chrome/utility/chrome_content_utility_client.cc - Issue 98603007: Launches a privileged utility process.

Unified Diff: chrome/utility/chrome_content_utility_client.cc

Issue 98603007: Launches a privileged utility process. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Mostly test cleanup. Created 6 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« base/process/launch.h ('K') | « chrome/utility/chrome_content_utility_client.h ('k') | chrome/utility/chrome_content_utility_client_unittest.cc » ('j') | chrome/utility/chrome_content_utility_client_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/utility/chrome_content_utility_client.cc

diff --git a/chrome/utility/chrome_content_utility_client.cc b/chrome/utility/chrome_content_utility_client.cc

index b8f83f05c01132a69070929806b3baef7ea0d665..42cd9a59169064e6d2f32911d7d7e9b6784bf261 100644

--- a/chrome/utility/chrome_content_utility_client.cc

+++ b/chrome/utility/chrome_content_utility_client.cc

@@ -67,6 +67,13 @@ namespace chrome {

namespace {

+// This whitelist is the default list of whitelist entries when running

+// elevated.

+const size_t kMessageWhitelistSize = 0;

+const uint32 kMessageWhitelist[] = {

+ 0

+};

bool Send(IPC::Message* message) {

return content::UtilityThread::Get()->Send(message);

}

@@ -77,9 +84,10 @@ void ReleaseProcessIfNeeded() {

} // namespace

-ChromeContentUtilityClient::ChromeContentUtilityClient() {

+ChromeContentUtilityClient::ChromeContentUtilityClient()

+ : filter_messages_(false) {

mef 2014/01/10 18:22:55 nit: tab

Drew Haven 2014/01/16 02:52:05 Done.

#if !defined(OS_ANDROID)

- handlers_.push_back(new ProfileImportHandler());

+ handlers_.push_back(new ProfileImportHandler());

mef 2014/01/10 18:22:55 nit: tab not needed?

Drew Haven 2014/01/16 02:52:05 Thanks. My windows vim indentation-config needs n

#endif // OS_ANDROID

#if defined(ENABLE_MDNS)

@@ -109,10 +117,27 @@ void ChromeContentUtilityClient::UtilityThreadStarted() {

std::string lang = command_line->GetSwitchValueASCII(switches::kLang);

if (!lang.empty())

extension_l10n_util::SetProcessLocale(lang);

+ if (command_line->HasSwitch(switches::kUtilityProcessRunningElevated)) {

+ DVLOG(0) << "Running elevated, restricting messages.";

+ for (size_t i = 0; i < kMessageWhitelistSize; i++) {

+ DVLOG(0) << "Adding " << kMessageWhitelist[i] << " to whitelist.";

+ message_id_whitelist_.insert(kMessageWhitelist[i]);

+ }

+ filter_messages_ = true;

+ }

}

bool ChromeContentUtilityClient::OnMessageReceived(

const IPC::Message& message) {

+ if (filter_messages_

+ && message_id_whitelist_.find(message.type())

+ == message_id_whitelist_.end()) {

+ DVLOG(0) << "Rejecting message for not being in whitelist: "

+ << message.type();

+ return false;

+ }

bool handled = true;

IPC_BEGIN_MESSAGE_MAP(ChromeContentUtilityClient, message)

IPC_MESSAGE_HANDLER(ChromeUtilityMsg_UnpackExtension, OnUnpackExtension)

@@ -179,6 +204,15 @@ void ChromeContentUtilityClient::PreSandboxStartup() {

media::InitializeMediaLibrary(media_path);

}

+void ChromeContentUtilityClient::AddHandler(UtilityMessageHandler* handler) {

+ handlers_.push_back(handler);

+void ChromeContentUtilityClient::AddWhitelistMessageType(int message_type) {

+ DVLOG(0) << "Adding " << message_type << " to whitelist.";

+ message_id_whitelist_.insert(message_type);

void ChromeContentUtilityClient::OnUnpackExtension(

const base::FilePath& extension_path,

const std::string& extension_id,