Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(820)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/sandbox_win.cc

Issue 319573006: Add sandbox support for process memory limits (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: build fix Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | sandbox/win/src/broker_services.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/common/sandbox_win.h" 5 #include "content/common/sandbox_win.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/base_switches.h" 9 #include "base/base_switches.h"
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 478 matching lines...) Expand 10 before | Expand all | Expand 10 after
489 return TRUE; 489 return TRUE;
490 } 490 }
491 #endif 491 #endif
492 492
493 } // namespace 493 } // namespace
494 494
495 void SetJobLevel(const CommandLine& cmd_line, 495 void SetJobLevel(const CommandLine& cmd_line,
496 sandbox::JobLevel job_level, 496 sandbox::JobLevel job_level,
497 uint32 ui_exceptions, 497 uint32 ui_exceptions,
498 sandbox::TargetPolicy* policy) { 498 sandbox::TargetPolicy* policy) {
499 if (ShouldSetJobLevel(cmd_line)) 499 if (ShouldSetJobLevel(cmd_line)) {
500 #ifdef _WIN64
501 policy->SetJobMemoryLimit(4ULL * 1024 * 1024 * 1024);
502 #endif
500 policy->SetJobLevel(job_level, ui_exceptions); 503 policy->SetJobLevel(job_level, ui_exceptions);
501 else 504 } else {
502 policy->SetJobLevel(sandbox::JOB_NONE, 0); 505 policy->SetJobLevel(sandbox::JOB_NONE, 0);
506 }
503 } 507 }
504 508
505 // TODO(jschuh): Need get these restrictions applied to NaCl and Pepper. 509 // TODO(jschuh): Need get these restrictions applied to NaCl and Pepper.
506 // Just have to figure out what needs to be warmed up first. 510 // Just have to figure out what needs to be warmed up first.
507 void AddBaseHandleClosePolicy(sandbox::TargetPolicy* policy) { 511 void AddBaseHandleClosePolicy(sandbox::TargetPolicy* policy) {
508 // TODO(cpu): Add back the BaseNamedObjects policy. 512 // TODO(cpu): Add back the BaseNamedObjects policy.
509 base::string16 object_path = PrependWindowsSessionPath( 513 base::string16 object_path = PrependWindowsSessionPath(
510 L"\\BaseNamedObjects\\windows_shell_global_counters"); 514 L"\\BaseNamedObjects\\windows_shell_global_counters");
511 policy->AddKernelObjectToClose(L"Section", object_path.data()); 515 policy->AddKernelObjectToClose(L"Section", object_path.data());
512 } 516 }
(...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after
741 } 745 }
742 746
743 return false; 747 return false;
744 } 748 }
745 749
746 bool BrokerAddTargetPeer(HANDLE peer_process) { 750 bool BrokerAddTargetPeer(HANDLE peer_process) {
747 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; 751 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK;
748 } 752 }
749 753
750 } // namespace content 754 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | sandbox/win/src/broker_services.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698