OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/utility_process_host_impl.h" | 5 #include "content/browser/utility_process_host_impl.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
60 } // namespace | 60 } // namespace |
61 #endif // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) | 61 #endif // defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_MACOSX) |
62 | 62 |
63 // NOTE: changes to this class need to be reviewed by the security team. | 63 // NOTE: changes to this class need to be reviewed by the security team. |
64 class UtilitySandboxedProcessLauncherDelegate | 64 class UtilitySandboxedProcessLauncherDelegate |
65 : public SandboxedProcessLauncherDelegate { | 65 : public SandboxedProcessLauncherDelegate { |
66 public: | 66 public: |
67 UtilitySandboxedProcessLauncherDelegate(const base::FilePath& exposed_dir, | 67 UtilitySandboxedProcessLauncherDelegate(const base::FilePath& exposed_dir, |
68 bool launch_elevated, | 68 bool launch_elevated, |
69 bool no_sandbox, | 69 bool no_sandbox, |
70 const base::EnvironmentMap& env, | 70 const base::EnvironmentMap& env) |
71 ChildProcessHost* host) | |
72 : exposed_dir_(exposed_dir), | 71 : exposed_dir_(exposed_dir), |
73 #if defined(OS_WIN) | 72 #if defined(OS_WIN) |
74 launch_elevated_(launch_elevated) | 73 launch_elevated_(launch_elevated) |
75 #elif defined(OS_POSIX) | 74 #elif defined(OS_POSIX) |
76 env_(env), | 75 env_(env) |
77 #if !defined(OS_MACOSX) && !defined(OS_ANDROID) | 76 #if !defined(OS_MACOSX) && !defined(OS_ANDROID) |
78 no_sandbox_(no_sandbox), | 77 , |
| 78 no_sandbox_(no_sandbox) |
79 #endif // !defined(OS_MACOSX) && !defined(OS_ANDROID) | 79 #endif // !defined(OS_MACOSX) && !defined(OS_ANDROID) |
80 ipc_fd_(host->TakeClientFileDescriptor()) | |
81 #endif // OS_WIN | 80 #endif // OS_WIN |
82 {} | 81 {} |
83 | 82 |
84 ~UtilitySandboxedProcessLauncherDelegate() override {} | 83 ~UtilitySandboxedProcessLauncherDelegate() override {} |
85 | 84 |
86 #if defined(OS_WIN) | 85 #if defined(OS_WIN) |
87 bool ShouldLaunchElevated() override { return launch_elevated_; } | 86 bool ShouldLaunchElevated() override { return launch_elevated_; } |
88 | 87 |
89 bool PreSpawnTarget(sandbox::TargetPolicy* policy) override { | 88 bool PreSpawnTarget(sandbox::TargetPolicy* policy) override { |
90 if (exposed_dir_.empty()) | 89 if (exposed_dir_.empty()) |
(...skipping 16 matching lines...) Expand all Loading... |
107 #elif defined(OS_POSIX) | 106 #elif defined(OS_POSIX) |
108 | 107 |
109 #if !defined(OS_MACOSX) && !defined(OS_ANDROID) | 108 #if !defined(OS_MACOSX) && !defined(OS_ANDROID) |
110 ZygoteHandle* GetZygote() override { | 109 ZygoteHandle* GetZygote() override { |
111 if (no_sandbox_ || !exposed_dir_.empty()) | 110 if (no_sandbox_ || !exposed_dir_.empty()) |
112 return nullptr; | 111 return nullptr; |
113 return GetGenericZygote(); | 112 return GetGenericZygote(); |
114 } | 113 } |
115 #endif // !defined(OS_MACOSX) && !defined(OS_ANDROID) | 114 #endif // !defined(OS_MACOSX) && !defined(OS_ANDROID) |
116 base::EnvironmentMap GetEnvironment() override { return env_; } | 115 base::EnvironmentMap GetEnvironment() override { return env_; } |
117 base::ScopedFD TakeIpcFd() override { return std::move(ipc_fd_); } | |
118 #endif // OS_WIN | 116 #endif // OS_WIN |
119 | 117 |
