Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(633)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/public/common/content_switches.cc

Issue 792873004: Win32k lockdown: move to chrome://flags, add UMA, add finch (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: nits Created 6 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/public/common/content_switches.h ('k') | content/renderer/pepper/content_renderer_pepper_host_factory.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/public/common/content_switches.cc
diff --git a/content/public/common/content_switches.cc b/content/public/common/content_switches.cc
index 8e57a29a1420079fef74060612fea3023f6154c0..f04b5600b6c205ea8694221a0b1a1f137f02c949 100644
--- a/content/public/common/content_switches.cc
+++ b/content/public/common/content_switches.cc
@@ -5,6 +5,7 @@
#include "content/public/common/content_switches.h"
#include "base/command_line.h"
+#include "base/metrics/field_trial.h"
namespace switches {
@@ -981,11 +982,13 @@ const char kDeviceScaleFactor[] = "device-scale-factor";
// Disable the Legacy Window which corresponds to the size of the WebContents.
const char kDisableLegacyIntermediateWindow[] = "disable-legacy-window";
-// Enable the Win32K process mitigation policy for renderer processes which
-// prevents them from invoking user32 and gdi32 system calls which enter
-// the kernel. This is only supported on Windows 8 and beyond.
-const char kEnableWin32kRendererLockDown[]
- = "enable_win32k_renderer_lockdown";
+// Enables or disables the Win32K process mitigation policy for renderer
+// processes which prevents them from invoking user32 and gdi32 system calls
+// which enter the kernel. This is only supported on Windows 8 and beyond.
+const char kDisableWin32kRendererLockDown[] =
+ "disable-win32k-renderer-lockdown";
+const char kEnableWin32kRendererLockDown[] =
+ "enable-win32k-renderer-lockdown";
// DirectWrite FontCache is shared by browser to renderers using shared memory.
// This switch allows specifying suffix to shared memory section name to avoid
@@ -998,6 +1001,20 @@ const char kFontCacheSharedMemSuffix[] = "font-cache-shared-mem-suffix";
const char kEnablePluginPowerSaver[] = "enable-plugin-power-saver";
#endif
+#if defined(OS_WIN)
+bool IsWin32kRendererLockdownEnabled() {
+ const std::string group_name =
+ base::FieldTrialList::FindFullName("Win32kLockdown");
+ const base::CommandLine* cmd_line = CommandLine::ForCurrentProcess();
+ if (cmd_line->HasSwitch(kEnableWin32kRendererLockDown))
+ return true;
+ if (cmd_line->HasSwitch(kDisableWin32kRendererLockDown))
+ return false;
+ // Default.
+ return group_name == "Enabled";
+}
+#endif
+
// Don't dump stuff here, follow the same order as the header.
} // namespace switches
« no previous file with comments | « content/public/common/content_switches.h ('k') | content/renderer/pepper/content_renderer_pepper_host_factory.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698