linux: make seccomp sandbox also use OOP font loading

Within the SUID sandbox, we IPC up to the browser process when
we need to open font files.  We should do the same thing within
the seccomp sandbox.  (Note that in test_shell and in SELinux,
which uses finer grained file access permissions, we don't
need to do such a thing.)

BUG=26522

Review URL: http://codereview.chromium.org/1541002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@42986 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 29 insertions, 25 deletions

diff --git a/chrome/browser/zygote_main_linux.cc b/chrome/browser/zygote_main_linux.cc
index e8b5f7b..7d877bd 100644
--- a/chrome/browser/zygote_main_linux.cc
+++ b/chrome/browser/zygote_main_linux.cc
@@ -479,37 +479,41 @@ static void WarnOnceAboutBrokenDlsym() {
 // This function triggers the static and lazy construction of objects that need
 // to be created before imposing the sandbox.
 static void PreSandboxInit() {
-    base::RandUint64();
-
-    base::SysInfo::MaxSharedMemorySize();
-
-    // To make wcstombs/mbstowcs work in a renderer, setlocale() has to be
-    // called before the sandbox is triggered. It's possible to avoid calling
-    // setlocale() by pulling out the conversion between FilePath and
-    // WebCore String out of the renderer and using string16 in place of
-    // FilePath for IPC.
-    const char* locale = setlocale(LC_ALL, "");
-    LOG_IF(WARNING, locale == NULL) << "setlocale failed.";
-
-    // ICU DateFormat class (used in base/time_format.cc) needs to get the
-    // Olson timezone ID by accessing the zoneinfo files on disk. After
-    // TimeZone::createDefault is called once here, the timezone ID is
-    // cached and there's no more need to access the file system.
-    scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault());
-
-    FilePath module_path;
-    if (PathService::Get(base::DIR_MODULE, &module_path))
-      media::InitializeMediaLibrary(module_path);
+  base::RandUint64();
+
+  base::SysInfo::MaxSharedMemorySize();
+
+  // To make wcstombs/mbstowcs work in a renderer, setlocale() has to be
+  // called before the sandbox is triggered. It's possible to avoid calling
+  // setlocale() by pulling out the conversion between FilePath and
+  // WebCore String out of the renderer and using string16 in place of
+  // FilePath for IPC.
+  const char* locale = setlocale(LC_ALL, "");
+  LOG_IF(WARNING, locale == NULL) << "setlocale failed.";
+
+  // ICU DateFormat class (used in base/time_format.cc) needs to get the
+  // Olson timezone ID by accessing the zoneinfo files on disk. After
+  // TimeZone::createDefault is called once here, the timezone ID is
+  // cached and there's no more need to access the file system.
+  scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault());
+
+  FilePath module_path;
+  if (PathService::Get(base::DIR_MODULE, &module_path))
+    media::InitializeMediaLibrary(module_path);
 }
 
 #if !defined(CHROMIUM_SELINUX)
 static bool EnterSandbox() {
+  // The SUID sandbox sets this environment variable to a file descriptor
+  // over which we can signal that we have completed our startup and can be
+  // chrooted.
   const char* const sandbox_fd_string = getenv("SBX_D");
-  if (sandbox_fd_string) {
-    // The SUID sandbox sets this environment variable to a file descriptor
-    // over which we can signal that we have completed our startup and can be
-    // chrooted.
 
+  if (CommandLine::ForCurrentProcess()->HasSwitch(
+          switches::kEnableSeccompSandbox)) {
+    PreSandboxInit();
+    SkiaFontConfigUseIPCImplementation(kMagicSandboxIPCDescriptor);
+  } else if (sandbox_fd_string) {  // Use the SUID sandbox.
     g_suid_sandbox_active = true;
 
     char* endptr;