Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(48)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/nacl/common/nacl_switches.cc

Issue 226033002: Ensure seccomp-bpf cannot be silently disabled for non-SFI NaCl (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/browser/chrome_content_browser_client.cc ('K') | « components/nacl/common/nacl_switches.h ('k') | components/nacl/loader/nacl_helper_linux.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/nacl/common/nacl_switches.h" 5 #include "components/nacl/common/nacl_switches.h"
6 6
7 namespace switches { 7 namespace switches {
8 8
9 // Disables crash throttling for Portable Native Client. 9 // Disables crash throttling for Portable Native Client.
10 const char kDisablePnaclCrashThrottling[] = "disable-pnacl-crash-throttling"; 10 const char kDisablePnaclCrashThrottling[] = "disable-pnacl-crash-throttling";
11 11
12 // Disables the installation of Portable Native Client. 12 // Disables the installation of Portable Native Client.
13 const char kDisablePnaclInstall[] = "disable-pnacl-install"; 13 const char kDisablePnaclInstall[] = "disable-pnacl-install";
14 14
15 // Enables debugging via RSP over a socket. 15 // Enables debugging via RSP over a socket.
16 const char kEnableNaClDebug[] = "enable-nacl-debug"; 16 const char kEnableNaClDebug[] = "enable-nacl-debug";
17 17
18 // Enables Non-SFI mode, in which programs can be run without NaCl's SFI 18 // Enables Non-SFI mode, in which programs can be run without NaCl's SFI
19 // sandbox. 19 // sandbox.
20 const char kEnableNaClNonSfiMode[] = "enable-nacl-nonsfi-mode"; 20 const char kEnableNaClNonSfiMode[] = "enable-nacl-nonsfi-mode";
21 21
22 // Value for --type that causes the process to run as a NativeClient broker 22 // Value for --type that causes the process to run as a NativeClient broker
23 // (used for launching NaCl loader processes on 64-bit Windows). 23 // (used for launching NaCl loader processes on 64-bit Windows).
24 const char kNaClBrokerProcess[] = "nacl-broker"; 24 const char kNaClBrokerProcess[] = "nacl-broker";
25 25
26 // Disable sandbox even for non SFI mode. This is particularly unsafe
27 // as non SFI NaCl heavily relies on the seccomp sandbox.
28 const char kNaClDangerousNoSandboxNonSfi[] =
29 "nacl-dangerous-no-sandbox-nonsfi";
30
26 // Uses NaCl manifest URL to choose whether NaCl program will be debugged by 31 // Uses NaCl manifest URL to choose whether NaCl program will be debugged by
27 // debug stub. 32 // debug stub.
28 // Switch value format: [!]pattern1,pattern2,...,patternN. Each pattern uses 33 // Switch value format: [!]pattern1,pattern2,...,patternN. Each pattern uses
29 // the same syntax as patterns in Chrome extension manifest. The only difference 34 // the same syntax as patterns in Chrome extension manifest. The only difference
30 // is that * scheme matches all schemes instead of matching only http and https. 35 // is that * scheme matches all schemes instead of matching only http and https.
31 // If the value doesn't start with !, a program will be debugged if manifest URL 36 // If the value doesn't start with !, a program will be debugged if manifest URL
32 // matches any pattern. If the value starts with !, a program will be debugged 37 // matches any pattern. If the value starts with !, a program will be debugged
33 // if manifest URL does not match any pattern. 38 // if manifest URL does not match any pattern.
34 const char kNaClDebugMask[] = "nacl-debug-mask"; 39 const char kNaClDebugMask[] = "nacl-debug-mask";
35 40
41 // GDB script to pass to the nacl-gdb debugger at startup.
42 const char kNaClGdbScript[] = "nacl-gdb-script";
43
36 // Native Client GDB debugger that will be launched automatically when needed. 44 // Native Client GDB debugger that will be launched automatically when needed.
37 const char kNaClGdb[] = "nacl-gdb"; 45 const char kNaClGdb[] = "nacl-gdb";
38 46
39 // GDB script to pass to the nacl-gdb debugger at startup. 47 // Value for --type that causes the process to run as a NativeClient loader
40 const char kNaClGdbScript[] = "nacl-gdb-script"; 48 // for non SFI mode.
49 const char kNaClLoaderNonSfiProcess[] = "nacl-loader-nonsfi";
41 50
42 // Value for --type that causes the process to run as a NativeClient loader 51 // Value for --type that causes the process to run as a NativeClient loader
43 // for SFI mode. 52 // for SFI mode.
44 const char kNaClLoaderProcess[] = "nacl-loader"; 53 const char kNaClLoaderProcess[] = "nacl-loader";
45 54
46 // Value for --type that causes the process to run as a NativeClient loader
47 // for non SFI mode.
48 const char kNaClLoaderNonSfiProcess[] = "nacl-loader-nonsfi";
49
50 } // namespace switches 55 } // namespace switches
OLDNEW
« chrome/browser/chrome_content_browser_client.cc ('K') | « components/nacl/common/nacl_switches.h ('k') | components/nacl/loader/nacl_helper_linux.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698