Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(312)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/child_process_launcher.cc

Issue 1346923006: Refactor the bootstrap sandbox process launching integration. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: RevokeToken Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/bootstrap_sandbox_mac.cc ('k') | sandbox/mac/BUILD.gn » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/child_process_launcher.cc
diff --git a/content/browser/child_process_launcher.cc b/content/browser/child_process_launcher.cc
index 262e6a8ac90ea0c0e6b4097dd90b0f32382257b6..2a29e8d2e5ef762d3966955491b5afc8c429e5ac 100644
--- a/content/browser/child_process_launcher.cc
+++ b/content/browser/child_process_launcher.cc
@@ -30,6 +30,7 @@
#include "content/browser/browser_io_surface_manager_mac.h"
#include "content/browser/mach_broker_mac.h"
#include "sandbox/mac/bootstrap_sandbox.h"
+#include "sandbox/mac/pre_exec_delegate.h"
#elif defined(OS_ANDROID)
#include "base/android/jni_android.h"
#include "content/browser/android/child_process_launcher_android.h"
@@ -244,25 +245,26 @@ void LaunchOnLauncherThread(const NotifyCallback& callback,
BrowserIOSurfaceManager::GetInstance()->EnsureRunning();
const int bootstrap_sandbox_policy = delegate->GetSandboxType();
+ scoped_ptr<sandbox::PreExecDelegate> pre_exec_delegate;
if (ShouldEnableBootstrapSandbox() &&
bootstrap_sandbox_policy != SANDBOX_TYPE_INVALID) {
- options.replacement_bootstrap_name =
- GetBootstrapSandbox()->server_bootstrap_name();
- GetBootstrapSandbox()->PrepareToForkWithPolicy(
- bootstrap_sandbox_policy);
+ pre_exec_delegate =
+ GetBootstrapSandbox()->NewClient(bootstrap_sandbox_policy).Pass();
}
+ options.pre_exec_delegate = pre_exec_delegate.get();
#endif // defined(OS_MACOSX)
process = base::LaunchProcess(*cmd_line, options);
#if defined(OS_MACOSX)
- if (ShouldEnableBootstrapSandbox() &&
- bootstrap_sandbox_policy != SANDBOX_TYPE_INVALID) {
- GetBootstrapSandbox()->FinishedFork(process.Handle());
- }
-
- if (process.IsValid())
+ if (process.IsValid()) {
broker->AddPlaceholderForPid(process.Pid(), child_process_id);
+ } else {
+ if (pre_exec_delegate) {
+ GetBootstrapSandbox()->RevokeToken(
+ pre_exec_delegate->sandbox_token());
+ }
+ }
// After updating the broker, release the lock and let the child's
// messasge be processed on the broker's thread.
« no previous file with comments | « content/browser/bootstrap_sandbox_mac.cc ('k') | sandbox/mac/BUILD.gn » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698