summaryrefslogtreecommitdiffstats
path: root/components/html_viewer
diff options
context:
space:
mode:
authorerg <erg@chromium.org>2015-08-07 12:27:00 -0700
committerCommit bot <commit-bot@chromium.org>2015-08-07 19:27:24 +0000
commit7eb0efde374571b5c76417c7df061fee4cd7acd8 (patch)
tree7188f87449bd1c9f10547fd693384b5ea966068f /components/html_viewer
parentd9fa78192b5286e0ab0ccf651ff5a8fb869ef7f2 (diff)
downloadchromium_src-7eb0efde374571b5c76417c7df061fee4cd7acd8.zip
chromium_src-7eb0efde374571b5c76417c7df061fee4cd7acd8.tar.gz
chromium_src-7eb0efde374571b5c76417c7df061fee4cd7acd8.tar.bz2
Reland "Sandbox html_viewer on Linux."
This fixes a midair collision with a file move. This creates a font_service which does the same role as font_config_ipc_linux.cc does in content/. This lets us sandbox the html_viewer, while still being able to communicate with fontconfig. Also prewarms the ICU timezone data, along with doing all the prewarming that's done in the core_services sandbox. BUG=492524 NOPRESUBMIT=true First Review URL: https://codereview.chromium.org/1274743004 Review URL: https://codereview.chromium.org/1280043003 Cr-Commit-Position: refs/heads/master@{#342409}
Diffstat (limited to 'components/html_viewer')
-rw-r--r--components/html_viewer/BUILD.gn8
-rw-r--r--components/html_viewer/DEPS1
-rw-r--r--components/html_viewer/global_state.cc8
-rw-r--r--components/html_viewer/html_viewer_main.cc26
4 files changed, 43 insertions, 0 deletions
diff --git a/components/html_viewer/BUILD.gn b/components/html_viewer/BUILD.gn
index dcbdaf2..ab49118 100644
--- a/components/html_viewer/BUILD.gn
+++ b/components/html_viewer/BUILD.gn
@@ -185,6 +185,10 @@ source_set("lib") {
sources += [ "html_viewer_version.rc" ]
}
+ if (is_linux && !is_android) {
+ deps += [ "//components/font_service/public/cpp" ]
+ }
+
data_deps = [
"//components/clipboard",
"//components/view_manager",
@@ -316,4 +320,8 @@ mojo_native_application("apptests") {
":html_viewer",
"//components/view_manager",
]
+
+ if (is_linux && !is_android) {
+ data_deps += [ "//components/font_service" ]
+ }
}
diff --git a/components/html_viewer/DEPS b/components/html_viewer/DEPS
index 8355e5b..4f2c54e 100644
--- a/components/html_viewer/DEPS
+++ b/components/html_viewer/DEPS
@@ -5,6 +5,7 @@ include_rules = [
"+cc",
"+components/clipboard",
"+components/devtools_service/public",
+ "+components/font_service/public",
"+components/gpu",
"+components/message_port",
"+components/mime_util",
diff --git a/components/html_viewer/global_state.cc b/components/html_viewer/global_state.cc
index ec0f570..870c4e7 100644
--- a/components/html_viewer/global_state.cc
+++ b/components/html_viewer/global_state.cc
@@ -22,6 +22,10 @@
#include "ui/mojo/init/ui_init.h"
#include "v8/include/v8.h"
+#if defined(OS_LINUX) && !defined(OS_ANDROID)
+#include "components/font_service/public/cpp/font_loader.h"
+#endif
+
namespace html_viewer {
namespace {
@@ -93,6 +97,10 @@ void GlobalState::InitIfNecessary(const gfx::Size& screen_size_in_pixels,
return;
}
+#if defined(OS_LINUX) && !defined(OS_ANDROID)
+ SkFontConfigInterface::SetGlobal(new font_service::FontLoader(app_));
+#endif
+
ui_init_.reset(
new ui::mojo::UIInit(screen_size_in_pixels, device_pixel_ratio));
base::DiscardableMemoryAllocator::SetInstance(&discardable_memory_allocator_);
diff --git a/components/html_viewer/html_viewer_main.cc b/components/html_viewer/html_viewer_main.cc
index 9afd58d..79349639 100644
--- a/components/html_viewer/html_viewer_main.cc
+++ b/components/html_viewer/html_viewer_main.cc
@@ -6,6 +6,32 @@
#include "mojo/application/public/cpp/application_runner.h"
#include "third_party/mojo/src/mojo/public/c/system/main.h"
+// TODO(erg): Much of this will be the same between mojo applications. Maybe we
+// could centralize this code?
+#if defined(OS_LINUX) && !defined(OS_ANDROID)
+#include "base/rand_util.h"
+#include "base/sys_info.h"
+#include "third_party/icu/source/i18n/unicode/timezone.h"
+
+// TODO(erg): Much of this was coppied from zygote_main_linux.cc
+extern "C" {
+void __attribute__((visibility("default"))) MojoSandboxWarm() {
+ base::RandUint64();
+ base::SysInfo::AmountOfPhysicalMemory();
+ base::SysInfo::MaxSharedMemorySize();
+ base::SysInfo::NumberOfProcessors();
+
+ // ICU DateFormat class (used in base/time_format.cc) needs to get the
+ // Olson timezone ID by accessing the zoneinfo files on disk. After
+ // TimeZone::createDefault is called once here, the timezone ID is
+ // cached and there's no more need to access the file system.
+ scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault());
+
+ // TODO(erg): Perform OpenSSL warmup; it wants access to /dev/urandom.
+}
+}
+#endif // defined(OS_LINUX) && !defined(OS_ANDROID)
+
MojoResult MojoMain(MojoHandle shell_handle) {
mojo::ApplicationRunner runner(new html_viewer::HTMLViewer);
return runner.Run(shell_handle);