| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/ppapi_plugin_process_host.h" | 5 #include "content/browser/ppapi_plugin_process_host.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 #include "content/public/common/content_switches.h" | 28 #include "content/public/common/content_switches.h" |
| 29 #include "content/public/common/pepper_plugin_info.h" | 29 #include "content/public/common/pepper_plugin_info.h" |
| 30 #include "content/public/common/process_type.h" | 30 #include "content/public/common/process_type.h" |
| 31 #include "content/public/common/sandbox_type.h" | 31 #include "content/public/common/sandbox_type.h" |
| 32 #include "content/public/common/sandboxed_process_launcher_delegate.h" | 32 #include "content/public/common/sandboxed_process_launcher_delegate.h" |
| 33 #include "ipc/ipc_switches.h" | 33 #include "ipc/ipc_switches.h" |
| 34 #include "net/base/network_change_notifier.h" | 34 #include "net/base/network_change_notifier.h" |
| 35 #include "ppapi/proxy/ppapi_messages.h" | 35 #include "ppapi/proxy/ppapi_messages.h" |
| 36 #include "ui/base/ui_base_switches.h" | 36 #include "ui/base/ui_base_switches.h" |
| 37 | 37 |
| 38 #if defined(OS_POSIX) | |
| 39 #include "content/public/browser/zygote_handle_linux.h" | |
| 40 #endif // defined(OS_POSIX) | |
| 41 | |
| 42 #if defined(OS_WIN) | 38 #if defined(OS_WIN) |
| 43 #include "content/browser/renderer_host/dwrite_font_proxy_message_filter_win.h" | 39 #include "content/browser/renderer_host/dwrite_font_proxy_message_filter_win.h" |
| 44 #include "content/common/sandbox_win.h" | 40 #include "content/common/sandbox_win.h" |
| 45 #include "sandbox/win/src/process_mitigations.h" | 41 #include "sandbox/win/src/process_mitigations.h" |
| 46 #include "sandbox/win/src/sandbox_policy.h" | 42 #include "sandbox/win/src/sandbox_policy.h" |
| 47 #include "ui/gfx/win/dpi.h" | 43 #include "ui/gfx/win/dpi.h" |
| 48 #endif | 44 #endif |
| 49 | 45 |
| 50 namespace content { | 46 namespace content { |
| 51 | 47 |
| 52 #if defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) | |
| 53 ZygoteHandle g_ppapi_zygote; | |
| 54 #endif // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) | |
| 55 | |
| 56 // NOTE: changes to this class need to be reviewed by the security team. | 48 // NOTE: changes to this class need to be reviewed by the security team. |
| 57 class PpapiPluginSandboxedProcessLauncherDelegate | 49 class PpapiPluginSandboxedProcessLauncherDelegate |
| 58 : public content::SandboxedProcessLauncherDelegate { | 50 : public content::SandboxedProcessLauncherDelegate { |
| 59 public: | 51 public: |
| 60 PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker, | 52 PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker, |
| 61 const PepperPluginInfo& info, | 53 const PepperPluginInfo& info, |
| 62 ChildProcessHost* host) | 54 ChildProcessHost* host) |
| 63 : info_(info), | 55 : info_(info), |
| 64 #if defined(OS_POSIX) | 56 #if defined(OS_POSIX) |
| 65 ipc_fd_(host->TakeClientFileDescriptor()), | 57 ipc_fd_(host->TakeClientFileDescriptor()), |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 98 const base::string16& sid = | 90 const base::string16& sid = |
| 99 GetContentClient()->browser()->GetAppContainerSidForSandboxType( | 91 GetContentClient()->browser()->GetAppContainerSidForSandboxType( |
| 100 GetSandboxType()); | 92 GetSandboxType()); |
| 101 if (!sid.empty()) | 93 if (!sid.empty()) |
| 102 AddAppContainerPolicy(policy, sid.c_str()); | 94 AddAppContainerPolicy(policy, sid.c_str()); |
| 103 | 95 |
| 104 return true; | 96 return true; |
| 105 } | 97 } |
| 106 | 98 |
| 107 #elif defined(OS_POSIX) | 99 #elif defined(OS_POSIX) |
| 108 #if !defined(OS_MACOSX) && !defined(OS_ANDROID) | 100 bool ShouldUseZygote() override { |
| 109 ZygoteHandle* GetZygote() override { | |
| 110 const base::CommandLine& browser_command_line = | 101 const base::CommandLine& browser_command_line = |
| 111 *base::CommandLine::ForCurrentProcess(); | 102 *base::CommandLine::ForCurrentProcess(); |
