| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/gpu/gpu_process_host.h" | 5 #include "content/browser/gpu/gpu_process_host.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/base_switches.h" | 8 #include "base/base_switches.h" |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 182 | 182 |
| 183 #if defined(OS_WIN) | 183 #if defined(OS_WIN) |
| 184 bool ShouldSandbox() override { | 184 bool ShouldSandbox() override { |
| 185 bool sandbox = !cmd_line_->HasSwitch(switches::kDisableGpuSandbox); | 185 bool sandbox = !cmd_line_->HasSwitch(switches::kDisableGpuSandbox); |
| 186 if(! sandbox) { | 186 if(! sandbox) { |
| 187 DVLOG(1) << "GPU sandbox is disabled"; | 187 DVLOG(1) << "GPU sandbox is disabled"; |
| 188 } | 188 } |
| 189 return sandbox; | 189 return sandbox; |
| 190 } | 190 } |
| 191 | 191 |
| 192 void PreSandbox(bool* disable_default_policy, | 192 bool DisableDefaultPolicy() override { |
| 193 base::FilePath* exposed_dir) override { | 193 return true; |
| 194 *disable_default_policy = true; | |
| 195 } | 194 } |
| 196 | 195 |
| 197 // For the GPU process we gotten as far as USER_LIMITED. The next level | 196 // For the GPU process we gotten as far as USER_LIMITED. The next level |
| 198 // which is USER_RESTRICTED breaks both the DirectX backend and the OpenGL | 197 // which is USER_RESTRICTED breaks both the DirectX backend and the OpenGL |
| 199 // backend. Note that the GPU process is connected to the interactive | 198 // backend. Note that the GPU process is connected to the interactive |
| 200 // desktop. | 199 // desktop. |
| 201 void PreSpawnTarget(sandbox::TargetPolicy* policy, bool* success) override { | 200 bool PreSpawnTarget(sandbox::TargetPolicy* policy) override { |
| 202 if (base::win::GetVersion() > base::win::VERSION_XP) { | 201 if (base::win::GetVersion() > base::win::VERSION_XP) { |
| 203 if (cmd_line_->GetSwitchValueASCII(switches::kUseGL) == | 202 if (cmd_line_->GetSwitchValueASCII(switches::kUseGL) == |
| 204 gfx::kGLImplementationDesktopName) { | 203 gfx::kGLImplementationDesktopName) { |
| 205 // Open GL path. | 204 // Open GL path. |
| 206 policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, | 205 policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, |
| 207 sandbox::USER_LIMITED); | 206 sandbox::USER_LIMITED); |
| 208 SetJobLevel(*cmd_line_, sandbox::JOB_UNPROTECTED, 0, policy); | 207 SetJobLevel(*cmd_line_, sandbox::JOB_UNPROTECTED, 0, policy); |
| 209 policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW); | 208 policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW); |
| 210 } else { | 209 } else { |
| 211 policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, | 210 policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, |
| (...skipping 20 matching lines...) Expand all Loading... |
| 232 policy->SetTokenLevel(sandbox::USER_UNPROTECTED, | 231 policy->SetTokenLevel(sandbox::USER_UNPROTECTED, |
| 233 sandbox::USER_LIMITED); | 232 sandbox::USER_LIMITED); |
| 234 } | 233 } |
| 235 | 234 |
| 236 // Allow the server side of GPU sockets, which are pipes that have | 235 // Allow the server side of GPU sockets, which are pipes that have |
| 237 // the "chrome.gpu" namespace and an arbitrary suffix. | 236 // the "chrome.gpu" namespace and an arbitrary suffix. |
| 238 sandbox::ResultCode result = policy->AddRule( | 237 sandbox::ResultCode result = policy->AddRule( |
| 239 sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, | 238 sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, |
| 240 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, | 239 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, |
| 241 L"\\\\.\\pipe\\chrome.gpu.*"); | 240 L"\\\\.\\pipe\\chrome.gpu.*"); |
