OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "content/common/sandbox_linux.h" | 9 #include "content/common/sandbox_linux.h" |
10 #include "content/public/common/content_switches.h" | 10 #include "content/public/common/content_switches.h" |
(...skipping 15 matching lines...) Expand all Loading... |
26 // threads have been created. | 26 // threads have been created. |
27 if (!linux_sandbox->IsSingleThreaded()) { | 27 if (!linux_sandbox->IsSingleThreaded()) { |
28 std::string error_message = "InitializeSandbox() called with multiple " | 28 std::string error_message = "InitializeSandbox() called with multiple " |
29 "threads in process " + process_type; | 29 "threads in process " + process_type; |
30 // TODO(jln): change this into a CHECK() once we are more comfortable it | 30 // TODO(jln): change this into a CHECK() once we are more comfortable it |
31 // does not trigger. | 31 // does not trigger. |
32 LOG(ERROR) << error_message; | 32 LOG(ERROR) << error_message; |
33 return false; | 33 return false; |
34 } | 34 } |
35 | 35 |
36 // First, try to enable seccomp-legacy. | 36 // First, try to enable seccomp-bpf. |
37 seccomp_legacy_started = linux_sandbox->StartSeccompLegacy(process_type); | 37 seccomp_bpf_started = linux_sandbox->StartSeccompBpf(process_type); |
38 | 38 |
39 // Then, try to enable seccomp-bpf. | 39 // If that fails, try to enable seccomp-legacy. |
40 // If seccomp-legacy is enabled, seccomp-bpf initialization will crash | 40 if (!seccomp_bpf_started) { |
41 // instead of failing gracefully. | 41 seccomp_legacy_started = linux_sandbox->StartSeccompLegacy(process_type); |
42 // TODO(markus): fix this (crbug.com/139872). | |
43 if (!seccomp_legacy_started) { | |
44 seccomp_bpf_started = linux_sandbox->StartSeccompBpf(process_type); | |
45 } | 42 } |
46 | 43 |
47 return seccomp_legacy_started || seccomp_bpf_started; | 44 return seccomp_legacy_started || seccomp_bpf_started; |
48 } | 45 } |
49 | 46 |
50 } // namespace content | 47 } // namespace content |
OLD | NEW |