diff options
Diffstat (limited to 'content')
32 files changed, 211 insertions, 252 deletions
diff --git a/content/app/content_main.cc b/content/app/content_main.cc index 2494dc4..3cbf07f 100644 --- a/content/app/content_main.cc +++ b/content/app/content_main.cc @@ -9,22 +9,21 @@ #include "base/debug/debugger.h" #include "base/i18n/icu_util.h" #include "base/logging.h" -#include "base/mac/scoped_nsautorelease_pool.h" #include "base/memory/scoped_ptr.h" #include "base/metrics/stats_table.h" #include "base/process_util.h" #include "base/stringprintf.h" #include "base/string_number_conversions.h" -#include "content/app/startup_helper_win.h" #include "content/browser/browser_main.h" #include "content/common/main_function_params.h" -#include "content/common/sandbox_init_wrapper.h" #include "content/common/set_process_title.h" #include "content/public/app/content_main_delegate.h" +#include "content/public/app/startup_helper_win.h" #include "content/public/common/content_client.h" #include "content/public/common/content_constants.h" #include "content/public/common/content_paths.h" #include "content/public/common/content_switches.h" +#include "content/public/common/sandbox_init.h" #include "crypto/nss_util.h" #include "ipc/ipc_switches.h" #include "ui/base/ui_base_switches.h" @@ -36,6 +35,7 @@ #include <atlapp.h> #include <malloc.h> #elif defined(OS_MACOSX) +#include "base/mac/scoped_nsautorelease_pool.h" #include "base/mach_ipc_mac.h" #include "base/system_monitor/system_monitor.h" #include "content/browser/mach_broker_mac.h" @@ -219,9 +219,8 @@ int RunZygote(const MainFunctionParams& main_function_params, base::GetParentProcessId(base::GetCurrentProcId())); InitializeStatsTable(browser_pid, command_line); - MainFunctionParams main_params(command_line, - main_function_params.sandbox_info_, - main_function_params.autorelease_pool_); + MainFunctionParams main_params(command_line); + // Get the new process type from the new command line. std::string process_type = command_line.GetSwitchValueASCII(switches::kProcessType); @@ -327,11 +326,13 @@ int ContentMain(int argc, // The exit manager is in charge of calling the dtors of singleton objects. base::AtExitManager exit_manager; +#if defined(OS_MACOSX) // We need this pool for all the objects created before we get to the // event loop, but we don't want to leave them hanging around until the // app quits. Each "main" needs to flush this pool right before it goes into // its main event loop to get rid of the cruft. base::mac::ScopedNSAutoreleasePool autorelease_pool; +#endif CommandLine::Init(argc, argv); @@ -415,38 +416,31 @@ int ContentMain(int argc, if (!process_type.empty()) CommonSubprocessInit(process_type); - // Initialize the sandbox for this process. - SandboxInitWrapper sandbox_wrapper; - bool initialize_sandbox = true; - #if defined(OS_WIN) - sandbox_wrapper.SetServices(sandbox_info); + CHECK(content::InitializeSandbox(sandbox_info)); #elif defined(OS_MACOSX) - // On OS X the renderer sandbox needs to be initialized later in the startup - // sequence in RendererMainPlatformDelegate::EnableSandbox(). if (process_type == switches::kRendererProcess || process_type == switches::kPpapiPluginProcess || (delegate && delegate->DelaySandboxInitialization(process_type))) { - initialize_sandbox = false; + // On OS X the renderer sandbox needs to be initialized later in the startup + // sequence in RendererMainPlatformDelegate::EnableSandbox(). + } else { + CHECK(content::InitializeSandbox()); } #endif - if (initialize_sandbox) { - bool sandbox_initialized_ok = - sandbox_wrapper.InitializeSandbox(command_line, process_type); - // Die if the sandbox can't be enabled. - CHECK(sandbox_initialized_ok) << "Error initializing sandbox for " - << process_type; - } - if (delegate) delegate->SandboxInitialized(process_type); #if defined(OS_POSIX) SetProcessTitleFromCommandLine(argv); #endif - MainFunctionParams main_params(command_line, sandbox_wrapper, - &autorelease_pool); + MainFunctionParams main_params(command_line); +#if defined(OS_WIN) + main_params.sandbox_info = sandbox_info; +#elif defined(OS_MACOSX) + main_params.autorelease_pool = &autorelease_pool; +#endif exit_code = RunNamedProcessTypeMain(process_type, main_params, delegate); diff --git a/content/app/startup_helper_win.cc b/content/app/startup_helper_win.cc index 8e1a32b..aaba83c 100644 --- a/content/app/startup_helper_win.cc +++ b/content/app/startup_helper_win.