OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/renderer/renderer_main_platform_delegate.h" | 5 #include "content/renderer/renderer_main_platform_delegate.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "content/public/common/content_switches.h" | 9 #include "content/public/common/content_switches.h" |
10 | 10 |
(...skipping 17 matching lines...) Expand all Loading... | |
28 | 28 |
29 void RendererMainPlatformDelegate::PlatformUninitialize() { | 29 void RendererMainPlatformDelegate::PlatformUninitialize() { |
30 } | 30 } |
31 | 31 |
32 bool RendererMainPlatformDelegate::EnableSandbox() { | 32 bool RendererMainPlatformDelegate::EnableSandbox() { |
33 #ifdef USE_SECCOMP_BPF | 33 #ifdef USE_SECCOMP_BPF |
34 if (!base::CommandLine::ForCurrentProcess()->HasSwitch( | 34 if (!base::CommandLine::ForCurrentProcess()->HasSwitch( |
35 switches::kEnableSeccompFilterSandbox)) { | 35 switches::kEnableSeccompFilterSandbox)) { |
36 return true; | 36 return true; |
37 } | 37 } |
38 if (!sandbox::SandboxBPF::SupportsSeccompSandbox( | |
jln (very slow on Chromium)
2014/11/26 22:29:55
This is especially problematic since we don't have
Robert Sesek
2014/11/26 22:32:25
Right, if about:flags weren't WebUI I wouldn't hav
no sievers
2014/11/26 23:35:11
Yea you'd have to go to Settings -> Apps and erase
| |
39 sandbox::SandboxBPF::SeccompLevel::MULTI_THREADED)) { | |
40 LOG(WARNING) << "Seccomp-BPF sandbox enabled without kernel support. " | |
jln (very slow on Chromium)
2014/11/26 22:29:55
LOG(ERROR) at least?
| |
41 << "Ignoring flag and proceeding without seccomp sandbox."; | |
42 return true; | |
43 } | |
38 | 44 |
39 sandbox::SandboxBPF sandbox; | 45 sandbox::SandboxBPF sandbox; |
40 sandbox.SetSandboxPolicy(new SandboxBPFBasePolicyAndroid()); | 46 sandbox.SetSandboxPolicy(new SandboxBPFBasePolicyAndroid()); |
41 CHECK( | 47 CHECK( |
42 sandbox.StartSandbox(sandbox::SandboxBPF::SeccompLevel::MULTI_THREADED)); | 48 sandbox.StartSandbox(sandbox::SandboxBPF::SeccompLevel::MULTI_THREADED)); |
43 #endif | 49 #endif |
44 return true; | 50 return true; |
45 } | 51 } |
46 | 52 |
47 } // namespace content | 53 } // namespace content |
OLD | NEW |