summaryrefslogtreecommitdiffstats
path: root/sandbox
Commit message (Collapse)AuthorAgeFilesLines
* Convert scoped_ptr_malloc -> scoped_ptr, part 2.viettrungluu@chromium.org2014-02-266-10/+14
| | | | | | | | | | | | scoped_ptr_malloc is deprecated; let's get rid of it. BUG=344245 R=brettw@chromium.org TBR=rsleevi@chromium.org,miket@chromium.org,ryanmyers@chromium.org,dalecurtis@chromium.org, cpu@chromium.org Review URL: https://codereview.chromium.org/169193002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@253582 0039d316-1c4b-4281-b951-d872f2087c98
* Reduce sandbox permissions granted to alternate desktopjschuh@chromium.org2014-02-267-26/+134
| | | | | | | | | | | | | This pass adds the first round of deny ACEs for the Winstation and Desktop objects. Assuming these stick, I'll get more aggressive in a follow-up. BUG=346586 NOTRY=true Review URL: https://codereview.chromium.org/178423005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@253546 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 253415 "Reduce sandbox permissions granted to alternate d..."robertphillips@google.com2014-02-267-129/+26
| | | | | | | | | | | | | | | | | | | | | This is being reverted due to ValidationSuite.TestAlternateDesktop failures on the Vista and XP bots. > Reduce sandbox permissions granted to alternate desktop > > This pass adds the first round of deny ACEs for the Winstation and > Desktop objects. Assuming these stick, I'll get more aggressive in > a follow-up. > > BUG=346586 > > Review URL: https://codereview.chromium.org/178423005 TBR=jschuh@chromium.org Review URL: https://codereview.chromium.org/180243011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@253438 0039d316-1c4b-4281-b951-d872f2087c98
* Reduce sandbox permissions granted to alternate desktopjschuh@chromium.org2014-02-267-26/+129
| | | | | | | | | | | | This pass adds the first round of deny ACEs for the Winstation and Desktop objects. Assuming these stick, I'll get more aggressive in a follow-up. BUG=346586 Review URL: https://codereview.chromium.org/178423005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@253415 0039d316-1c4b-4281-b951-d872f2087c98
* fix excesive number of mutexes created by sandboxcpu@chromium.org2014-02-221-9/+19
| | | | | | | | | | | | | The |cient_control->server_alive| mutex was being created for each target (child) process and leaked (that part is necessary). Instead a single mutex can be reused for all targets. R=rvargas BUG=331241 Review URL: https://codereview.chromium.org/167593003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@252782 0039d316-1c4b-4281-b951-d872f2087c98
* Clarify the process title of GPU broker process.dongseong.hwang@intel.com2014-02-224-16/+22
| | | | | | | | | | | | | | | Currently, GPU broker process has the same process title to GPU process. To distinguish GPU broker process, this CL updates the process title as follows: "exec --type=gpu-broker". In addition, callback name in BrokerProcess::Init() is change to broker_process_init_callback in order to clarify the broker process calls it. In addition, use base::Callback instead of function pointer. Review URL: https://codereview.chromium.org/163433011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@252781 0039d316-1c4b-4281-b951-d872f2087c98
* Fix a compilation issue when building with VS2013 and optimization set to "max".sebmarchand@chromium.org2014-02-201-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For some reasons (I'm still trying to find them) those 2 DCHECKs make the link step to fail when building nacl64.exe (and maybe some other target) with VS2013 and optimization set to 'max' Here's the error that I get: [1537/6627] LINK_EMBED nacl64.exe FAILED: D:\src\depot_tools\python276_bin\python.exe gyp-win-tool link-with-manifests environment.x64 True nacl64.exe "D:\src\depot_tools\python276_bin\python.exe gyp-win-tool link-wrapper environment.x64 False link.exe /nologo /OUT:nacl64.exe @nacl64 .exe.rsp" 1 mt.exe rc.exe "obj\chrome\chrome_nacl_win64.nacl64.exe.intermediate.manifest" obj\chrome\chrome_nacl_win64.nacl64.exe.generated.manifest ..\..