diff options
Diffstat (limited to 'content/common/sandbox_win.cc')
| -rw-r--r-- | content/common/sandbox_win.cc | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/content/common/sandbox_win.cc b/content/common/sandbox_win.cc index 6a2b3d7..1d7e24a 100644 --- a/content/common/sandbox_win.cc +++ b/content/common/sandbox_win.cc @@ -403,7 +403,6 @@ bool AddPolicyForSandboxedProcess(sandbox::TargetPolicy* policy) { if (result != sandbox::SBOX_ALL_OK) return false; - sandbox::TokenLevel initial_token = sandbox::USER_UNPROTECTED; if (base::win::GetVersion() > base::win::VERSION_XP) { // On 2003/Vista the initial token has to be restricted if the main @@ -665,7 +664,8 @@ bool InitTargetServices(sandbox::TargetServices* target_services) { base::Process StartSandboxedProcess( SandboxedProcessLauncherDelegate* delegate, - base::CommandLine* cmd_line) { + base::CommandLine* cmd_line, + const base::HandlesToInheritVector& handles_to_inherit) { DCHECK(delegate); const base::CommandLine& browser_command_line = *base::CommandLine::ForCurrentProcess(); @@ -684,8 +684,15 @@ base::Process StartSandboxedProcess( if ((!delegate->ShouldSandbox()) || browser_command_line.HasSwitch(switches::kNoSandbox) || cmd_line->HasSwitch(switches::kNoSandbox)) { - base::Process process = - base::LaunchProcess(*cmd_line, base::LaunchOptions()); + base::LaunchOptions options; + + base::HandlesToInheritVector handles = handles_to_inherit; + if (!handles_to_inherit.empty()) { + options.inherit_handles = true; + options.handles_to_inherit = &handles; + } + base::Process process = base::LaunchProcess(*cmd_line, options); + // TODO(rvargas) crbug.com/417532: Don't share a raw handle. g_broker_services->AddTargetPeer(process.Handle()); return process.Pass(); @@ -693,6 +700,10 @@ base::Process StartSandboxedProcess( sandbox::TargetPolicy* policy = g_broker_services->CreatePolicy(); + // Add any handles to be inherited to the policy. + for (HANDLE handle : handles_to_inherit) + policy->AddHandleToShare(handle); + // Pre-startup mitigations. sandbox::MitigationFlags mitigations = sandbox::MITIGATION_HEAP_TERMINATE | @@ -735,6 +746,9 @@ base::Process StartSandboxedProcess( } #if !defined(NACL_WIN64) + // NOTE: This is placed at function scope so that it stays alive through + // process launch. + base::SharedMemory direct_write_font_cache_section; if (type_str == switches::kRendererProcess || type_str == switches::kPpapiPluginProcess) { if (gfx::win::ShouldUseDirectWrite()) { @@ -753,13 +767,12 @@ base::Process StartSandboxedProcess( std::string name(content::kFontCacheSharedSectionName); name.append(base::UintToString(base::GetCurrentProcId())); - base::SharedMemory direct_write_font_cache_section; if (direct_write_font_cache_section.Open(name, true)) { - void* shared_handle = policy->AddHandleToShare( - direct_write_font_cache_section.handle().GetHandle()); + HANDLE handle = direct_write_font_cache_section.handle().GetHandle(); + policy->AddHandleToShare(handle); cmd_line->AppendSwitchASCII( switches::kFontCacheSharedHandle, - base::UintToString(base::win::HandleToUint32(shared_handle))); + base::UintToString(base::win::HandleToUint32(handle))); } } } |