content/common/sandbox_linux/bpf_gpu_policy_linux.cc - Issue 1073653003: [Ozone] VAAPI wrapper should open its own render node.

Side by Side Diff: content/common/sandbox_linux/bpf_gpu_policy_linux.cc

Issue 1073653003: [Ozone] VAAPI wrapper should open its own render node. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h"	5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h"

6	6

7 #include <dlfcn.h>	7 #include <dlfcn.h>

8 #include <errno.h>	8 #include <errno.h>

9 #include <fcntl.h>	9 #include <fcntl.h>

10 #include <sys/socket.h>	10 #include <sys/socket.h>

(...skipping 303 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
314 }	314 }

315	315

316 return true;	316 return true;

317 }	317 }

318	318

319 void GpuProcessPolicy::InitGpuBrokerProcess(	319 void GpuProcessPolicy::InitGpuBrokerProcess(

320 sandbox::bpf_dsl::Policy* (*broker_sandboxer_allocator)(void),	320 sandbox::bpf_dsl::Policy* (*broker_sandboxer_allocator)(void),

321 const std::vector<BrokerFilePermission>& permissions_extra) {	321 const std::vector<BrokerFilePermission>& permissions_extra) {

322 static const char kDriRcPath[] = "/etc/drirc";	322 static const char kDriRcPath[] = "/etc/drirc";

323 static const char kDriCard0Path[] = "/dev/dri/card0";	323 static const char kDriCard0Path[] = "/dev/dri/card0";

	324 static const char kDriRenderNode0Path[] = "/dev/dri/renderD128";

324 static const char kDevShm[] = "/dev/shm/";	325 static const char kDevShm[] = "/dev/shm/";

325	326

326 CHECK(broker_process_ == NULL);	327 CHECK(broker_process_ == NULL);

327	328

328 // All GPU process policies need these files brokered out.	329 // All GPU process policies need these files brokered out.

329 std::vector<BrokerFilePermission> permissions;	330 std::vector<BrokerFilePermission> permissions;

330 permissions.push_back(BrokerFilePermission::ReadWrite(kDriCard0Path));	331 permissions.push_back(BrokerFilePermission::ReadWrite(kDriCard0Path));

	332 permissions.push_back(BrokerFilePermission::ReadWrite(kDriRenderNode0Path));

331 permissions.push_back(BrokerFilePermission::ReadOnly(kDriRcPath));	333 permissions.push_back(BrokerFilePermission::ReadOnly(kDriRcPath));

332 if (!IsChromeOS()) {	334 if (!IsChromeOS()) {

333 permissions.push_back(	335 permissions.push_back(

334 BrokerFilePermission::ReadWriteCreateUnlinkRecursive(kDevShm));	336 BrokerFilePermission::ReadWriteCreateUnlinkRecursive(kDevShm));

335 } else if (IsArchitectureArm() \|\| IsOzone()){	337 } else if (IsArchitectureArm() \|\| IsOzone()){

336 AddV4L2GpuWhitelist(&permissions);	338 AddV4L2GpuWhitelist(&permissions);

337 if (UseLibV4L2()) {	339 if (UseLibV4L2()) {

338 dlopen("/usr/lib/libv4l2.so", RTLD_NOW\|RTLD_GLOBAL\|RTLD_NODELETE);	340 dlopen("/usr/lib/libv4l2.so", RTLD_NOW\|RTLD_GLOBAL\|RTLD_NODELETE);

339 // This is a device-specific encoder plugin.	341 // This is a device-specific encoder plugin.

340 dlopen("/usr/lib/libv4l/plugins/libv4l-encplugin.so",	342 dlopen("/usr/lib/libv4l/plugins/libv4l-encplugin.so",

341 RTLD_NOW\|RTLD_GLOBAL\|RTLD_NODELETE);	343 RTLD_NOW\|RTLD_GLOBAL\|RTLD_NODELETE);

342 }	344 }

343 }	345 }

344	346

345 // Add eventual extra files from permissions_extra.	347 // Add eventual extra files from permissions_extra.

346 for (const auto& perm : permissions_extra) {	348 for (const auto& perm : permissions_extra) {

347 permissions.push_back(perm);	349 permissions.push_back(perm);

348 }	350 }

349	351

350 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), permissions);	352 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), permissions);

351 // The initialization callback will perform generic initialization and then	353 // The initialization callback will perform generic initialization and then

352 // call broker_sandboxer_callback.	354 // call broker_sandboxer_callback.

353 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox,	355 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox,

354 broker_sandboxer_allocator)));	356 broker_sandboxer_allocator)));

355 }	357 }

356	358

357 } // namespace content	359 } // namespace content

OLD	NEW

« content/common/gpu/media/vaapi_wrapper.cc ('K') | « content/common/gpu/media/vaapi_wrapper.cc ('k') | no next file » | no next file with comments »