\build\win\compatibility.manifest LibDef: Total time = 0.015s OptRef: Total time = 0.000s Generating code d:\src\chrome\src\sandbox\win\src\sharedmem_ipc_client.cc(34) : fatal error C1001: An internal error has occurred in the compiler. (compiler file 'f:\dd\vctools\compiler\utc\src\p2\main.c', line 227) To work around this problem, try simplifying or changing the program near the locations listed above. Please choose the Technical Support command on the Visual C++ Help menu, or open the Technical Support help file for more information INTERNAL COMPILER ERROR in 'C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\BIN\amd64\link.exe' Please choose the Technical Support command on the Visual C++ Help menu, or open the Technical Support help file for more information Final: Total time = 27.940s Traceback (most recent call last): File "gyp-win-tool", line 293, in <module> sys.exit(main(sys.argv[1:])) File "gyp-win-tool", line 28, in main exit_code = executor.Dispatch(args) File "gyp-win-tool", line 70, in Dispatch return getattr(self, method)(*args[1:]) File "gyp-win-tool", line 158, in ExecLinkWithManifests subprocess.check_call(ldcmd + add_to_ld) File "D:\src\depot_tools\python276_bin\lib\subprocess.py", line 540, in check_call raise CalledProcessError(retcode, cmd) This CL fix this, for the first dcheck it might be because we're comparing a LONG to a ChannelState (and the linker he's unhappy when looking for the conversion routine), but for the second one I have really no idea what's happening, all I know is that using DCHECK_LE instead of DCHECK shouldn't change anything here, and that it fix the build. R=cpu@chromium.org CC=scottmg@chromium.org BUG=344980 Review URL: https://codereview.chromium.org/172853002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@252213 0039d316-1c4b-4281-b951-d872f2087c98
* Setuid sandbox: exit(2) on SIGABRTjln@chromium.org2014-02-151-0/+18
| | | | | | | | | | | | | | | | | | | | The setuid sandbox waits on its one child and then dies afterwards. When receiving SIGABRT, instead of dumping core, simply exit the process. There is no interesting information to be gathered from knowing that the process is inside waitid(2), one should look at the child process instead. This patch is in hope to reduce red herrings. BUG=334345 TBR=jorgelo NOTRY=true Review URL: https://codereview.chromium.org/167583002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@251459 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 251391 "Setuid sandbox: exit(2) on SIGABRT"asvitkine@chromium.org2014-02-141-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Failed on official build bots: FAILED: /b/build/goma/gomacc cc -MMD -MF obj/sandbox/linux/suid/chrome_sandbox.sandbox.o.d -DV8_DEPRECATION_WARNINGS -D_FILE_OFFSET_BITS=64 -DGOOGLE_CHROME_BUILD -DTOOLKIT_VIEWS=1 -DUI_COMPOSITOR_IMAGE_TRANSPORT -DUSE_AURA=1 -DUSE_CAIRO=1 -DUSE_GLIB=1 -DUSE_DEFAULT_RENDER_THEME=1 -DUSE_LIBJPEG_TURBO=1 -DUSE_NSS=1 -DUSE_X11=1 -DUSE_CLIPBOARD_AURAX11=1 -DENABLE_ONE_CLICK_SIGNIN -DUSE_XI2_MT=2 -DENABLE_REMOTING=1 -DENABLE_WEBRTC=1 -DUSE_PROPRIETARY_CODECS -DENABLE_PEPPER_CDMS -DENABLE_CONFIGURATION_POLICY -DENABLE_INPUT_SPEECH -DENABLE_NOTIFICATIONS -DUSE_UDEV -DENABLE_EGLIMAGE=1 -DENABLE_TASK_MANAGER=1 -DENABLE_EXTENSIONS=1 -DENABLE_PLUGIN_INSTALLATION=1 -DENABLE_PLUGINS=1 -DENABLE_SESSION_SERVICE=1 -DENABLE_THEMES=1 -DENABLE_AUTOFILL_DIALOG=1 -DENABLE_BACKGROUND=1 -DENABLE_AUTOMATION=1 -DENABLE_GOOGLE_NOW=1 -DCLD_VERSION=2 -DENABLE_FULL_PRINTING=1 -DENABLE_PRINTING=1 -DENABLE_SPELLCHECK=1 -DENABLE_CAPTIVE_PORTAL_DETECTION=1 -DENABLE_APP_LIST=1 -DENABLE_SETTINGS_APP=1 -DENABLE_MANAGED_USERS=1 -DENABLE_MDNS=1 -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -DNDEBUG -DOFFICIAL_BUILD -DNVALGRIND -DDYNAMIC_ANNOTATIONS_ENABLED=0 -D_FORTIFY_SOURCE=2 -I../.. -fstack-protector --param=ssp-buffer-size=4 -Werror -pthread -fno-exceptions -fno-strict-aliasing -Wall -Wno-unused-parameter -Wno-missing-field-initializers -fvisibility=hidden -pipe -fPIC -g -std=gnu99 --sysroot=/b/build/slave/google-chrome-rel-linux_64/build/src/chrome/installer/linux/debian_wheezy_amd64-sysroot -O2 -fno-ident -fdata-sections -ffunction-sections -fno-unwind-tables -fno-asynchronous-unwind-tables -c ../../sandbox/linux/suid/sandbox.c -o obj/sandbox/linux/suid/chrome_sandbox.sandbox.o ../../sandbox/linux/suid/sandbox.c: In function 'ExitWithErrorSignalHandler': ../../sandbox/linux/suid/sandbox.c:63:3: error: ignoring return value of 'write', declared with attribute warn_unused_result [-Werror=unused-result] cc1: all warnings being treated as errors http://build.chromium.org/p/chromium.chrome/builders/Google%20Chrome%20Linux%20x64/builds/48305/steps/compile/logs/stdio > Setuid sandbox: exit(2) on SIGABRT > > The setuid sandbox waits on its one child and then dies > afterwards. > > When receiving SIGABRT, instead of dumping core, simply exit the > process. There is no interesting information to be gathered from > knowing that the process is inside waitid(2), one should look at > the child process instead. > > This patch is in hope to reduce red herrings. > > BUG=334345 > TBR=jorgelo > > Review URL: https://codereview.chromium.org/167293004 TBR=jln@chromium.org Review URL: https://codereview.chromium.org/167473003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@251396 0039d316-1c4b-4281-b951-d872f2087c98
* Setuid sandbox: exit(2) on SIGABRTjln@chromium.org2014-02-141-0/+15
| | | | | | | | | | | | | | | | | | | The setuid sandbox waits on its one child and then dies afterwards. When receiving SIGABRT, instead of dumping core, simply exit the process. There is no interesting information to be gathered from knowing that the process is inside waitid(2), one should look at the child process instead. This patch is in hope to reduce red herrings. BUG=334345 TBR=jorgelo Review URL: https://codereview.chromium.org/167293004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@251391 0039d316-1c4b-4281-b951-d872f2087c98
* Revert r251271 "Setuid sandbox: exit(2) on SIGABRT" Make Linux build again.pfeldman@chromium.org2014-02-141-15/+0
| | | | | | | | TBR=jln Review URL: https://codereview.chromium.org/166303002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@251273 0039d316-1c4b-4281-b951-d872f2087c98
* Setuid sandbox: exit(2) on SIGABRTjln@chromium.org2014-02-141-0/+15
| | | | | | | | | | | | | | | | | | | The setuid sandbox waits on its one child and then dies afterwards. When receiving SIGABRT, instead of dumping core, simply exit the process. There is no interesting information to be gathered from knowing that the process is inside waitid(2), one should look at the child process instead. This patch is in hope to reduce red herrings. BUG=334345 TBR=jorgelo@chromium.org Review URL: https://codereview.chromium.org/166193002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@251271 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 251265 "Setuid sandbox: exit(2) on SIGABRT"jln@chromium.org2014-02-141-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | > Setuid sandbox: exit(2) on SIGABRT > > The setuid sandbox waits on its one child and then dies > afterwards. > > When receiving SIGABRT, instead of dumping core, simply exit the > process. There is no interesting information to be gathered from > knowing that the process is inside waitid(2), one should look at > the child process instead. > > This patch hopes to reduce red herrings. > > BUG=334345 > NOTRY=true > R=jorgelo@chromium.org > > Review URL: https://codereview.chromium.org/165673002 TBR=jln@chromium.org Review URL: https://codereview.chromium.org/164373005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@251269 0039d316-1c4b-4281-b951-d872f2087c98
* Setuid sandbox: exit(2) on SIGABRTjln@chromium.org2014-02-141-0/+15
| | | | | | | | | | | | | | | | | | | | The setuid sandbox waits on its one child and then dies afterwards. When receiving SIGABRT, instead of dumping core, simply exit the process. There is no interesting information to be gathered from knowing that the process is inside waitid(2), one should look at the child process instead. This patch hopes to reduce red herrings. BUG=334345 NOTRY=true R=jorgelo@chromium.org Review URL: https://codereview.chromium.org/165673002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@251265 0039d316-1c4b-4281-b951-d872f2087c98
