| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_mac.h" | 5 #include "content/common/sandbox_mac.h" |
| 6 | 6 |
| 7 #import <Cocoa/Cocoa.h> | 7 #import <Cocoa/Cocoa.h> |
| 8 | 8 |
| 9 extern "C" { | 9 extern "C" { |
| 10 #include <sandbox.h> | 10 #include <sandbox.h> |
| (...skipping 18 matching lines...) Expand all Loading... |
| 29 #include "base/sys_info.h" | 29 #include "base/sys_info.h" |
| 30 #include "base/sys_string_conversions.h" | 30 #include "base/sys_string_conversions.h" |
| 31 #include "base/utf_string_conversions.h" | 31 #include "base/utf_string_conversions.h" |
| 32 #include "content/public/common/content_client.h" | 32 #include "content/public/common/content_client.h" |
| 33 #include "content/public/common/content_switches.h" | 33 #include "content/public/common/content_switches.h" |
| 34 #include "grit/content_resources.h" | 34 #include "grit/content_resources.h" |
| 35 #include "ui/base/layout.h" | 35 #include "ui/base/layout.h" |
| 36 #include "ui/gl/gl_surface.h" | 36 #include "ui/gl/gl_surface.h" |
| 37 #include "unicode/uchar.h" | 37 #include "unicode/uchar.h" |
| 38 | 38 |
| 39 namespace content { |
| 39 namespace { | 40 namespace { |
| 40 | 41 |
| 41 struct SandboxTypeToResourceIDMapping { | 42 struct SandboxTypeToResourceIDMapping { |
| 42 content::SandboxType sandbox_type; | 43 SandboxType sandbox_type; |
| 43 int sandbox_profile_resource_id; | 44 int sandbox_profile_resource_id; |
| 44 }; | 45 }; |
| 45 | 46 |
| 46 // Mapping from sandbox process types to resource IDs containing the sandbox | 47 // Mapping from sandbox process types to resource IDs containing the sandbox |
| 47 // profile for all process types known to content. | 48 // profile for all process types known to content. |
| 48 SandboxTypeToResourceIDMapping kDefaultSandboxTypeToResourceIDMapping[] = { | 49 SandboxTypeToResourceIDMapping kDefaultSandboxTypeToResourceIDMapping[] = { |
| 49 { content::SANDBOX_TYPE_RENDERER, IDR_RENDERER_SANDBOX_PROFILE }, | 50 { SANDBOX_TYPE_RENDERER, IDR_RENDERER_SANDBOX_PROFILE }, |
| 50 { content::SANDBOX_TYPE_WORKER, IDR_WORKER_SANDBOX_PROFILE }, | 51 { SANDBOX_TYPE_WORKER, IDR_WORKER_SANDBOX_PROFILE }, |
| 51 { content::SANDBOX_TYPE_UTILITY, IDR_UTILITY_SANDBOX_PROFILE }, | 52 { SANDBOX_TYPE_UTILITY, IDR_UTILITY_SANDBOX_PROFILE }, |
| 52 { content::SANDBOX_TYPE_GPU, IDR_GPU_SANDBOX_PROFILE }, | 53 { SANDBOX_TYPE_GPU, IDR_GPU_SANDBOX_PROFILE }, |
| 53 { content::SANDBOX_TYPE_PPAPI, IDR_PPAPI_SANDBOX_PROFILE }, | 54 { SANDBOX_TYPE_PPAPI, IDR_PPAPI_SANDBOX_PROFILE }, |
| 54 }; | 55 }; |
| 55 | 56 |
| 56 COMPILE_ASSERT(arraysize(kDefaultSandboxTypeToResourceIDMapping) == \ | 57 COMPILE_ASSERT(arraysize(kDefaultSandboxTypeToResourceIDMapping) == \ |
| 57 size_t(content::SANDBOX_TYPE_AFTER_LAST_TYPE), \ | 58 size_t(SANDBOX_TYPE_AFTER_LAST_TYPE), \ |
| 58 sandbox_type_to_resource_id_mapping_incorrect); | 59 sandbox_type_to_resource_id_mapping_incorrect); |
| 59 | 60 |
| 60 // Try to escape |c| as a "SingleEscapeCharacter" (\n, etc). If successful, | 61 // Try to escape |c| as a "SingleEscapeCharacter" (\n, etc). If successful, |
| 61 // returns true and appends the escape sequence to |dst|. | 62 // returns true and appends the escape sequence to |dst|. |
| 62 bool EscapeSingleChar(char c, std::string* dst) { | 63 bool EscapeSingleChar(char c, std::string* dst) { |
| 63 const char *append = NULL; | 64 const char *append = NULL; |
| 64 switch (c) { | 65 switch (c) { |
| 65 case '\b': | 66 case '\b': |
| 66 append = "\\b"; | 67 append = "\\b"; |
| 67 break; | 68 break; |
| (...skipping 29 matching lines...) Expand all Loading... |
| 97 // in a central place. | 98 // in a central place. |
| 98 NOINLINE void FatalStringQuoteException(const std::string& str) { | 99 NOINLINE void FatalStringQuoteException(const std::string& str) { |
| 99 // Copy bad string to the stack so it's recorded in the crash dump. | 100 // Copy bad string to the stack so it's recorded in the crash dump. |
