diff options
| author | gregoryd@google.com <gregoryd@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-24 23:10:37 +0000 |
|---|---|---|
| committer | gregoryd@google.com <gregoryd@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-24 23:10:37 +0000 |
| commit | d77ada46dceb41aaea3f80a80a0da1738c6ba4bf (patch) | |
| tree | 7b6646832e313cd7bf9cc2da4de1be84338165b9 /chrome/common | |
| parent | 4c33301e993025e82d6d7379111acade0b62afcb (diff) | |
| download | chromium_src-d77ada46dceb41aaea3f80a80a0da1738c6ba4bf.zip chromium_src-d77ada46dceb41aaea3f80a80a0da1738c6ba4bf.tar.gz chromium_src-d77ada46dceb41aaea3f80a80a0da1738c6ba4bf.tar.bz2 | |
Integrate Chrome sandbox changes with NaCl (add Win64 support)
Two significant changes:
- Explicitly allow processes to act as servers for named pipes for pipes with chrome.nacl prefix. This worked implicitly on Win32 but doesn't on Win64.
- NaCl broker process does not run in the sandbox (by design)
Review URL: http://codereview.chromium.org/1098009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@42552 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/common')
| -rw-r--r-- | chrome/common/sandbox_policy.cc | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/chrome/common/sandbox_policy.cc b/chrome/common/sandbox_policy.cc index ff5e5c5..d0766e9 100644 --- a/chrome/common/sandbox_policy.cc +++ b/chrome/common/sandbox_policy.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -176,6 +176,20 @@ void AddDllEvictionPolicy(sandbox::TargetPolicy* policy) { } } +bool Is64BitWindows() +{ +#if defined(_WIN64) + return true; // 64-bit programs run only on Win64 +#elif defined(_WIN32) + // 32-bit programs run on both 32-bit and 64-bit Windows + // so must sniff. + BOOL f64 = FALSE; + return IsWow64Process(GetCurrentProcess(), &f64) && f64; +#else + return false; // no other code can run on 64-bit Windows +#endif +} + // Adds the generic policy rules to a sandbox TargetPolicy. bool AddGenericPolicy(sandbox::TargetPolicy* policy) { sandbox::ResultCode result; @@ -187,6 +201,14 @@ bool AddGenericPolicy(sandbox::TargetPolicy* policy) { if (result != sandbox::SBOX_ALL_OK) return false; + if (Is64BitWindows()) { + result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, + sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, + L"\\\\.\\pipe\\chrome.nacl.*"); + if (result != sandbox::SBOX_ALL_OK) + return false; + } + // Add the policy for debug message only in debug #ifndef NDEBUG std::wstring debug_message; @@ -396,6 +418,7 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line, } bool in_sandbox = + (type != ChildProcessInfo::NACL_BROKER_PROCESS) && !browser_command_line.HasSwitch(switches::kNoSandbox) && (type != ChildProcessInfo::PLUGIN_PROCESS || browser_command_line.HasSwitch(switches::kSafePlugins)); |