Move use_suid_sandbox_for_adj_oom_score_ logic to zygote_host_impl_linux.cc.

content/browser/zygote_host/zygote_host_impl_linux.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/zygote_host/zygote_host_impl_linux.h"
 
 #include "base/allocator/allocator_extension.h"
+#include "base/command_line.h"
 #include "base/files/file_enumerator.h"
 #include "base/process/kill.h"
 #include "base/process/memory.h"
 #include "base/strings/string_number_conversions.h"
 #include "content/public/browser/content_browser_client.h"
+#include "content/public/common/content_switches.h"
+#include "sandbox/linux/services/credentials.h"
 #include "sandbox/linux/suid/common/sandbox.h"
 
 namespace content {
 
 // static
 ZygoteHost* ZygoteHost::GetInstance() {
   return ZygoteHostImpl::GetInstance();
 }
 
 ZygoteHostImpl::ZygoteHostImpl()
-    : use_suid_sandbox_for_adj_oom_score_(false),
+    : should_use_namespace_sandbox_(true),
+      use_suid_sandbox_for_adj_oom_score_(false),
       sandbox_binary_(),
       zygote_pids_lock_(),
       zygote_pids_() {}
 
 ZygoteHostImpl::~ZygoteHostImpl() {}
 
 // static
 ZygoteHostImpl* ZygoteHostImpl::GetInstance() {
   return base::Singleton<ZygoteHostImpl>::get();
 }
 
 void ZygoteHostImpl::Init(const std::string& sandbox_cmd) {
   sandbox_binary_ = sandbox_cmd;
+
+  const base::CommandLine& command_line =
+      *base::CommandLine::ForCurrentProcess();
+  if (command_line.HasSwitch(switches::kNoSandbox) ||
+      command_line.HasSwitch(switches::kDisableNamespaceSandbox) ||
+      !sandbox::Credentials::CanCreateProcessInNewUserNS()) {
+    should_use_namespace_sandbox_ = false;
+  }
+
+  const bool using_namespace_sandbox = ShouldUseNamespaceSandbox();
+  // A non empty sandbox_cmd means we want a SUID sandbox.
+  const bool using_suid_sandbox =
+      sandbox_binary_.empty() && !using_namespace_sandbox;
+
+  // Use the SUID sandbox for adjusting OOM scores when we are using the setuid
+  // sandbox. This is needed beacuse the processes are non-dumpable, so
+  // /proc/pid/oom_score_adj can only be written by root.
+  use_suid_sandbox_for_adj_oom_score_ = using_suid_sandbox;
+
+#if defined(OS_CHROMEOS)
+  // Chrome OS has a kernel patch that restricts oom_score_adj. See
+  // crbug.com/576409 for details.
+  if (!sandbox_binary_.empty()) {
+    use_suid_sandbox_for_adj_oom_score_ = true;
+  }
+#endif
 }
 
 void ZygoteHostImpl::AddZygotePid(pid_t pid) {
   base::AutoLock lock(zygote_pids_lock_);
   zygote_pids_.insert(pid);
 }
 
 bool ZygoteHostImpl::IsZygotePid(pid_t pid) {
   base::AutoLock lock(zygote_pids_lock_);
   return zygote_pids_.find(pid) != zygote_pids_.end();
 }
 
 const std::string& ZygoteHostImpl::SandboxCommand() const {
   return sandbox_binary_;
 }
 
 void ZygoteHostImpl::SetRendererSandboxStatus(int status) {
   renderer_sandbox_status_ = status;
 }
 
 int ZygoteHostImpl::GetRendererSandboxStatus() const {
   return renderer_sandbox_status_;
 }
 
+bool ZygoteHostImpl::ShouldUseNamespaceSandbox() {
+  return should_use_namespace_sandbox_;
+}
+
 #if !defined(OS_OPENBSD)
 void ZygoteHostImpl::AdjustRendererOOMScore(base::ProcessHandle pid,
                                             int score) {
   // 1) You can't change the oom_score_adj of a non-dumpable process
   //    (EPERM) unless you're root. Because of this, we can't set the
   //    oom_adj from the browser process.
   //
   // 2) We can't set the oom_score_adj before entering the sandbox
   //    because the zygote is in the sandbox and the zygote is as
   //    critical as the browser process. Its oom_adj value shouldn't
@@ skipping 53 matching lines @@
     if (sandbox_helper_process.IsValid())
       base::EnsureProcessGetsReaped(sandbox_helper_process.Pid());
   } else if (!use_suid_sandbox_for_adj_oom_score_) {
     if (!base::AdjustOOMScore(pid, score))
       PLOG(ERROR) << "Failed to adjust OOM score of renderer with pid " << pid;
   }
 }
 #endif
 
 }  // namespace content