| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| 11 #include "base/debug/profiler.h" | 11 #include "base/debug/profiler.h" |
| 12 #include "base/debug/trace_event.h" | 12 #include "base/debug/trace_event.h" |
| 13 #include "base/files/file_util.h" | 13 #include "base/files/file_util.h" |
| 14 #include "base/hash.h" | 14 #include "base/hash.h" |
| 15 #include "base/metrics/field_trial.h" | |
| 16 #include "base/path_service.h" | 15 #include "base/path_service.h" |
| 17 #include "base/process/launch.h" | 16 #include "base/process/launch.h" |
| 18 #include "base/strings/string_util.h" | 17 #include "base/strings/string_util.h" |
| 19 #include "base/strings/stringprintf.h" | 18 #include "base/strings/stringprintf.h" |
| 20 #include "base/win/iat_patch_function.h" | 19 #include "base/win/iat_patch_function.h" |
| 21 #include "base/win/scoped_handle.h" | 20 #include "base/win/scoped_handle.h" |
| 22 #include "base/win/scoped_process_information.h" | 21 #include "base/win/scoped_process_information.h" |
| 23 #include "base/win/windows_version.h" | 22 #include "base/win/windows_version.h" |
| 24 #include "content/public/common/content_client.h" | 23 #include "content/public/common/content_client.h" |
| 25 #include "content/public/common/content_switches.h" | 24 #include "content/public/common/content_switches.h" |
| 26 #include "content/public/common/sandbox_init.h" | 25 #include "content/public/common/sandbox_init.h" |
| 27 #include "content/public/common/sandboxed_process_launcher_delegate.h" | 26 #include "content/public/common/sandboxed_process_launcher_delegate.h" |
| 28 #include "sandbox/win/src/process_mitigations.h" | 27 #include "sandbox/win/src/process_mitigations.h" |
| 29 #include "sandbox/win/src/sandbox.h" | 28 #include "sandbox/win/src/sandbox.h" |
| 30 #include "sandbox/win/src/sandbox_nt_util.h" | 29 #include "sandbox/win/src/sandbox_nt_util.h" |
| 31 #include "sandbox/win/src/win_utils.h" | 30 #include "sandbox/win/src/win_utils.h" |
| 32 #include "ui/gfx/win/dpi.h" | 31 #include "ui/gfx/win/direct_write.h" |
| 33 | 32 |
| 34 static sandbox::BrokerServices* g_broker_services = NULL; | 33 static sandbox::BrokerServices* g_broker_services = NULL; |
| 35 static sandbox::TargetServices* g_target_services = NULL; | 34 static sandbox::TargetServices* g_target_services = NULL; |
| 36 | 35 |
| 37 namespace content { | 36 namespace content { |
| 38 namespace { | 37 namespace { |
| 39 | 38 |
| 40 // The DLLs listed here are known (or under strong suspicion) of causing crashes | 39 // The DLLs listed here are known (or under strong suspicion) of causing crashes |
| 41 // when they are loaded in the renderer. Note: at runtime we generate short | 40 // when they are loaded in the renderer. Note: at runtime we generate short |
| 42 // versions of the dll name only if the dll has an extension. | 41 // versions of the dll name only if the dll has an extension. |
| (...skipping 528 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 571 } | 570 } |
| 572 | 571 |
| 573 bool InitTargetServices(sandbox::TargetServices* target_services) { | 572 bool InitTargetServices(sandbox::TargetServices* target_services) { |
| 574 DCHECK(target_services); | 573 DCHECK(target_services); |
| 575 DCHECK(!g_target_services); | 574 DCHECK(!g_target_services); |
| 576 sandbox::ResultCode result = target_services->Init(); | 575 sandbox::ResultCode result = target_services->Init(); |
| 577 g_target_services = target_services; | 576 g_target_services = target_services; |
| 578 return sandbox::SBOX_ALL_OK == result; | 577 return sandbox::SBOX_ALL_OK == result; |
| 579 } | 578 } |
| 580 | 579 |
| 581 bool ShouldUseDirectWrite() { | |
| 582 // If the flag is currently on, and we're on Win7 or above, we enable | |
| 583 // DirectWrite. Skia does not require the additions to DirectWrite in QFE | |
| 584 // 2670838, but a simple 'better than XP' check is not enough. | |
| 585 if (base::win::GetVersion() < base::win::VERSION_WIN7) | |
| 586 return false; | |
| 587 | |
| 588 base::win::OSInfo::VersionNumber os_version = | |
| 589 base::win::OSInfo::GetInstance()->version_number(); | |
| 590 if ((os_version.major == 6) && (os_version.minor == 1)) { | |
| 591 // We can't use DirectWrite for pre-release versions of Windows 7. | |
