| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "content/browser/bootstrap_sandbox_mac.h" |
| 6 |
| 7 #include "base/logging.h" |
| 8 #include "base/mac/mac_util.h" |
| 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/memory/singleton.h" |
| 11 #include "content/common/sandbox_init_mac.h" |
| 12 #include "content/public/browser/browser_child_process_observer.h" |
| 13 #include "content/public/browser/child_process_data.h" |
| 14 #include "content/public/common/sandbox_type_mac.h" |
| 15 #include "sandbox/mac/bootstrap_sandbox.h" |
| 16 |
| 17 namespace content { |
| 18 |
| 19 namespace { |
| 20 |
| 21 // This class is responsible for creating the BootstrapSandbox global |
| 22 // singleton, as well as registering all associated policies with it. |
| 23 class BootstrapSandboxPolicy : public BrowserChildProcessObserver { |
| 24 public: |
| 25 static BootstrapSandboxPolicy* GetInstance(); |
| 26 |
| 27 sandbox::BootstrapSandbox* sandbox() const { |
| 28 return sandbox_.get(); |
| 29 } |
| 30 |
| 31 // BrowserChildProcessObserver: |
| 32 virtual void BrowserChildProcessHostDisconnected( |
| 33 const ChildProcessData& data) OVERRIDE; |
| 34 virtual void BrowserChildProcessCrashed( |
| 35 const ChildProcessData& data) OVERRIDE; |
| 36 |
| 37 private: |
| 38 friend struct DefaultSingletonTraits<BootstrapSandboxPolicy>; |
| 39 BootstrapSandboxPolicy(); |
| 40 virtual ~BootstrapSandboxPolicy(); |
| 41 |
| 42 void RegisterSandboxPolicies(); |
| 43 void RegisterNPAPIPolicy(); |
| 44 |
| 45 scoped_ptr<sandbox::BootstrapSandbox> sandbox_; |
| 46 }; |
| 47 |
| 48 BootstrapSandboxPolicy* BootstrapSandboxPolicy::GetInstance() { |
| 49 return Singleton<BootstrapSandboxPolicy>::get(); |
| 50 } |
| 51 |
| 52 void BootstrapSandboxPolicy::BrowserChildProcessHostDisconnected( |
| 53 const ChildProcessData& data) { |
| 54 sandbox()->ChildDied(data.handle); |
| 55 } |
| 56 |
| 57 void BootstrapSandboxPolicy::BrowserChildProcessCrashed( |
| 58 const ChildProcessData& data) { |
| 59 sandbox()->ChildDied(data.handle); |
| 60 } |
| 61 |
| 62 BootstrapSandboxPolicy::BootstrapSandboxPolicy() |
| 63 : sandbox_(sandbox::BootstrapSandbox::Create()) { |
| 64 CHECK(sandbox_.get()); |
| 65 BrowserChildProcessObserver::Add(this); |
| 66 RegisterSandboxPolicies(); |
| 67 } |
| 68 |
| 69 BootstrapSandboxPolicy::~BootstrapSandboxPolicy() { |
| 70 BrowserChildProcessObserver::Remove(this); |
| 71 } |
| 72 |
| 73 void BootstrapSandboxPolicy::RegisterSandboxPolicies() { |
| 74 RegisterNPAPIPolicy(); |
| 75 } |
| 76 |
| 77 void BootstrapSandboxPolicy::RegisterNPAPIPolicy() { |
| 78 sandbox::BootstrapSandboxPolicy policy; |
| 79 policy.default_rule = sandbox::Rule(sandbox::POLICY_ALLOW); |
| 80 policy.rules[kBootstrapPortNameForNPAPIPlugins] = |
| 81 sandbox::Rule(sandbox_->real_bootstrap_port()); |
| 82 sandbox_->RegisterSandboxPolicy(SANDBOX_TYPE_NPAPI, policy); |
| 83 } |
| 84 |
| 85 } // namespace |
| 86 |
| 87 bool ShouldEnableBootstrapSandbox() { |
| 88 return base::mac::IsOSMountainLionOrEarlier() || |
| 89 base::mac::IsOSMavericks(); |
| 90 } |
| 91 |
| 92 sandbox::BootstrapSandbox* GetBootstrapSandbox() { |
| 93 return BootstrapSandboxPolicy::GetInstance()->sandbox(); |
| 94 } |
| 95 |
| 96 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 303293002:
Initialize the bootstrap sandbox in the browser process. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src