Chromium Code Reviews Chromium Code Reviews
Issue 176883018:
Remove additional protection of kDisableAcceleratedVideoDecode in bpf_gpu_policy_linux.cc. (Closed)
Base URL: https://git.chromium.org/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h" | 5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h" |
| 6 | 6 |
| 7 #include <dlfcn.h> | 7 #include <dlfcn.h> |
| 8 #include <errno.h> | 8 #include <errno.h> |
| 9 #include <fcntl.h> | 9 #include <fcntl.h> |
| 10 #include <sys/socket.h> | 10 #include <sys/socket.h> |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 65 } | 65 } |
| 66 | 66 |
| 67 inline bool IsArchitectureArm() { | 67 inline bool IsArchitectureArm() { |
| 68 #if defined(__arm__) | 68 #if defined(__arm__) |
| 69 return true; | 69 return true; |
| 70 #else | 70 #else |
| 71 return false; | 71 return false; |
| 72 #endif | 72 #endif |
| 73 } | 73 } |
| 74 | 74 |
| 75 bool IsAcceleratedVideoDecodeEnabled() { | |
| 76 // Accelerated video decode is currently enabled on Chrome OS, | |
|
Jorge Lucangeli Obes
2014/03/06 15:53:59
Let's simplify this function to:
CommandLine::ForC
| |
| 77 // but not on Linux: crbug.com/137247. | |
| 78 bool is_enabled = IsChromeOS(); | |
| 79 | |
| 80 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); | |
| 81 is_enabled &= | |
| 82 !command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode); | |
| 83 | |
| 84 return is_enabled; | |
| 85 } | |
| 86 | |
| 87 intptr_t GpuSIGSYS_Handler(const struct arch_seccomp_data& args, | 75 intptr_t GpuSIGSYS_Handler(const struct arch_seccomp_data& args, |
| 88 void* aux_broker_process) { | 76 void* aux_broker_process) { |
| 89 RAW_CHECK(aux_broker_process); | 77 RAW_CHECK(aux_broker_process); |
| 90 BrokerProcess* broker_process = | 78 BrokerProcess* broker_process = |
| 91 static_cast<BrokerProcess*>(aux_broker_process); | 79 static_cast<BrokerProcess*>(aux_broker_process); |
| 92 switch (args.nr) { | 80 switch (args.nr) { |
| 93 case __NR_access: | 81 case __NR_access: |
| 94 return broker_process->Access(reinterpret_cast<const char*>(args.args[0]), | 82 return broker_process->Access(reinterpret_cast<const char*>(args.args[0]), |
| 95 static_cast<int>(args.args[1])); | 83 static_cast<int>(args.args[1])); |
| 96 case __NR_open: | 84 case __NR_open: |
| (...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 207 InitGpuBrokerProcess( | 195 InitGpuBrokerProcess( |
| 208 base::Bind(&SandboxSeccompBPF::StartSandboxWithExternalPolicy, | 196 base::Bind(&SandboxSeccompBPF::StartSandboxWithExternalPolicy, |
| 209 base::Passed(scoped_ptr<sandbox::SandboxBPFPolicy>( | 197 base::Passed(scoped_ptr<sandbox::SandboxBPFPolicy>( |
| 210 new GpuBrokerProcessPolicy))), | 198 new GpuBrokerProcessPolicy))), |
| 211 std::vector<std::string>(), // No extra files in whitelist. | 199 std::vector<std::string>(), // No extra files in whitelist. |
| 212 std::vector<std::string>()); | 200 std::vector<std::string>()); |
| 213 | 201 |
| 214 if (IsArchitectureX86_64() || IsArchitectureI386()) { | 202 if (IsArchitectureX86_64() || IsArchitectureI386()) { |
| 215 // Accelerated video decode dlopen()'s some shared objects | 203 // Accelerated video decode dlopen()'s some shared objects |
| 216 // inside the sandbox, so preload them now. | 204 // inside the sandbox, so preload them now. |
| 217 if (IsAcceleratedVideoDecodeEnabled()) { | 205 if (!CommandLine::ForCurrentProcess()->HasSwitch( |
| 206 switches::kDisableAcceleratedVideoDecode)) { | |
| 218 const char* I965DrvVideoPath = NULL; | 207 const char* I965DrvVideoPath = NULL; |
| 219 | 208 |
| 220 if (IsArchitectureX86_64()) { | 209 if (IsArchitectureX86_64()) { |
| 221 I965DrvVideoPath = "/usr/lib64/va/drivers/i965_drv_video.so"; | 210 I965DrvVideoPath = "/usr/lib64/va/drivers/i965_drv_video.so"; |
| 222 } else if (IsArchitectureI386()) { | 211 } else if (IsArchitectureI386()) { |
| 223 I965DrvVideoPath = "/usr/lib/va/drivers/i965_drv_video.so"; | 212 I965DrvVideoPath = "/usr/lib/va/drivers/i965_drv_video.so"; |
| 224 } | 213 } |
| 225 | 214 |
| 226 dlopen(I965DrvVideoPath, RTLD_NOW|RTLD_GLOBAL|RTLD_NODELETE); | 215 dlopen(I965DrvVideoPath, RTLD_NOW|RTLD_GLOBAL|RTLD_NODELETE); |
| 227 dlopen("libva.so.1", RTLD_NOW|RTLD_GLOBAL|RTLD_NODELETE); | 216 dlopen("libva.so.1", RTLD_NOW|RTLD_GLOBAL|RTLD_NODELETE); |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 260 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), | 249 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), |
| 261 read_whitelist, | 250 read_whitelist, |
| 262 write_whitelist); | 251 write_whitelist); |
| 263 // The initialization callback will perform generic initialization and then | 252 // The initialization callback will perform generic initialization and then |
| 264 // call broker_sandboxer_callback. | 253 // call broker_sandboxer_callback. |
| 265 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox, | 254 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox, |
| 266 broker_sandboxer_callback))); | 255 broker_sandboxer_callback))); |
| 267 } | 256 } |
| 268 | 257 |
| 269 } // namespace content | 258 } // namespace content |
| OLD | NEW |
