Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(231)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/sandbox_seccomp_bpf_linux.cc

Issue 10909044: Linux: initialize the sandbox in the Plugin process. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: AllowAll Created 8 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | content/plugin/plugin_main.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <asm/unistd.h> 5 #include <asm/unistd.h>
6 #include <dlfcn.h> 6 #include <dlfcn.h>
7 #include <errno.h> 7 #include <errno.h>
8 #include <fcntl.h> 8 #include <fcntl.h>
9 #include <linux/audit.h> 9 #include <linux/audit.h>
10 #include <linux/filter.h> 10 #include <linux/filter.h>
(...skipping 1351 matching lines...) Expand 10 before | Expand all | Expand 10 after
1362 1362
1363 if (process_type == switches::kRendererProcess || 1363 if (process_type == switches::kRendererProcess ||
1364 process_type == switches::kWorkerProcess) { 1364 process_type == switches::kWorkerProcess) {
1365 return RendererOrWorkerProcessPolicy_x86_64; 1365 return RendererOrWorkerProcessPolicy_x86_64;
1366 } 1366 }
1367 1367
1368 if (process_type == switches::kUtilityProcess) { 1368 if (process_type == switches::kUtilityProcess) {
1369 return BlacklistDebugAndNumaPolicy; 1369 return BlacklistDebugAndNumaPolicy;
1370 } 1370 }
1371 1371
1372 if (process_type == switches::kPluginProcess) {
1373 return AllowAllPolicy;
1374 }
1375
1372 NOTREACHED(); 1376 NOTREACHED();
1373 // This will be our default if we need one. 1377 // This will be our default if we need one.
1374 return AllowAllPolicy; 1378 return AllowAllPolicy;
1375 #else 1379 #else
1376 // On other architectures (currently IA32 or ARM), 1380 // On other architectures (currently IA32 or ARM),
1377 // we only have a small blacklist at the moment. 1381 // we only have a small blacklist at the moment.
1378 (void) process_type; 1382 (void) process_type;
1379 return BlacklistDebugAndNumaPolicy; 1383 return BlacklistDebugAndNumaPolicy;
1380 #endif // __x86_64__ 1384 #endif // __x86_64__
1381 } 1385 }
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after
1444 // Process-specific policy. 1448 // Process-specific policy.
1445 ShouldEnableSeccompBpf(process_type) && 1449 ShouldEnableSeccompBpf(process_type) &&
1446 SupportsSandbox()) { 1450 SupportsSandbox()) {
1447 return StartBpfSandbox(command_line, process_type); 1451 return StartBpfSandbox(command_line, process_type);
1448 } 1452 }
1449 #endif 1453 #endif
1450 return false; 1454 return false;
1451 } 1455 }
1452 1456
1453 } // namespace content 1457 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | content/plugin/plugin_main.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698