Integrate Chrome sandbox changes with NaCl (add Win64 support)

Two significant changes: - Explicitly allow processes to act as servers for named pipes for pipes with chrome.nacl prefix. This worked implicitly on Win32 but doesn't on Win64. - NaCl broker process does not run in the sandbox (by design) Review URL: http://codereview.chromium.org/1098009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@42552 0039d316-1c4b-4281-b951-d872f2087c98
author: gregoryd@google.com <gregoryd@google.com@0039d316-1c4b-4281-b951-d872f2087c98> 2010-03-24 23:10:37 +0000
committer: gregoryd@google.com <gregoryd@google.com@0039d316-1c4b-4281-b951-d872f2087c98> 2010-03-24 23:10:37 +0000
commit: d77ada46dceb41aaea3f80a80a0da1738c6ba4bf (patch)
tree: 7b6646832e313cd7bf9cc2da4de1be84338165b9 /chrome/nacl/nacl_main.cc
parent: 4c33301e993025e82d6d7379111acade0b62afcb (diff)
download: chromium_src-d77ada46dceb41aaea3f80a80a0da1738c6ba4bf.zip
chromium_src-d77ada46dceb41aaea3f80a80a0da1738c6ba4bf.tar.gz
chromium_src-d77ada46dceb41aaea3f80a80a0da1738c6ba4bf.tar.bz2
1 files changed, 7 insertions, 2 deletions
diff --git a/chrome/nacl/nacl_main.cc b/chrome/nacl/nacl_main.cc
index a7325cd..4dc2691 100644
--- a/chrome/nacl/nacl_main.cc
+++ b/chrome/nacl/nacl_main.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Copyright (c) 2009-2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -93,8 +93,13 @@ static void LaunchNaClChildProcess(bool no_sandbox,
                                    sandbox::TargetServices* target_services) {
   ChildProcess nacl_process;
   nacl_process.set_main_thread(new NaClThread());
-  if (!no_sandbox && target_services)
+  if (!no_sandbox && target_services) {
+    // Cause advapi32 to load before the sandbox is turned on.
+    unsigned int dummy_rand;
+    rand_s(&dummy_rand);
+    // Turn the sanbox on.
     target_services->LowerToken();
+  }
   MessageLoop::current()->Run();
 }
 #elif defined(OS_MACOSX) || defined(OS_LINUX)
author	gregoryd@google.com <gregoryd@google.com@0039d316-1c4b-4281-b951-d872f2087c98>	2010-03-24 23:10:37 +0000
committer	gregoryd@google.com <gregoryd@google.com@0039d316-1c4b-4281-b951-d872f2087c98>	2010-03-24 23:10:37 +0000
commit	d77ada46dceb41aaea3f80a80a0da1738c6ba4bf (patch)
tree	7b6646832e313cd7bf9cc2da4de1be84338165b9 /chrome/nacl/nacl_main.cc
parent	4c33301e993025e82d6d7379111acade0b62afcb (diff)
download	chromium_src-d77ada46dceb41aaea3f80a80a0da1738c6ba4bf.zip chromium_src-d77ada46dceb41aaea3f80a80a0da1738c6ba4bf.tar.gz chromium_src-d77ada46dceb41aaea3f80a80a0da1738c6ba4bf.tar.bz2