Refactor the bootstrap sandbox process launching integration.

content/browser/child_process_launcher.cc

 // Copyright 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/child_process_launcher.h"
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/files/file_util.h"
 #include "base/i18n/icu_util.h"
@@ skipping 12 matching lines @@
 
 #if defined(OS_WIN)
 #include "base/files/file_path.h"
 #include "content/common/sandbox_win.h"
 #include "content/public/common/sandbox_init.h"
 #elif defined(OS_MACOSX)
 #include "content/browser/bootstrap_sandbox_mac.h"
 #include "content/browser/browser_io_surface_manager_mac.h"
 #include "content/browser/mach_broker_mac.h"
 #include "sandbox/mac/bootstrap_sandbox.h"
+#include "sandbox/mac/pre_exec_delegate.h"
 #elif defined(OS_ANDROID)
 #include "base/android/jni_android.h"
 #include "content/browser/android/child_process_launcher_android.h"
 #elif defined(OS_POSIX)
 #include "base/memory/shared_memory.h"
 #include "base/memory/singleton.h"
 #include "content/browser/renderer_host/render_sandbox_host_linux.h"
 #include "content/browser/zygote_host/zygote_host_impl_linux.h"
 #include "content/common/child_process_sandbox_support_impl_linux.h"
 #endif
@@ skipping 194 matching lines @@
     broker->GetLock().Acquire();
 
     // Make sure the MachBroker is running, and inform it to expect a
     // check-in from the new process.
     broker->EnsureRunning();
 
     // Make sure the IOSurfaceManager service is running.
     BrowserIOSurfaceManager::GetInstance()->EnsureRunning();
 
     const int bootstrap_sandbox_policy = delegate->GetSandboxType();
+    scoped_ptr<sandbox::PreExecDelegate> pre_exec_delegate;
     if (ShouldEnableBootstrapSandbox() &&
         bootstrap_sandbox_policy != SANDBOX_TYPE_INVALID) {
-      options.replacement_bootstrap_name =
-          GetBootstrapSandbox()->server_bootstrap_name();
-      GetBootstrapSandbox()->PrepareToForkWithPolicy(
-          bootstrap_sandbox_policy);
+      pre_exec_delegate =
+          GetBootstrapSandbox()->NewClient(bootstrap_sandbox_policy).Pass();
     }
+    options.pre_exec_delegate = pre_exec_delegate.get();
 #endif  // defined(OS_MACOSX)
 
     process = base::LaunchProcess(*cmd_line, options);
 
 #if defined(OS_MACOSX)
-    if (ShouldEnableBootstrapSandbox() &&
-        bootstrap_sandbox_policy != SANDBOX_TYPE_INVALID) {
-      GetBootstrapSandbox()->FinishedFork(process.Handle());
+    if (process.IsValid()) {
+      broker->AddPlaceholderForPid(process.Pid(), child_process_id);
+    } else {
+      if (pre_exec_delegate) {
+        GetBootstrapSandbox()->RevokeToken(
+            pre_exec_delegate->sandbox_token());
+      }
     }
 
-    if (process.IsValid())
-      broker->AddPlaceholderForPid(process.Pid(), child_process_id);
-
     // After updating the broker, release the lock and let the child's
     // messasge be processed on the broker's thread.
     broker->GetLock().Release();
 #endif  // defined(OS_MACOSX)
   }
 #endif  // else defined(OS_POSIX)
 #if !defined(OS_ANDROID)
   if (process.IsValid()) {
     RecordHistogramsOnLauncherThread(base::TimeTicks::Now() -
                                      begin_launch_time);
@@ skipping 268 matching lines @@
 }
 
 ChildProcessLauncher::Client* ChildProcessLauncher::ReplaceClientForTest(
     Client* client) {
   Client* ret = client_;
   client_ = client;
   return ret;
 }
 
 }  // namespace content