chrome/browser/nacl_host/nacl_process_host.cc - Issue 12805004: Remove mention of the nacl process in content.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/nacl_host/nacl_process_host.cc

Issue 12805004: Remove mention of the nacl process in content. (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/

Patch Set: Created 7 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/nacl_host/nacl_process_host.cc

===================================================================

--- chrome/browser/nacl_host/nacl_process_host.cc (revision 189099)

+++ chrome/browser/nacl_host/nacl_process_host.cc (working copy)

@@ -61,6 +61,7 @@

#include "chrome/browser/nacl_host/nacl_broker_service_win.h"

#include "chrome/common/nacl_debug_exception_handler_win.h"

#include "content/public/common/sandbox_init.h"

+#include "content/public/common/sandboxed_process_launcher_delegate.h"

#endif

using content::BrowserThread;

@@ -75,8 +76,37 @@

return (base::win::OSInfo::GetInstance()->wow64_status() ==

base::win::OSInfo::WOW64_ENABLED);

}

-#endif

+// NOTE: changes to this class need to be reviewed by the security team.

+class NaClSandboxedProcessLauncherDelegate

+ : public content::SandboxedProcessLauncherDelegate {

+ public:

+ NaClSandboxedProcessLauncherDelegate() {}

+ virtual ~NaClSandboxedProcessLauncherDelegate() {}

+ virtual void PostSpawnTarget(base::ProcessHandle process) {

+#if !defined(NACL_WIN64)

+ // For Native Client sel_ldr processes on 32-bit Windows, reserve 1 GB of

+ // address space to prevent later failure due to address space fragmentation

+ // from .dll loading. The NaCl process will attempt to locate this space by

+ // scanning the address space using VirtualQuery.

+ // TODO(bbudge) Handle the --no-sandbox case.

+ // http://code.google.com/p/nativeclient/issues/detail?id=2131

+ const SIZE_T kOneGigabyte = 1 << 30;

+ void* nacl_mem = VirtualAllocEx(process,

+ NULL,

+ kOneGigabyte,

+ MEM_RESERVE,

+ PAGE_NOACCESS);

+ if (!nacl_mem) {

+ DLOG(WARNING) << "Failed to reserve address space for Native Client";

+ }

+#endif // !defined(NACL_WIN64)

+ }

+};

+#endif // OS_WIN

void SetCloseOnExec(NaClHandle fd) {

#if defined(OS_POSIX)

int flags = fcntl(fd, F_GETFD);

@@ -572,7 +602,8 @@

return false;

}

} else {

- process_->Launch(base::FilePath(), cmd_line.release());

+ process_->Launch(new NaClSandboxedProcessLauncherDelegate,

+ cmd_line.release());

}

#elif defined(OS_POSIX)

process_->Launch(nacl_loader_prefix.empty(), // use_zygote

« no previous file with comments | « chrome/browser/nacl_host/nacl_broker_host_win.cc ('k') | chrome/chrome_exe.gypi » ('j') | no next file with comments »