summaryrefslogtreecommitdiffstats
path: root/sandbox
Commit message (Collapse)AuthorAgeFilesLines
* Make sandbox target a settings target type to fix a linker error.craig.schlenter@chromium.org2011-08-111-1/+1
| | | | | | | | | BUG=92164 TEST=Clobber build compiles, trybots Review URL: http://codereview.chromium.org/7602016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@96425 0039d316-1c4b-4281-b951-d872f2087c98
* Fixup bad include and usage of BASE_API, which should be BASE_EXPORT.darin@chromium.org2011-08-051-2/+2
| | | | | | | TBR=rvargas@chromium.org Review URL: http://codereview.chromium.org/7582007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@95619 0039d316-1c4b-4281-b951-d872f2087c98
* Hook GetUserDefaultLCID () to prevent crashes on attempting to connect to ↵jschuh@chromium.org2011-08-027-10/+36
| | | | | | | | | | CSRSS after lockdown. BUG=91216 TEST=None. Review URL: http://codereview.chromium.org/7541034 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@95144 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Fix a style nit. No actual code change.rvargas@google.com2011-08-021-3/+4
| | | | | | | | BUG=NONE TEST=NONE Review URL: http://codereview.chromium.org/7546001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@95102 0039d316-1c4b-4281-b951-d872f2087c98
* seccomp: simplify enable/disable logicevan@chromium.org2011-07-291-23/+11
| | | | | | | | | | | | | | 1) Only compile in seccomp code at all if it's on a platform we intend to support (non-ChromeOS non-ARM non-Views Linux). 2) Move usage of seccomp code behind a define and usage of seccomp flags into a function call. The former helps catch bugs in the latter: it will be a link error if I accidentally break the enable/disable logic in code. Review URL: http://codereview.chromium.org/7519016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@94784 0039d316-1c4b-4281-b951-d872f2087c98
* Disable UnloadDllTest.BaselineAvicapDllsergeyu@chromium.org2011-07-271-1/+1
| | | | | | | | | | BUG=80569 TEST=None TBR=cpu@chromium.org Review URL: http://codereview.chromium.org/7520004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@94333 0039d316-1c4b-4281-b951-d872f2087c98
* Re-enabling chrome-sandbox for Clang builds.glotov@google.com2011-07-271-2/+2
| | | | | | | | | | | As Clang now (since #13349 -- hans) supports asm .common directive, we may re-enable chrome-sandbox for Clang builds. BUG=chromium-os:16717, chromium:70871, chromium-os:88578 TEST=none Review URL: http://codereview.chromium.org/7233011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@94271 0039d316-1c4b-4281-b951-d872f2087c98
* Warm up GetUserDefaultLangID before closing client ALPC connections.jschuh@chromium.org2011-07-261-0/+7
| | | | | | | | BUG=90492 TEST=Run Chrome on 32-bit Windows 7 or Vista Review URL: http://codereview.chromium.org/7461092 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@94169 0039d316-1c4b-4281-b951-d872f2087c98
* Remove explicit keyword from multi-argument (w/o default values) constructorsdilmah@chromium.org2011-07-261-1/+1
| | | | | | | | | BUG=None TEST=None Review URL: http://codereview.chromium.org/7477008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@94115 0039d316-1c4b-4281-b951-d872f2087c98
* Close all open ALPC client ports at lockdown.jschuh@chromium.org2011-07-2412-6/+154
| | | | | | | | | | Close out the CSRSS and LSASS ALPC client ports that are opened during initialization. BUG=58069 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.RunThreadPool Review URL: http://codereview.chromium.org/7490002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93827 0039d316-1c4b-4281-b951-d872f2087c98
* Add a sandbox API to allow closing open handles at lockdown. jschuh@chromium.org2011-07-2111-9/+613
| | | | | | | | | | | BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=93274 Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=93308 Review URL: http://codereview.chromium.org/7253054 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93321 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 93308 - Add a sandbox API to allow closing open handles at lockdown. jschuh@chromium.org2011-07-2111-602/+9
| | | | | | | | | | | | | BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=93274 Review URL: http://codereview.chromium.org/7253054 TBR=jschuh@chromium.org Review URL: http://codereview.chromium.org/7473022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93315 0039d316-1c4b-4281-b951-d872f2087c98
* Add a sandbox API to allow closing open handles at lockdown. jschuh@chromium.org2011-07-2111-9/+602
| | | | | | | | | | BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=93274 Review URL: http://codereview.chromium.org/7253054 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93308 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 93274 - Add a sandbox API to allow closing open handles at lockdown. jschuh@chromium.org2011-07-2011-605/+9
| | | | | | | | | | | | BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Review URL: http://codereview.chromium.org/7253054 TBR=jschuh@chromium.org Review URL: http://codereview.chromium.org/7471021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93284 0039d316-1c4b-4281-b951-d872f2087c98
* Add a sandbox API to allow closing open handles at lockdown. jschuh@chromium.org2011-07-2011-9/+605
| | | | | | | | | BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Review URL: http://codereview.chromium.org/7253054 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93274 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 93113 - Add a sandbox API to allow closing open handles at lockdown.jschuh@chromium.org2011-07-1911-582/+9
| | | | | | | | | | | | | | Reverting on suspicion that it's related to NaCl test breakage. BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Review URL: http://codereview.chromium.org/7253054 TBR=jschuh@chromium.org Review URL: http://codereview.chromium.org/7462003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93128 0039d316-1c4b-4281-b951-d872f2087c98
* Add a sandbox API to allow closing open handles at lockdown.jschuh@chromium.org2011-07-1911-9/+582
| | | | | | | | | BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Review URL: http://codereview.chromium.org/7253054 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93113 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 92887 - Add a sandbox API to allow closing open handles at lockdown.jschuh@chromium.org2011-07-1811-552/+9
| | | | | | | | | | | | BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Review URL: http://codereview.chromium.org/7253054 TBR=jschuh@chromium.org Review URL: http://codereview.chromium.org/7398035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92906 0039d316-1c4b-4281-b951-d872f2087c98
* Add a sandbox API to allow closing open handles at lockdown.jschuh@chromium.org2011-07-1811-9/+552
| | | | | | | | | BUG=58069 BUG=74242 TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.* Review URL: http://codereview.chromium.org/7253054 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92887 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 92563 - Had a bug in the handle table unit test. Added GetHandleName ↵jschuh@chromium.org2011-07-143-63/+23
| | | | | | | | | | | | | to fix the bug and make handle management easier. TEST=sbox_unittests --gtest_filter=HandleTable.* BUG=89325 Review URL: http://codereview.chromium.org/7346027 TBR=jschuh@chromium.org Review URL: http://codereview.chromium.org/7379001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92568 0039d316-1c4b-4281-b951-d872f2087c98
* Had a bug in the handle table unit test. Added GetHandleName to fix the bug ↵jschuh@chromium.org2011-07-143-23/+63
| | | | | | | | | | and make handle management easier. TEST=sbox_unittests --gtest_filter=HandleTable.* BUG=89325 Review URL: http://codereview.chromium.org/7346027 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92563 0039d316-1c4b-4281-b951-d872f2087c98
* Revert "Had a bug in the handle table unit test. Added GetHandleName to fix ↵evan@chromium.org2011-07-133-32/+14
| | | | | | | | the bug and make handle management easier." This reverts commit r92403. Failed on Windows. git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92412 0039d316-1c4b-4281-b951-d872f2087c98
* Add COMPONENT_BUILD global define. darin@chromium.org2011-07-131-0/+1
| | | | | | | | | | | | | | | | | | | | | This avoids the need to define FOO_DLL macros for each project that we wish to optionally build as a DLL (when component=="shared_library"). This in turn means that we do not need direct_dependent_settings to define FOO_DLL, and that means that we don't need to update projects to convert transitive dependencies into explicit dependencies. This makes the component build more consistent with the static build. An alternative would be to use all_dependent_settings, but I feel that the global approach is simpler as it creates less repetition in each target definition for components. A side-effect of this change is that I needed to make base_nacl_win64 be a shared_library in the component build. R=rvargas,bradnelson,evan Review URL: http://codereview.chromium.org/7344022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92409 0039d316-1c4b-4281-b951-d872f2087c98