* Use the same handle for checking and duplicating in DuplicateHandleProxyjschuh@chromium.org2014-02-133-6/+4
| | | | | | | | | | | | BUG=338524 R=cpu@chromium.org NOTRY=true Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=250744 Review URL: https://codereview.chromium.org/136543008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@250890 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 250744 "Use the same handle for checking and duplicating ..."sergeyu@chromium.org2014-02-123-2/+5
| | | | | | | | | | | | | | | | | | | Broke PPAPIBrokerInfoBarTest.Allowed test: http://build.chromium.org/p/chromium.win/builders/Win7%20Tests%20%28dbg%29%284%29/builds/24866/steps/browser_tests/logs/Allowed > Use the same handle for checking and duplicating in DuplicateHandleProxy > > BUG=338524 > R=cpu@chromium.org > NOTRY=true > > Review URL: https://codereview.chromium.org/136543008 TBR=jschuh@chromium.org Review URL: https://codereview.chromium.org/160993002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@250777 0039d316-1c4b-4281-b951-d872f2087c98
* Use the same handle for checking and duplicating in DuplicateHandleProxyjschuh@chromium.org2014-02-123-5/+2
| | | | | | | | | | BUG=338524 R=cpu@chromium.org NOTRY=true Review URL: https://codereview.chromium.org/136543008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@250744 0039d316-1c4b-4281-b951-d872f2087c98
* Expose an IsSandboxed() export on chrome.exe.robertshield@chromium.org2014-02-121-2/+6
| | | | | | | | BUG=329023 Review URL: https://codereview.chromium.org/159283004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@250682 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox tests: always stop threadsjln@chromium.org2014-02-101-0/+4
| | | | | | | | | | | | Always stop threads in an accountable way in order to not pollute other tests. TEST=sandbox_linux_unittests NOTRY=true Review URL: https://codereview.chromium.org/145123012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@250148 0039d316-1c4b-4281-b951-d872f2087c98
* Disable the failing ThreadHelpers.* tests under ThreadSanitizer for now.glider@chromium.org2014-02-101-3/+14
| | | | | | | | | BUG=342305 TBR=jln@chromium.org Review URL: https://codereview.chromium.org/158703002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@250062 0039d316-1c4b-4281-b951-d872f2087c98
* android: Require exe unittests to have a foo_unittest_stripped target.thakis@chromium.org2014-02-101-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows the test runner to not depend on the STRIP env var, which is going away. Other approaches considered: 1. Converting the remaining exe-based tests to apk tests. The apk versions were slower, and didn't pass without other changes though. 2. Just don't strip. But that slows down these two tests by over 100% (due to copying data to the device is slow, and stripped size is 0.5MB while unstripped size is on the order of 10MB). 3. Try to get a trip binary from third_party/android_tools/ndk. That's fiddly since it requires getting the right arch. Since there are only two exe-based tests left, just strip them from gyp. Medium-term, maybe gyp/mac's postbuild stuff can be brought to android, it looks like there are various things that could be made simpler with that. BUG=142642 TEST= build/android/test_runner.py gtest -s sandbox_linux_unittests && build/android/test_runner.py gtest -s breakpad_unittests R=bulach@chromium.org, frankf@chromium.org TBR=jln, thestig Review URL: https://codereview.chromium.org/157743004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@250035 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: Stop GPU watchdog in accountable way.jln@chromium.org2014-02-085-0/+213
| | | | | | | | | | | | | | | The Linux sandbox can sometimes detect a spurious running thread if it has just been stopped. We add a new LinuxSandbox::StopThread() method to safely stop threads and make sure they won't be counted as still running. BUG=328620 NOTRY=true Review URL: https://codereview.chromium.org/147203005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@249937 0039d316-1c4b-4281-b951-d872f2087c98
