| Index: content/browser/utility_process_host_impl.cc
|
| diff --git a/content/browser/utility_process_host_impl.cc b/content/browser/utility_process_host_impl.cc
|
| index db67d60dc225e1c161e818315153975801596476..f8cc044727cb2dda88c7a55423ced91cdaee0a4f 100644
|
| --- a/content/browser/utility_process_host_impl.cc
|
| +++ b/content/browser/utility_process_host_impl.cc
|
| @@ -37,6 +37,10 @@
|
| #include "ipc/ipc_switches.h"
|
| #include "ui/base/ui_base_switches.h"
|
|
|
| +#if defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX)
|
| +#include "content/browser/zygote_host/zygote_communication_linux.h"
|
| +#endif // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX)
|
| +
|
| #if defined(OS_WIN)
|
| #include "sandbox/win/src/sandbox_policy.h"
|
| #include "sandbox/win/src/sandbox_types.h"
|
| @@ -44,6 +48,12 @@
|
|
|
| namespace content {
|
|
|
| +#if defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX)
|
| +namespace {
|
| +ZygoteHandle zygote;
|
| +} // namespace
|
| +#endif // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX)
|
| +
|
| // NOTE: changes to this class need to be reviewed by the security team.
|
| class UtilitySandboxedProcessLauncherDelegate
|
| : public SandboxedProcessLauncherDelegate {
|
| @@ -58,7 +68,9 @@ class UtilitySandboxedProcessLauncherDelegate
|
| launch_elevated_(launch_elevated)
|
| #elif defined(OS_POSIX)
|
| env_(env),
|
| +#if !defined(OS_MACOSX) && !defined(OS_ANDROID)
|
| no_sandbox_(no_sandbox),
|
| +#endif // !defined(OS_MACOSX) && !defined(OS_ANDROID)
|
| ipc_fd_(host->TakeClientFileDescriptor())
|
| #endif // OS_WIN
|
| {}
|
| @@ -88,9 +100,13 @@ class UtilitySandboxedProcessLauncherDelegate
|
|
|
| #elif defined(OS_POSIX)
|
|
|
| - bool ShouldUseZygote() override {
|
| - return !no_sandbox_ && exposed_dir_.empty();
|
| +#if !defined(OS_MACOSX) && !defined(OS_ANDROID)
|
| + ZygoteHandle* GetZygote() override {
|
| + if (no_sandbox_ || !exposed_dir_.empty())
|
| + return nullptr;
|
| + return &zygote;
|
| }
|
| +#endif // !defined(OS_MACOSX) && !defined(OS_ANDROID)
|
| base::EnvironmentMap GetEnvironment() override { return env_; }
|
| base::ScopedFD TakeIpcFd() override { return std::move(ipc_fd_); }
|
| #endif // OS_WIN
|
| @@ -106,7 +122,9 @@ class UtilitySandboxedProcessLauncherDelegate
|
| bool launch_elevated_;
|
| #elif defined(OS_POSIX)
|
| base::EnvironmentMap env_;
|
| +#if !defined(OS_MACOSX) && !defined(OS_ANDROID)
|
| bool no_sandbox_;
|
| +#endif // !defined(OS_MACOSX) && !defined(OS_ANDROID)
|
| base::ScopedFD ipc_fd_;
|
| #endif // OS_WIN
|
| };
|
| @@ -220,6 +238,15 @@ void UtilityProcessHostImpl::SetName(const base::string16& name) {
|
| name_ = name;
|
| }
|
|
|
| +#if defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX)
|
| +// static
|
| +void UtilityProcessHostImpl::EarlyZygoteLaunch() {
|
| + DCHECK(!zygote);
|
| + zygote = new ZygoteCommunication();
|
| + zygote->Init();
|
| +}
|
| +#endif // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX)
|
| +
|
| bool UtilityProcessHostImpl::StartProcess() {
|
| if (started_)
|
| return true;
|
|
|
Chromium Code Reviews
Issue 1532423003:
Have each SandboxedProcessLauncherDelegate maintain a zygote. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master