OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
jeremy
2011/11/25 19:53:16
Did you remove these lines on purpose?
jochen (gone - plz use gerrit)
2011/11/25 20:30:16
Oops, good catch!
| |
3 // found in the LICENSE file. | 1 // found in the LICENSE file. |
4 | 2 |
5 #include "content/public/common/sandbox_init.h" | 3 #include "content/public/common/sandbox_init.h" |
6 | 4 |
7 #include "base/command_line.h" | 5 #include "base/command_line.h" |
8 #include "base/file_path.h" | 6 #include "base/file_path.h" |
9 #include "base/logging.h" | 7 #include "base/logging.h" |
10 #include "content/common/sandbox_mac.h" | 8 #include "content/common/sandbox_mac.h" |
11 #include "content/public/common/content_switches.h" | 9 #include "content/public/common/content_switches.h" |
12 | 10 |
13 namespace content { | 11 namespace content { |
14 | 12 |
15 bool InitializeSandbox() { | 13 bool InitializeSandbox(int sandbox_type, const FilePath& allowed_dir) { |
16 using sandbox::Sandbox; | 14 // Warm up APIs before turning on the sandbox. |
15 sandbox::Sandbox::SandboxWarmup(sandbox_type); | |
16 | |
17 // Actually sandbox the process. | |
18 return sandbox::Sandbox::EnableSandbox(sandbox_type, allowed_dir); | |
19 } | |
20 | |
21 // Fill in |sandbox_type| and |allowed_dir| based on the command line, returns | |
22 // false if the current process type doesn't need to be sandboxed or if the | |
23 // sandbox was disabled from the command line. | |
24 bool GetSandboxTypeFromCommandLine(int* sandbox_type, | |
25 FilePath* allowed_dir) { | |
26 DCHECK(sandbox_type); | |
27 DCHECK(allowed_dir); | |
28 | |
29 *sandbox_type = -1; | |
30 *allowed_dir = FilePath(); // Empty by default. | |
17 | 31 |
18 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); | 32 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); |
19 if (command_line.HasSwitch(switches::kNoSandbox)) | 33 if (command_line.HasSwitch(switches::kNoSandbox)) |
20 return true; | 34 return false; |
21 | |
22 Sandbox::SandboxProcessType sandbox_process_type; | |
23 FilePath allowed_dir; // Empty by default. | |
24 | 35 |
25 std::string process_type = | 36 std::string process_type = |
26 command_line.GetSwitchValueASCII(switches::kProcessType); | 37 command_line.GetSwitchValueASCII(switches::kProcessType); |
27 if (process_type.empty()) { | 38 if (process_type.empty()) { |
28 // Browser process isn't sandboxed. | 39 // Browser process isn't sandboxed. |
29 return true; | 40 return false; |
30 } else if (process_type == switches::kRendererProcess) { | 41 } else if (process_type == switches::kRendererProcess) { |
31 if (!command_line.HasSwitch(switches::kDisable3DAPIs) && | 42 if (!command_line.HasSwitch(switches::kDisable3DAPIs) && |
32 !command_line.HasSwitch(switches::kDisableExperimentalWebGL) && | 43 !command_line.HasSwitch(switches::kDisableExperimentalWebGL) && |
33 command_line.HasSwitch(switches::kInProcessWebGL)) { | 44 command_line.HasSwitch(switches::kInProcessWebGL)) { |
34 // TODO(kbr): this check seems to be necessary only on this | 45 // TODO(kbr): this check seems to be necessary only on this |
35 // platform because the sandbox is initialized later. Remove | 46 // platform because the sandbox is initialized later. Remove |
36 // this once this flag is removed. | 47 // this once this flag is removed. |
37 return true; | 48 return false; |
38 } else { | 49 } else { |
39 sandbox_process_type = Sandbox::SANDBOX_TYPE_RENDERER; | 50 *sandbox_type = SANDBOX_TYPE_RENDERER; |
40 } | 51 } |
41 } else if (process_type == switches::kUtilityProcess) { | 52 } else if (process_type == switches::kUtilityProcess) { |
42 // Utility process sandbox. | 53 // Utility process sandbox. |
43 sandbox_process_type = Sandbox::SANDBOX_TYPE_UTILITY; | 54 *sandbox_type = SANDBOX_TYPE_UTILITY; |
44 allowed_dir = | 55 *allowed_dir = |
45 command_line.GetSwitchValuePath(switches::kUtilityProcessAllowedDir); | 56 command_line.GetSwitchValuePath(switches::kUtilityProcessAllowedDir); |
46 } else if (process_type == switches::kWorkerProcess) { | 57 } else if (process_type == switches::kWorkerProcess) { |
47 // Worker process sandbox. | 58 // Worker process sandbox. |
48 sandbox_process_type = Sandbox::SANDBOX_TYPE_WORKER; | 59 *sandbox_type = SANDBOX_TYPE_WORKER; |
49 } else if (process_type == switches::kNaClLoaderProcess) { | |
50 // Native Client sel_ldr (user untrusted code) sandbox. | |
51 sandbox_process_type = Sandbox::SANDBOX_TYPE_NACL_LOADER; | |
52 } else if (process_type == switches::kGpuProcess) { | 60 } else if (process_type == switches::kGpuProcess) { |
53 sandbox_process_type = Sandbox::SANDBOX_TYPE_GPU; | 61 *sandbox_type = SANDBOX_TYPE_GPU; |
54 } else if ((process_type == switches::kPluginProcess) || | 62 } else if ((process_type == switches::kPluginProcess) || |
55 (process_type == switches::kServiceProcess) || | 63 (process_type == switches::kServiceProcess) || |
56 (process_type == switches::kPpapiBrokerProcess)) { | 64 (process_type == switches::kPpapiBrokerProcess)) { |
57 return true; | 65 return false; |
58 } else if (process_type == switches::kPpapiPluginProcess) { | 66 } else if (process_type == switches::kPpapiPluginProcess) { |
59 sandbox_process_type = Sandbox::SANDBOX_TYPE_PPAPI; | 67 *sandbox_type = SANDBOX_TYPE_PPAPI; |
60 } else { | 68 } else { |
61 // Failsafe: If you hit an unreached here, is your new process type in need | 69 // Failsafe: If you hit an unreached here, is your new process type in need |
62 // of sandboxing? | 70 // of sandboxing? |
63 NOTREACHED() << "Unknown process type " << process_type; | 71 NOTREACHED() << "Unknown process type " << process_type; |
72 return false; | |
73 } | |
74 return true; | |
75 } | |
76 | |
77 bool InitializeSandbox() { | |
78 int sandbox_type = 0; | |
79 FilePath allowed_dir; | |
80 if (!GetSandboxTypeFromCommandLine(&sandbox_type, &allowed_dir)) | |
64 return true; | 81 return true; |
65 } | 82 return InitializeSandbox(sandbox_type, allowed_dir); |
66 | |
67 // Warm up APIs before turning on the sandbox. | |
68 Sandbox::SandboxWarmup(sandbox_process_type); | |
69 | |
70 // Actually sandbox the process. | |
71 return Sandbox::EnableSandbox(sandbox_process_type, allowed_dir); | |
72 } | 83 } |
73 | 84 |
74 } // namespace content | 85 } // namespace content |
OLD | NEW |