| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| (...skipping 225 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 236 sizeof(session_id), &session_id_length)); | 236 sizeof(session_id), &session_id_length)); |
| 237 CloseHandle(token); | 237 CloseHandle(token); |
| 238 if (session_id) | 238 if (session_id) |
| 239 s_session_id = session_id; | 239 s_session_id = session_id; |
| 240 } | 240 } |
| 241 | 241 |
| 242 return base::StringPrintf(L"\\Sessions\\%d%ls", s_session_id, object); | 242 return base::StringPrintf(L"\\Sessions\\%d%ls", s_session_id, object); |
| 243 } | 243 } |
| 244 | 244 |
| 245 // Checks if the sandbox should be let to run without a job object assigned. | 245 // Checks if the sandbox should be let to run without a job object assigned. |
| 246 bool ShouldSetJobLevel(const CommandLine& cmd_line) { | 246 bool ShouldSetJobLevel(const base::CommandLine& cmd_line) { |
| 247 if (!cmd_line.HasSwitch(switches::kAllowNoSandboxJob)) | 247 if (!cmd_line.HasSwitch(switches::kAllowNoSandboxJob)) |
| 248 return true; | 248 return true; |
| 249 | 249 |
| 250 // Windows 8 allows nested jobs so we don't need to check if we are in other | 250 // Windows 8 allows nested jobs so we don't need to check if we are in other |
| 251 // job. | 251 // job. |
| 252 if (base::win::GetVersion() >= base::win::VERSION_WIN8) | 252 if (base::win::GetVersion() >= base::win::VERSION_WIN8) |
| 253 return true; | 253 return true; |
| 254 | 254 |
| 255 BOOL in_job = true; | 255 BOOL in_job = true; |
| 256 // Either there is no job yet associated so we must add our job, | 256 // Either there is no job yet associated so we must add our job, |
| (...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 372 if (sandbox::SBOX_ALL_OK != policy->SetAlternateDesktop(true)) { | 372 if (sandbox::SBOX_ALL_OK != policy->SetAlternateDesktop(true)) { |
| 373 DLOG(WARNING) << "Failed to apply desktop security to the renderer"; | 373 DLOG(WARNING) << "Failed to apply desktop security to the renderer"; |
| 374 } | 374 } |
| 375 | 375 |
| 376 return true; | 376 return true; |
| 377 } | 377 } |
| 378 | 378 |
| 379 // Updates the command line arguments with debug-related flags. If debug flags | 379 // Updates the command line arguments with debug-related flags. If debug flags |
| 380 // have been used with this process, they will be filtered and added to | 380 // have been used with this process, they will be filtered and added to |
| 381 // command_line as needed. | 381 // command_line as needed. |
| 382 void ProcessDebugFlags(CommandLine* command_line) { | 382 void ProcessDebugFlags(base::CommandLine* command_line) { |
| 383 const CommandLine& current_cmd_line = *CommandLine::ForCurrentProcess(); | 383 const base::CommandLine& current_cmd_line = |
| 384 *base::CommandLine::ForCurrentProcess(); |
| 384 std::string type = command_line->GetSwitchValueASCII(switches::kProcessType); | 385 std::string type = command_line->GetSwitchValueASCII(switches::kProcessType); |
| 385 if (current_cmd_line.HasSwitch(switches::kWaitForDebuggerChildren)) { | 386 if (current_cmd_line.HasSwitch(switches::kWaitForDebuggerChildren)) { |
| 386 // Look to pass-on the kWaitForDebugger flag. | 387 // Look to pass-on the kWaitForDebugger flag. |
| 387 std::string value = current_cmd_line.GetSwitchValueASCII( | 388 std::string value = current_cmd_line.GetSwitchValueASCII( |
| 388 switches::kWaitForDebuggerChildren); | 389 switches::kWaitForDebuggerChildren); |
| 389 if (value.empty() || value == type) { | 390 if (value.empty() || value == type) { |
| 390 command_line->AppendSwitch(switches::kWaitForDebugger); | 391 command_line->AppendSwitch(switches::kWaitForDebugger); |
| 391 } | 392 } |
| 392 command_line->AppendSwitchASCII(switches::kWaitForDebuggerChildren, value); | 393 command_line->AppendSwitchASCII(switches::kWaitForDebuggerChildren, value); |
| 393 } | 394 } |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 493 // Callers use CHECK macro to make sure we get the right stack. | 494 // Callers use CHECK macro to make sure we get the right stack. |
| 494 CheckDuplicateHandle(handle); | 495 CheckDuplicateHandle(handle); |
| 495 } | 496 } |
| 496 | 497 |
| 497 return TRUE; | 498 return TRUE; |
| 498 } | 499 } |
| 499 #endif | 500 #endif |
| 500 | 501 |
| 501 } // namespace | 502 } // namespace |
| 502 | 503 |
| 503 void SetJobLevel(const CommandLine& cmd_line, | 504 void SetJobLevel(const base::CommandLine& cmd_line, |
