| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| (...skipping 199 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 210 | 210 |
| 211 // Adds policy rules for unloaded the known dlls that cause chrome to crash. | 211 // Adds policy rules for unloaded the known dlls that cause chrome to crash. |
| 212 // Eviction of injected DLLs is done by the sandbox so that the injected module | 212 // Eviction of injected DLLs is done by the sandbox so that the injected module |
| 213 // does not get a chance to execute any code. | 213 // does not get a chance to execute any code. |
| 214 void AddGenericDllEvictionPolicy(sandbox::TargetPolicy* policy) { | 214 void AddGenericDllEvictionPolicy(sandbox::TargetPolicy* policy) { |
| 215 for (int ix = 0; ix != arraysize(kTroublesomeDlls); ++ix) | 215 for (int ix = 0; ix != arraysize(kTroublesomeDlls); ++ix) |
| 216 BlacklistAddOneDll(kTroublesomeDlls[ix], true, policy); | 216 BlacklistAddOneDll(kTroublesomeDlls[ix], true, policy); |
| 217 } | 217 } |
| 218 | 218 |
| 219 // Returns the object path prepended with the current logon session. | 219 // Returns the object path prepended with the current logon session. |
| 220 string16 PrependWindowsSessionPath(const char16* object) { | 220 base::string16 PrependWindowsSessionPath(const char16* object) { |
| 221 // Cache this because it can't change after process creation. | 221 // Cache this because it can't change after process creation. |
| 222 static uintptr_t s_session_id = 0; | 222 static uintptr_t s_session_id = 0; |
| 223 if (s_session_id == 0) { | 223 if (s_session_id == 0) { |
| 224 HANDLE token; | 224 HANDLE token; |
| 225 DWORD session_id_length; | 225 DWORD session_id_length; |
| 226 DWORD session_id = 0; | 226 DWORD session_id = 0; |
| 227 | 227 |
| 228 CHECK(::OpenProcessToken(::GetCurrentProcess(), TOKEN_QUERY, &token)); | 228 CHECK(::OpenProcessToken(::GetCurrentProcess(), TOKEN_QUERY, &token)); |
| 229 CHECK(::GetTokenInformation(token, TokenSessionId, &session_id, | 229 CHECK(::GetTokenInformation(token, TokenSessionId, &session_id, |
| 230 sizeof(session_id), &session_id_length)); | 230 sizeof(session_id), &session_id_length)); |
| (...skipping 276 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 507 if (ShouldSetJobLevel(cmd_line)) | 507 if (ShouldSetJobLevel(cmd_line)) |
| 508 policy->SetJobLevel(job_level, ui_exceptions); | 508 policy->SetJobLevel(job_level, ui_exceptions); |
| 509 else | 509 else |
| 510 policy->SetJobLevel(sandbox::JOB_NONE, 0); | 510 policy->SetJobLevel(sandbox::JOB_NONE, 0); |
| 511 } | 511 } |
| 512 | 512 |
| 513 // TODO(jschuh): Need get these restrictions applied to NaCl and Pepper. | 513 // TODO(jschuh): Need get these restrictions applied to NaCl and Pepper. |
| 514 // Just have to figure out what needs to be warmed up first. | 514 // Just have to figure out what needs to be warmed up first. |
| 515 void AddBaseHandleClosePolicy(sandbox::TargetPolicy* policy) { | 515 void AddBaseHandleClosePolicy(sandbox::TargetPolicy* policy) { |
| 516 // TODO(cpu): Add back the BaseNamedObjects policy. | 516 // TODO(cpu): Add back the BaseNamedObjects policy. |
| 517 string16 object_path = PrependWindowsSessionPath( | 517 base::string16 object_path = PrependWindowsSessionPath( |
| 518 L"\\BaseNamedObjects\\windows_shell_global_counters"); | 518 L"\\BaseNamedObjects\\windows_shell_global_counters"); |
| 519 policy->AddKernelObjectToClose(L"Section", object_path.data()); | 519 policy->AddKernelObjectToClose(L"Section", object_path.data()); |
| 520 } | 520 } |
| 521 | 521 |
| 522 bool InitBrokerServices(sandbox::BrokerServices* broker_services) { | 522 bool InitBrokerServices(sandbox::BrokerServices* broker_services) { |
| 523 // TODO(abarth): DCHECK(CalledOnValidThread()); | 523 // TODO(abarth): DCHECK(CalledOnValidThread()); |
| 524 // See <http://b/1287166>. | 524 // See <http://b/1287166>. |
| 525 DCHECK(broker_services); | 525 DCHECK(broker_services); |
| 526 DCHECK(!g_broker_services); | 526 DCHECK(!g_broker_services); |
| 527 sandbox::ResultCode result = broker_services->Init(); | 527 sandbox::ResultCode result = broker_services->Init(); |
| (...skipping 208 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 736 } | 736 } |
| 737 | 737 |
| 738 return false; | 738 return false; |
| 739 } | 739 } |
| 740 | 740 |
| 741 bool BrokerAddTargetPeer(HANDLE peer_process) { | 741 bool BrokerAddTargetPeer(HANDLE peer_process) { |
| 742 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 742 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
| 743 } | 743 } |
| 744 | 744 |
| 745 } // namespace content | 745 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 102593002:
Convert string16 to base::string16 in content. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src