* Add 64-bit support to browser blacklistingcsharp@chromium.org2014-02-071-1/+1
| | | | | | | | BUG= Review URL: https://codereview.chromium.org/101203010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@249755 0039d316-1c4b-4281-b951-d872f2087c98
* Skip root dir when iterating over path in reparse points search.mharanczyk@opera.com2014-02-071-1/+1
| | | | | | | | | | | It turns out that ::GetFileAttributes(...) Windows API for paths in form of "<drive>:" returns attribute of binary file work dir instead of "<drive>:\" dir. BUG=340625 Review URL: https://codereview.chromium.org/150093006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@249667 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: EPERM credential changes.jln@chromium.org2014-02-041-2/+2
| | | | | | | | | | | | EPERM set*id and similar system calls instead of watching them. BUG=340399 NOTRY=true R=jorgelo@chromium.org Review URL: https://codereview.chromium.org/137803011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@248788 0039d316-1c4b-4281-b951-d872f2087c98
* Use an alternate mechanism for CreateFile calls in Chromecaitkp@chromium.org2014-02-021-0/+10
| | | | | | | | | | | | BUG=334379 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=245464 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=246313 Review URL: https://codereview.chromium.org/138593004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@248380 0039d316-1c4b-4281-b951-d872f2087c98
* Fix nit introduced in r247511wfh@chromium.org2014-01-291-2/+2
| | | | | | | | | BUG=334897 TBR=rvargas@chromium.org Review URL: https://codereview.chromium.org/149513004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@247725 0039d316-1c4b-4281-b951-d872f2087c98
* Don't link gtest into sandbox libscottmg@chromium.org2014-01-291-1/+0
| | | | | | | | | | | I contend we probably don't want to ship gtest? R=jschuh@chromium.org BUG=329384 Review URL: https://codereview.chromium.org/132283008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@247657 0039d316-1c4b-4281-b951-d872f2087c98
* Correctly test for canonicalized path in the CreateNamedPipe policy engine.wfh@chromium.org2014-01-282-7/+96
| | | | | | | | | BUG=334897 TEST=sbox_integration_tests.exe Review URL: https://codereview.chromium.org/145553007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@247511 0039d316-1c4b-4281-b951-d872f2087c98
* Disable libc urandom overrides under MSan.earthdok@chromium.org2014-01-281-6/+6
| | | | | | | | | BUG=123263, 178409 TBR=jln@chromium.org Review URL: https://codereview.chromium.org/137423012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@247452 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 246313 "Use an alternate mechanism for CreateFile calls i..."kochi@google.com2014-01-231-10/+0
| | | | | | | | | | | | | | | | | | This caused reading profile error on Windows8 platform. > Use an alternate mechanism for CreateFile calls in Chrome > > BUG=334379 > > Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=245464 > > Review URL: https://codereview.chromium.org/138593004 TBR=caitkp@chromium.org Review URL: https://codereview.chromium.org/144333003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@246541 0039d316-1c4b-4281-b951-d872f2087c98
* Use an alternate mechanism for CreateFile calls in Chromecaitkp@chromium.org2014-01-221-0/+10
| | | | | | | | | | BUG=334379 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=245464 Review URL: https://codereview.chromium.org/138593004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@246313 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 245464 "Use an alternate mechanism for CreateFile calls i..."jochen@chromium.org2014-01-171-10/+0
| | | | | | | | | | | | | | | | ChromeCreateFileTest.CheckWriteAndReadParams crashes on Vista > Use an alternate mechanism for CreateFile calls in Chrome > > BUG=334379 > > Review URL: https://codereview.chromium.org/138593004 TBR=caitkp@chromium.org Review URL: https://codereview.chromium.org/140783009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@245501 0039d316-1c4b-4281-b951-d872f2087c98
