Support for unsandboxed out-of-process pepper.

Breaking apart changes in http://codereview.chromium.org/8041002/ to only
include the infrastructure portion, as well as merging to account for moving
PepperPluginInfo into content/public/common/pepper_plugin_info.*


BUG=none
TEST=Manual, set is_sandboxed to false in chrome_content_client and observe


Review URL: http://codereview.chromium.org/8477007

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@109141 0039d316-1c4b-4281-b951-d872f2087c98

8 files changed, 38 insertions, 12 deletions

diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd
index 6f43adb..230f67f 100644
--- a/chrome/app/generated_resources.grd
+++ b/chrome/app/generated_resources.grd
@@ -4327,6 +4327,9 @@ Keep your key file in a safe place. You will need it to create new versions of y
       <message name="IDS_PLUGINS_PPAPI_OUT_OF_PROCESS" desc="Text that indicates the plugin is an out-of-process PPAPI plugin.">
         PPAPI (out-of-process)
       </message>
+      <message name="IDS_PLUGINS_PPAPI_UNSANDBOXED" desc="Text that indicates the plugin is an unsandboxed out-of-process PPAPI plugin.">
+        PPAPI (unsandboxed)
+      </message>
 
       <!-- about:policy -->
       <message name="IDS_POLICY_TITLE" desc="The title for the about:policies page.">
diff --git a/chrome/browser/ui/webui/plugins_ui.cc b/chrome/browser/ui/webui/plugins_ui.cc
index 8dd9f04..2f38152 100644
--- a/chrome/browser/ui/webui/plugins_ui.cc
+++ b/chrome/browser/ui/webui/plugins_ui.cc
@@ -93,6 +93,8 @@ string16 PluginTypeToString(int type) {
       return l10n_util::GetStringUTF16(IDS_PLUGINS_PPAPI_IN_PROCESS);
     case WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS:
       return l10n_util::GetStringUTF16(IDS_PLUGINS_PPAPI_OUT_OF_PROCESS);
+    case WebPluginInfo::PLUGIN_TYPE_PEPPER_UNSANDBOXED:
+      return l10n_util::GetStringUTF16(IDS_PLUGINS_PPAPI_UNSANDBOXED);
   }
   NOTREACHED();
   return string16();
diff --git a/content/browser/ppapi_plugin_process_host.cc b/content/browser/ppapi_plugin_process_host.cc
index eea898d..f123149 100644
--- a/content/browser/ppapi_plugin_process_host.cc
+++ b/content/browser/ppapi_plugin_process_host.cc
@@ -157,14 +157,18 @@ bool PpapiPluginProcessHost::Init(const content::PepperPluginInfo& info) {
   if (!plugin_launcher.empty())
     cmd_line->PrependWrapper(plugin_launcher);
 
-  // On posix, having a plugin launcher means we need to use another process
-  // instead of just forking the zygote.
+  // On posix, never use the zygote for the broker. Also, only use the zygote if
+  // the plugin is sandboxed, and we are not using a plugin launcher - having a
+  // plugin launcher means we need to use another process instead of just
+  // forking the zygote.
+#if defined(OS_POSIX)
+  bool use_zygote = !is_broker_ && plugin_launcher.empty() && info.is_sandboxed;
+#endif  // OS_POSIX
   Launch(
 #if defined(OS_WIN)
       FilePath(),
 #elif defined(OS_POSIX)
-      is_broker_ ? false  // Never use the zygote for the broker.
-                 : plugin_launcher.empty(),
+      use_zygote,
       base::environment_vector(),
 #endif
       cmd_line);
diff --git a/content/common/pepper_plugin_registry.cc b/content/common/pepper_plugin_registry.cc
index 2316ec8..be7529d 100644
--- a/content/common/pepper_plugin_registry.cc
+++ b/content/common/pepper_plugin_registry.cc
@@ -79,7 +79,9 @@ webkit::WebPluginInfo content::PepperPluginInfo::ToWebPluginInfo() const {
   webkit::WebPluginInfo info;
 
   info.type = is_out_of_process ?
-      webkit::WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS :
+      (is_sandboxed ?
+        webkit::WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS :
+        webkit::WebPluginInfo::PLUGIN_TYPE_PEPPER_UNSANDBOXED) :
       webkit::WebPluginInfo::PLUGIN_TYPE_PEPPER_IN_PROCESS;
 
   info.name = name.empty() ?
@@ -97,9 +99,9 @@ bool MakePepperPluginInfo(const webkit::WebPluginInfo& webplugin_info,
   if (!webkit::IsPepperPlugin(webplugin_info))
     return false;
 
