OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // The entry point for all Mac Chromium processes, including the outer app | 5 // The entry point for all Mac Chromium processes, including the outer app |
6 // bundle (browser) and helper app (renderer, plugin, and friends). | 6 // bundle (browser) and helper app (renderer, plugin, and friends). |
7 | 7 |
8 #include <dlfcn.h> | 8 #include <dlfcn.h> |
9 #include <errno.h> | 9 #include <errno.h> |
10 #include <libgen.h> | 10 #include <libgen.h> |
(...skipping 14 matching lines...) Expand all Loading... | |
25 #include "sandbox/mac/seatbelt_exec.h" | 25 #include "sandbox/mac/seatbelt_exec.h" |
26 #endif // defined(HELPER_EXECUTABLE) | 26 #endif // defined(HELPER_EXECUTABLE) |
27 | 27 |
28 namespace { | 28 namespace { |
29 | 29 |
30 typedef int (*ChromeMainPtr)(int, char**); | 30 typedef int (*ChromeMainPtr)(int, char**); |
31 | 31 |
32 #if defined(HELPER_EXECUTABLE) | 32 #if defined(HELPER_EXECUTABLE) |
33 // The command line parameter to engage the v2 sandbox. | 33 // The command line parameter to engage the v2 sandbox. |
34 constexpr char v2_sandbox_arg[] = "--v2-sandbox"; | 34 constexpr char v2_sandbox_arg[] = "--v2-sandbox"; |
35 // The command line paramter indicating that the v2 sandbox is enabled. This | |
36 // must be different than the "v2-sandbox" flag to avoid endless re-executing. | |
37 // The flag tells the sandbox initialization code inside Chrome that the sandbox | |
38 // should already be enabled. | |
39 char v2_sandbox_enabled_arg[] = "--v2-sandbox-enabled"; | |
Robert Sesek
2017/06/01 22:07:49
constexpr?
Robert Sesek
2017/06/01 22:07:49
Since "enabled" is so overloaded for features, I t
Greg K
2017/06/01 22:10:40
The reason I make it a positive for now is because
Robert Sesek
2017/06/01 22:12:28
That's true, unless you propagated the --v2-sandbo
Greg K
2017/06/01 22:13:22
Yes. I don't want to re-add the new flag because i
Greg K
2017/06/01 22:23:56
I don't actually know a better way to do this. The
Greg K
2017/06/01 22:26:11
For what it's worth, these are document as constan
| |
35 // The command line parameter for the file descriptor used to receive the | 40 // The command line parameter for the file descriptor used to receive the |
36 // sandbox policy. | 41 // sandbox policy. |
37 constexpr char fd_mapping_arg[] = "--fd_mapping="; | 42 constexpr char fd_mapping_arg[] = "--fd_mapping="; |
38 | 43 |
39 __attribute__((noreturn)) void SandboxExec(const char* exec_path, | 44 __attribute__((noreturn)) void SandboxExec(const char* exec_path, |
40 int argc, | 45 int argc, |
41 char* argv[], | 46 char* argv[], |
42 int fd_mapping) { | 47 int fd_mapping) { |
43 char rp[MAXPATHLEN]; | 48 char rp[MAXPATHLEN]; |
44 if (realpath(exec_path, rp) == NULL) { | 49 if (realpath(exec_path, rp) == NULL) { |
(...skipping 19 matching lines...) Expand all Loading... | |
64 abort(); | 69 abort(); |
65 } | 70 } |
66 | 71 |
67 std::vector<char*> new_argv; | 72 std::vector<char*> new_argv; |
68 for (int i = 1; i < argc; ++i) { | 73 for (int i = 1; i < argc; ++i) { |
69 if (strcmp(argv[i], v2_sandbox_arg) != 0 && | 74 if (strcmp(argv[i], v2_sandbox_arg) != 0 && |
70 strncmp(argv[i], fd_mapping_arg, strlen(fd_mapping_arg)) != 0) { | 75 strncmp(argv[i], fd_mapping_arg, strlen(fd_mapping_arg)) != 0) { |
71 new_argv.push_back(argv[i]); | 76 new_argv.push_back(argv[i]); |
72 } | 77 } |
73 } | 78 } |
79 // Tell Chrome that the sandbox should already be enabled. | |
80 new_argv.push_back(v2_sandbox_enabled_arg); | |
74 new_argv.push_back(nullptr); | 81 new_argv.push_back(nullptr); |
75 | 82 |
76 // The helper executable re-executes itself under the sandbox. | 83 // The helper executable re-executes itself under the sandbox. |
77 execv(exec_path, new_argv.data()); | 84 execv(exec_path, new_argv.data()); |
78 perror("execve"); | 85 perror("execve"); |
79 abort(); | 86 abort(); |
80 } | 87 } |
81 #endif // defined(HELPER_EXECUTABLE) | 88 #endif // defined(HELPER_EXECUTABLE) |
82 | 89 |
83 } // namespace | 90 } // namespace |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
156 if (!chrome_main) { | 163 if (!chrome_main) { |
157 fprintf(stderr, "dlsym ChromeMain: %s\n", dlerror()); | 164 fprintf(stderr, "dlsym ChromeMain: %s\n", dlerror()); |
158 abort(); | 165 abort(); |
159 } | 166 } |
160 rv = chrome_main(argc, argv); | 167 rv = chrome_main(argc, argv); |
161 | 168 |
162 // exit, don't return from main, to avoid the apparent removal of main from | 169 // exit, don't return from main, to avoid the apparent removal of main from |
163 // stack backtraces under tail call optimization. | 170 // stack backtraces under tail call optimization. |
164 exit(rv); | 171 exit(rv); |
165 } | 172 } |
OLD | NEW |