| 100 char bad_string[256] = {0}; | 101 char bad_string[256] = {0}; |
| 101 base::strlcpy(bad_string, str.c_str(), arraysize(bad_string)); | 102 base::strlcpy(bad_string, str.c_str(), arraysize(bad_string)); |
| 102 DLOG(FATAL) << "String quoting failed " << bad_string; | 103 DLOG(FATAL) << "String quoting failed " << bad_string; |
| 103 } | 104 } |
| 104 | 105 |
| 105 } // namespace | 106 } // namespace |
| 106 | 107 |
| 107 namespace sandbox { | |
| 108 | |
| 109 // static | 108 // static |
| 110 NSString* Sandbox::AllowMetadataForPath(const FilePath& allowed_path) { | 109 NSString* Sandbox::AllowMetadataForPath(const FilePath& allowed_path) { |
| 111 // Collect a list of all parent directories. | 110 // Collect a list of all parent directories. |
| 112 FilePath last_path = allowed_path; | 111 FilePath last_path = allowed_path; |
| 113 std::vector<FilePath> subpaths; | 112 std::vector<FilePath> subpaths; |
| 114 for (FilePath path = allowed_path; | 113 for (FilePath path = allowed_path; |
| 115 path.value() != last_path.value(); | 114 path.value() != last_path.value(); |
| 116 path = path.DirName()) { | 115 path = path.DirName()) { |
| 117 subpaths.push_back(path); | 116 subpaths.push_back(path); |
| 118 last_path = path; | 117 last_path = path; |
| (...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 296 NULL)); | 295 NULL)); |
| 297 CGImageSourceGetStatus(img); | 296 CGImageSourceGetStatus(img); |
| 298 } | 297 } |
| 299 | 298 |
| 300 { | 299 { |
| 301 // Allow access to /dev/urandom. | 300 // Allow access to /dev/urandom. |
| 302 base::GetUrandomFD(); | 301 base::GetUrandomFD(); |
| 303 } | 302 } |
| 304 | 303 |
| 305 // Process-type dependent warm-up. | 304 // Process-type dependent warm-up. |
| 306 if (sandbox_type == content::SANDBOX_TYPE_GPU) { | 305 if (sandbox_type == SANDBOX_TYPE_GPU) { |
| 307 // Preload either the desktop GL or the osmesa so, depending on the | 306 // Preload either the desktop GL or the osmesa so, depending on the |
| 308 // --use-gl flag. | 307 // --use-gl flag. |
| 309 gfx::GLSurface::InitializeOneOff(); | 308 gfx::GLSurface::InitializeOneOff(); |
| 310 } | 309 } |
| 311 } | 310 } |
| 312 | 311 |
| 313 // static | 312 // static |
| 314 NSString* Sandbox::BuildAllowDirectoryAccessSandboxString( | 313 NSString* Sandbox::BuildAllowDirectoryAccessSandboxString( |
| 315 const FilePath& allowed_dir, | 314 const FilePath& allowed_dir, |
| 316 SandboxVariableSubstitions* substitutions) { | 315 SandboxVariableSubstitions* substitutions) { |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 359 if (kDefaultSandboxTypeToResourceIDMapping[i].sandbox_type == | 358 if (kDefaultSandboxTypeToResourceIDMapping[i].sandbox_type == |
| 360 sandbox_type) { | 359 sandbox_type) { |
| 361 sandbox_profile_resource_id = | 360 sandbox_profile_resource_id = |
| 362 kDefaultSandboxTypeToResourceIDMapping[i].sandbox_profile_resource_id; | 361 kDefaultSandboxTypeToResourceIDMapping[i].sandbox_profile_resource_id; |
| 363 break; | 362 break; |
| 364 } | 363 } |
| 365 } | 364 } |
| 366 if (sandbox_profile_resource_id == -1) { | 365 if (sandbox_profile_resource_id == -1) { |
| 367 // Check if the embedder knows about this sandbox process type. | 366 // Check if the embedder knows about this sandbox process type. |
| 368 bool sandbox_type_found = | 367 bool sandbox_type_found = |
| 369 content::GetContentClient()->GetSandboxProfileForSandboxType( | 368 GetContentClient()->GetSandboxProfileForSandboxType( |
| 370 sandbox_type, &sandbox_profile_resource_id); | 369 sandbox_type, &sandbox_profile_resource_id); |
| 371 CHECK(sandbox_type_found) << "Unknown sandbox type " << sandbox_type; | 370 CHECK(sandbox_type_found) << "Unknown sandbox type " << sandbox_type; |
| 372 } | 371 } |
| 373 | 372 |
| 374 base::StringPiece sandbox_definition = | 373 base::StringPiece sandbox_definition = |
| 375 content::GetContentClient()->GetDataResource( | 374 GetContentClient()->GetDataResource( |