-  pepper_info->is_out_of_process =
-      webplugin_info.type ==
-          webkit::WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS;
+  pepper_info->is_out_of_process = webkit::IsOutOfProcessPlugin(webplugin_info);
+  pepper_info->is_sandboxed = webplugin_info.type !=
+      webkit::WebPluginInfo::PLUGIN_TYPE_PEPPER_UNSANDBOXED;
 
   pepper_info->path = FilePath(webplugin_info.path);
   pepper_info->name = UTF16ToASCII(webplugin_info.name);
@@ -131,7 +133,7 @@ void PepperPluginRegistry::PreloadModules() {
   std::vector<content::PepperPluginInfo> plugins;
   ComputeList(&plugins);
   for (size_t i = 0; i < plugins.size(); ++i) {
-    if (!plugins[i].is_internal) {
+    if (!plugins[i].is_internal && plugins[i].is_sandboxed) {
       std::string error;
       base::NativeLibrary library = base::LoadNativeLibrary(plugins[i].path,
                                                             &error);
diff --git a/content/public/common/pepper_plugin_info.cc b/content/public/common/pepper_plugin_info.cc
index 82b6c61..54150da 100644
--- a/content/public/common/pepper_plugin_info.cc
+++ b/content/public/common/pepper_plugin_info.cc
@@ -8,7 +8,8 @@ namespace content {
 
 PepperPluginInfo::PepperPluginInfo()
     : is_internal(false),
-      is_out_of_process(false) {
+      is_out_of_process(false),
+      is_sandboxed(true) {
 }
 
 PepperPluginInfo::~PepperPluginInfo() {
diff --git a/content/public/common/pepper_plugin_info.h b/content/public/common/pepper_plugin_info.h
index 01c8c23..f17cb30 100644
--- a/content/public/common/pepper_plugin_info.h
+++ b/content/public/common/pepper_plugin_info.h
@@ -31,6 +31,10 @@ struct CONTENT_EXPORT PepperPluginInfo {
   // True when this plugin should be run out of process. Defaults to false.
   bool is_out_of_process;
 
+  // True when an out-of-process plugin should also be run within sandbox.
+  // Defaults to true.
+  bool is_sandboxed;
+
   FilePath path;  // Internal plugins have "internal-[name]" as path.
   std::string name;
   std::string description;
diff --git a/webkit/plugins/webplugininfo.cc b/webkit/plugins/webplugininfo.cc
index 031dd40..bfd473c 100644
--- a/webkit/plugins/webplugininfo.cc
+++ b/webkit/plugins/webplugininfo.cc
@@ -60,7 +60,14 @@ WebPluginInfo::WebPluginInfo(const string16& fake_name,
 
 bool IsPepperPlugin(const WebPluginInfo& plugin) {
   return ((plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_IN_PROCESS ) ||
-          plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS);
+          (plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS) ||
+          (plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_UNSANDBOXED));
+}
+
+bool IsOutOfProcessPlugin(const WebPluginInfo& plugin) {
+  return ((plugin.type == WebPluginInfo::PLUGIN_TYPE_NPAPI) ||
+          (plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS) ||
+          (plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_UNSANDBOXED));
 }
 
 }  // namespace webkit
diff --git a/webkit/plugins/webplugininfo.h b/webkit/plugins/webplugininfo.h
index b7bb4d3..bb633f8e 100644
--- a/webkit/plugins/webplugininfo.h
+++ b/webkit/plugins/webplugininfo.h
@@ -41,7 +41,8 @@ struct WebPluginInfo {
   enum PluginType {
     PLUGIN_TYPE_NPAPI,
     PLUGIN_TYPE_PEPPER_IN_PROCESS,
-    PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS
+    PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS,
+    PLUGIN_TYPE_PEPPER_UNSANDBOXED
   };
 
   WebPluginInfo();
@@ -77,6 +78,8 @@ struct WebPluginInfo {
 // Checks whether a plugin is a Pepper plugin, enabled or disabled.
 bool IsPepperPlugin(const WebPluginInfo& plugin);
 
+bool IsOutOfProcessPlugin(const WebPluginInfo& plugin);
+
 }  // namespace webkit
 
 #endif  // WEBKIT_PLUGINS_WEBPLUGININFO_H_