diff options
| author | jam@chromium.org <jam@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-03-20 00:30:18 +0000 |
|---|---|---|
| committer | jam@chromium.org <jam@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-03-20 00:30:18 +0000 |
| commit | 34f4868ad60ff1f8aa0374aee947cec4960d4670 (patch) | |
| tree | 3ed90336e8c85d9548a2e479c47477192d54dd1b /content/browser/child_process_launcher.cc | |
| parent | 13ee68abf3ddb40c7a9eaa54ef6afbc21cdc37ff (diff) | |
| download | chromium_src-34f4868ad60ff1f8aa0374aee947cec4960d4670.zip chromium_src-34f4868ad60ff1f8aa0374aee947cec4960d4670.tar.gz chromium_src-34f4868ad60ff1f8aa0374aee947cec4960d4670.tar.bz2 | |
Refactor sandbox_policy.cc so that it doesn't contain the sandbox policies for all processes. Instead have whoever creates a sandboxed process set this data. This allows us to clean a few NaCl related changes in content:
-remove NaCl sandbox rules from content
-remove the hack for ifdef'ing out the GPU policy since it didn't link for nacl64.exe
-remove the 1GB memory reservation for the NaCl loader process out of content
Other cleanup:
-renamed sandbox_policy.* to sandbox_win.* to match the other platform-specific sandbox files
-moved BrokerGetFileHandleForProcess to internal content files since it's not called from outside
-remove AddGpuDllEvictionPolicy since it was redundant (the one dll it removed was already listed in the generic list)
There's still more cleanup to be done in the sandbox code (i.e. remove chrome frame switch, nacl process type switch etc). I will do that in future changes.
BUG=191682
Review URL: https://codereview.chromium.org/12805004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@189175 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content/browser/child_process_launcher.cc')
| -rw-r--r-- | content/browser/child_process_launcher.cc | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/content/browser/child_process_launcher.cc b/content/browser/child_process_launcher.cc index 991223d..66e7c83 100644 --- a/content/browser/child_process_launcher.cc +++ b/content/browser/child_process_launcher.cc @@ -23,8 +23,9 @@ #if defined(OS_WIN) #include "base/files/file_path.h" -#include "content/common/sandbox_policy.h" +#include "content/common/sandbox_win.h" #include "content/public/common/sandbox_init.h" +#include "content/public/common/sandboxed_process_launcher_delegate.h" #elif defined(OS_MACOSX) #include "content/browser/mach_broker_mac.h" #elif defined(OS_ANDROID) @@ -68,7 +69,7 @@ class ChildProcessLauncher::Context void Launch( #if defined(OS_WIN) - const base::FilePath& exposed_dir, + SandboxedProcessLauncherDelegate* delegate, #elif defined(OS_ANDROID) int ipcfd, #elif defined(OS_POSIX) @@ -97,7 +98,7 @@ class ChildProcessLauncher::Context client_thread_id_, child_process_id, #if defined(OS_WIN) - exposed_dir, + delegate, #elif defined(OS_ANDROID) ipcfd, #elif defined(OS_POSIX) @@ -180,7 +181,7 @@ class ChildProcessLauncher::Context BrowserThread::ID client_thread_id, int child_process_id, #if defined(OS_WIN) - const base::FilePath& exposed_dir, + SandboxedProcessLauncherDelegate* delegate, #elif defined(OS_ANDROID) int ipcfd, #elif defined(OS_POSIX) @@ -193,7 +194,8 @@ class ChildProcessLauncher::Context base::TimeTicks begin_launch_time = base::TimeTicks::Now(); #if defined(OS_WIN) - base::ProcessHandle handle = StartProcessWithAccess(cmd_line, exposed_dir); + scoped_ptr<SandboxedProcessLauncherDelegate> delegate_deleter(delegate); + base::ProcessHandle handle = StartSandboxedProcess(delegate, cmd_line); #elif defined(OS_ANDROID) // Android WebView runs in single process, ensure that we never get here // when running in single process mode. @@ -409,7 +411,7 @@ class ChildProcessLauncher::Context ChildProcessLauncher::ChildProcessLauncher( #if defined(OS_WIN) - const base::FilePath& exposed_dir, + SandboxedProcessLauncherDelegate* delegate, #elif defined(OS_POSIX) bool use_zygote, const base::EnvironmentVector& environ, @@ -421,7 +423,7 @@ ChildProcessLauncher::ChildProcessLauncher( context_ = new Context(); context_->Launch( #if defined(OS_WIN) - exposed_dir, + delegate, #elif defined(OS_ANDROID) ipcfd, #elif defined(OS_POSIX) |