* Use an alternate mechanism for CreateFile calls in Chromecaitkp@chromium.org2014-01-171-0/+10
| | | | | | | | BUG=334379 Review URL: https://codereview.chromium.org/138593004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@245464 0039d316-1c4b-4281-b951-d872f2087c98
* Allow Win64 build of base library even in a Win32 build.petewil@chromium.org2014-01-091-1/+1
| | | | | | | | | | | | | | | Some components of a 32 bit build of chrome for Windows need to be built as Win64 Dlls. To allow those components to use base, we make a Win64 build of the base library even when building chrome 32 bit. This is needed by the Chrome Desk Band code. crbug.com/327435. https://codereview.chromium.org/79173004/ BUG=327435 Review URL: https://codereview.chromium.org/103333004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@243936 0039d316-1c4b-4281-b951-d872f2087c98
* Remove 'using base::string16;' from base/strings/string16.h and remove temporarydbeam@chromium.org2013-12-301-1/+1
| | | | | | | | | | | | PRESUBMIT.py _CheckForString16(). R=brettw@chromium.org, maruel@chromium.org TBR=sky@chromium.org, tsepez@chromium.org BUG=329295 Review URL: https://codereview.chromium.org/93903011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@242733 0039d316-1c4b-4281-b951-d872f2087c98
* Update some uses of char16 to use the base:: namespace.avi@chromium.org2013-12-257-49/+52
| | | | | | | | | | BUG=329295 TEST=no change TBR=ben@chromium.org Review URL: https://codereview.chromium.org/111373008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@242507 0039d316-1c4b-4281-b951-d872f2087c98
* Update uses of UTF conversions in ppapi/, printing/, remoting/, rlz/, ↵avi@chromium.org2013-12-251-37/+0
| | | | | | | | | | | | sandbox/, skia/, sql/, sync/, tools/, webkit/, win8/ to use the base:: namespace. BUG=330556 TEST=no change TBR=ben@chromium.org Review URL: https://codereview.chromium.org/121123002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@242502 0039d316-1c4b-4281-b951-d872f2087c98
* Add base:: to string16s in sandbox/.dbeam@chromium.org2013-12-2013-69/+73
| | | | | | | | | R=rvargas@chromium.org, nsylvain@chromium.org BUG=329295 Review URL: https://codereview.chromium.org/119713003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@242214 0039d316-1c4b-4281-b951-d872f2087c98
* sandbox: Remove a TEXTREL on Linux ARM.rsesek@chromium.org2013-12-202-6/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On Android, the sandbox logic is put into a shared library and the linker errors out on having a TEXTREL. The LDR pseudo-instruction directs the assembler to place the address of the label in a "literal pool"[1], and then use a PC-relative load from that pool to get the address during execution. The pool is responsible for generating the R_ARM_RELATIVE TEXTREL. Using the ADR instruction[2] does not produce the TEXTREL. This instruction directs the assembler to calculate the PC-relative address to the label using an immediate. The text makes this difference more clear: ... 8: 4805 ldr r0, [pc, #20] ; (20 <SyscallAsm+0x20>) a: e007 b.n 1c <SyscallAsm+0x1c> ... 1c: bd80 pop {r7, pc} 1e: 0000 .short 0x0000 20: 0000001c .word 0x0000001c Versus: ... 8: 4804 ldr r0, [pc, #16] ; (1c <SyscallAsm+0x1c>) a: e007 b.n 1c <SyscallAsm+0x1c> ... 1c: bd80 pop {r7, pc} 1e: bf00 nop [1] http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0041c/Babbfdih.html [2] http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0040d/Cihdhgbe.html BUG=308763 Review URL: https://codereview.chromium.org/119453002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@242141 0039d316-1c4b-4281-b951-d872f2087c98
* Make building seccomp-bpf a GYP conditionjln@chromium.org2013-12-192-11/+4
| | | | | | | | | | | | | | | | We add a use_seccomp_bpf variable to allow not building seccomp-bpf. We make sure that it can't be use by mistake with sanity checks that the architecture is MIPS. BUG=267179 TEST=Use "GYP_DEFINES='use_seccomp_bpf=0' and comment out the two #error. about:sandbox should say that seccomp-bpf is disabled. Review URL: https://codereview.chromium.org/117803002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@241949 0039d316-1c4b-4281-b951-d872f2087c98
