diff options
| -rw-r--r-- | chrome/DEPS | 4 | ||||
| -rw-r--r-- | chrome/browser/DEPS | 10 | ||||
| -rw-r--r-- | chrome/browser/autofill/autofill_browsertest.cc | 1 | ||||
| -rw-r--r-- | chrome/nacl/nacl_broker_listener.cc | 4 | ||||
| -rw-r--r-- | chrome/nacl/nacl_main_platform_delegate_mac.mm | 1 | ||||
| -rw-r--r-- | chrome/service/service_main.cc | 7 | ||||
| -rw-r--r-- | chrome/service/service_utility_process_host.cc | 4 | ||||
| -rw-r--r-- | content/common/sandbox_policy.cc | 6 | ||||
| -rw-r--r-- | content/common/sandbox_policy.h | 11 | ||||
| -rw-r--r-- | content/public/common/sandbox_init.h | 13 |
10 files changed, 28 insertions, 33 deletions
diff --git a/chrome/DEPS b/chrome/DEPS index cb8c822..c94de56 100644 --- a/chrome/DEPS +++ b/chrome/DEPS @@ -15,10 +15,6 @@ include_rules = [ "-chrome", "+chrome/common", "+chrome/test", - # TODO(jam): remove me once chrome only consumes content/common through its - # public headers. - "+content/common/sandbox_mac.h", - "+content/common/sandbox_policy.h", "+content/public/common", "+content/public/test", "+content/test/gpu", diff --git a/chrome/browser/DEPS b/chrome/browser/DEPS index 47088fe..9f682a0 100644 --- a/chrome/browser/DEPS +++ b/chrome/browser/DEPS @@ -8,7 +8,6 @@ include_rules = [ "+chrome/tools/profiles", # For history unit tests. "+chrome/views", "+chromeos", - "+content/plugin/plugin_interpose_util_mac.h", "+content/public/browser", "+google_update", "+grit", # For generated headers @@ -34,14 +33,11 @@ include_rules = [ "+webkit/quota", "+xib_localizers", # For generated mac localization helpers - "-content/browser", # TODO(jam): Need to remove all these and use only content/public. BUG=98716 # DO NOT ADD ANY MORE ITEMS TO THE LIST BELOW! "+content/browser/geolocation/wifi_data_provider_common.h", # DO NOT ADD ANY MORE ITEMS TO THE ABOVE LIST! - "-content/common", - "-chrome/browser/ui/views", # TODO(tfarina): Remove all these. crbug.com/125846. # DO NOT ADD ANY MORE ITEMS TO THE LIST BELOW! @@ -81,7 +77,7 @@ include_rules = [ "+third_party/sqlite", "+third_party/undoview", - # FIXME: these should probably not be here, we need to find a better - # structure for these includes. - "+chrome/renderer", + # FIXME: this is used by a browser_test. We need to find a better structure + # for this include. + "+chrome/renderer/visitedlink_slave.h", ] diff --git a/chrome/browser/autofill/autofill_browsertest.cc b/chrome/browser/autofill/autofill_browsertest.cc index 0443d6c..c7a45ff 100644 --- a/chrome/browser/autofill/autofill_browsertest.cc +++ b/chrome/browser/autofill/autofill_browsertest.cc @@ -23,7 +23,6 @@ #include "chrome/browser/ui/tab_contents/tab_contents_wrapper.h" #include "chrome/common/chrome_notification_types.h" #include "chrome/common/render_messages.h" -#include "chrome/renderer/translate_helper.h" #include "chrome/test/base/in_process_browser_test.h" #include "chrome/test/base/ui_test_utils.h" #include "content/public/browser/navigation_controller.h" diff --git a/chrome/nacl/nacl_broker_listener.cc b/chrome/nacl/nacl_broker_listener.cc index 493b02d..1bb42d6b 100644 --- a/chrome/nacl/nacl_broker_listener.cc +++ b/chrome/nacl/nacl_broker_listener.cc @@ -14,8 +14,8 @@ #include "chrome/common/nacl_cmd_line.h" #include "chrome/common/nacl_debug_exception_handler_win.h" #include "chrome/common/nacl_messages.h" -#include "content/common/sandbox_policy.h" #include "content/public/common/content_switches.h" +#include "content/public/common/sandbox_init.h" #include "ipc/ipc_switches.h" namespace { @@ -86,7 +86,7 @@ void NaClBrokerListener::OnLaunchLoaderThroughBroker( cmd_line->AppendSwitchASCII(switches::kProcessChannelID, loader_channel_id); - loader_process = sandbox::StartProcessWithAccess(cmd_line, FilePath()); + loader_process = content::StartProcessWithAccess(cmd_line, FilePath()); if (loader_process) { DuplicateHandle(::GetCurrentProcess(), loader_process, browser_handle_, &loader_handle_in_browser, diff --git a/chrome/nacl/nacl_main_platform_delegate_mac.mm b/chrome/nacl/nacl_main_platform_delegate_mac.mm index b818ce7..973b1f9 100644 --- a/chrome/nacl/nacl_main_platform_delegate_mac.mm +++ b/chrome/nacl/nacl_main_platform_delegate_mac.mm @@ -11,7 +11,6 @@ #include "base/native_library.h" #include "chrome/common/chrome_sandbox_type_mac.h" #include "chrome/common/chrome_switches.h" -#include "content/common/sandbox_mac.h" #include "content/public/common/sandbox_init.h" NaClMainPlatformDelegate::NaClMainPlatformDelegate( diff --git a/chrome/service/service_main.cc b/chrome/service/service_main.cc index d85134a..c17ded3 100644 --- a/chrome/service/service_main.cc +++ b/chrome/service/service_main.cc @@ -11,7 +11,7 @@ #include "net/url_request/url_request.h" #if defined(OS_WIN) -#include "content/common/sandbox_policy.h" +#include "content/public/common/sandbox_init.h" #include "sandbox/src/sandbox_types.h" #elif defined(OS_MACOSX) #include "chrome/service/chrome_service_application_mac.h" @@ -44,10 +44,7 @@ int ServiceProcessMain(const content::MainFunctionParams& parameters) { return 0; #if defined(OS_WIN) - sandbox::BrokerServices* broker_services = - parameters.sandbox_info->broker_services; - if (broker_services) - sandbox::InitBrokerServices(broker_services); + content::InitializeSandbox(parameters.sandbox_info); #endif // defined(OS_WIN) ServiceProcess service_process; diff --git a/chrome/service/service_utility_process_host.cc b/chrome/service/service_utility_process_host.cc index e3e60a7..f0bc621 100644 --- a/chrome/service/service_utility_process_host.cc +++ b/chrome/service/service_utility_process_host.cc @@ -17,6 +17,7 @@ #include "chrome/common/chrome_utility_messages.h" #include "content/public/common/child_process_host.h" #include "content/public/common/result_codes.h" +#include "content/public/common/sandbox_init.h" #include "ipc/ipc_switches.h" #include "printing/page_range.h" #include "ui/base/ui_base_switches.h" @@ -26,7 +27,6 @@ #include "base/file_path.h" #include "base/memory/scoped_ptr.h" #include "base/win/scoped_handle.h" -#include "content/common/sandbox_policy.h" #include "printing/emf_win.h" #endif @@ -137,7 +137,7 @@ bool ServiceUtilityProcessHost::Launch(CommandLine* cmd_line, cmd_line->AppendSwitch(switches::kNoSandbox); base::LaunchProcess(*cmd_line, base::LaunchOptions(), &handle_); } else { - handle_ = sandbox::StartProcessWithAccess(cmd_line, exposed_dir); + handle_ = content::StartProcessWithAccess(cmd_line, exposed_dir); } return (handle_ != base::kNullProcessHandle); #endif // !defined(OS_WIN) diff --git a/content/common/sandbox_policy.cc b/content/common/sandbox_policy.cc index 53e949c..50e9b6d 100644 --- a/content/common/sandbox_policy.cc +++ b/content/common/sandbox_policy.cc @@ -844,4 +844,10 @@ bool BrokerAddTargetPeer(HANDLE peer_process) { return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; } +base::ProcessHandle StartProcessWithAccess( + CommandLine* cmd_line, + const FilePath& exposed_dir) { + return sandbox::StartProcessWithAccess(cmd_line, exposed_dir); +} + } // namespace content diff --git a/content/common/sandbox_policy.h b/content/common/sandbox_policy.h index 53e4c2f..7a2e673 100644 --- a/content/common/sandbox_policy.h +++ b/content/common/sandbox_policy.h @@ -17,17 +17,14 @@ namespace sandbox { class BrokerServices; class TargetServices; -CONTENT_EXPORT bool InitBrokerServices( - sandbox::BrokerServices* broker_services); +bool InitBrokerServices(sandbox::BrokerServices* broker_services); -CONTENT_EXPORT bool InitTargetServices( - sandbox::TargetServices* target_services); +bool InitTargetServices(sandbox::TargetServices* target_services); // Starts a sandboxed process with the given directory unsandboxed // and returns a handle to it. -CONTENT_EXPORT base::ProcessHandle StartProcessWithAccess( - CommandLine* cmd_line, - const FilePath& exposed_dir); +base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line, + const FilePath& exposed_dir); } // namespace sandbox diff --git a/content/public/common/sandbox_init.h b/content/public/common/sandbox_init.h index a6dcccc..ffe3feb 100644 --- a/content/public/common/sandbox_init.h +++ b/content/public/common/sandbox_init.h @@ -11,13 +11,12 @@ #include "content/common/content_export.h" #include "ipc/ipc_platform_file.h" -#if defined(OS_WIN) +class CommandLine; +class FilePath; + namespace sandbox { struct SandboxInterfaceInfo; } -#elif defined(OS_MACOSX) -class FilePath; -#endif namespace content { @@ -52,6 +51,12 @@ CONTENT_EXPORT bool BrokerDuplicateHandle(HANDLE source_handle, // false otherwise. CONTENT_EXPORT bool BrokerAddTargetPeer(HANDLE peer_process); +// Starts a sandboxed process with the given directory unsandboxed +// and returns a handle to it. +CONTENT_EXPORT base::ProcessHandle StartProcessWithAccess( + CommandLine* cmd_line, + const FilePath& exposed_dir); + #elif defined(OS_MACOSX) // Initialize the sandbox of the given |sandbox_type|, optionally specifying a |