OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ | 5 #ifndef CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ |
6 #define CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ | 6 #define CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ |
7 | 7 |
8 #include "base/process.h" | 8 #include "base/process.h" |
9 #include "build/build_config.h" | 9 #include "build/build_config.h" |
10 #include "content/common/content_export.h" | 10 #include "content/common/content_export.h" |
11 #include "ipc/ipc_platform_file.h" | 11 #include "ipc/ipc_platform_file.h" |
12 | 12 |
13 class CommandLine; | 13 class CommandLine; |
| 14 |
| 15 namespace base { |
14 class FilePath; | 16 class FilePath; |
| 17 } |
15 | 18 |
16 namespace sandbox { | 19 namespace sandbox { |
17 struct SandboxInterfaceInfo; | 20 struct SandboxInterfaceInfo; |
18 } | 21 } |
19 | 22 |
20 namespace content { | 23 namespace content { |
21 | 24 |
22 #if defined(OS_WIN) | 25 #if defined(OS_WIN) |
23 | 26 |
24 // Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plug-in | 27 // Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plug-in |
(...skipping 22 matching lines...) Expand all Loading... |
47 // BrokerDuplicateHandle() to send handles to a process managed by | 50 // BrokerDuplicateHandle() to send handles to a process managed by |
48 // another broker. For example, it allows the 32-bit renderer to send | 51 // another broker. For example, it allows the 32-bit renderer to send |
49 // handles to 64-bit NaCl processes. This returns true on success, | 52 // handles to 64-bit NaCl processes. This returns true on success, |
50 // false otherwise. | 53 // false otherwise. |
51 CONTENT_EXPORT bool BrokerAddTargetPeer(HANDLE peer_process); | 54 CONTENT_EXPORT bool BrokerAddTargetPeer(HANDLE peer_process); |
52 | 55 |
53 // Starts a sandboxed process with the given directory unsandboxed | 56 // Starts a sandboxed process with the given directory unsandboxed |
54 // and returns a handle to it. | 57 // and returns a handle to it. |
55 CONTENT_EXPORT base::ProcessHandle StartProcessWithAccess( | 58 CONTENT_EXPORT base::ProcessHandle StartProcessWithAccess( |
56 CommandLine* cmd_line, | 59 CommandLine* cmd_line, |
57 const FilePath& exposed_dir); | 60 const base::FilePath& exposed_dir); |
58 | 61 |
59 #elif defined(OS_MACOSX) | 62 #elif defined(OS_MACOSX) |
60 | 63 |
61 // Initialize the sandbox of the given |sandbox_type|, optionally specifying a | 64 // Initialize the sandbox of the given |sandbox_type|, optionally specifying a |
62 // directory to allow access to. Note specifying a directory needs to be | 65 // directory to allow access to. Note specifying a directory needs to be |
63 // supported by the sandbox profile associated with the given |sandbox_type|. | 66 // supported by the sandbox profile associated with the given |sandbox_type|. |
64 // Valid values for |sandbox_type| are defined either by the enum SandboxType, | 67 // Valid values for |sandbox_type| are defined either by the enum SandboxType, |
65 // or by ContentClient::GetSandboxProfileForSandboxType(). | 68 // or by ContentClient::GetSandboxProfileForSandboxType(). |
66 // | 69 // |
67 // If the |sandbox_type| isn't one of the ones defined by content then the | 70 // If the |sandbox_type| isn't one of the ones defined by content then the |
68 // embedder is queried using ContentClient::GetSandboxPolicyForSandboxType(). | 71 // embedder is queried using ContentClient::GetSandboxPolicyForSandboxType(). |
69 // The embedder can use values for |sandbox_type| starting from | 72 // The embedder can use values for |sandbox_type| starting from |
70 // sandbox::SANDBOX_PROCESS_TYPE_AFTER_LAST_TYPE. | 73 // sandbox::SANDBOX_PROCESS_TYPE_AFTER_LAST_TYPE. |
71 // | 74 // |
72 // Returns true if the sandbox was initialized succesfully, false if an error | 75 // Returns true if the sandbox was initialized succesfully, false if an error |
73 // occurred. If process_type isn't one that needs sandboxing, no action is | 76 // occurred. If process_type isn't one that needs sandboxing, no action is |
74 // taken and true is always returned. | 77 // taken and true is always returned. |
75 CONTENT_EXPORT bool InitializeSandbox(int sandbox_type, | 78 CONTENT_EXPORT bool InitializeSandbox(int sandbox_type, |
76 const FilePath& allowed_path); | 79 const base::FilePath& allowed_path); |
77 | 80 |
78 #elif defined(OS_LINUX) | 81 #elif defined(OS_LINUX) |
79 | 82 |
80 // Initialize the sandbox (currently seccomp-legacy or seccomp-bpf, the setuid | 83 // Initialize the sandbox (currently seccomp-legacy or seccomp-bpf, the setuid |
81 // sandbox works differently and is set-up in the Zygote). | 84 // sandbox works differently and is set-up in the Zygote). |
82 // The process sandbox type is determined at run time via the command line | 85 // The process sandbox type is determined at run time via the command line |
83 // switches. TODO(jln): switch to a model where the caller chooses a sandbox | 86 // switches. TODO(jln): switch to a model where the caller chooses a sandbox |
84 // type. | 87 // type. |
85 // This should be called before any additional thread has been created. | 88 // This should be called before any additional thread has been created. |
86 // | 89 // |
87 // Returns true if a sandbox has been initialized successfully, false | 90 // Returns true if a sandbox has been initialized successfully, false |
88 // otherwise. | 91 // otherwise. |
89 CONTENT_EXPORT bool InitializeSandbox(); | 92 CONTENT_EXPORT bool InitializeSandbox(); |
90 | 93 |
91 #endif | 94 #endif |
92 | 95 |
93 // Platform neutral wrapper for making an exact copy of a handle for use in | 96 // Platform neutral wrapper for making an exact copy of a handle for use in |
94 // the target process. On Windows this wraps BrokerDuplicateHandle() with the | 97 // the target process. On Windows this wraps BrokerDuplicateHandle() with the |
95 // DUPLICATE_SAME_ACCESS flag. On posix it behaves essentially the same as | 98 // DUPLICATE_SAME_ACCESS flag. On posix it behaves essentially the same as |
96 // IPC::GetFileHandleForProcess() | 99 // IPC::GetFileHandleForProcess() |
97 CONTENT_EXPORT IPC::PlatformFileForTransit BrokerGetFileHandleForProcess( | 100 CONTENT_EXPORT IPC::PlatformFileForTransit BrokerGetFileHandleForProcess( |
98 base::PlatformFile handle, | 101 base::PlatformFile handle, |
99 base::ProcessId target_process_id, | 102 base::ProcessId target_process_id, |
100 bool should_close_source); | 103 bool should_close_source); |
101 | 104 |
102 } // namespace content | 105 } // namespace content |
103 | 106 |
104 #endif // CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ | 107 #endif // CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ |
OLD | NEW |