1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
--- content/utility/utility_main.cc.orig 2024-06-17 12:56:06 UTC
+++ content/utility/utility_main.cc
@@ -38,17 +38,21 @@
#include "third_party/icu/source/common/unicode/unistr.h"
#include "third_party/icu/source/i18n/unicode/timezone.h"
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD)
#include "base/file_descriptor_store.h"
#include "base/files/file_util.h"
#include "base/pickle.h"
#include "content/child/sandboxed_process_thread_type_handler.h"
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_BSD)
#include "content/common/gpu_pre_sandbox_hook_linux.h"
+#endif
#include "content/public/common/content_descriptor_keys.h"
#include "content/utility/speech/speech_recognition_sandbox_hook_linux.h"
#include "gpu/config/gpu_info_collector.h"
#include "media/gpu/sandbox/hardware_video_encoding_sandbox_hook_linux.h"
+#if !BUILDFLAG(IS_BSD)
#include "sandbox/policy/linux/sandbox_linux.h"
+#endif
#include "services/audio/audio_sandbox_hook_linux.h"
#include "services/network/network_sandbox_hook_linux.h"
// gn check is not smart enough to realize that this include only applies to
@@ -60,10 +64,15 @@
#endif
#endif
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_BSD)
#include "media/gpu/sandbox/hardware_video_decoding_sandbox_hook_linux.h"
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
+#if BUILDFLAG(IS_BSD)
+#include "sandbox/policy/sandbox.h"
+#include "content/common/gpu_pre_sandbox_hook_bsd.h"
+#endif
+
#if BUILDFLAG(IS_CHROMEOS_ASH)
#include "chromeos/ash/components/assistant/buildflags.h"
#include "chromeos/ash/services/ime/ime_sandbox_hook.h"
@@ -75,7 +84,7 @@
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
#if (BUILDFLAG(ENABLE_SCREEN_AI_SERVICE) && \
- (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)))
+ (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD)))
#include "services/screen_ai/public/cpp/utilities.h" // nogncheck
#include "services/screen_ai/sandbox/screen_ai_sandbox_hook_linux.h" // nogncheck
#endif
@@ -102,7 +111,7 @@ namespace content {
namespace {
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD)
std::vector<std::string> GetNetworkContextsParentDirectories() {
base::MemoryMappedFile::Region region;
base::ScopedFD read_pipe_fd = base::FileDescriptorStore::GetInstance().TakeFD(
@@ -129,9 +138,10 @@ std::vector<std::string> GetNetworkContextsParentDirec
return dirs;
}
+#if !BUILDFLAG(IS_BSD)
bool ShouldUseAmdGpuPolicy(sandbox::mojom::Sandbox sandbox_type) {
const bool obtain_gpu_info =
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_BSD)
sandbox_type == sandbox::mojom::Sandbox::kHardwareVideoDecoding ||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
sandbox_type == sandbox::mojom::Sandbox::kHardwareVideoEncoding;
@@ -146,6 +156,7 @@ bool ShouldUseAmdGpuPolicy(sandbox::mojom::Sandbox san
return false;
}
+#endif
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
#if BUILDFLAG(IS_WIN)
@@ -250,7 +261,8 @@ int UtilityMain(MainFunctionParams parameters) {
CHECK(on_device_model::OnDeviceModelService::PreSandboxInit());
}
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+// XXX BSD
+#if (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)) && !BUILDFLAG(IS_BSD)
// Thread type delegate of the process should be registered before first
// thread type change in ChildProcess constructor. It also needs to be
// registered before the process has multiple threads, which may race with
@@ -262,7 +274,7 @@ int UtilityMain(MainFunctionParams parameters) {
}
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD)
// Initializes the sandbox before any threads are created.
// TODO(jorgelo): move this after GTK initialization when we enable a strict
// Seccomp-BPF policy.
@@ -300,7 +312,7 @@ int UtilityMain(MainFunctionParams parameters) {
screen_ai::GetBinaryPathSwitch()));
break;
#endif
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_BSD)
case sandbox::mojom::Sandbox::kHardwareVideoDecoding:
pre_sandbox_hook =
base::BindOnce(&media::HardwareVideoDecodingPreSandboxHook);
@@ -327,6 +339,7 @@ int UtilityMain(MainFunctionParams parameters) {
default:
break;
}
+#if !BUILDFLAG(IS_BSD)
if (!sandbox::policy::IsUnsandboxedSandboxType(sandbox_type) &&
(parameters.zygote_child || !pre_sandbox_hook.is_null())) {
sandbox_options.use_amd_specific_policies =
@@ -334,6 +347,11 @@ int UtilityMain(MainFunctionParams parameters) {
sandbox::policy::Sandbox::Initialize(
sandbox_type, std::move(pre_sandbox_hook), sandbox_options);
}
+#else
+ sandbox::policy::Sandbox::Initialize(
+ sandbox_type, std::move(pre_sandbox_hook),
+ sandbox::policy::SandboxLinux::Options());
+#endif
// Start the HangWatcher now that the sandbox is engaged, if it hasn't
// already been started.
|
