Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(384)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chrome_content_browser_client.cc

Issue 1415483008: Get rid of SandboxedProcessLauncherDelegate::PreSandbox. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Remove curly braces Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/chrome_content_browser_client.h ('k') | chrome/service/service_utility_process_host.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chrome_content_browser_client.h" 5 #include "chrome/browser/chrome_content_browser_client.h"
6 6
7 #include <map> 7 #include <map>
8 #include <set> 8 #include <set>
9 #include <utility> 9 #include <utility>
10 #include <vector> 10 #include <vector>
(...skipping 2540 matching lines...) Expand 10 before | Expand all | Expand 10 after
2551 case PROCESS_TYPE_NACL_BROKER: 2551 case PROCESS_TYPE_NACL_BROKER:
2552 return base::string16(); 2552 return base::string16();
2553 #endif 2553 #endif
2554 } 2554 }
2555 2555
2556 // Should never reach here. 2556 // Should never reach here.
2557 CHECK(0); 2557 CHECK(0);
2558 return base::string16(); 2558 return base::string16();
2559 } 2559 }
2560 2560
2561 void ChromeContentBrowserClient::PreSpawnRenderer( 2561 bool ChromeContentBrowserClient::PreSpawnRenderer(
2562 sandbox::TargetPolicy* policy, 2562 sandbox::TargetPolicy* policy) {
2563 bool* success) {
2564 // This code is duplicated in nacl_exe_win_64.cc. 2563 // This code is duplicated in nacl_exe_win_64.cc.
2565 // Allow the server side of a pipe restricted to the "chrome.nacl." 2564 // Allow the server side of a pipe restricted to the "chrome.nacl."
2566 // namespace so that it cannot impersonate other system or other chrome 2565 // namespace so that it cannot impersonate other system or other chrome
2567 // service pipes. 2566 // service pipes.
2568 sandbox::ResultCode result = policy->AddRule( 2567 sandbox::ResultCode result = policy->AddRule(
2569 sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, 2568 sandbox::TargetPolicy::SUBSYS_NAMED_PIPES,
2570 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, 2569 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY,
2571 L"\\\\.\\pipe\\chrome.nacl.*"); 2570 L"\\\\.\\pipe\\chrome.nacl.*");
2572 if (result != sandbox::SBOX_ALL_OK) { 2571 if (result != sandbox::SBOX_ALL_OK)
2573 *success = false; 2572 return false;
2574 return;
2575 }
2576 2573
2577 // Renderers need to send named pipe handles and shared memory 2574 // Renderers need to send named pipe handles and shared memory
2578 // segment handles to NaCl loader processes. 2575 // segment handles to NaCl loader processes.
2579 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES, 2576 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
2580 sandbox::TargetPolicy::HANDLES_DUP_ANY, 2577 sandbox::TargetPolicy::HANDLES_DUP_ANY,
2581 L"File"); 2578 L"File");
2582 if (result != sandbox::SBOX_ALL_OK) { 2579 return result == sandbox::SBOX_ALL_OK;
2583 *success = false;
2584 return;
2585 }
2586 } 2580 }
2587 #endif 2581 #endif
2588 2582
2589 void ChromeContentBrowserClient::RegisterFrameMojoShellServices( 2583 void ChromeContentBrowserClient::RegisterFrameMojoShellServices(
2590 content::ServiceRegistry* registry, 2584 content::ServiceRegistry* registry,
2591 content::RenderFrameHost* render_frame_host) { 2585 content::RenderFrameHost* render_frame_host) {
2592 #if defined(OS_CHROMEOS) 2586 #if defined(OS_CHROMEOS)
2593 registry->AddService( 2587 registry->AddService(
2594 base::Bind(&chromeos::attestation::PlatformVerificationImpl::Create, 2588 base::Bind(&chromeos::attestation::PlatformVerificationImpl::Create,
2595 render_frame_host)); 2589 render_frame_host));
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after
2769 if (channel <= kMaxDisableEncryptionChannel) { 2763 if (channel <= kMaxDisableEncryptionChannel) {
2770 static const char* const kWebRtcDevSwitchNames[] = { 2764 static const char* const kWebRtcDevSwitchNames[] = {
2771 switches::kDisableWebRtcEncryption, 2765 switches::kDisableWebRtcEncryption,
2772 }; 2766 };
2773 to_command_line->CopySwitchesFrom(from_command_line, 2767 to_command_line->CopySwitchesFrom(from_command_line,
2774 kWebRtcDevSwitchNames, 2768 kWebRtcDevSwitchNames,
2775 arraysize(kWebRtcDevSwitchNames)); 2769 arraysize(kWebRtcDevSwitchNames));
2776 } 2770 }
2777 } 2771 }
2778 #endif // defined(ENABLE_WEBRTC) 2772 #endif // defined(ENABLE_WEBRTC)
OLDNEW
« no previous file with comments | « chrome/browser/chrome_content_browser_client.h ('k') | chrome/service/service_utility_process_host.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698