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "content/app/startup_helper_win.h" +#include "content/public/app/startup_helper_win.h" #include <crtdbg.h> #include <new.h> diff --git a/content/browser/browser_main.cc b/content/browser/browser_main.cc index 3609290..c358f49 100644 --- a/content/browser/browser_main.cc +++ b/content/browser/browser_main.cc @@ -16,33 +16,10 @@ #if defined(OS_WIN) #include "base/win/scoped_com_initializer.h" -#include "content/common/sandbox_policy.h" -#include "sandbox/src/sandbox.h" #endif namespace { -#if defined(OS_WIN) -// Windows-specific initialization code for the sandbox broker services. -void InitializeBrokerServices(const MainFunctionParams& parameters, - const CommandLine& parsed_command_line) { - sandbox::BrokerServices* broker_services = - parameters.sandbox_info_.BrokerServices(); - if (broker_services) { - sandbox::InitBrokerServices(broker_services); - if (!parsed_command_line.HasSwitch(switches::kNoSandbox)) { - bool use_winsta = !parsed_command_line.HasSwitch( - switches::kDisableAltWinstation); - // Precreate the desktop and window station used by the renderers. - sandbox::TargetPolicy* policy = broker_services->CreatePolicy(); - sandbox::ResultCode result = policy->CreateAlternateDesktop(use_winsta); - CHECK(sandbox::SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION != result); - policy->Release(); - } - } -} -#endif - bool g_exited_main_message_loop = false; } // namespace @@ -106,11 +83,6 @@ int BrowserMain(const MainFunctionParams& parameters) { // Make this call before going multithreaded, or spawning any subprocesses. base::allocator::SetupSubprocessAllocator(); #endif - // The broker service initialization needs to run early because it will - // initialize the sandbox broker, which requires the process to swap its - // window station. During this time all the UI will be broken. This has to - // run before threads and windows are created. - InitializeBrokerServices(parameters, parameters.command_line_); base::win::ScopedCOMInitializer com_initializer; #endif // OS_WIN diff --git a/content/browser/browser_main_loop.cc b/content/browser/browser_main_loop.cc index f9b1102..ff12449 100644 --- a/content/browser/browser_main_loop.cc +++ b/content/browser/browser_main_loop.cc @@ -149,7 +149,7 @@ namespace content { BrowserMainLoop::BrowserMainLoop(const MainFunctionParams& parameters) : parameters_(parameters), - parsed_command_line_(parameters.command_line_), + parsed_command_line_(parameters.command_line), result_code_(content::RESULT_CODE_NORMAL_EXIT) { #if defined(OS_WIN) OleInitialize(NULL); @@ -332,7 +332,7 @@ void BrowserMainLoop::InitializeToolkit() { #endif #if !defined(USE_AURA) - gfx::GtkInitFromCommandLine(parameters_.command_line_); + gfx::GtkInitFromCommandLine(parameters_.command_line); #endif SetUpGLibLogHandler(); diff --git a/content/common/main_function_params.h b/content/common/main_function_params.h index 1c53c5f..1b6323f 100644 --- a/content/common/main_function_params.h +++ b/content/common/main_function_params.h @@ -11,24 +11,36 @@ #pragma once #include "base/command_line.h" -#include "content/common/sandbox_init_wrapper.h" +#if defined(OS_WIN) +namespace sandbox { +struct SandboxInterfaceInfo; +} +#elif defined(OS_MACOSX) namespace base { namespace mac { class ScopedNSAutoreleasePool; } } +#endif class Task; struct MainFunctionParams { - MainFunctionParams(const CommandLine& cl, const SandboxInitWrapper& sb, - base::mac::ScopedNSAutoreleasePool* pool) - : command_line_(cl), sandbox_info_(sb), autorelease_pool_(pool), - ui_task(NULL) { } - const CommandLine& command_line_; - const SandboxInitWrapper& sandbox_info_; - base::mac::ScopedNSAutoreleasePool* autorelease_pool_; + explicit MainFunctionParams(const CommandLine& cl) + : command_line(cl), +#if defined(OS_WIN) + sandbox_info(NULL), +#elif defined(OS_MACOSX) + autorelease_pool(NULL), +#endif + ui_task(NULL) {} + const CommandLine& command_line; +#if defined(OS_WIN) + sandbox::SandboxInterfaceInfo* sandbox_info; +#elif defined(OS_MACOSX) + base::mac::ScopedNSAutoreleasePool* autorelease_pool; +#endif // Used by InProcessBrowserTest. If non-null BrowserMain schedules this // task to run on the MessageLoop and BrowserInit is not invoked. Task* ui_task; diff --git a/content/common/sandbox_init_wrapper_mac.cc b/content/common/sandbox_init_mac.cc index 7054a6e8..e39667b 100644 --- a/content/common/sandbox_init_wrapper_mac.cc +++ b/content/common/sandbox_init_mac.