* Had a bug in the handle table unit test. Added GetHandleName to fix the bug ↵jschuh@chromium.org2011-07-133-14/+32
| | | | | | | | | | | | and make handle management easier. TEST=sbox_unittests --gtest_filter=HandleTable.* Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=91270 Review URL: http://codereview.chromium.org/7218066 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92403 0039d316-1c4b-4281-b951-d872f2087c98
* Revert "Add COMPONENT_BUILD global define. "yurys@chromium.org2011-07-131-1/+0
| | | | | | | | | | | | | The change broke compilation on Linux Builder (dbg)(shared): http://build.chromium.org/p/chromium/builders/Linux%20Builder%20%28dbg%29%28shared%29/builds/3365/steps/compile/logs/stdio TBR=darin BUG=None TEST=None Review URL: http://codereview.chromium.org/7352014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92329 0039d316-1c4b-4281-b951-d872f2087c98
* Add COMPONENT_BUILD global define. darin@chromium.org2011-07-131-0/+1
| | | | | | | | | | | | | | | | | | | | | | This avoids the need to define FOO_DLL macros for each project that we wish to optionally build as a DLL (when component=="shared_library"). This in turn means that we do not need direct_dependent_settings to define FOO_DLL, and that means that we don't need to update projects to convert transitive dependencies into explicit dependencies. This makes the component build more consistent with the static build. An alternative would be to use all_dependent_settings, but I feel that the global approach is simpler as it creates less repetition in each target definition for components. A side-effect of this change is that I needed to make base_nacl_win64 be a shared_library in the component build. R=rvargas,bradnelson Review URL: http://codereview.chromium.org/7344022 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92325 0039d316-1c4b-4281-b951-d872f2087c98
* Remove the comments setting emands and vim tab width and expansion variables.tony@chromium.org2011-07-111-6/+0
| | | | | | | | | | | | | | | | | These were added in r28089 (http://codereview.chromium.org/256059) but are unnecessary bloat for everyone to carry around, even those that don't use emacs or vim. In an earlier change, I added editor config files in src/tools/emacs/ and src/tools/vim/ so users of the appropriate editor can source those instead. BUG=none TEST=none Review URL: http://codereview.chromium.org/7310019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92046 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 91270 - sbox_unittests HandleTable.FindTable failing on Win XP & Vistarsleevi@chromium.org2011-07-013-32/+14
| | | | | | | | | | | | | | Had a bug in the handle table unit test. Added GetHandleName to fix the bug and make handle management easier. TEST=sbox_unittests --gtest_filter=HandleTable.* Review URL: http://codereview.chromium.org/7218066 TBR=jschuh@chromium.org Review URL: http://codereview.chromium.org/7292028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@91271 0039d316-1c4b-4281-b951-d872f2087c98
* Had a bug in the handle table unit test. Added GetHandleName to fix the bug ↵jschuh@chromium.org2011-07-013-14/+32
| | | | | | | | | | | and make handle management easier. TEST=sbox_unittests --gtest_filter=HandleTable.* Review URL: http://codereview.chromium.org/7218066 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@91270 0039d316-1c4b-4281-b951-d872f2087c98
* Avoid an extra if() which is not required and is wrongtimurrrr@chromium.org2011-06-281-13/+11
| | | | | | | | | | | | | | | | Info: a) args[i] is uninitialized for (i >= ipc_params->GetParamsCount()) and sometimes for smaller (i) as well (see GetArgs()). Hence, if() is wrong. b) However, when args[i] is uninitialized the ipc_params->args[i] holds INVALID_TYPE. Hence, the if() is redundant. BUG=87078 TEST=no more uninit reports under Dr. Memory Review URL: http://codereview.chromium.org/7234009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@90742 0039d316-1c4b-4281-b951-d872f2087c98
* Minor change to use ResolveNTFunctionPtr rather than calling GetProcAddress ↵jschuh@chromium.org2011-06-272-22/+7
| | | | | | | | | | directly. BUG=None. TEST=None. Review URL: http://codereview.chromium.org/7276003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@90638 0039d316-1c4b-4281-b951-d872f2087c98
* Modifying ResolveNTFunctionPtr in an attempt to eliminate crashes on random ↵jschuh@chromium.org2011-06-271-7/+18
| | | | | | | | | | unresolved functions. BUG=11789 TEST=None. Review URL: http://codereview.chromium.org/7276004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@90614 0039d316-1c4b-4281-b951-d872f2087c98
