content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc - Issue 1542013005: Add a new driver bug workaround SANDBOX_START_EARLY

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc

Issue 1542013005: Add a new driver bug workaround SANDBOX_START_EARLY Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Add some draft code to discuss about generalizing EarlySandbox for gpu process Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc

diff --git a/content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc b/content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc

index ac6de8b5fe749a37ce94cdf209516ea418833246..c9cc63642d925bd12d91f3ddba0420c6bf37f592 100644

--- a/content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc

+++ b/content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc

@@ -57,6 +57,9 @@ inline bool IsArchitectureArm() {

}

void AddArmMaliGpuWhitelist(std::vector<BrokerFilePermission>* permissions) {

+ // XXX: Generalize CrosArmGpuProcessPolicy to a new

Ken Russell (switch to Gerrit) 2016/05/04 20:36:17 TODO(j.isorce@samsung.com) instead of XXX, here an

+ // GpuProcessPolicyEarlySandbox and move that part to IsArchitectureArm()

// Device file needed by the ARM GPU userspace.

static const char kMali0Path[] = "/dev/mali0";

@@ -68,6 +71,8 @@ void AddArmMaliGpuWhitelist(std::vector<BrokerFilePermission>* permissions) {

}

void AddArmGpuWhitelist(std::vector<BrokerFilePermission>* permissions) {

+ // XXX: Generalize CrosArmGpuProcessPolicy to a new

+ // GpuProcessPolicyEarlySandbox and move that part to IsArchitectureArm()

// On ARM we're enabling the sandbox before the X connection is made,

// so we need to allow access to |.Xauthority|.

static const char kXAuthorityPath[] = "/home/chronos/.Xauthority";

@@ -159,11 +164,14 @@ bool CrosArmGpuProcessPolicy::PreSandboxHook() {

// Add ARM-specific files to whitelist in the broker.

std::vector<BrokerFilePermission> permissions;

+ // XXX: Generalize CrosArmGpuProcessPolicy to a new

+ // GpuProcessPolicyEarlySandbox and move that part to IsArchitectureArm()

AddArmGpuWhitelist(&permissions);

InitGpuBrokerProcess(CrosArmGpuBrokerProcessPolicy::Create, permissions);

const int dlopen_flag = RTLD_NOW | RTLD_GLOBAL | RTLD_NODELETE;

+ // XXX

// Preload the Mali library.

dlopen("/usr/lib/libmali.so", dlopen_flag);

// Preload the Tegra V4L2 (video decode acceleration) library.