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "content/common/sandbox_init_wrapper.h" +#include "content/public/common/sandbox_init.h" #include "base/command_line.h" #include "base/file_path.h" @@ -10,16 +10,20 @@ #include "content/common/sandbox_mac.h" #include "content/public/common/content_switches.h" -bool SandboxInitWrapper::InitializeSandbox(const CommandLine& command_line, - const std::string& process_type) { +namespace content { + +bool InitializeSandbox() { using sandbox::Sandbox; + const CommandLine& command_line = *CommandLine::ForCurrentProcess(); if (command_line.HasSwitch(switches::kNoSandbox)) return true; Sandbox::SandboxProcessType sandbox_process_type; FilePath allowed_dir; // Empty by default. + std::string process_type = + command_line.GetSwitchValueASCII(switches::kProcessType); if (process_type.empty()) { // Browser process isn't sandboxed. return true; @@ -65,3 +69,5 @@ bool SandboxInitWrapper::InitializeSandbox(const CommandLine& command_line, // Actually sandbox the process. return Sandbox::EnableSandbox(sandbox_process_type, allowed_dir); } + +} // namespace content diff --git a/content/common/sandbox_init_win.cc b/content/common/sandbox_init_win.cc new file mode 100644 index 0000000..3a58ca2 --- /dev/null +++ b/content/common/sandbox_init_win.cc @@ -0,0 +1,63 @@ +// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "content/public/common/sandbox_init.h" + +#include "base/command_line.h" +#include "base/logging.h" +#include "content/common/sandbox_policy.h" +#include "content/public/common/content_switches.h" +#include "sandbox/src/sandbox.h" +#include "sandbox/src/sandbox_types.h" + +namespace content { + +bool InitializeSandbox( + sandbox::SandboxInterfaceInfo* sandbox_info) { + const CommandLine& command_line = *CommandLine::ForCurrentProcess(); + std::string process_type = + command_line.GetSwitchValueASCII(switches::kProcessType); + if (process_type.empty() || process_type == switches::kNaClBrokerProcess) { + // IMPORTANT: This piece of code needs to run as early as possible in the + // process because it will initialize the sandbox broker, which requires the + // process to swap its window station. During this time all the UI will be + // broken. This has to run before threads and windows are created. + sandbox::BrokerServices* broker_services = sandbox_info->broker_services; + if (broker_services) { + sandbox::InitBrokerServices(broker_services); + if (!command_line.HasSwitch(switches::kNoSandbox)) { + bool use_winsta = !command_line.HasSwitch( + switches::kDisableAltWinstation); + // Precreate the desktop and window station used by the renderers. + sandbox::TargetPolicy* policy = broker_services->CreatePolicy(); + sandbox::ResultCode result = policy->CreateAlternateDesktop(use_winsta); + CHECK(sandbox::SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION != result); + policy->Release(); + } + } + return true; + } + + if (command_line.HasSwitch(switches::kNoSandbox)) + return true; + + sandbox::TargetServices* target_services = sandbox_info->target_services; + if ((process_type == switches::kRendererProcess) || + (process_type == switches::kWorkerProcess) || + (process_type == switches::kNaClLoaderProcess) || + (process_type == switches::kUtilityProcess)) { + // The above five process types must be sandboxed unless --no-sandbox + // is present in the command line. + if (!target_services) + return false; + } else { + // Other process types might or might not be sandboxed. + // TODO(cpu): clean this mess. + if (!target_services) + return true; + } + return (sandbox::SBOX_ALL_OK == target_services->Init()); +} + +} // namespace content diff --git a/content/common/sandbox_init_wrapper.h b/content/common/sandbox_init_wrapper.h deleted file mode 100644 index fcc096a..0000000 --- a/content/common/sandbox_init_wrapper.h +++ /dev/null @@ -1,72 +0,0 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CONTENT_COMMON_SANDBOX_INIT_WRAPPER_H_ -#define CONTENT_COMMON_SANDBOX_INIT_WRAPPER_H_ -#pragma once - -// Wraps the sandbox initialization and platform variables to consolodate -// the code and reduce the number of platform ifdefs elsewhere. The POSIX -// version of this wrapper is basically empty. - -#include "build/build_config.h" - -#include <string> - -#include "base/basictypes.h" -#include "content/common/content_export.h" - -#if defined(OS_WIN) -#include "sandbox/src/sandbox.h" -#endif - -class CommandLine; - -#if defined(OS_WIN) - -class CONTENT_EXPORT SandboxInitWrapper { - public: - SandboxInitWrapper() : broker_services_(), target_services_() { } - // SetServices() needs to be called before InitializeSandbox() on Win32 with - // the info received from the chrome exe main. - void SetServices(sandbox::SandboxInterfaceInfo* sandbox_info); - sandbox::BrokerServices* BrokerServices() const { return broker_services_; } - sandbox::TargetServices* TargetServices() const { return target_services_; } - - // Initialize the sandbox for renderer, gpu, utility, worker, nacl, and - // plug-in processes, depending on the command line flags. The browser - // process is not sandboxed. - // Returns true if the sandbox was initialized succesfully, false if an error - // occurred. If process_type isn't one that needs sandboxing true is always - // returned. - bool InitializeSandbox(const CommandLine& parsed_command_line, - const