1f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 2f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// found in the LICENSE file. 4f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 5f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "content/browser/bootstrap_sandbox_mac.h" 6f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 7f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "base/logging.h" 8f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "base/mac/mac_util.h" 9f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "base/memory/scoped_ptr.h" 10f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "base/memory/singleton.h" 11f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "content/common/sandbox_init_mac.h" 12f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "content/public/browser/browser_child_process_observer.h" 13f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "content/public/browser/child_process_data.h" 14f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "content/public/common/sandbox_type_mac.h" 15f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)#include "sandbox/mac/bootstrap_sandbox.h" 16f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 17f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)namespace content { 18f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 19f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)namespace { 20f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 21f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// This class is responsible for creating the BootstrapSandbox global 22f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)// singleton, as well as registering all associated policies with it. 23116680a4aac90f2aa7413d9095a592090648e557Ben Murdochclass BootstrapSandboxPolicy : public BrowserChildProcessObserver { 24f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) public: 25f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) static BootstrapSandboxPolicy* GetInstance(); 26f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 27f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) sandbox::BootstrapSandbox* sandbox() const { 28f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) return sandbox_.get(); 29f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) } 30f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 31f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) // BrowserChildProcessObserver: 32f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) virtual void BrowserChildProcessHostDisconnected( 33f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) const ChildProcessData& data) OVERRIDE; 34f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) virtual void BrowserChildProcessCrashed( 35f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) const ChildProcessData& data) OVERRIDE; 36f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 37f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) private: 38f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) friend struct DefaultSingletonTraits<BootstrapSandboxPolicy>; 39f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) BootstrapSandboxPolicy(); 40f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) virtual ~BootstrapSandboxPolicy(); 41f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 42f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) void RegisterSandboxPolicies(); 43f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 44f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) scoped_ptr<sandbox::BootstrapSandbox> sandbox_; 45f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)}; 46f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 47f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)BootstrapSandboxPolicy* BootstrapSandboxPolicy::GetInstance() { 48f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) return Singleton<BootstrapSandboxPolicy>::get(); 49f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 50f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 51f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)void BootstrapSandboxPolicy::BrowserChildProcessHostDisconnected( 52f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) const ChildProcessData& data) { 53f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) sandbox()->ChildDied(data.handle); 54f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 55f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 56f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)void BootstrapSandboxPolicy::BrowserChildProcessCrashed( 57f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) const ChildProcessData& data) { 58f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) sandbox()->ChildDied(data.handle); 59f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 60f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 61f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)BootstrapSandboxPolicy::BootstrapSandboxPolicy() 62f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) : sandbox_(sandbox::BootstrapSandbox::Create()) { 63f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) CHECK(sandbox_.get()); 64f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) BrowserChildProcessObserver::Add(this); 65f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) RegisterSandboxPolicies(); 66f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 67f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 68f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)BootstrapSandboxPolicy::~BootstrapSandboxPolicy() { 69f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) BrowserChildProcessObserver::Remove(this); 70f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 71f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 72f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)void BootstrapSandboxPolicy::RegisterSandboxPolicies() { 73f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 74f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 75f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} // namespace 76f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 77f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)bool ShouldEnableBootstrapSandbox() { 78116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch return base::mac::IsOSMountainLionOrEarlier() || 79116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch base::mac::IsOSMavericks(); 80f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 81f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 82f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)sandbox::BootstrapSandbox* GetBootstrapSandbox() { 83f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) return BootstrapSandboxPolicy::GetInstance()->sandbox(); 84f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} 85f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 86f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles)} // namespace content 87