OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/ppapi_plugin_process_host.h" | 5 #include "content/browser/ppapi_plugin_process_host.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
(...skipping 23 matching lines...) Expand all Loading... |
34 #include "net/base/network_change_notifier.h" | 34 #include "net/base/network_change_notifier.h" |
35 #include "ppapi/proxy/ppapi_messages.h" | 35 #include "ppapi/proxy/ppapi_messages.h" |
36 #include "ui/base/ui_base_switches.h" | 36 #include "ui/base/ui_base_switches.h" |
37 | 37 |
38 #if defined(OS_POSIX) | 38 #if defined(OS_POSIX) |
39 #include "content/public/browser/zygote_handle_linux.h" | 39 #include "content/public/browser/zygote_handle_linux.h" |
40 #endif // defined(OS_POSIX) | 40 #endif // defined(OS_POSIX) |
41 | 41 |
42 #if defined(OS_WIN) | 42 #if defined(OS_WIN) |
43 #include "content/browser/renderer_host/dwrite_font_proxy_message_filter_win.h" | 43 #include "content/browser/renderer_host/dwrite_font_proxy_message_filter_win.h" |
44 #include "content/common/sandbox_win.h" | |
45 #include "sandbox/win/src/process_mitigations.h" | |
46 #include "sandbox/win/src/sandbox_policy.h" | |
47 #include "ui/gfx/win/dpi.h" | 44 #include "ui/gfx/win/dpi.h" |
48 #endif | 45 #endif |
49 | 46 |
50 namespace content { | 47 namespace content { |
51 | 48 |
52 #if defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) | 49 #if defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) |
53 ZygoteHandle g_ppapi_zygote; | 50 ZygoteHandle g_ppapi_zygote; |
54 #endif // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) | 51 #endif // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) |
55 | 52 |
56 // NOTE: changes to this class need to be reviewed by the security team. | 53 // NOTE: changes to this class need to be reviewed by the security team. |
57 class PpapiPluginSandboxedProcessLauncherDelegate | 54 class PpapiPluginSandboxedProcessLauncherDelegate |
58 : public content::SandboxedProcessLauncherDelegate { | 55 : public content::SandboxedProcessLauncherDelegate { |
59 public: | 56 public: |
60 PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker, | 57 PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker, |
61 const PepperPluginInfo& info, | 58 const PepperPluginInfo& info, |
62 ChildProcessHost* host) | 59 ChildProcessHost* host) |
63 : | 60 : |
64 #if defined(OS_WIN) | 61 #if defined(OS_WIN) |
65 info_(info), | 62 info_(info), |
66 #endif // OS_WIN | 63 #endif // OS_WIN |
67 #if defined(OS_POSIX) | 64 #if defined(OS_POSIX) |
68 ipc_fd_(host->TakeClientFileDescriptor()), | 65 ipc_fd_(host->TakeClientFileDescriptor()), |
69 #endif // OS_POSIX | 66 #endif // OS_POSIX |
70 is_broker_(is_broker) {} | 67 is_broker_(is_broker) {} |
71 | 68 |
72 ~PpapiPluginSandboxedProcessLauncherDelegate() override {} | 69 ~PpapiPluginSandboxedProcessLauncherDelegate() override {} |
73 | 70 |
74 #if defined(OS_WIN) | 71 #if defined(OS_WIN) |
75 bool ShouldSandbox() override { | 72 bool ShouldSandbox() override { |
76 return !is_broker_; | 73 return false; |
77 } | 74 } |
78 | 75 |
79 bool PreSpawnTarget(sandbox::TargetPolicy* policy) override { | 76 bool PreSpawnTarget(sandbox::TargetPolicy* policy) override { |
80 if (is_broker_) | |
81 return true; | |
82 | |
83 // The Pepper process is as locked-down as a renderer except that it can | |
84 // create the server side of Chrome pipes. | |
85 sandbox::ResultCode result; | |
86 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, | |
87 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, | |
88 L"\\\\.\\pipe\\chrome.*"); | |
89 if (result != sandbox::SBOX_ALL_OK) | |
90 return false; | |
91 | |
92 content::ContentBrowserClient* browser_client = | |
93 GetContentClient()->browser(); | |
94 | |
95 #if !defined(NACL_WIN64) | |
96 if (IsWin32kRendererLockdownEnabled()) { | |
97 for (const auto& mime_type : info_.mime_types) { | |
98 if (browser_client->IsWin32kLockdownEnabledForMimeType( | |
99 mime_type.mime_type)) { | |
100 if (!AddWin32kLockdownPolicy(policy)) | |
101 return false; | |
102 break; | |
103 } | |
104 } | |
105 } | |
106 #endif | |
107 const base::string16& sid = | |
108 browser_client->GetAppContainerSidForSandboxType(GetSandboxType()); | |
109 if (!sid.empty()) | |
110 AddAppContainerPolicy(policy, sid.c_str()); | |
111 | |
112 return true; | 77 return true; |
113 } | 78 } |
114 | 79 |
115 #elif defined(OS_POSIX) | 80 #elif defined(OS_POSIX) |
116 #if !defined(OS_MACOSX) && !defined(OS_ANDROID) | 81 #if !defined(OS_MACOSX) && !defined(OS_ANDROID) |
117 ZygoteHandle* GetZygote() override { | 82 ZygoteHandle* GetZygote() override { |
118 const base::CommandLine& browser_command_line = | 83 const base::CommandLine& browser_command_line = |
119 *base::CommandLine::ForCurrentProcess(); | 84 *base::CommandLine::ForCurrentProcess(); |
120 base::CommandLine::StringType plugin_launcher = browser_command_line | 85 base::CommandLine::StringType plugin_launcher = browser_command_line |
121 .GetSwitchValueNative(switches::kPpapiPluginLauncher); | 86 .GetSwitchValueNative(switches::kPpapiPluginLauncher); |
(...skipping 424 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
546 // sent_requests_ queue should be the one that the plugin just created. | 511 // sent_requests_ queue should be the one that the plugin just created. |
547 Client* client = sent_requests_.front(); | 512 Client* client = sent_requests_.front(); |
548 sent_requests_.pop(); | 513 sent_requests_.pop(); |
549 | 514 |
550 const ChildProcessData& data = process_->GetData(); | 515 const ChildProcessData& data = process_->GetData(); |
551 client->OnPpapiChannelOpened(channel_handle, base::GetProcId(data.handle), | 516 client->OnPpapiChannelOpened(channel_handle, base::GetProcId(data.handle), |
552 data.id); | 517 data.id); |
553 } | 518 } |
554 | 519 |
555 } // namespace content | 520 } // namespace content |
OLD | NEW |