Implement the V2 sandbox in the process launcher.

content/browser/child_process_launcher_helper_mac.cc

Index: content/browser/child_process_launcher_helper_mac.cc
diff --git a/content/browser/child_process_launcher_helper_mac.cc b/content/browser/child_process_launcher_helper_mac.cc
index 30435b6dff14702d1c34a272f4d4432c7bf73f0e..994b19e6cb9b3f18dc8afa22d7d5e920160c48cf 100644
--- a/content/browser/child_process_launcher_helper_mac.cc
+++ b/content/browser/child_process_launcher_helper_mac.cc
@@ -2,6 +2,8 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
+#include "base/command_line.h"
+#include "base/feature_list.h"
 #include "base/memory/ptr_util.h"
 #include "base/path_service.h"
 #include "base/posix/global_descriptors.h"
@@ -10,11 +12,18 @@
 #include "content/browser/child_process_launcher_helper.h"
 #include "content/browser/child_process_launcher_helper_posix.h"
 #include "content/browser/mach_broker_mac.h"
+#include "content/browser/sandbox_parameters_mac.h"
+#include "content/grit/content_resources.h"
+#include "content/public/browser/content_browser_client.h"
+#include "content/public/common/content_features.h"
+#include "content/public/common/content_paths.h"
+#include "content/public/common/content_switches.h"
 #include "content/public/common/result_codes.h"
 #include "content/public/common/sandboxed_process_launcher_delegate.h"
 #include "mojo/edk/embedder/scoped_platform_handle.h"
 #include "sandbox/mac/bootstrap_sandbox.h"
 #include "sandbox/mac/pre_exec_delegate.h"
+#include "sandbox/mac/seatbelt_exec.h"
 
 namespace content {
 namespace internal {
@@ -47,6 +56,34 @@ void ChildProcessLauncherHelper::BeforeLaunchOnLauncherThread(
           base::GlobalDescriptors::kBaseDescriptor);
 
   options->environ = delegate_->GetEnvironment();
+
+  if (base::FeatureList::IsEnabled(features::kMacV2Sandbox) &&
+      GetProcessType() == switches::kRendererProcess) {
+    seatbelt_exec_client_ = base::MakeUnique<sandbox::SeatbeltExecClient>();
+    base::StringPiece renderer_sb = GetContentClient()->GetDataResource(
+        IDR_RENDERER_SANDBOX_V2_PROFILE, ui::SCALE_FACTOR_NONE);
+    std::string profile = renderer_sb.as_string();
+
+    seatbelt_exec_client_->SetProfile(profile);
+
+    SetupRendererSandboxParameters(seatbelt_exec_client_.get());
+
+    int pipe = seatbelt_exec_client_->SendProfileAndGetFD();
+
+    base::FilePath helper_executable;
+    CHECK(PathService::Get(content::CHILD_PROCESS_EXE, &helper_executable));
+
+    fds_to_map->push_back(std::make_pair(pipe, pipe));
+
+    base::CommandLine wrapper(helper_executable);
+    wrapper.AppendSwitch(switches::kEnableV2Sandbox);
+    wrapper.AppendArg("--fd_mapping=" + std::to_string(pipe));
+    // base::CommandLine::AppendArguments messes up the arguments.

[Robert Sesek, 2017/06/13 19:05:08]

How so? Is this a bug?

[Greg K, 2017/06/14 17:21:17]

This was actually a problem in the original CL that seems to work fine in the
current CL, so I'll just drop the whole custom block.

+    for (size_t i = 1; i < command_line_->argv().size(); i++)
+      wrapper.AppendArg(command_line_->argv()[i]);
+    command_line_.reset(new base::CommandLine(wrapper));
+  }
+
   // fds_to_remap will de deleted in AfterLaunchOnLauncherThread() below.
   options->fds_to_remap = fds_to_map.release();