Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(620)

Side by Side Diff: content/common/sandbox_init_mac.cc

Issue 2944623003: Call SetApplicationIsDaemon() in V2 sandbox. (Closed)
Patch Set: Only execute callback if not-null Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/common/sandbox_init_mac.h ('k') | content/common/sandbox_mac.mm » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/common/sandbox_init_mac.h" 5 #include "content/common/sandbox_init_mac.h"
6 6
7 #include "base/callback.h"
7 #include "base/command_line.h" 8 #include "base/command_line.h"
8 #include "base/files/file_path.h" 9 #include "base/files/file_path.h"
9 #include "base/logging.h" 10 #include "base/logging.h"
10 #include "content/common/sandbox_mac.h" 11 #include "content/common/sandbox_mac.h"
11 #include "content/public/common/content_switches.h" 12 #include "content/public/common/content_switches.h"
12 #include "content/public/common/sandbox_init.h" 13 #include "content/public/common/sandbox_init.h"
13 #include "sandbox/mac/seatbelt.h" 14 #include "sandbox/mac/seatbelt.h"
14 15
15 namespace content { 16 namespace content {
16 17
17 bool InitializeSandbox(int sandbox_type, const base::FilePath& allowed_dir) { 18 namespace {
19
20 bool InitializeSandbox(int sandbox_type,
21 const base::FilePath& allowed_dir,
22 base::OnceClosure hook) {
18 // Warm up APIs before turning on the sandbox. 23 // Warm up APIs before turning on the sandbox.
19 Sandbox::SandboxWarmup(sandbox_type); 24 Sandbox::SandboxWarmup(sandbox_type);
20 25
26 // Execute the post warmup callback.
27 if (!hook.is_null())
28 std::move(hook).Run();
29
21 // Actually sandbox the process. 30 // Actually sandbox the process.
22 return Sandbox::EnableSandbox(sandbox_type, allowed_dir); 31 return Sandbox::EnableSandbox(sandbox_type, allowed_dir);
23 } 32 }
24 33
34 } // namespace
35
36 bool InitializeSandbox(int sandbox_type, const base::FilePath& allowed_dir) {
37 return InitializeSandbox(sandbox_type, allowed_dir, base::OnceClosure());
38 }
39
25 // Fill in |sandbox_type| and |allowed_dir| based on the command line, returns 40 // Fill in |sandbox_type| and |allowed_dir| based on the command line, returns
26 // false if the current process type doesn't need to be sandboxed or if the 41 // false if the current process type doesn't need to be sandboxed or if the
27 // sandbox was disabled from the command line. 42 // sandbox was disabled from the command line.
28 bool GetSandboxTypeFromCommandLine(int* sandbox_type, 43 bool GetSandboxTypeFromCommandLine(int* sandbox_type,
29 base::FilePath* allowed_dir) { 44 base::FilePath* allowed_dir) {
30 DCHECK(sandbox_type); 45 DCHECK(sandbox_type);
31 DCHECK(allowed_dir); 46 DCHECK(allowed_dir);
32 47
33 *sandbox_type = -1; 48 *sandbox_type = -1;
34 *allowed_dir = base::FilePath(); // Empty by default. 49 *allowed_dir = base::FilePath(); // Empty by default.
(...skipping 30 matching lines...) Expand all
65 *sandbox_type = SANDBOX_TYPE_PPAPI; 80 *sandbox_type = SANDBOX_TYPE_PPAPI;
66 } else { 81 } else {
67 // This is a process which we don't know about, i.e. an embedder-defined 82 // This is a process which we don't know about, i.e. an embedder-defined
68 // process. If the embedder wants it sandboxed, they have a chance to return 83 // process. If the embedder wants it sandboxed, they have a chance to return
69 // the sandbox profile in ContentClient::GetSandboxProfileForSandboxType. 84 // the sandbox profile in ContentClient::GetSandboxProfileForSandboxType.
70 return false; 85 return false;
71 } 86 }
72 return true; 87 return true;
73 } 88 }
74 89
75 bool InitializeSandbox() { 90 bool InitializeSandboxWithPostWarmupHook(base::OnceClosure hook) {
76 int sandbox_type = 0; 91 int sandbox_type = 0;
77 base::FilePath allowed_dir; 92 base::FilePath allowed_dir;
78 if (!GetSandboxTypeFromCommandLine(&sandbox_type, &allowed_dir)) 93 if (!GetSandboxTypeFromCommandLine(&sandbox_type, &allowed_dir))
79 return true; 94 return true;
80 return InitializeSandbox(sandbox_type, allowed_dir); 95 return InitializeSandbox(sandbox_type, allowed_dir, std::move(hook));
96 }
97
98 bool InitializeSandbox() {
99 return InitializeSandboxWithPostWarmupHook(base::OnceClosure());
81 } 100 }
82 101
83 } // namespace content 102 } // namespace content
OLDNEW
« no previous file with comments | « content/common/sandbox_init_mac.h ('k') | content/common/sandbox_mac.mm » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698