| 592 if (os_version.build < 7600) | |
| 593 return false; | |
| 594 } | |
| 595 | |
| 596 // If forced off, don't use it. | |
| 597 const base::CommandLine& command_line = | |
| 598 *base::CommandLine::ForCurrentProcess(); | |
| 599 if (command_line.HasSwitch(switches::kDisableDirectWrite)) | |
| 600 return false; | |
| 601 | |
| 602 #if !defined(NACL_WIN64) | |
| 603 // Can't use GDI on HiDPI. | |
| 604 if (gfx::GetDPIScale() > 1.0f) | |
| 605 return true; | |
| 606 #endif | |
| 607 | |
| 608 // Otherwise, check the field trial. | |
| 609 const std::string group_name = | |
| 610 base::FieldTrialList::FindFullName("DirectWrite"); | |
| 611 return group_name != "Disabled"; | |
| 612 } | |
| 613 | |
| 614 base::ProcessHandle StartSandboxedProcess( | 580 base::ProcessHandle StartSandboxedProcess( |
| 615 SandboxedProcessLauncherDelegate* delegate, | 581 SandboxedProcessLauncherDelegate* delegate, |
| 616 base::CommandLine* cmd_line) { | 582 base::CommandLine* cmd_line) { |
| 617 const base::CommandLine& browser_command_line = | 583 const base::CommandLine& browser_command_line = |
| 618 *base::CommandLine::ForCurrentProcess(); | 584 *base::CommandLine::ForCurrentProcess(); |
| 619 std::string type_str = cmd_line->GetSwitchValueASCII(switches::kProcessType); | 585 std::string type_str = cmd_line->GetSwitchValueASCII(switches::kProcessType); |
| 620 | 586 |
| 621 TRACE_EVENT_BEGIN_ETW("StartProcessWithAccess", 0, type_str); | 587 TRACE_EVENT_BEGIN_ETW("StartProcessWithAccess", 0, type_str); |
| 622 | 588 |
| 623 // Propagate the --allow-no-job flag if present. | 589 // Propagate the --allow-no-job flag if present. |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 675 | 641 |
| 676 bool disable_default_policy = false; | 642 bool disable_default_policy = false; |
| 677 base::FilePath exposed_dir; | 643 base::FilePath exposed_dir; |
| 678 if (delegate) | 644 if (delegate) |
| 679 delegate->PreSandbox(&disable_default_policy, &exposed_dir); | 645 delegate->PreSandbox(&disable_default_policy, &exposed_dir); |
| 680 | 646 |
| 681 if (!disable_default_policy && !AddPolicyForSandboxedProcess(policy)) | 647 if (!disable_default_policy && !AddPolicyForSandboxedProcess(policy)) |
| 682 return 0; | 648 return 0; |
| 683 | 649 |
| 684 if (type_str == switches::kRendererProcess) { | 650 if (type_str == switches::kRendererProcess) { |
| 685 if (ShouldUseDirectWrite()) { | 651 #if !defined(NACL_WIN64) |
| 652 if (gfx::win::ShouldUseDirectWrite()) { |
| 686 AddDirectory(base::DIR_WINDOWS_FONTS, | 653 AddDirectory(base::DIR_WINDOWS_FONTS, |
| 687 NULL, | 654 NULL, |
| 688 true, | 655 true, |
| 689 sandbox::TargetPolicy::FILES_ALLOW_READONLY, | 656 sandbox::TargetPolicy::FILES_ALLOW_READONLY, |
| 690 policy); | 657 policy); |
| 691 } | 658 } |
| 659 #endif |
| 692 } else { | 660 } else { |
| 693 // Hack for Google Desktop crash. Trick GD into not injecting its DLL into | 661 // Hack for Google Desktop crash. Trick GD into not injecting its DLL into |
| 694 // this subprocess. See | 662 // this subprocess. See |
| 695 // http://code.google.com/p/chromium/issues/detail?id=25580 | 663 // http://code.google.com/p/chromium/issues/detail?id=25580 |
| 696 cmd_line->AppendSwitchASCII("ignored", " --type=renderer "); | 664 cmd_line->AppendSwitchASCII("ignored", " --type=renderer "); |
| 697 } | 665 } |
| 698 | 666 |
| 699 sandbox::ResultCode result; | 667 sandbox::ResultCode result; |
| 700 if (!exposed_dir.empty()) { | 668 if (!exposed_dir.empty()) { |
| 701 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, | 669 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 791 } | 759 } |
| 792 | 760 |
| 793 return false; | 761 return false; |
| 794 } | 762 } |
| 795 | 763 |
| 796 bool BrokerAddTargetPeer(HANDLE peer_process) { | 764 bool BrokerAddTargetPeer(HANDLE peer_process) { |
| 797 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 765 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
| 798 } | 766 } |
| 799 | 767 |
| 800 } // namespace content | 768 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 644813004:
Move the ShouldUseDirectWrite function from sandbox_win.cc/.h to ui/gfx/win/dpi.cc/.h. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master