diff options
| author | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-12-14 22:46:56 +0000 |
|---|---|---|
| committer | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-12-14 22:46:56 +0000 |
| commit | 75a5323a3bf941cbd4a3770aae54813bf811486d (patch) | |
| tree | 17493c0f95e64ee39faca268170ccd340a1285df /sandbox | |
| parent | a1232a184ed9060db8bb7aa8e3225ae4475195ea (diff) | |
| download | chromium_src-75a5323a3bf941cbd4a3770aae54813bf811486d.zip chromium_src-75a5323a3bf941cbd4a3770aae54813bf811486d.tar.gz chromium_src-75a5323a3bf941cbd4a3770aae54813bf811486d.tar.bz2 | |
Linux Sandbox: Basic support for GPU broker.
We add a GPU broker process to make sure we can open certain files
once the sandbox is started.
We do not need to allow open() in the GPU policy in certain configuration
anymore, which creates an effective GPU sandbox.
BUG=166111
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/11569028
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173233 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox')
| -rw-r--r-- | sandbox/linux/services/broker_process.cc | 9 | ||||
| -rw-r--r-- | sandbox/linux/services/broker_process.h | 7 |
2 files changed, 9 insertions, 7 deletions
diff --git a/sandbox/linux/services/broker_process.cc b/sandbox/linux/services/broker_process.cc index 7c70118..f51533c 100644 --- a/sandbox/linux/services/broker_process.cc +++ b/sandbox/linux/services/broker_process.cc @@ -110,10 +110,8 @@ BrokerProcess::~BrokerProcess() { } } -bool BrokerProcess::Init(void* sandbox_callback) { +bool BrokerProcess::Init(bool (*sandbox_callback)(void)) { CHECK(!initialized_); - CHECK_EQ(sandbox_callback, (void*) NULL) << - "sandbox_callback is not implemented"; int socket_pair[2]; // Use SOCK_SEQPACKET, because we need to preserve message boundaries // but we also want to be notified (recvmsg should return and not block) @@ -148,7 +146,10 @@ bool BrokerProcess::Init(void* sandbox_callback) { shutdown(socket_pair[0], SHUT_WR); ipc_socketpair_ = socket_pair[0]; is_child_ = true; - // TODO(jln): activate a sandbox here. + // Enable the sandbox if provided. + if (sandbox_callback) { + CHECK(sandbox_callback()); + } initialized_ = true; for (;;) { HandleRequest(); diff --git a/sandbox/linux/services/broker_process.h b/sandbox/linux/services/broker_process.h index 8498239..d04f703 100644 --- a/sandbox/linux/services/broker_process.h +++ b/sandbox/linux/services/broker_process.h @@ -20,7 +20,7 @@ namespace sandbox { // signal handler. // A process would typically create a broker process before entering // sandboxing. -// 1. BrokerProcess open_broker(file_whitelist); +// 1. BrokerProcess open_broker(read_whitelist, write_whitelist); // 2. CHECK(open_broker.Init(NULL)); // 3. Enable sandbox. // 4. Use open_broker.Open() to open files. @@ -37,8 +37,9 @@ class BrokerProcess { ~BrokerProcess(); // Will initialize the broker process. There should be no threads at this // point, since we need to fork(). - // sandbox_callback should be NULL as this feature is not implemented yet. - bool Init(void* sandbox_callback); + // sandbox_callback is a function that should be called to enable the + // sandbox in the broker. + bool Init(bool (*sandbox_callback)(void)); // Can be used in place of open(). Will be async signal safe. // The implementation only supports certain white listed flags and will |