120 SandboxType GetSandboxType() override { | 118 SandboxType GetSandboxType() override { |
121 return SANDBOX_TYPE_UTILITY; | 119 return SANDBOX_TYPE_UTILITY; |
122 } | 120 } |
123 | 121 |
124 private: | 122 private: |
125 base::FilePath exposed_dir_; | 123 base::FilePath exposed_dir_; |
126 | 124 |
127 #if defined(OS_WIN) | 125 #if defined(OS_WIN) |
128 bool launch_elevated_; | 126 bool launch_elevated_; |
129 #elif defined(OS_POSIX) | 127 #elif defined(OS_POSIX) |
130 base::EnvironmentMap env_; | 128 base::EnvironmentMap env_; |
131 #if !defined(OS_MACOSX) && !defined(OS_ANDROID) | 129 #if !defined(OS_MACOSX) && !defined(OS_ANDROID) |
132 bool no_sandbox_; | 130 bool no_sandbox_; |
133 #endif // !defined(OS_MACOSX) && !defined(OS_ANDROID) | 131 #endif // !defined(OS_MACOSX) && !defined(OS_ANDROID) |
134 base::ScopedFD ipc_fd_; | |
135 #endif // OS_WIN | 132 #endif // OS_WIN |
136 }; | 133 }; |
137 | 134 |
138 UtilityMainThreadFactoryFunction g_utility_main_thread_factory = NULL; | 135 UtilityMainThreadFactoryFunction g_utility_main_thread_factory = NULL; |
139 | 136 |
140 UtilityProcessHost* UtilityProcessHost::Create( | 137 UtilityProcessHost* UtilityProcessHost::Create( |
141 const scoped_refptr<UtilityProcessHostClient>& client, | 138 const scoped_refptr<UtilityProcessHostClient>& client, |
142 const scoped_refptr<base::SequencedTaskRunner>& client_task_runner) { | 139 const scoped_refptr<base::SequencedTaskRunner>& client_task_runner) { |
143 return new UtilityProcessHostImpl(client, client_task_runner); | 140 return new UtilityProcessHostImpl(client, client_task_runner); |
144 } | 141 } |
(...skipping 190 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
335 exposed_dir_); | 332 exposed_dir_); |
336 } | 333 } |
337 | 334 |
338 #if defined(OS_WIN) | 335 #if defined(OS_WIN) |
339 // Let the utility process know if it is intended to be elevated. | 336 // Let the utility process know if it is intended to be elevated. |
340 if (run_elevated_) | 337 if (run_elevated_) |
341 cmd_line->AppendSwitch(switches::kUtilityProcessRunningElevated); | 338 cmd_line->AppendSwitch(switches::kUtilityProcessRunningElevated); |
342 #endif | 339 #endif |
343 | 340 |
344 process_->Launch(new UtilitySandboxedProcessLauncherDelegate( | 341 process_->Launch(new UtilitySandboxedProcessLauncherDelegate( |
345 exposed_dir_, run_elevated_, no_sandbox_, env_, | 342 exposed_dir_, run_elevated_, no_sandbox_, env_), |
346 process_->GetHost()), | |
347 cmd_line, true); | 343 cmd_line, true); |
348 } | 344 } |
349 | 345 |
350 return true; | 346 return true; |
351 } | 347 } |
352 | 348 |
353 bool UtilityProcessHostImpl::OnMessageReceived(const IPC::Message& message) { | 349 bool UtilityProcessHostImpl::OnMessageReceived(const IPC::Message& message) { |
354 if (!client_.get()) | 350 if (!client_.get()) |
355 return true; | 351 return true; |
356 | 352 |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
398 base::WeakPtr<UtilityProcessHostImpl> host, | 394 base::WeakPtr<UtilityProcessHostImpl> host, |
399 int error_code) { | 395 int error_code) { |
400 if (!host) | 396 if (!host) |
401 return; | 397 return; |
402 | 398 |
403 host->OnProcessLaunchFailed(error_code); | 399 host->OnProcessLaunchFailed(error_code); |
404 delete host.get(); | 400 delete host.get(); |
405 } | 401 } |
406 | 402 |
407 } // namespace content | 403 } // namespace content |
OLD | NEW |