Initialize the bootstrap sandbox in the browser process.

content/browser/child_process_launcher.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/child_process_launcher.h"
 
 #include <utility>  // For std::pair.
 
 #include "base/bind.h"
 #include "base/command_line.h"
@@ skipping 10 matching lines @@
 #include "content/public/common/content_descriptors.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/result_codes.h"
 #include "content/public/common/sandboxed_process_launcher_delegate.h"
 
 #if defined(OS_WIN)
 #include "base/files/file_path.h"
 #include "content/common/sandbox_win.h"
 #include "content/public/common/sandbox_init.h"
 #elif defined(OS_MACOSX)
+#include "content/browser/bootstrap_sandbox_mac.h"
 #include "content/browser/mach_broker_mac.h"
+#include "sandbox/mac/bootstrap_sandbox.h"
 #elif defined(OS_ANDROID)
 #include "base/android/jni_android.h"
 #include "content/browser/android/child_process_launcher_android.h"
 #elif defined(OS_POSIX)
 #include "base/memory/shared_memory.h"
 #include "base/memory/singleton.h"
 #include "content/browser/renderer_host/render_sandbox_host_linux.h"
 #include "content/browser/zygote_host/zygote_host_impl_linux.h"
 #include "content/common/child_process_sandbox_support_impl_linux.h"
 #endif
@@ skipping 233 matching lines @@
       // record of the launch will wait until after the placeholder PID is
       // inserted below. This ensures that while the child process may send its
       // port to the parent prior to the parent leaving LaunchProcess, the
       // order in which the record in MachBroker is updated is correct.
       MachBroker* broker = MachBroker::GetInstance();
       broker->GetLock().Acquire();
 
       // Make sure the MachBroker is running, and inform it to expect a
       // check-in from the new process.
       broker->EnsureRunning();
+
+      const int bootstrap_sandbox_policy = delegate->GetSandboxType();
+      if (ShouldEnableBootstrapSandbox() &&
+          bootstrap_sandbox_policy != SANDBOX_TYPE_INVALID) {
+        GetBootstrapSandbox()->PrepareToForkWithPolicy(
+            bootstrap_sandbox_policy);
+      }
 #endif  // defined(OS_MACOSX)
 
       bool launched = base::LaunchProcess(*cmd_line, options, &handle);
+      if (!launched)
+        handle = base::kNullProcessHandle;
 
 #if defined(OS_MACOSX)
+      if (ShouldEnableBootstrapSandbox() &&
+          bootstrap_sandbox_policy != SANDBOX_TYPE_INVALID) {
+        GetBootstrapSandbox()->FinishedFork(handle);
+      }
+
       if (launched)
         broker->AddPlaceholderForPid(handle);
 
       // After updating the broker, release the lock and let the child's
       // messasge be processed on the broker's thread.
       broker->GetLock().Release();
 #endif  // defined(OS_MACOSX)
-
-      if (!launched)
-        handle = base::kNullProcessHandle;
     }
 #endif  // else defined(OS_POSIX)
 #if !defined(OS_ANDROID)
   if (handle)
     RecordHistograms(begin_launch_time);
   BrowserThread::PostTask(
       client_thread_id, FROM_HERE,
       base::Bind(
           &Context::Notify,
           this_object.get(),
@@ skipping 192 matching lines @@
           GetHandle(), background));
 }
 
 void ChildProcessLauncher::SetTerminateChildOnShutdown(
     bool terminate_on_shutdown) {
   if (context_.get())
     context_->set_terminate_child_on_shutdown(terminate_on_shutdown);
 }
 
 }  // namespace content