1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "content/public/common/sandbox_init.h" 6 7#include "base/command_line.h" 8#include "base/logging.h" 9#include "content/common/sandbox_win.h" 10#include "content/public/common/content_switches.h" 11#include "sandbox/win/src/sandbox.h" 12#include "sandbox/win/src/sandbox_types.h" 13 14namespace content { 15 16bool InitializeSandbox(sandbox::SandboxInterfaceInfo* sandbox_info) { 17 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); 18 sandbox::BrokerServices* broker_services = sandbox_info->broker_services; 19 if (broker_services) { 20 if (!InitBrokerServices(broker_services)) 21 return false; 22 23 // IMPORTANT: This piece of code needs to run as early as possible in the 24 // process because it will initialize the sandbox broker, which requires the 25 // process to swap its window station. During this time all the UI will be 26 // broken. This has to run before threads and windows are created. 27 if (!command_line.HasSwitch(switches::kNoSandbox)) { 28 bool use_winsta = !command_line.HasSwitch( 29 switches::kDisableAltWinstation); 30 // Precreate the desktop and window station used by the renderers. 31 sandbox::TargetPolicy* policy = broker_services->CreatePolicy(); 32 sandbox::ResultCode result = policy->CreateAlternateDesktop(use_winsta); 33 CHECK(sandbox::SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION != result); 34 policy->Release(); 35 } 36 return true; 37 } 38 39 if (command_line.HasSwitch(switches::kNoSandbox)) 40 return true; 41 42 sandbox::TargetServices* target_services = sandbox_info->target_services; 43 return InitTargetServices(target_services); 44} 45 46} // namespace content 47