| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" | 5 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <sys/socket.h> | 9 #include <sys/socket.h> |
| 10 #include <sys/stat.h> | 10 #include <sys/stat.h> |
| (...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 163 | 163 |
| 164 std::unique_ptr<SandboxBPFBasePolicy> GetGpuProcessSandbox() { | 164 std::unique_ptr<SandboxBPFBasePolicy> GetGpuProcessSandbox() { |
| 165 const base::CommandLine& command_line = | 165 const base::CommandLine& command_line = |
| 166 *base::CommandLine::ForCurrentProcess(); | 166 *base::CommandLine::ForCurrentProcess(); |
| 167 bool allow_sysv_shm = false; | 167 bool allow_sysv_shm = false; |
| 168 if (command_line.HasSwitch(switches::kGpuSandboxAllowSysVShm)) { | 168 if (command_line.HasSwitch(switches::kGpuSandboxAllowSysVShm)) { |
| 169 DCHECK(IsArchitectureArm()); | 169 DCHECK(IsArchitectureArm()); |
| 170 allow_sysv_shm = true; | 170 allow_sysv_shm = true; |
| 171 } | 171 } |
| 172 | 172 |
| 173 // XXX: Generalize CrosArmGpuProcessPolicy to a new |
| 174 // GpuProcessPolicyEarlySandbox then here just rely on if |
| 175 // has switches::kGpuSandboxStartEarly |
| 173 if (IsChromeOS() && IsArchitectureArm()) { | 176 if (IsChromeOS() && IsArchitectureArm()) { |
| 174 return std::unique_ptr<SandboxBPFBasePolicy>( | 177 return std::unique_ptr<SandboxBPFBasePolicy>( |
| 175 new CrosArmGpuProcessPolicy(allow_sysv_shm)); | 178 new CrosArmGpuProcessPolicy(allow_sysv_shm)); |
| 176 } else { | 179 } else { |
| 177 bool allow_mincore = command_line.HasSwitch(switches::kUseGL) && | 180 bool allow_mincore = command_line.HasSwitch(switches::kUseGL) && |
| 178 command_line.GetSwitchValueASCII(switches::kUseGL) == | 181 command_line.GetSwitchValueASCII(switches::kUseGL) == |
| 179 gfx::kGLImplementationEGLName; | 182 gfx::kGLImplementationEGLName; |
| 180 return std::unique_ptr<SandboxBPFBasePolicy>( | 183 return std::unique_ptr<SandboxBPFBasePolicy>( |
| 181 new GpuProcessPolicy(allow_mincore)); | 184 new GpuProcessPolicy(allow_mincore)); |
| 182 } | 185 } |
| (...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 303 SandboxSeccompBPF::GetBaselinePolicy() { | 306 SandboxSeccompBPF::GetBaselinePolicy() { |
| 304 #if defined(USE_SECCOMP_BPF) | 307 #if defined(USE_SECCOMP_BPF) |
| 305 return std::unique_ptr<sandbox::bpf_dsl::Policy>(new BaselinePolicy); | 308 return std::unique_ptr<sandbox::bpf_dsl::Policy>(new BaselinePolicy); |
| 306 #else | 309 #else |
| 307 return std::unique_ptr<sandbox::bpf_dsl::Policy>(); | 310 return std::unique_ptr<sandbox::bpf_dsl::Policy>(); |
| 308 #endif // defined(USE_SECCOMP_BPF) | 311 #endif // defined(USE_SECCOMP_BPF) |
| 309 } | 312 } |
| 310 #endif // !defined(OS_NACL_NONSFI) | 313 #endif // !defined(OS_NACL_NONSFI) |
| 311 | 314 |
| 312 } // namespace content | 315 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1542013005:
Add a new driver bug workaround SANDBOX_START_EARLY
Base URL: https://chromium.googlesource.com/chromium/src.git@master