* Factor Windows handle enumeration code into its own classesI did some ↵jschuh@chromium.org2011-06-245-0/+512
| | | | | | | | | | general cleanup and isolated out the handle enumeration. TEST=sbox_unittests.exe --gtest_filter=HandleTable.* BUG=86521 Review URL: http://codereview.chromium.org/7206007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@90449 0039d316-1c4b-4281-b951-d872f2087c98
* Remove msvs_guids from ipc, media, net, ppapi, printing, sandbox,tony@chromium.org2011-06-161-2/+0
| | | | | | | | | | sdch, skia, and testing. BUG=28727 Review URL: http://codereview.chromium.org/7165009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@89369 0039d316-1c4b-4281-b951-d872f2087c98
* Add a flag to print the handles held by a child process when it shuts down.cdn@chromium.org2011-06-091-2/+37
| | | | | | | | | This will allow us to make tests that audit for extra handles and permissions being added to sandboxed processes. BUG=85212 Review URL: http://codereview.chromium.org/7054080 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@88602 0039d316-1c4b-4281-b951-d872f2087c98
* Get rid of content dependency from sandbox_policy.hjam@chromium.org2011-05-271-1/+2
| | | | | | | BUG=76697 Review URL: http://codereview.chromium.org/7074025 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@87093 0039d316-1c4b-4281-b951-d872f2087c98
* Final gyp patch to make use of the new cross-platform POSIX defines ↵tony@chromium.org2011-05-231-1/+1
| | | | | | | | toolkit_uses_gtk, os_posix, and use_x11. For lists of source files that use a mix of POSIX and Gtk APIs, toolkit_uses_gtk was given precedence. Solaris was made to use ALSA also, as libasound has been ported to FreeBSD and Solaris as a wrapper around the native OSS. Review URL: http://codereview.chromium.org/7055003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@86352 0039d316-1c4b-4281-b951-d872f2087c98
* Globally replace <(library) with static_libraryevan@chromium.org2011-05-191-3/+3
| | | | | | | | | | | We provided <(library) as a variable to support a peculiar build configuration on Linux. We no longer support that build configuration, so we can simplify this code to no longer use a variable. Review URL: http://codereview.chromium.org/7051014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@86004 0039d316-1c4b-4281-b951-d872f2087c98
* linux: components buildevan@chromium.org2011-05-021-2/+4
| | | | | | | | Reapply r83630, r83629, r83583, and fix the one compile error. TBR=rvargas git-svn-id: svn://svn.chromium.org/chrome/trunk/src@83740 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 83629 - linux components: expose more BASE_API used by Chrome itselfmaf@chromium.org2011-04-301-2/+2
| | | | | | | | | Review URL: http://codereview.chromium.org/6902177 TBR=evan@chromium.org Review URL: http://codereview.chromium.org/6903159 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@83635 0039d316-1c4b-4281-b951-d872f2087c98
* linux components: expose more BASE_API used by Chrome itselfevan@chromium.org2011-04-291-2/+2
| | | | | | Review URL: http://codereview.chromium.org/6902177 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@83629 0039d316-1c4b-4281-b951-d872f2087c98
* Mark UnloadDllTest.BaselineAvicapDll as flaky on windows.zea@chromium.org2011-04-281-1/+7
| | | | | | | BUG=80569 TBR=dmaclach@chromium.org git-svn-id: svn://svn.chromium.org/chrome/trunk/src@83431 0039d316-1c4b-4281-b951-d872f2087c98
* Base: Adjust dependencies to build with base.dllrvargas@google.com2011-04-261-0/+3
| | | | | | | | BUG=76996 TEST=none Review URL: http://codereview.chromium.org/6894040 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@83082 0039d316-1c4b-4281-b951-d872f2087c98
* Make the windows_version.h functions threadsafe by using a singleton. Add ↵pkasting@chromium.org2011-04-0711-78/+43
| | | | | | | | | | | | accessors to the singleton for more values that various code wants, then convert almost everyone using OSVERSIONINFO or SYSTEM_INFO structs to calling these accessors. Declare an AtExitManager in the out-of-process test runner since it didn't have one and that breaks singleton-using code in the test executable (as opposed to in chrome.dll). A few other minor cleanups along the way (binding of "*", shorter code, etc.). Because I ran into problems with it while modifying gcapi.cc, I cleaned up our usage of strsafe.h a bit, so that files that don't need it don't include it and files that do use STRSAFE_NO_DEPRECATE instead of a modified #include order. BUG=none TEST=none Review URL: http://codereview.chromium.org/6816027 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@80851 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 80819 due to failed testsmmenke@chromium.org2011-04-078-28/+75