std::string& process_type); - private: - sandbox::BrokerServices* broker_services_; - sandbox::TargetServices* target_services_; - - DISALLOW_COPY_AND_ASSIGN(SandboxInitWrapper); -}; - -#elif defined(OS_POSIX) - -class SandboxInitWrapper { - public: - SandboxInitWrapper() { } - - // Initialize the sandbox for renderer and plug-in processes, depending on - // the command line flags. The browser process is not sandboxed. - // Returns true if the sandbox was initialized succesfully, false if an error - // occurred. If process_type isn't one that needs sandboxing true is always - // returned. - bool InitializeSandbox(const CommandLine& parsed_command_line, - const std::string& process_type); - - private: - DISALLOW_COPY_AND_ASSIGN(SandboxInitWrapper); -}; - -#endif - -#endif // CONTENT_COMMON_SANDBOX_INIT_WRAPPER_H_ diff --git a/content/common/sandbox_init_wrapper_linux.cc b/content/common/sandbox_init_wrapper_linux.cc deleted file mode 100644 index 450bd2d..0000000 --- a/content/common/sandbox_init_wrapper_linux.cc +++ /dev/null @@ -1,13 +0,0 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "content/common/sandbox_init_wrapper.h" - -#include "base/command_line.h" - -bool SandboxInitWrapper::InitializeSandbox(const CommandLine& command_line, - const std::string& process_type) { - // TODO(port): Does Linux need to do anything here? - return true; -} diff --git a/content/common/sandbox_init_wrapper_win.cc b/content/common/sandbox_init_wrapper_win.cc deleted file mode 100644 index e430c8c..0000000 --- a/content/common/sandbox_init_wrapper_win.cc +++ /dev/null @@ -1,50 +0,0 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "content/common/sandbox_init_wrapper.h" - -#include "base/command_line.h" -#include "base/logging.h" -#include "content/public/common/content_switches.h" - -void SandboxInitWrapper::SetServices(sandbox::SandboxInterfaceInfo* info) { - if (!info) - return; - if (info->legacy) { - // Looks like we are in the case when the new chrome.dll is being launched - // by the old chrome.exe, the old chrome exe has SandboxInterfaceInfo as a - // union, while now we have a struct. - // TODO(cpu): Remove this nasty hack after M10 release. - broker_services_ = reinterpret_cast<sandbox::BrokerServices*>(info->legacy); - target_services_ = reinterpret_cast<sandbox::TargetServices*>(info->legacy); - } else { - // Normal case, both the exe and the dll are the same version. Both - // interface pointers cannot be non-zero. A process can either be a target - // or a broker but not both. - broker_services_ = info->broker_services; - target_services_ = info->target_services; - DCHECK(!(target_services_ && broker_services_)); - } -} - -bool SandboxInitWrapper::InitializeSandbox(const CommandLine& command_line, - const std::string& process_type) { - if (command_line.HasSwitch(switches::kNoSandbox)) - return true; - if ((process_type == switches::kRendererProcess) || - (process_type == switches::kWorkerProcess) || - (process_type == switches::kNaClLoaderProcess) || - (process_type == switches::kUtilityProcess)) { - // The above five process types must be sandboxed unless --no-sandbox - // is present in the command line. - if (!target_services_) - return false; - } else { - // Other process types might or might not be sandboxed. - // TODO(cpu): clean this mess. - if (!target_services_) - return true; - } - return (sandbox::SBOX_ALL_OK == target_services_->Init()); -} diff --git a/content/content_app.gypi b/content/content_app.gypi index 545080f..baa5207 100644 --- a/content/content_app.gypi +++ b/content/content_app.gypi @@ -16,8 +16,8 @@ 'app/content_main.cc', 'app/content_main.h', 'app/startup_helper_win.cc', - 'app/startup_helper_win.h', 'public/app/content_main_delegate.h', + 'public/app/startup_helper_win.h', ], 'conditions': [ ['OS=="win"', { diff --git a/content/content_common.gypi b/content/content_common.gypi index 1a276bb..505846d 100644 --- a/content/content_common.gypi +++ b/content/content_common.gypi @@ -47,6 +47,7 @@ 'public/common/pepper_plugin_info.h', 'public/common/resource_dispatcher_delegate.h', 'public/common/result_codes.h', + 'public/common/sandbox_init.h', 'public/common/security_style.h', 'public/common/serialized_script_value.cc', 'public/common/serialized_script_value.h', @@ -206,10 +207,8 @@ 'common/resource_messages.h', 'common/resource_response.cc', 'common/resource_response.h', - 'common/sandbox_init_wrapper.h', - 'common/sandbox_init_wrapper_linux.cc', - 'common/sandbox_init_wrapper_mac.cc', - 'common/sandbox_init_wrapper_win.cc', + 'common/sandbox_init_mac.cc', + 'common/sandbox_init_win.cc', 'common/sandbox_mac.h', 'common/sandbox_mac.mm', 'common/sandbox_methods_linux.h', diff --git a/content/gpu/gpu_main.cc b/content/gpu/gpu_main.cc index