diff options
| author | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-04-21 02:32:59 +0000 |
|---|---|---|
| committer | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-04-21 02:32:59 +0000 |
| commit | c324dc8ff31c4bc06ceef02c565f754712e44944 (patch) | |
| tree | c506f09159e0590ee4b1d346ef9c8edf476f1c97 /content/common/sandbox_policy.cc | |
| parent | 487ab6a3ca127cb4a2e24e9534236da61a8f1706 (diff) | |
| download | chromium_src-c324dc8ff31c4bc06ceef02c565f754712e44944.zip chromium_src-c324dc8ff31c4bc06ceef02c565f754712e44944.tar.gz chromium_src-c324dc8ff31c4bc06ceef02c565f754712e44944.tar.bz2 | |
Fix DXVA2 video decoding which was broken with recent process handle brokering changes
and a sandbox policy change which runs the gpu process in a windows job object with
ui restrictions on. This causes the DXVA device creation to fail.
BUG=none
TEST=DXVA decoder initialization and decoding should now work in the gpu process.
Review URL: https://chromiumcodereview.appspot.com/10163013
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@133328 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content/common/sandbox_policy.cc')
| -rw-r--r-- | content/common/sandbox_policy.cc | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/content/common/sandbox_policy.cc b/content/common/sandbox_policy.cc index 549f5c7..1bd1e4f 100644 --- a/content/common/sandbox_policy.cc +++ b/content/common/sandbox_policy.cc @@ -339,29 +339,28 @@ bool AddPolicyForGPU(CommandLine* cmd_line, sandbox::TargetPolicy* policy) { // Swiftshader path. policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, sandbox::USER_LIMITED); - // UI restrictions break when we access Windows from outside our job. - // However, we don't want a proxy window in this process because it can - // introduce deadlocks where the renderer blocks on the gpu, which in - // turn blocks on the browser UI thread. So, instead we forgo a window - // message pump entirely and just add job restrictions to prevent child - // processes. - policy->SetJobLevel(sandbox::JOB_LIMITED_USER, - JOB_OBJECT_UILIMIT_SYSTEMPARAMETERS | - JOB_OBJECT_UILIMIT_DESKTOP | - JOB_OBJECT_UILIMIT_EXITWINDOWS | - JOB_OBJECT_UILIMIT_DISPLAYSETTINGS); } else { // Angle + DirectX path. policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, sandbox::USER_RESTRICTED); - policy->SetJobLevel(sandbox::JOB_LOCKDOWN, - JOB_OBJECT_UILIMIT_HANDLES); // This is a trick to keep the GPU out of low-integrity processes. It // starts at low-integrity for UIPI to work, then drops below // low-integrity after warm-up. policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_UNTRUSTED); } + // UI restrictions break when we access Windows from outside our job. + // However, we don't want a proxy window in this process because it can + // introduce deadlocks where the renderer blocks on the gpu, which in + // turn blocks on the browser UI thread. So, instead we forgo a window + // message pump entirely and just add job restrictions to prevent child + // processes. + policy->SetJobLevel(sandbox::JOB_LIMITED_USER, + JOB_OBJECT_UILIMIT_SYSTEMPARAMETERS | + JOB_OBJECT_UILIMIT_DESKTOP | + JOB_OBJECT_UILIMIT_EXITWINDOWS | + JOB_OBJECT_UILIMIT_DISPLAYSETTINGS); + policy->SetIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW); } } else { |