| Index: content/common/sandbox_policy.cc
|
| ===================================================================
|
| --- content/common/sandbox_policy.cc (revision 132281)
|
| +++ content/common/sandbox_policy.cc (working copy)
|
| @@ -374,22 +374,34 @@
|
| if (result != sandbox::SBOX_ALL_OK)
|
| return false;
|
|
|
| + // GPU needs to copy sections to renderers.
|
| + result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
|
| + sandbox::TargetPolicy::HANDLES_DUP_ANY,
|
| + L"Section");
|
| + if (result != sandbox::SBOX_ALL_OK)
|
| + return false;
|
| +
|
| AddGenericDllEvictionPolicy(policy);
|
| #endif
|
| return true;
|
| }
|
|
|
| bool AddPolicyForRenderer(sandbox::TargetPolicy* policy) {
|
| - // Renderers need to copy sections for plugin DIBs.
|
| + // Renderers need to copy sections for plugin DIBs and GPU.
|
| sandbox::ResultCode result;
|
| result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
|
| sandbox::TargetPolicy::HANDLES_DUP_ANY,
|
| L"Section");
|
| - if (result != sandbox::SBOX_ALL_OK) {
|
| - NOTREACHED();
|
| + if (result != sandbox::SBOX_ALL_OK)
|
| return false;
|
| - }
|
|
|
| + // Renderers need to share events with plugins.
|
| + result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
|
| + sandbox::TargetPolicy::HANDLES_DUP_ANY,
|
| + L"Event");
|
| + if (result != sandbox::SBOX_ALL_OK)
|
| + return false;
|
| +
|
| policy->SetJobLevel(sandbox::JOB_LOCKDOWN, 0);
|
|
|
| sandbox::TokenLevel initial_token = sandbox::USER_UNPROTECTED;
|
| @@ -451,30 +463,33 @@
|
| HANDLE* target_handle,
|
| DWORD desired_access,
|
| DWORD options) {
|
| - // Just use DuplicateHandle() if we aren't in the sandbox.
|
| - if (!g_target_services) {
|
| - base::win::ScopedHandle target_process(::OpenProcess(PROCESS_DUP_HANDLE,
|
| - FALSE,
|
| - target_process_id));
|
| - if (!target_process.IsValid())
|
| - return false;
|
| + // If our process is the target just duplicate the handle.
|
| + if (::GetCurrentProcessId() == target_process_id) {
|
| + return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
|
| + ::GetCurrentProcess(), target_handle,
|
| + desired_access, FALSE, options);
|
|
|
| - if (!::DuplicateHandle(::GetCurrentProcess(), source_handle,
|
| - target_process, target_handle,
|
| - desired_access, FALSE,
|
| - options)) {
|
| - return false;
|
| - }
|
| + }
|
|
|
| + // Try the broker next
|
| + if (g_target_services &&
|
| + g_target_services->DuplicateHandle(source_handle, target_process_id,
|
| + target_handle, desired_access,
|
| + options) == SBOX_ALL_OK) {
|
| return true;
|
| }
|
|
|
| - ResultCode result = g_target_services->DuplicateHandle(source_handle,
|
| - target_process_id,
|
| - target_handle,
|
| - desired_access,
|
| - options);
|
| - return SBOX_ALL_OK == result;
|
| + // Finally, see if we already have access to the process.
|
| + base::win::ScopedHandle target_process;
|
| + target_process.Set(::OpenProcess(PROCESS_DUP_HANDLE, FALSE,
|
| + target_process_id));
|
| + if (target_process.IsValid()) {
|
| + return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
|
| + target_process, target_handle,
|
| + desired_access, FALSE, options);
|
| + }
|
| +
|
| + return false;
|
| }
|
|
|
|
|
| @@ -573,6 +588,7 @@
|
| policy->Release();
|
| base::ProcessHandle process = 0;
|
| base::LaunchProcess(*cmd_line, base::LaunchOptions(), &process);
|
| + g_broker_services->AddTargetPeer(process);
|
| return process;
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 9958034:
Convert plugin and GPU process to brokered handle duplication. (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/