e3217109..a4bb494 100644 --- a/content/gpu/gpu_main.cc +++ b/content/gpu/gpu_main.cc @@ -36,7 +36,7 @@ int GpuMain(const MainFunctionParams& parameters) { base::Time start_time = base::Time::Now(); - const CommandLine& command_line = parameters.command_line_; + const CommandLine& command_line = parameters.command_line; if (command_line.HasSwitch(switches::kGpuStartupDialog)) { ChildProcess::WaitForDebugger("Gpu"); } @@ -77,7 +77,7 @@ int GpuMain(const MainFunctionParams& parameters) { #if defined(OS_WIN) sandbox::TargetServices* target_services = - parameters.sandbox_info_.TargetServices(); + parameters.sandbox_info->target_services; // For windows, if the target_services interface is not zero, the process // is sandboxed and we must call LowerToken() before rendering untrusted // content. diff --git a/content/plugin/plugin_main.cc b/content/plugin/plugin_main.cc index 1f927459..8a5d0ff 100644 --- a/content/plugin/plugin_main.cc +++ b/content/plugin/plugin_main.cc @@ -89,7 +89,7 @@ int PluginMain(const MainFunctionParams& parameters) { base::SystemMonitor system_monitor; HighResolutionTimerManager high_resolution_timer_manager; - const CommandLine& parsed_command_line = parameters.command_line_; + const CommandLine& parsed_command_line = parameters.command_line; #if defined(OS_LINUX) @@ -99,7 +99,7 @@ int PluginMain(const MainFunctionParams& parameters) { #elif defined(OS_WIN) sandbox::TargetServices* target_services = - parameters.sandbox_info_.TargetServices(); + parameters.sandbox_info->target_services; CoInitialize(NULL); DVLOG(1) << "Started plugin with " diff --git a/content/ppapi_plugin/ppapi_broker_main.cc b/content/ppapi_plugin/ppapi_broker_main.cc index 8789a61..f2a546e 100644 --- a/content/ppapi_plugin/ppapi_broker_main.cc +++ b/content/ppapi_plugin/ppapi_broker_main.cc @@ -12,7 +12,7 @@ // Main function for starting the PPAPI broker process. int PpapiBrokerMain(const MainFunctionParams& parameters) { - const CommandLine& command_line = parameters.command_line_; + const CommandLine& command_line = parameters.command_line; if (command_line.HasSwitch(switches::kPpapiStartupDialog)) { ChildProcess::WaitForDebugger("PpapiBroker"); } diff --git a/content/ppapi_plugin/ppapi_plugin_main.cc b/content/ppapi_plugin/ppapi_plugin_main.cc index f732c12..11d771d 100644 --- a/content/ppapi_plugin/ppapi_plugin_main.cc +++ b/content/ppapi_plugin/ppapi_plugin_main.cc @@ -29,10 +29,10 @@ void* g_target_services = 0; // Main function for starting the PPAPI plugin process. int PpapiPluginMain(const MainFunctionParams& parameters) { - const CommandLine& command_line = parameters.command_line_; + const CommandLine& command_line = parameters.command_line; #if defined(OS_WIN) - g_target_services = parameters.sandbox_info_.TargetServices(); + g_target_services = parameters.sandbox_info->target_services; #endif // If |g_target_services| is not null this process is sandboxed. One side diff --git a/content/ppapi_plugin/ppapi_thread.cc b/content/ppapi_plugin/ppapi_thread.cc index d0e9b6c..1bb38b1 100644 --- a/content/ppapi_plugin/ppapi_thread.cc +++ b/content/ppapi_plugin/ppapi_thread.cc @@ -11,11 +11,11 @@ #include "base/rand_util.h" #include "base/stringprintf.h" #include "content/common/child_process.h" -#include "content/common/sandbox_init_wrapper.h" #include "content/ppapi_plugin/broker_process_dispatcher.h" #include "content/ppapi_plugin/plugin_process_dispatcher.h" #include "content/ppapi_plugin/ppapi_webkit_thread.h" #include "content/public/common/content_switches.h" +#include "content/public/common/sandbox_init.h" #include "ipc/ipc_channel_handle.h" #include "ipc/ipc_sync_channel.h" #include "ppapi/c/dev/ppp_network_state_dev.h" @@ -201,11 +201,9 @@ void PpapiThread::OnMsgLoadPlugin(const FilePath& path) { // We need to do this after getting |PPP_GetInterface()| (or presumably // doing something nontrivial with the library), else the sandbox // intercedes. - CommandLine* parsed_command_line = CommandLine::ForCurrentProcess(); - SandboxInitWrapper sandbox_wrapper; - if (!sandbox_wrapper.InitializeSandbox(*parsed_command_line, - switches::kPpapiPluginProcess)) + if (!content::InitializeSandbox()) { LOG(WARNING) << "Failed to initialize sandbox"; + } #endif // Get the InitializeModule function (required). diff --git a/content/app/startup_helper_win.h b/content/public/app/startup_helper_win.h index e20b638..2ed5e3f 100644 --- a/content/app/startup_helper_win.h +++ b/content/public/app/startup_helper_win.h @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef CONTENT_APP_STARTUP_HELPER_WIN_H_ -#define CONTENT_APP_STARTUP_HELPER_WIN_H_ +#ifndef CONTENT_PUBLIC_APP_STARTUP_HELPER_WIN_H_ +#define CONTENT_PUBLIC_APP_STARTUP_HELPER_WIN_H_ #pragma once class CommandLine; @@ -31,4 +31,4 @@ void SetupCRT(const CommandLine& command_line); } // namespace content -#endif // CONTENT_APP_STARTUP_HELPER_WIN_H_ +#endif // CONTENT_PUBLIC_APP_STARTUP_HELPER_WIN_H_ diff --git a/content/public/common/sandbox_init.h b/content/public/common/sandbox_init.h new file mode 100644 index 0000000..3415e0d --- /dev/null +++ b/content/public/common/sandbox_init.h @@ -0,0 +1,36 @@ +// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ +#define CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ +#pragma once + +#include "build/build_config.h" +#include "content/common/content_export.h" + +#if defined(OS_WIN) +namespace sandbox { +struct SandboxInterfaceInfo; +} +#endif + +namespace content { + +// Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plug-in +// processes, depending on the command line flags. Although The browser process +// is not sandboxed, this also needs to be called because it will initialize +// the broker code. +// Returns true if the sandbox was initialized succesfully, false if an error +// occurred. If process_type isn't one that needs sandboxing true is always +// returned. +#if defined(OS_WIN) +CONTENT_EXPORT bool InitializeSandbox( + sandbox::SandboxInterfaceInfo* sandbox_info); +#elif defined(OS_MACOSX) +CONTENT_EXPORT bool InitializeSandbox(); +#endif + +} // namespace content + +#endif // CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ diff --git a/content/renderer/renderer_main.cc b/content/renderer/renderer_main.cc index b5147c5..8d21de0 100644 --- a/content/renderer/renderer_main.cc +++ b/content/renderer/renderer_main.cc @@ -5,7 +5,6 @@ #include "base/command_line.h" #include "base/debug/trace_event.h" #include "base/i18n/rtl.h" -#include "base/mac/scoped_nsautorelease_pool.h" #include "base/memory/ref_counted.h" #include "base/metrics/field_trial.h" #include "base/message_loop.h" @@ -33,6 +32,7 @@ #include <unistd.h> #include "base/mac/mac_util.h" +#include "base/mac/scoped_nsautorelease_pool.h" #include "third_party/mach_override/mach_override.h" #include "third_party/WebKit/Source/WebKit/chromium/public/WebView.h" #endif // OS_MACOSX @@ -124,10 +124,10 @@ class RendererMessageLoopObserver : public MessageLoop::TaskObserver { int RendererMain(const MainFunctionParams& parameters) { TRACE_EVENT_BEGIN_ETW("RendererMain", 0, ""); - const CommandLine& parsed_command_line = parameters.command_line_; - base::mac::ScopedNSAutoreleasePool* pool = parameters.autorelease_pool_; + const CommandLine& parsed_command_line = parameters.command_line; #if defined(OS_MACOSX) + base::mac::ScopedNSAutoreleasePool* pool = parameters.autorelease_pool; InstallFrameworkHacks(); #endif // OS_MACOSX @@ -222,8 +222,10 @@ int RendererMain(const MainFunctionParams& parameters) { startup_timer.Stop(); // End of Startup Time Measurement. if (run_loop) { +#if defined(OS_MACOSX) if (pool) pool->Recycle(); +#endif TRACE_EVENT_BEGIN_ETW("RendererMain.START_MSG_LOOP", 0, 0); MessageLoop::current()->Run(); TRACE_EVENT_END_ETW("RendererMain.START_MSG_LOOP", 0, 0); diff --git a/content/renderer/renderer_main_platform_delegate.h b/content/renderer/renderer_main_platform_delegate.h index 630f2f1..b98eb0a 100644 --- a/content/renderer/renderer_main_platform_delegate.h +++ b/content/renderer/renderer_main_platform_delegate.h @@ -6,6 +6,13 @@ #define CHROME_RENDERER_RENDERER_MAIN_PLATFORM_DELEGATE_H_ #pragma once +#include "build/build_config.h" + +#if defined(OS_WIN) +#include <windows.h> +#endif + +#include "base/basictypes.h" #include "content/common/content_export.h" #include "content/common/main_function_params.h" diff --git a/content/renderer/renderer_main_platform_delegate_mac.mm b/content/renderer/renderer_main_platform_delegate_mac.mm index ab17d012..c430733 100644 --- a/content/renderer/renderer_main_platform_delegate_mac.mm +++ b/content/renderer/renderer_main_platform_delegate_mac.mm @@ -14,6 +14,7 @@ #import "content/common/chrome_application_mac.h" #include "content/common/sandbox_mac.h" #include "content/public/common/content_switches.h" +#include "content/public/common/sandbox_init.h" #include "third_party/WebKit/Source/WebKit/mac/WebCoreSupport/WebSystemInterface.h" RendererMainPlatformDelegate::RendererMainPlatformDelegate( @@ -54,7 +55,7 @@ static void LogTestMessage(std::string message, bool is_error) { } bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { - const CommandLine& command_line = parameters_.command_line_; + const CommandLine& command_line = parameters_.command_line; if (command_line.HasSwitch(switches::kTestSandbox)) { std::string bundle_path = @@ -76,10 +77,7 @@ bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { } bool RendererMainPlatformDelegate::EnableSandbox() { - CommandLine* parsed_command_line = CommandLine::ForCurrentProcess(); - SandboxInitWrapper