diff options
| author | jorgelo@chromium.org <jorgelo@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-11-17 03:57:56 +0000 |
|---|---|---|
| committer | jorgelo@chromium.org <jorgelo@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-11-17 03:57:56 +0000 |
| commit | 5fe0c7693521fb4f97faf8811b838941ade66f3b (patch) | |
| tree | 0a5539b1acc76b50bc22709b7c62f09f1de3d23d /crypto | |
| parent | 9cc1242b32d06505c8e9b0acacb6e0e75a166a0a (diff) | |
| download | chromium_src-5fe0c7693521fb4f97faf8811b838941ade66f3b.zip chromium_src-5fe0c7693521fb4f97faf8811b838941ade66f3b.tar.gz chromium_src-5fe0c7693521fb4f97faf8811b838941ade66f3b.tar.bz2 | |
Initialize NSS in the PPAPI process for ClearKey CDM.
BUG=156864
TEST=content_browsertests passes on linux_rel_precise.
Review URL: https://chromiumcodereview.appspot.com/11411013
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168372 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/nss_util.cc | 11 | ||||
| -rw-r--r-- | crypto/nss_util.h | 12 |
2 files changed, 22 insertions, 1 deletions
diff --git a/crypto/nss_util.cc b/crypto/nss_util.cc index dac0e22..3198101 100644 --- a/crypto/nss_util.cc +++ b/crypto/nss_util.cc @@ -651,6 +651,17 @@ void EnsureNSPRInit() { g_nspr_singleton.Get(); } +void WarmUpNSSSafely() { + // We might fork, but we haven't loaded any security modules. + crypto::DisableNSSForkCheck(); + // If we're sandboxed, we shouldn't be able to open user security modules, + // but it's more correct to tell NSS to not even try. + // Loading user security modules would have security implications. + crypto::ForceNSSNoDBInit(); + // Initialize NSS. + crypto::EnsureNSSInit(); +} + void EnsureNSSInit() { // Initializing SSL causes us to do blocking IO. // Temporarily allow it until we fix diff --git a/crypto/nss_util.h b/crypto/nss_util.h index 9e09d6d..25043f9 100644 --- a/crypto/nss_util.h +++ b/crypto/nss_util.h @@ -36,6 +36,16 @@ CRYPTO_EXPORT void EarlySetupForNSSInit(); // thread-safe, and NSPR will only ever be initialized once. CRYPTO_EXPORT void EnsureNSPRInit(); +// Initialize NSS safely for strict sandboxing. This function makes sure that +// NSS is initialized safely and will have proper entropy in a restricted, +// sandboxed environment. +// +// As a defense in depth measure, this function should be called in a sandboxed +// environment to make sure NSS will not load security modules that could +// expose private data and keys. Make sure to get an LGTM from Security +// if you use this. +CRYPTO_EXPORT void WarmUpNSSSafely(); + // Initialize NSS if it isn't already initialized. This must be called before // any other NSS functions. This function is thread-safe, and NSS will only // ever be initialized once. @@ -58,7 +68,7 @@ CRYPTO_EXPORT void EnsureNSSInit(); // WARNING: Use this with caution. CRYPTO_EXPORT void ForceNSSNoDBInit(); -// This methods is used to disable checks in NSS when used in a forked process. +// This method is used to disable checks in NSS when used in a forked process. // NSS checks whether it is running a forked process to avoid problems when // using user security modules in a forked process. However if we are sure // there are no modules loaded before the process is forked then there is no |