OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/public/common/sandbox_init.h" | 5 #include "content/public/common/sandbox_init.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/file_path.h" | 8 #include "base/file_path.h" |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "content/common/sandbox_mac.h" | 10 #include "content/common/sandbox_mac.h" |
11 #include "content/public/common/content_switches.h" | 11 #include "content/public/common/content_switches.h" |
12 | 12 |
13 namespace content { | 13 namespace content { |
14 | 14 |
15 bool InitializeSandbox() { | 15 bool InitializeSandbox(int sandbox_type, const FilePath& allowed_dir) { |
16 using sandbox::Sandbox; | 16 // Warm up APIs before turning on the sandbox. |
| 17 sandbox::Sandbox::SandboxWarmup(sandbox_type); |
| 18 |
| 19 // Actually sandbox the process. |
| 20 return sandbox::Sandbox::EnableSandbox(sandbox_type, allowed_dir); |
| 21 } |
| 22 |
| 23 // Fill in |sandbox_type| and |allowed_dir| based on the command line, returns |
| 24 // false if the current process type doesn't need to be sandboxed or if the |
| 25 // sandbox was disabled from the command line. |
| 26 bool GetSandboxTypeFromCommandLine(int* sandbox_type, |
| 27 FilePath* allowed_dir) { |
| 28 DCHECK(sandbox_type); |
| 29 DCHECK(allowed_dir); |
| 30 |
| 31 *sandbox_type = -1; |
| 32 *allowed_dir = FilePath(); // Empty by default. |
17 | 33 |
18 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); | 34 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); |
19 if (command_line.HasSwitch(switches::kNoSandbox)) | 35 if (command_line.HasSwitch(switches::kNoSandbox)) |
20 return true; | 36 return false; |
21 | |
22 Sandbox::SandboxProcessType sandbox_process_type; | |
23 FilePath allowed_dir; // Empty by default. | |
24 | 37 |
25 std::string process_type = | 38 std::string process_type = |
26 command_line.GetSwitchValueASCII(switches::kProcessType); | 39 command_line.GetSwitchValueASCII(switches::kProcessType); |
27 if (process_type.empty()) { | 40 if (process_type.empty()) { |
28 // Browser process isn't sandboxed. | 41 // Browser process isn't sandboxed. |
29 return true; | 42 return false; |
30 } else if (process_type == switches::kRendererProcess) { | 43 } else if (process_type == switches::kRendererProcess) { |
31 if (!command_line.HasSwitch(switches::kDisable3DAPIs) && | 44 if (!command_line.HasSwitch(switches::kDisable3DAPIs) && |
32 !command_line.HasSwitch(switches::kDisableExperimentalWebGL) && | 45 !command_line.HasSwitch(switches::kDisableExperimentalWebGL) && |
33 command_line.HasSwitch(switches::kInProcessWebGL)) { | 46 command_line.HasSwitch(switches::kInProcessWebGL)) { |
34 // TODO(kbr): this check seems to be necessary only on this | 47 // TODO(kbr): this check seems to be necessary only on this |
35 // platform because the sandbox is initialized later. Remove | 48 // platform because the sandbox is initialized later. Remove |
36 // this once this flag is removed. | 49 // this once this flag is removed. |
37 return true; | 50 return false; |
38 } else { | 51 } else { |
39 sandbox_process_type = Sandbox::SANDBOX_TYPE_RENDERER; | 52 *sandbox_type = SANDBOX_TYPE_RENDERER; |
40 } | 53 } |
41 } else if (process_type == switches::kUtilityProcess) { | 54 } else if (process_type == switches::kUtilityProcess) { |
42 // Utility process sandbox. | 55 // Utility process sandbox. |
43 sandbox_process_type = Sandbox::SANDBOX_TYPE_UTILITY; | 56 *sandbox_type = SANDBOX_TYPE_UTILITY; |
44 allowed_dir = | 57 *allowed_dir = |
45 command_line.GetSwitchValuePath(switches::kUtilityProcessAllowedDir); | 58 command_line.GetSwitchValuePath(switches::kUtilityProcessAllowedDir); |
46 } else if (process_type == switches::kWorkerProcess) { | 59 } else if (process_type == switches::kWorkerProcess) { |
47 // Worker process sandbox. | 60 // Worker process sandbox. |
48 sandbox_process_type = Sandbox::SANDBOX_TYPE_WORKER; | 61 *sandbox_type = SANDBOX_TYPE_WORKER; |
49 } else if (process_type == switches::kNaClLoaderProcess) { | |
50 // Native Client sel_ldr (user untrusted code) sandbox. | |
51 sandbox_process_type = Sandbox::SANDBOX_TYPE_NACL_LOADER; | |
52 } else if (process_type == switches::kGpuProcess) { | 62 } else if (process_type == switches::kGpuProcess) { |
53 sandbox_process_type = Sandbox::SANDBOX_TYPE_GPU; | 63 *sandbox_type = SANDBOX_TYPE_GPU; |
54 } else if ((process_type == switches::kPluginProcess) || | 64 } else if ((process_type == switches::kPluginProcess) || |
55 (process_type == switches::kServiceProcess) || | 65 (process_type == switches::kServiceProcess) || |
56 (process_type == switches::kPpapiBrokerProcess)) { | 66 (process_type == switches::kPpapiBrokerProcess)) { |
57 return true; | 67 return false; |
58 } else if (process_type == switches::kPpapiPluginProcess) { | 68 } else if (process_type == switches::kPpapiPluginProcess) { |
59 sandbox_process_type = Sandbox::SANDBOX_TYPE_PPAPI; | 69 *sandbox_type = SANDBOX_TYPE_PPAPI; |
60 } else { | 70 } else { |
61 // Failsafe: If you hit an unreached here, is your new process type in need | 71 // Failsafe: If you hit an unreached here, is your new process type in need |
62 // of sandboxing? | 72 // of sandboxing? |
63 NOTREACHED() << "Unknown process type " << process_type; | 73 NOTREACHED() << "Unknown process type " << process_type; |
| 74 return false; |
| 75 } |
| 76 return true; |
| 77 } |
| 78 |
| 79 bool InitializeSandbox() { |
| 80 int sandbox_type = 0; |
| 81 FilePath allowed_dir; |
| 82 if (!GetSandboxTypeFromCommandLine(&sandbox_type, &allowed_dir)) |
64 return true; | 83 return true; |
65 } | 84 return InitializeSandbox(sandbox_type, allowed_dir); |
66 | |
67 // Warm up APIs before turning on the sandbox. | |
68 Sandbox::SandboxWarmup(sandbox_process_type); | |
69 | |
70 // Actually sandbox the process. | |
71 return Sandbox::EnableSandbox(sandbox_process_type, allowed_dir); | |
72 } | 85 } |
73 | 86 |
74 } // namespace content | 87 } // namespace content |
OLD | NEW |