| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_policy.h" | 5 #include "content/common/sandbox_policy.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/debug/debugger.h" | 10 #include "base/debug/debugger.h" |
| (...skipping 304 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 315 sandbox::USER_LIMITED); | 315 sandbox::USER_LIMITED); |
| 316 policy->SetJobLevel(sandbox::JOB_UNPROTECTED, 0); | 316 policy->SetJobLevel(sandbox::JOB_UNPROTECTED, 0); |
| 317 policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW); | 317 policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW); |
| 318 } else { | 318 } else { |
| 319 if (cmd_line->GetSwitchValueASCII(switches::kUseGL) == | 319 if (cmd_line->GetSwitchValueASCII(switches::kUseGL) == |
| 320 gfx::kGLImplementationSwiftShaderName || | 320 gfx::kGLImplementationSwiftShaderName || |
| 321 cmd_line->HasSwitch(switches::kReduceGpuSandbox)) { | 321 cmd_line->HasSwitch(switches::kReduceGpuSandbox)) { |
| 322 policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, | 322 policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, |
| 323 sandbox::USER_LIMITED); | 323 sandbox::USER_LIMITED); |
| 324 } else { | 324 } else { |
| 325 // Temporarily reduce sandbox level while we disable the use of image |
| 326 // transport surface in all versions of windows. |
| 325 policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, | 327 policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS, |
| 326 sandbox::USER_RESTRICTED); | 328 sandbox::USER_LIMITED); |
| 327 } | 329 } |
| 328 | 330 |
| 329 // UI restrictions break when we access Windows from outside our job. | 331 // UI restrictions break when we access Windows from outside our job. |
| 330 // However, we don't want a proxy window in this process because it can | 332 // However, we don't want a proxy window in this process because it can |
| 331 // introduce deadlocks where the renderer blocks on the gpu, which in | 333 // introduce deadlocks where the renderer blocks on the gpu, which in |
| 332 // turn blocks on the browser UI thread. So, instead we forgo a window | 334 // turn blocks on the browser UI thread. So, instead we forgo a window |
| 333 // message pump entirely and just add job restrictions to prevent child | 335 // message pump entirely and just add job restrictions to prevent child |
| 334 // processes. | 336 // processes. |
| 335 policy->SetJobLevel(sandbox::JOB_LIMITED_USER, | 337 policy->SetJobLevel(sandbox::JOB_LIMITED_USER, |
| 336 JOB_OBJECT_UILIMIT_SYSTEMPARAMETERS | | 338 JOB_OBJECT_UILIMIT_SYSTEMPARAMETERS | |
| (...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 586 | 588 |
| 587 // Help the process a little. It can't start the debugger by itself if | 589 // Help the process a little. It can't start the debugger by itself if |
| 588 // the process is in a sandbox. | 590 // the process is in a sandbox. |
| 589 if (child_needs_help) | 591 if (child_needs_help) |
| 590 base::debug::SpawnDebuggerOnProcess(target.dwProcessId); | 592 base::debug::SpawnDebuggerOnProcess(target.dwProcessId); |
| 591 | 593 |
| 592 return process; | 594 return process; |
| 593 } | 595 } |
| 594 | 596 |
| 595 } // namespace sandbox | 597 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9667024:
Temporarily disable image transport surface on windows. (Closed)
Base URL: svn://svn.chromium.org/chrome/branches/1025_52/src/