sandbox_wrapper; - return sandbox_wrapper.InitializeSandbox(*parsed_command_line, - switches::kRendererProcess); + return content::InitializeSandbox(); } void RendererMainPlatformDelegate::RunSandboxTests() { diff --git a/content/renderer/renderer_main_platform_delegate_win.cc b/content/renderer/renderer_main_platform_delegate_win.cc index e3b97e0..c917f0d 100644 --- a/content/renderer/renderer_main_platform_delegate_win.cc +++ b/content/renderer/renderer_main_platform_delegate_win.cc @@ -73,7 +73,7 @@ RendererMainPlatformDelegate::~RendererMainPlatformDelegate() { void RendererMainPlatformDelegate::PlatformInitialize() { // Be mindful of what resources you acquire here. They can be used by // malicious code if the renderer gets compromised. - const CommandLine& command_line = parameters_.command_line_; + const CommandLine& command_line = parameters_.command_line; bool no_sandbox = command_line.HasSwitch(switches::kNoSandbox); EnableThemeSupportForRenderer(no_sandbox); @@ -92,12 +92,12 @@ void RendererMainPlatformDelegate::PlatformUninitialize() { } bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { - const CommandLine& command_line = parameters_.command_line_; + const CommandLine& command_line = parameters_.command_line; DVLOG(1) << "Started renderer with " << command_line.GetCommandLineString(); sandbox::TargetServices* target_services = - parameters_.sandbox_info_.TargetServices(); + parameters_.sandbox_info->target_services; if (target_services && !no_sandbox) { std::wstring test_dll_name = @@ -115,7 +115,7 @@ bool RendererMainPlatformDelegate::InitSandboxTests(bool no_sandbox) { bool RendererMainPlatformDelegate::EnableSandbox() { sandbox::TargetServices* target_services = - parameters_.sandbox_info_.TargetServices(); + parameters_.sandbox_info->target_services; if (target_services) { // Cause advapi32 to load before the sandbox is turned on. diff --git a/content/shell/shell_main.cc b/content/shell/shell_main.cc index d6b2dde..b998aed 100644 --- a/content/shell/shell_main.cc +++ b/content/shell/shell_main.cc @@ -8,7 +8,7 @@ #include "sandbox/src/sandbox_types.h" #if defined(OS_WIN) -#include "content/app/startup_helper_win.h" +#include "content/public/app/startup_helper_win.h" #endif #if defined(OS_WIN) diff --git a/content/test/browser_test_base.cc b/content/test/browser_test_base.cc index 57ca142..d1f89f8 100644 --- a/content/test/browser_test_base.cc +++ b/content/test/browser_test_base.cc @@ -27,10 +27,7 @@ BrowserTestBase::~BrowserTestBase() { } void BrowserTestBase::SetUp() { - SandboxInitWrapper sandbox_wrapper; - MainFunctionParams params(*CommandLine::ForCurrentProcess(), - sandbox_wrapper, - NULL); + MainFunctionParams params(*CommandLine::ForCurrentProcess()); params.ui_task = NewRunnableMethod(this, &BrowserTestBase::ProxyRunTestOnMainThreadLoop); diff --git a/content/test/content_browser_test.cc b/content/test/content_browser_test.cc index 2f97e0e..b1dddd0 100644 --- a/content/test/content_browser_test.cc +++ b/content/test/content_browser_test.cc @@ -5,12 +5,15 @@ #include "content/test/content_browser_test.h" #include "base/debug/stack_trace.h" -#include "base/mac/scoped_nsautorelease_pool.h" #include "base/message_loop.h" #include "content/shell/shell.h" #include "content/shell/shell_main_delegate.h" #include "content/test/test_content_client.h" +#if defined(OS_MACOSX) +#include "base/mac/scoped_nsautorelease_pool.h" +#endif + ContentBrowserTest::ContentBrowserTest() { } @@ -46,6 +49,7 @@ void ContentBrowserTest::RunTestOnMainThreadLoop() { signal(SIGTERM, DumpStackTraceSignalHandler); #endif // defined(OS_POSIX) +#if defined(OS_MACOSX) // On Mac, without the following autorelease pool, code which is directly // executed (as opposed to executed inside a message loop) would autorelease // objects into a higher-level pool. This pool is not recycled in-sync with @@ -54,14 +58,22 @@ void ContentBrowserTest::RunTestOnMainThreadLoop() { // browser shutdown). To avoid this, the following pool is recycled after each // time code is directly executed. base::mac::ScopedNSAutoreleasePool pool; +#endif // Pump startup related events. MessageLoopForUI::current()->RunAllPending(); + +#if defined(OS_MACOSX) pool.Recycle(); +#endif RunTestOnMainThread(); +#if defined(OS_MACOSX) pool.Recycle(); +#endif MessageLoopForUI::current()->Quit(); +#if defined(OS_MACOSX) pool.Recycle(); +#endif } diff --git a/content/test/content_test_launcher.cc b/content/test/content_test_launcher.cc index f5074cd8..f2cd5a3 100644 --- a/content/test/content_test_launcher.cc +++ b/content/test/content_test_launcher.cc @@ -15,7 +15,7 @@ #include "content/shell/shell_main_delegate.h" #if defined(OS_WIN) -#include "content/app/startup_helper_win.h" +#include "content/public/app/startup_helper_win.h" #include "sandbox/src/sandbox_types.h" #endif // defined(OS_WIN) diff --git a/content/test/render_view_test.cc b/content/test/render_view_test.cc index 5ac9ff1..eacb390 100644 --- a/content/test/render_view_test.cc +++ b/content/test/render_view_test.cc @@ -96,10 +96,8 @@ void RenderViewTest::SetUp() { render_thread_.reset(new MockRenderThread()); render_thread_->set_routing_id(kRouteId); - sandbox_init_wrapper_.reset(new SandboxInitWrapper()); command_line_.reset(new CommandLine(CommandLine::NO_PROGRAM)); - params_.reset(new MainFunctionParams(*command_line_, *sandbox_init_wrapper_, - NULL)); + params_.reset(new MainFunctionParams(*command_line_)); platform_.reset(new RendererMainPlatformDelegate(*params_)); platform_->PlatformInitialize(); @@ -154,7 +152,6 @@ void RenderViewTest::TearDown() { platform_.reset(); params_.reset(); command_line_.reset(); - sandbox_init_wrapper_.reset(); } int RenderViewTest::SendKeyEvent(MockKeyboard::Layout layout, diff --git a/content/test/render_view_test.h b/content/test/render_view_test.h index 1d3a6a5..e2b995a 100644 --- a/content/test/render_view_test.h +++ b/content/test/render_view_test.h @@ -12,7 +12,6 @@ #include "base/memory/scoped_ptr.h" #include "base/message_loop.h" #include "content/common/main_function_params.h" -#include "content/common/sandbox_init_wrapper.h" #include "content/public/browser/native_web_keyboard_event.h" #include "content/renderer/mock_content_renderer_client.h" #include "content/renderer/renderer_webkitplatformsupport_impl.h" @@ -126,7 +125,6 @@ class RenderViewTest : public testing::Test { scoped_ptr<RendererMainPlatformDelegate> platform_; scoped_ptr<MainFunctionParams> params_; scoped_ptr<CommandLine> command_line_; - scoped_ptr<SandboxInitWrapper> sandbox_init_wrapper_; }; } // namespace content diff --git a/content/test/test_launcher.cc b/content/test/test_launcher.cc index 729384b..dde7d19 100644 --- a/content/test/test_launcher.cc +++ b/content/test/test_launcher.cc @@ -12,7 +12,6 @@ #include "base/file_util.h" #include "base/hash_tables.h" #include "base/logging.h" -#include "base/mac/scoped_nsautorelease_pool.h" #include "base/memory/linked_ptr.h" #include "base/memory/scoped_ptr.h" #include "base/process_util.h" @@ -33,6 +32,8 @@ #include "sandbox/src/dep.h" #include "sandbox/src/sandbox_factory.h" #include "sandbox/src/sandbox_types.h" +#elif defined(OS_MACOSX) +#include "base/mac/scoped_nsautorelease_pool.h" #endif namespace test_launcher { @@ -302,9 +303,11 @@ int GetTestTerminationTimeout(const std::string& test_name, int RunTest(TestLauncherDelegate* launcher_delegate, const std::string& test_name, int default_timeout_ms) { +#if defined(OS_MACOSXS) // Some of the below method calls will leak objects if there is no // autorelease pool in place. base::mac::ScopedNSAutoreleasePool pool; +#endif const CommandLine* cmd_line = CommandLine::ForCurrentProcess(); CommandLine new_cmd_line(cmd_line->GetProgram()); diff --git a/content/utility/utility_main.cc b/content/utility/utility_main.cc index f97d1d3..ccbdc65 100644 --- a/content/utility/utility_main.cc +++ b/content/utility/utility_main.cc @@ -29,10 +29,10 @@ int UtilityMain(const MainFunctionParams& parameters) { utility_process.set_main_thread(new UtilityThreadImpl()); #if defined(OS_WIN) - bool no_sandbox = parameters.command_line_.HasSwitch(switches::kNoSandbox); + bool no_sandbox = parameters.command_line.HasSwitch(switches::kNoSandbox); if (!no_sandbox) { sandbox::TargetServices* target_services = - parameters.sandbox_info_.TargetServices(); + parameters.sandbox_info->target_services; if (!target_services) return false; target_services->LowerToken(); diff --git a/content/worker/worker_main.cc b/content/worker/worker_main.cc index 70e0aaf..8182a23 100644 --- a/content/worker/worker_main.cc +++ b/content/worker/worker_main.cc @@ -14,7 +14,7 @@ #include "content/worker/worker_thread.h" #if defined(OS_WIN) -#include "content/common/sandbox_init_wrapper.h" +#include "content/public/common/sandbox_init.h" #include "sandbox/src/sandbox.h" #endif @@ -31,7 +31,7 @@ int WorkerMain(const MainFunctionParams& parameters) { worker_process.set_main_thread(new WorkerThread()); #if defined(OS_WIN) sandbox::TargetServices* target_services = - parameters.sandbox_info_.TargetServices(); + parameters.sandbox_info->target_services; if (!target_services) return false; @@ -45,7 +45,7 @@ int WorkerMain(const MainFunctionParams& parameters) { target_services->LowerToken(); #endif - const CommandLine& parsed_command_line = parameters.command_line_; + const CommandLine& parsed_command_line = parameters.command_line; if (parsed_command_line.HasSwitch(switches::kWaitForDebugger)) { ChildProcess::WaitForDebugger("Worker"); } |