* ARM Linux sandbox: make sure r7 is marked as clobberedjln@chromium.org2013-12-191-2/+2
| | | | | | | | | | | Due to a typo, on ARM, the r7 register wasn't marked as clobbered. (found by rsesek@) R=rsesek@chromium.org Review URL: https://codereview.chromium.org/118743003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@241931 0039d316-1c4b-4281-b951-d872f2087c98
* Making sandbox error message on moving to namespaces more accurate.mithro@mithis.com2013-12-181-1/+13
| | | | | | | | | | | | | | When trying to move to new namespaces if a feature is supported but doesn't work we fail with an error message. The old error message was always "Failed to move to new PID namespace" but the cause could be a failure to move to a new "network namespace". BUG=326039 Review URL: https://codereview.chromium.org/102723004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@241450 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: mark Markus as "emeritus" owner.jln@chromium.org2013-12-171-2/+3
| | | | | | | | TBR=markus Review URL: https://codereview.chromium.org/100023007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@241376 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 240670 "Revert 239894 "Linux Sandbox: check no threads be..."jln@chromium.org2013-12-162-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | > Revert 239894 "Linux Sandbox: check no threads before fork()." > > BUG=327241, 328249 > > > Linux Sandbox: check no threads before fork(). > > > > Always check that no threads are running before fork(). > > > > BUG=327241 > > NOTRY=true > > > > Review URL: https://codereview.chromium.org/108173008 > > TBR=jln@chromium.org > > Review URL: https://codereview.chromium.org/106903012 TBR=jln@chromium.org Review URL: https://codereview.chromium.org/100623014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240961 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 239894 "Linux Sandbox: check no threads before fork()."jln@chromium.org2013-12-132-6/+0
| | | | | | | | | | | | | | | | | | | BUG=327241, 328249 > Linux Sandbox: check no threads before fork(). > > Always check that no threads are running before fork(). > > BUG=327241 > NOTRY=true > > Review URL: https://codereview.chromium.org/108173008 TBR=jln@chromium.org Review URL: https://codereview.chromium.org/106903012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240670 0039d316-1c4b-4281-b951-d872f2087c98
* Replace wstring with string16 in sandboxbrettw@chromium.org2013-12-1253-209/+246
| | | | | | | | | BUG= R=cpu@chromium.org Review URL: https://codereview.chromium.org/113173002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240429 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: Deprecate compatibility APIjln@chromium.org2013-12-102-13/+0
| | | | | | | | | | | | Now that all BPF policies are migrated, remove stubs of old API. BUG=325535 NOTRY=true R=jorgelo@chromium.org Review URL: https://codereview.chromium.org/108563007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@239909 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: check no threads before fork().jln@chromium.org2013-12-102-0/+6
| | | | | | | | | | | Always check that no threads are running before fork(). BUG=327241 NOTRY=true Review URL: https://codereview.chromium.org/108173008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@239894 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: cleanup sandbox-bpf naming.jln@chromium.org2013-12-1032-314/+299
| | | | | | | | | | | | | | | | | 1. Rename playground2 namespace to sandbox. The playground2 namespace is confusing and against the style guide. We rename it to sandbox, like the rest of sandbox/linux/. 2. Rename the "Sandbox" class to "SandboxBPF". BUG=325535 R=rsesek@chromium.org TBR=jochen@chromium.org Review URL: https://codereview.chromium.org/101773003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@239865 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-03-28 06:20:22 +0000