| 112 base::CommandLine::StringType plugin_launcher = browser_command_line | 103 base::CommandLine::StringType plugin_launcher = browser_command_line |
| 113 .GetSwitchValueNative(switches::kPpapiPluginLauncher); | 104 .GetSwitchValueNative(switches::kPpapiPluginLauncher); |
| 114 if (is_broker_ || !plugin_launcher.empty()) | 105 return !is_broker_ && plugin_launcher.empty(); |
| 115 return nullptr; | |
| 116 return &g_ppapi_zygote; | |
| 117 } | 106 } |
| 118 #endif // !defined(OS_MACOSX) && !defined(OS_ANDROID) | |
| 119 | |
| 120 base::ScopedFD TakeIpcFd() override { return std::move(ipc_fd_); } | 107 base::ScopedFD TakeIpcFd() override { return std::move(ipc_fd_); } |
| 121 #endif // OS_WIN | 108 #endif // OS_WIN |
| 122 | 109 |
| 123 SandboxType GetSandboxType() override { | 110 SandboxType GetSandboxType() override { |
| 124 return SANDBOX_TYPE_PPAPI; | 111 return SANDBOX_TYPE_PPAPI; |
| 125 } | 112 } |
| 126 | 113 |
| 127 private: | 114 private: |
| 128 const PepperPluginInfo& info_; | 115 const PepperPluginInfo& info_; |
| 129 #if defined(OS_POSIX) | 116 #if defined(OS_POSIX) |
| (...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 196 const PepperPluginInfo& info) { | 183 const PepperPluginInfo& info) { |
| 197 PpapiPluginProcessHost* plugin_host = | 184 PpapiPluginProcessHost* plugin_host = |
| 198 new PpapiPluginProcessHost(); | 185 new PpapiPluginProcessHost(); |
| 199 if (plugin_host->Init(info)) | 186 if (plugin_host->Init(info)) |
| 200 return plugin_host; | 187 return plugin_host; |
| 201 | 188 |
| 202 NOTREACHED(); // Init is not expected to fail. | 189 NOTREACHED(); // Init is not expected to fail. |
| 203 return NULL; | 190 return NULL; |
| 204 } | 191 } |
| 205 | 192 |
| 206 #if defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) | |
| 207 // static | |
| 208 void PpapiPluginProcessHost::EarlyZygoteLaunch() { | |
| 209 DCHECK(!g_ppapi_zygote); | |
| 210 g_ppapi_zygote = CreateZygote(); | |
| 211 } | |
| 212 #endif // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) | |
| 213 | |
| 214 // static | 193 // static |
| 215 void PpapiPluginProcessHost::DidCreateOutOfProcessInstance( | 194 void PpapiPluginProcessHost::DidCreateOutOfProcessInstance( |
| 216 int plugin_process_id, | 195 int plugin_process_id, |
| 217 int32_t pp_instance, | 196 int32_t pp_instance, |
| 218 const PepperRendererInstanceData& instance_data) { | 197 const PepperRendererInstanceData& instance_data) { |
| 219 for (PpapiPluginProcessHostIterator iter; !iter.Done(); ++iter) { | 198 for (PpapiPluginProcessHostIterator iter; !iter.Done(); ++iter) { |
| 220 if (iter->process_.get() && | 199 if (iter->process_.get() && |
| 221 iter->process_->GetData().id == plugin_process_id) { | 200 iter->process_->GetData().id == plugin_process_id) { |
| 222 // Found the plugin. | 201 // Found the plugin. |
| 223 iter->host_impl_->AddInstance(pp_instance, instance_data); | 202 iter->host_impl_->AddInstance(pp_instance, instance_data); |
| (...skipping 317 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 541 // sent_requests_ queue should be the one that the plugin just created. | 520 // sent_requests_ queue should be the one that the plugin just created. |
| 542 Client* client = sent_requests_.front(); | 521 Client* client = sent_requests_.front(); |
| 543 sent_requests_.pop(); | 522 sent_requests_.pop(); |
| 544 | 523 |
| 545 const ChildProcessData& data = process_->GetData(); | 524 const ChildProcessData& data = process_->GetData(); |
| 546 client->OnPpapiChannelOpened(channel_handle, base::GetProcId(data.handle), | 525 client->OnPpapiChannelOpened(channel_handle, base::GetProcId(data.handle), |
| 547 data.id); | 526 data.id); |
| 548 } | 527 } |
| 549 | 528 |
| 550 } // namespace content | 529 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1640123005:
Revert of Have each SandboxedProcessLauncherDelegate maintain a zygote. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master