Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(676)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/sandbox_win.cc

Issue 2950153002: Improve process launch handle sharing API. (Closed)
Patch Set: Fix Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« base/process/launch_win.cc ('K') | « content/browser/zygote_host/zygote_host_impl_linux.cc ('k') | content/public/browser/BUILD.gn » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/common/sandbox_win.h" 5 #include "content/common/sandbox_win.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 8
9 #include <string> 9 #include <string>
10 10
(...skipping 702 matching lines...) Expand 10 before | Expand all | Expand 10 after
713 713
714 bool InitTargetServices(sandbox::TargetServices* target_services) { 714 bool InitTargetServices(sandbox::TargetServices* target_services) {
715 DCHECK(target_services); 715 DCHECK(target_services);
716 sandbox::ResultCode result = target_services->Init(); 716 sandbox::ResultCode result = target_services->Init();
717 return sandbox::SBOX_ALL_OK == result; 717 return sandbox::SBOX_ALL_OK == result;
718 } 718 }
719 719
720 sandbox::ResultCode StartSandboxedProcess( 720 sandbox::ResultCode StartSandboxedProcess(
721 SandboxedProcessLauncherDelegate* delegate, 721 SandboxedProcessLauncherDelegate* delegate,
722 base::CommandLine* cmd_line, 722 base::CommandLine* cmd_line,
723 const base::HandlesToInheritVector& handles_to_inherit, 723 const std::vector<HANDLE>& handles_to_inherit,
724 base::Process* process) { 724 base::Process* process) {
725 DCHECK(delegate); 725 DCHECK(delegate);
726 const base::CommandLine& browser_command_line = 726 const base::CommandLine& browser_command_line =
727 *base::CommandLine::ForCurrentProcess(); 727 *base::CommandLine::ForCurrentProcess();
728 std::string type_str = cmd_line->GetSwitchValueASCII(switches::kProcessType); 728 std::string type_str = cmd_line->GetSwitchValueASCII(switches::kProcessType);
729 729
730 TRACE_EVENT1("startup", "StartProcessWithAccess", "type", type_str); 730 TRACE_EVENT1("startup", "StartProcessWithAccess", "type", type_str);
731 731
732 // Propagate the --allow-no-job flag if present. 732 // Propagate the --allow-no-job flag if present.
733 if (browser_command_line.HasSwitch(switches::kAllowNoSandboxJob) && 733 if (browser_command_line.HasSwitch(switches::kAllowNoSandboxJob) &&
734 !cmd_line->HasSwitch(switches::kAllowNoSandboxJob)) { 734 !cmd_line->HasSwitch(switches::kAllowNoSandboxJob)) {
735 cmd_line->AppendSwitch(switches::kAllowNoSandboxJob); 735 cmd_line->AppendSwitch(switches::kAllowNoSandboxJob);
736 } 736 }
737 737
738 ProcessDebugFlags(cmd_line); 738 ProcessDebugFlags(cmd_line);
739 739
740 if ((!delegate->ShouldSandbox()) || 740 if ((!delegate->ShouldSandbox()) ||
741 browser_command_line.HasSwitch(switches::kNoSandbox) || 741 browser_command_line.HasSwitch(switches::kNoSandbox) ||
742 cmd_line->HasSwitch(switches::kNoSandbox)) { 742 cmd_line->HasSwitch(switches::kNoSandbox)) {
743 base::LaunchOptions options; 743 base::LaunchOptions options;
744 744 options.handles_to_inherit = handles_to_inherit;
745 base::HandlesToInheritVector handles = handles_to_inherit;
746 if (!handles_to_inherit.empty()) {
747 options.inherit_handles = true;
748 options.handles_to_inherit = &handles;
749 }
750 base::Process unsandboxed_process = base::LaunchProcess(*cmd_line, options); 745 base::Process unsandboxed_process = base::LaunchProcess(*cmd_line, options);
751 746
752 *process = std::move(unsandboxed_process); 747 *process = std::move(unsandboxed_process);
753 return sandbox::SBOX_ALL_OK; 748 return sandbox::SBOX_ALL_OK;
754 } 749 }
755 750
756 scoped_refptr<sandbox::TargetPolicy> policy = 751 scoped_refptr<sandbox::TargetPolicy> policy =
757 g_broker_services->CreatePolicy(); 752 g_broker_services->CreatePolicy();
758 753
759 // Add any handles to be inherited to the policy. 754 // Add any handles to be inherited to the policy.
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after
887 } 882 }
888 883
889 delegate->PostSpawnTarget(target.process_handle()); 884 delegate->PostSpawnTarget(target.process_handle());
890 885
891 CHECK(ResumeThread(target.thread_handle()) != static_cast<DWORD>(-1)); 886 CHECK(ResumeThread(target.thread_handle()) != static_cast<DWORD>(-1));
892 *process = base::Process(target.TakeProcessHandle()); 887 *process = base::Process(target.TakeProcessHandle());
893 return sandbox::SBOX_ALL_OK; 888 return sandbox::SBOX_ALL_OK;
894 } 889 }
895 890
896 } // namespace content 891 } // namespace content
OLDNEW
« base/process/launch_win.cc ('K') | « content/browser/zygote_host/zygote_host_impl_linux.cc ('k') | content/public/browser/BUILD.gn » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698