| 242 if (result != sandbox::SBOX_ALL_OK) { | 241 if (result != sandbox::SBOX_ALL_OK) |
| 243 *success = false; | 242 return false; |
| 244 return; | |
| 245 } | |
| 246 | 243 |
| 247 // Block this DLL even if it is not loaded by the browser process. | 244 // Block this DLL even if it is not loaded by the browser process. |
| 248 policy->AddDllToUnload(L"cmsetac.dll"); | 245 policy->AddDllToUnload(L"cmsetac.dll"); |
| 249 | 246 |
| 250 #ifdef USE_AURA | 247 #ifdef USE_AURA |
| 251 // GPU also needs to add sections to the browser for aura | 248 // GPU also needs to add sections to the browser for aura |
| 252 // TODO(jschuh): refactor the GPU channel to remove this. crbug.com/128786 | 249 // TODO(jschuh): refactor the GPU channel to remove this. crbug.com/128786 |
| 253 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES, | 250 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES, |
| 254 sandbox::TargetPolicy::HANDLES_DUP_BROKER, | 251 sandbox::TargetPolicy::HANDLES_DUP_BROKER, |
| 255 L"Section"); | 252 L"Section"); |
| 256 if (result != sandbox::SBOX_ALL_OK) { | 253 if (result != sandbox::SBOX_ALL_OK) |
| 257 *success = false; | 254 return false; |
| 258 return; | |
| 259 } | |
| 260 #endif | 255 #endif |
| 261 | 256 |
| 262 if (cmd_line_->HasSwitch(switches::kEnableLogging)) { | 257 if (cmd_line_->HasSwitch(switches::kEnableLogging)) { |
| 263 base::string16 log_file_path = logging::GetLogFileFullPath(); | 258 base::string16 log_file_path = logging::GetLogFileFullPath(); |
| 264 if (!log_file_path.empty()) { | 259 if (!log_file_path.empty()) { |
| 265 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, | 260 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, |
| 266 sandbox::TargetPolicy::FILES_ALLOW_ANY, | 261 sandbox::TargetPolicy::FILES_ALLOW_ANY, |
| 267 log_file_path.c_str()); | 262 log_file_path.c_str()); |
| 268 if (result != sandbox::SBOX_ALL_OK) { | 263 if (result != sandbox::SBOX_ALL_OK) |
| 269 *success = false; | 264 return false; |
| 270 return; | |
| 271 } | |
| 272 } | 265 } |
| 273 } | 266 } |
| 267 |
| 268 return true; |
| 274 } | 269 } |
| 275 #elif defined(OS_POSIX) | 270 #elif defined(OS_POSIX) |
| 276 | 271 |
| 277 base::ScopedFD TakeIpcFd() override { return ipc_fd_.Pass(); } | 272 base::ScopedFD TakeIpcFd() override { return ipc_fd_.Pass(); } |
| 278 #endif // OS_WIN | 273 #endif // OS_WIN |
| 279 | 274 |
| 280 SandboxType GetSandboxType() override { | 275 SandboxType GetSandboxType() override { |
| 281 return SANDBOX_TYPE_GPU; | 276 return SANDBOX_TYPE_GPU; |
| 282 } | 277 } |
| 283 | 278 |
| (...skipping 889 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1173 TRACE_EVENT0("gpu", "GpuProcessHost::OnCacheShader"); | 1168 TRACE_EVENT0("gpu", "GpuProcessHost::OnCacheShader"); |
| 1174 ClientIdToShaderCacheMap::iterator iter = | 1169 ClientIdToShaderCacheMap::iterator iter = |
| 1175 client_id_to_shader_cache_.find(client_id); | 1170 client_id_to_shader_cache_.find(client_id); |
| 1176 // If the cache doesn't exist then this is an off the record profile. | 1171 // If the cache doesn't exist then this is an off the record profile. |
| 1177 if (iter == client_id_to_shader_cache_.end()) | 1172 if (iter == client_id_to_shader_cache_.end()) |
| 1178 return; | 1173 return; |
| 1179 iter->second->Cache(GetShaderPrefixKey() + ":" + key, shader); | 1174 iter->second->Cache(GetShaderPrefixKey() + ":" + key, shader); |
| 1180 } | 1175 } |
| 1181 | 1176 |
| 1182 } // namespace content | 1177 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1415483008:
Get rid of SandboxedProcessLauncherDelegate::PreSandbox. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master