| 504 sandbox::JobLevel job_level, | 505 sandbox::JobLevel job_level, |
| 505 uint32 ui_exceptions, | 506 uint32 ui_exceptions, |
| 506 sandbox::TargetPolicy* policy) { | 507 sandbox::TargetPolicy* policy) { |
| 507 if (ShouldSetJobLevel(cmd_line)) { | 508 if (ShouldSetJobLevel(cmd_line)) { |
| 508 #ifdef _WIN64 | 509 #ifdef _WIN64 |
| 509 policy->SetJobMemoryLimit(4ULL * 1024 * 1024 * 1024); | 510 policy->SetJobMemoryLimit(4ULL * 1024 * 1024 * 1024); |
| 510 #endif | 511 #endif |
| 511 policy->SetJobLevel(job_level, ui_exceptions); | 512 policy->SetJobLevel(job_level, ui_exceptions); |
| 512 } else { | 513 } else { |
| 513 policy->SetJobLevel(sandbox::JOB_NONE, 0); | 514 policy->SetJobLevel(sandbox::JOB_NONE, 0); |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 579 | 580 |
| 580 base::win::OSInfo::VersionNumber os_version = | 581 base::win::OSInfo::VersionNumber os_version = |
| 581 base::win::OSInfo::GetInstance()->version_number(); | 582 base::win::OSInfo::GetInstance()->version_number(); |
| 582 if ((os_version.major == 6) && (os_version.minor == 1)) { | 583 if ((os_version.major == 6) && (os_version.minor == 1)) { |
| 583 // We can't use DirectWrite for pre-release versions of Windows 7. | 584 // We can't use DirectWrite for pre-release versions of Windows 7. |
| 584 if (os_version.build < 7600) | 585 if (os_version.build < 7600) |
| 585 return false; | 586 return false; |
| 586 } | 587 } |
| 587 | 588 |
| 588 // If forced off, don't use it. | 589 // If forced off, don't use it. |
| 589 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); | 590 const base::CommandLine& command_line = |
| 591 *base::CommandLine::ForCurrentProcess(); |
| 590 if (command_line.HasSwitch(switches::kDisableDirectWrite)) | 592 if (command_line.HasSwitch(switches::kDisableDirectWrite)) |
| 591 return false; | 593 return false; |
| 592 | 594 |
| 593 #if !defined(NACL_WIN64) | 595 #if !defined(NACL_WIN64) |
| 594 // Can't use GDI on HiDPI. | 596 // Can't use GDI on HiDPI. |
| 595 if (gfx::GetDPIScale() > 1.0f) | 597 if (gfx::GetDPIScale() > 1.0f) |
| 596 return true; | 598 return true; |
| 597 #endif | 599 #endif |
| 598 | 600 |
| 599 // Otherwise, check the field trial. | 601 // Otherwise, check the field trial. |
| 600 const std::string group_name = | 602 const std::string group_name = |
| 601 base::FieldTrialList::FindFullName("DirectWrite"); | 603 base::FieldTrialList::FindFullName("DirectWrite"); |
| 602 return group_name != "Disabled"; | 604 return group_name != "Disabled"; |
| 603 } | 605 } |
| 604 | 606 |
| 605 base::ProcessHandle StartSandboxedProcess( | 607 base::ProcessHandle StartSandboxedProcess( |
| 606 SandboxedProcessLauncherDelegate* delegate, | 608 SandboxedProcessLauncherDelegate* delegate, |
| 607 CommandLine* cmd_line) { | 609 base::CommandLine* cmd_line) { |
| 608 const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess(); | 610 const base::CommandLine& browser_command_line = |
| 611 *base::CommandLine::ForCurrentProcess(); |
| 609 std::string type_str = cmd_line->GetSwitchValueASCII(switches::kProcessType); | 612 std::string type_str = cmd_line->GetSwitchValueASCII(switches::kProcessType); |
| 610 | 613 |
| 611 TRACE_EVENT_BEGIN_ETW("StartProcessWithAccess", 0, type_str); | 614 TRACE_EVENT_BEGIN_ETW("StartProcessWithAccess", 0, type_str); |
| 612 | 615 |
| 613 // Propagate the --allow-no-job flag if present. | 616 // Propagate the --allow-no-job flag if present. |
| 614 if (browser_command_line.HasSwitch(switches::kAllowNoSandboxJob) && | 617 if (browser_command_line.HasSwitch(switches::kAllowNoSandboxJob) && |
| 615 !cmd_line->HasSwitch(switches::kAllowNoSandboxJob)) { | 618 !cmd_line->HasSwitch(switches::kAllowNoSandboxJob)) { |
| 616 cmd_line->AppendSwitch(switches::kAllowNoSandboxJob); | 619 cmd_line->AppendSwitch(switches::kAllowNoSandboxJob); |
| 617 } | 620 } |
| 618 | 621 |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 781 } | 784 } |
| 782 | 785 |
| 783 return false; | 786 return false; |
| 784 } | 787 } |
| 785 | 788 |
| 786 bool BrokerAddTargetPeer(HANDLE peer_process) { | 789 bool BrokerAddTargetPeer(HANDLE peer_process) { |
| 787 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 790 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
| 788 } | 791 } |
| 789 | 792 |
| 790 } // namespace content | 793 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 456513002:
Add base:: qualification to some CommandLine references in content. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src