| 376 sandbox_profile_resource_id, ui::SCALE_FACTOR_NONE); | 375 sandbox_profile_resource_id, ui::SCALE_FACTOR_NONE); |
| 377 if (sandbox_definition.empty()) { | 376 if (sandbox_definition.empty()) { |
| 378 LOG(FATAL) << "Failed to load the sandbox profile (resource id " | 377 LOG(FATAL) << "Failed to load the sandbox profile (resource id " |
| 379 << sandbox_profile_resource_id << ")"; | 378 << sandbox_profile_resource_id << ")"; |
| 380 return nil; | 379 return nil; |
| 381 } | 380 } |
| 382 | 381 |
| 383 base::StringPiece common_sandbox_definition = | 382 base::StringPiece common_sandbox_definition = |
| 384 content::GetContentClient()->GetDataResource( | 383 GetContentClient()->GetDataResource( |
| 385 IDR_COMMON_SANDBOX_PROFILE, ui::SCALE_FACTOR_NONE); | 384 IDR_COMMON_SANDBOX_PROFILE, ui::SCALE_FACTOR_NONE); |
| 386 if (common_sandbox_definition.empty()) { | 385 if (common_sandbox_definition.empty()) { |
| 387 LOG(FATAL) << "Failed to load the common sandbox profile"; | 386 LOG(FATAL) << "Failed to load the common sandbox profile"; |
| 388 return nil; | 387 return nil; |
| 389 } | 388 } |
| 390 | 389 |
| 391 scoped_nsobject<NSString> common_sandbox_prefix_data( | 390 scoped_nsobject<NSString> common_sandbox_prefix_data( |
| 392 [[NSString alloc] initWithBytes:common_sandbox_definition.data() | 391 [[NSString alloc] initWithBytes:common_sandbox_definition.data() |
| 393 length:common_sandbox_definition.length() | 392 length:common_sandbox_definition.length() |
| 394 encoding:NSUTF8StringEncoding]); | 393 encoding:NSUTF8StringEncoding]); |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 471 } | 470 } |
| 472 | 471 |
| 473 | 472 |
| 474 // Turns on the OS X sandbox for this process. | 473 // Turns on the OS X sandbox for this process. |
| 475 | 474 |
| 476 // static | 475 // static |
| 477 bool Sandbox::EnableSandbox(int sandbox_type, | 476 bool Sandbox::EnableSandbox(int sandbox_type, |
| 478 const FilePath& allowed_dir) { | 477 const FilePath& allowed_dir) { |
| 479 // Sanity - currently only SANDBOX_TYPE_UTILITY supports a directory being | 478 // Sanity - currently only SANDBOX_TYPE_UTILITY supports a directory being |
| 480 // passed in. | 479 // passed in. |
| 481 if (sandbox_type < content::SANDBOX_TYPE_AFTER_LAST_TYPE && | 480 if (sandbox_type < SANDBOX_TYPE_AFTER_LAST_TYPE && |
| 482 sandbox_type != content::SANDBOX_TYPE_UTILITY) { | 481 sandbox_type != SANDBOX_TYPE_UTILITY) { |
| 483 DCHECK(allowed_dir.empty()) | 482 DCHECK(allowed_dir.empty()) |
| 484 << "Only SANDBOX_TYPE_UTILITY allows a custom directory parameter."; | 483 << "Only SANDBOX_TYPE_UTILITY allows a custom directory parameter."; |
| 485 } | 484 } |
| 486 | 485 |
| 487 NSString* sandbox_data = LoadSandboxTemplate(sandbox_type); | 486 NSString* sandbox_data = LoadSandboxTemplate(sandbox_type); |
| 488 if (!sandbox_data) { | 487 if (!sandbox_data) { |
| 489 return false; | 488 return false; |
| 490 } | 489 } |
| 491 | 490 |
| 492 SandboxVariableSubstitions substitutions; | 491 SandboxVariableSubstitions substitutions; |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 589 FilePath::CharType canonical_path[MAXPATHLEN]; | 588 FilePath::CharType canonical_path[MAXPATHLEN]; |
| 590 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { | 589 if (HANDLE_EINTR(fcntl(fd, F_GETPATH, canonical_path)) != 0) { |
| 591 DPLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " | 590 DPLOG(FATAL) << "GetCanonicalSandboxPath() failed for: " |
| 592 << path.value(); | 591 << path.value(); |
| 593 return path; | 592 return path; |
| 594 } | 593 } |
| 595 | 594 |
| 596 return FilePath(canonical_path); | 595 return FilePath(canonical_path); |
| 597 } | 596 } |
| 598 | 597 |
| 599 } // namespace sandbox | 598 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11228040:
Move sandbox code in content to content namespace. (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/