThemeSupportForRenderer(no_sandbox); | 94 EnableThemeSupportForRenderer(no_sandbox); |
| 79 | 95 |
| 80 if (!no_sandbox) { | 96 if (!no_sandbox) { |
| 81 // ICU DateFormat class (used in base/time_format.cc) needs to get the | 97 // ICU DateFormat class (used in base/time_format.cc) needs to get the |
| 82 // Olson timezone ID by accessing the registry keys under | 98 // Olson timezone ID by accessing the registry keys under |
| 83 // HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones. | 99 // HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones. |
| 84 // After TimeZone::createDefault is called once here, the timezone ID is | 100 // After TimeZone::createDefault is called once here, the timezone ID is |
| 85 // cached and there's no more need to access the registry. If the sandbox | 101 // cached and there's no more need to access the registry. If the sandbox |
| 86 // is disabled, we don't have to make this dummy call. | 102 // is disabled, we don't have to make this dummy call. |
| 87 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); | 103 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); |
| 104 SetSkiaEnsureTypefaceAccessible(SkiaPreCacheFont); | |
| 88 } | 105 } |
| 89 } | 106 } |
| 90 | 107 |
| 91 void RendererMainPlatformDelegate::PlatformUninitialize() { | 108 void RendererMainPlatformDelegate::PlatformUninitialize() { |
| 92 } | 109 } |
| 93 | 110 |
| 94 bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { | 111 bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { |
| 95 const CommandLine& command_line = parameters_.command_line; | 112 const CommandLine& command_line = parameters_.command_line; |
| 96 | 113 |
| 97 DVLOG(1) << "Started renderer with " << command_line.GetCommandLineString(); | 114 DVLOG(1) << "Started renderer with " << command_line.GetCommandLineString(); |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 138 kRenderTestCall)); | 155 kRenderTestCall)); |
| 139 DCHECK(run_security_tests); | 156 DCHECK(run_security_tests); |
| 140 if (run_security_tests) { | 157 if (run_security_tests) { |
| 141 int test_count = 0; | 158 int test_count = 0; |
| 142 DVLOG(1) << "Running renderer security tests"; | 159 DVLOG(1) << "Running renderer security tests"; |
| 143 BOOL result = run_security_tests(&test_count); | 160 BOOL result = run_security_tests(&test_count); |
| 144 CHECK(result) << "Test number " << test_count << " has failed."; | 161 CHECK(result) << "Test number " << test_count << " has failed."; |
| 145 } | 162 } |
| 146 } | 163 } |
| 147 } | 164 } |
| OLD | NEW |
