Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(106)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/sandbox_linux.h

Issue 13814027: Linux: make current InitializeSandbox() private. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Remove sandbox_init_linux.cc Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/common/sandbox_init_linux.cc ('k') | content/common/sandbox_linux.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CONTENT_COMMON_SANDBOX_LINUX_H_ 5 #ifndef CONTENT_COMMON_SANDBOX_LINUX_H_
6 #define CONTENT_COMMON_SANDBOX_LINUX_H_ 6 #define CONTENT_COMMON_SANDBOX_LINUX_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
45 // process type (this is for instance the case with the Zygote). 45 // process type (this is for instance the case with the Zygote).
46 // In that case, it is crucial that PreinitializeSandboxFinish() gets 46 // In that case, it is crucial that PreinitializeSandboxFinish() gets
47 // called for every child process. 47 // called for every child process.
48 // TODO(markus, jln) we know this is not always done at the moment 48 // TODO(markus, jln) we know this is not always done at the moment
49 // (crbug.com/139877). 49 // (crbug.com/139877).
50 void PreinitializeSandbox(const std::string& process_type); 50 void PreinitializeSandbox(const std::string& process_type);
51 // These should be called together. 51 // These should be called together.
52 void PreinitializeSandboxBegin(); 52 void PreinitializeSandboxBegin();
53 void PreinitializeSandboxFinish(const std::string& process_type); 53 void PreinitializeSandboxFinish(const std::string& process_type);
54 54
55 // Returns the Status of the sandbox. Can only be queried if we went through 55 // Initialize the sandbox with the given pre-built configuration. Currently
56 // PreinitializeSandbox() or PreinitializeSandboxBegin(). This is a bitmask 56 // seccomp-legacy, seccomp-bpf, address space limitations (the setuid sandbox
57 // and uses the constants defined in "enum LinuxSandboxStatus". 57 // works differently and is set-up in the Zygote). This will instantiate the
58 // LinuxSandbox singleton if it doesn't already exist.
59 static bool InitializeSandbox();
60
61 // Returns the Status of the renderers' sandbox. Can only be queried if we
62 // went through PreinitializeSandbox() or PreinitializeSandboxBegin(). This
63 // is a bitmask and uses the constants defined in "enum LinuxSandboxStatus".
58 // Since we need to provide the status before the sandboxes are actually 64 // Since we need to provide the status before the sandboxes are actually
59 // started, this returns what will actually happen once the various Start* 65 // started, this returns what will actually happen once the various Start*
60 // functions are called from inside a renderer. 66 // functions are called from inside a renderer.
61 int GetStatus() const; 67 int GetStatus() const;
62 // Is the current process single threaded? 68 // Is the current process single threaded?
63 bool IsSingleThreaded() const; 69 bool IsSingleThreaded() const;
64 // Did we start Seccomp BPF? 70 // Did we start Seccomp BPF?
65 bool seccomp_bpf_started() const; 71 bool seccomp_bpf_started() const;
66 72
67 // Simple accessor for our instance of the setuid sandbox. Will never return 73 // Simple accessor for our instance of the setuid sandbox. Will never return
(...skipping 29 matching lines...) Expand all
97 scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_; 103 scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_;
98 104
99 ~LinuxSandbox(); 105 ~LinuxSandbox();
100 DISALLOW_IMPLICIT_CONSTRUCTORS(LinuxSandbox); 106 DISALLOW_IMPLICIT_CONSTRUCTORS(LinuxSandbox);
101 }; 107 };
102 108
103 } // namespace content 109 } // namespace content
104 110
105 #endif // CONTENT_COMMON_SANDBOX_LINUX_H_ 111 #endif // CONTENT_COMMON_SANDBOX_LINUX_H_
106 112
OLDNEW
« no previous file with comments | « content/common/sandbox_init_linux.cc ('k') | content/common/sandbox_linux.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698