| | | | | | | TBR=pkasting@chromium.org Review URL: http://codereview.chromium.org/6816024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@80824 0039d316-1c4b-4281-b951-d872f2087c98
* Make the windows_version.h functions threadsafe by using a singleton. Add ↵pkasting@chromium.org2011-04-078-75/+28
| | | | | | | | | | | | accessors to the singleton for more values that various code wants, then convert almost everyone using OSVERSIONINFO or SYSTEM_INFO structs to calling these accessors. Declare an AtExitManager in the out-of-process test runner since it didn't have one and that breaks singleton-using code in the test executable (as opposed to in chrome.dll). A few other minor cleanups along the way (binding of "*", shorter code, etc.). Because I ran into problems with it while modifying gcapi.cc, I cleaned up our usage of strsafe.h a bit, so that files that don't need it don't include it and files that do use STRSAFE_NO_DEPRECATE instead of a modified #include order. BUG=none TEST=none Review URL: http://codereview.chromium.org/6713107 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@80819 0039d316-1c4b-4281-b951-d872f2087c98
* Create a base_static library with files that should notrvargas@google.com2011-04-041-1/+2
| | | | | | | | | | | be used from a dll (base.dll), and fix some incorrect dependencies. BUG=76996 TEST=none Review URL: http://codereview.chromium.org/6759047 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@80384 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 79867 - Revert 79618 - Landing for Julien Tinnes, jln@google.com:laforge@chromium.org2011-03-301-124/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --- chroot to /proc instead of /tmp. This gets rid of a lot of unnecessary complexity and fixes a race condition. (Original idea from Markus) The chroot helper will chroot to /proc/self/fdinfo (or /proc/self/fd). This is pretty safe because access to this directory is protected by the ptrace() check in the kernel and the helper is privileged. Moreover, as soon as the helper _exit() and becomes a zombie, the directory will be empty. Zygote should wait() for us to make everything deterministric. We also export SBX_HELPER_PID so that Zygote can specifically wait for the helper. --- BUG=76542 R=markus,agl Review URL: http://codereview.chromium.org/6683056 TBR=cevans@chromium.org Review URL: http://codereview.chromium.org/6675053 TBR=laforge@chromium.org Review URL: http://codereview.chromium.org/6780010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@79921 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 79618 - Landing for Julien Tinnes, jln@google.com:laforge@chromium.org2011-03-301-51/+124
| | | | | | | | | | | | | | | | | | | | | | | | | | | | --- chroot to /proc instead of /tmp. This gets rid of a lot of unnecessary complexity and fixes a race condition. (Original idea from Markus) The chroot helper will chroot to /proc/self/fdinfo (or /proc/self/fd). This is pretty safe because access to this directory is protected by the ptrace() check in the kernel and the helper is privileged. Moreover, as soon as the helper _exit() and becomes a zombie, the directory will be empty. Zygote should wait() for us to make everything deterministric. We also export SBX_HELPER_PID so that Zygote can specifically wait for the helper. --- BUG=76542 R=markus,agl Review URL: http://codereview.chromium.org/6683056 TBR=cevans@chromium.org Review URL: http://codereview.chromium.org/6675053 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@79867 0039d316-1c4b-4281-b951-d872f2087c98
* Landing for Julien Tinnes, jln@google.com:cevans@chromium.org2011-03-281-124/+51
| | | | | | | | | | | | | | | | | | | | | | | | | --- chroot to /proc instead of /tmp. This gets rid of a lot of unnecessary complexity and fixes a race condition. (Original idea from Markus) The chroot helper will chroot to /proc/self/fdinfo (or /proc/self/fd). This is pretty safe because access to this directory is protected by the ptrace() check in the kernel and the helper is privileged. Moreover, as soon as the helper _exit() and becomes a zombie, the directory will be empty. Zygote should wait() for us to make everything deterministric. We also export SBX_HELPER_PID so that Zygote can specifically wait for the helper. --- BUG=76542 R=markus,agl Review URL: http://codereview.chromium.org/6683056 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@79618 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-19 13:25:11 +0000