1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "content/public/common/sandbox_init.h" 6 7 #include "base/command_line.h" 8 #include "base/logging.h" 9 #include "content/common/sandbox_win.h" 10 #include "content/public/common/content_switches.h" 11 #include "sandbox/win/src/sandbox.h" 12 #include "sandbox/win/src/sandbox_types.h" 13 14 namespace content { 15 16 bool InitializeSandbox(sandbox::SandboxInterfaceInfo* sandbox_info) { 17 const base::CommandLine& command_line = 18 *base::CommandLine::ForCurrentProcess(); 19 sandbox::BrokerServices* broker_services = sandbox_info->broker_services; 20 if (broker_services) { 21 if (!InitBrokerServices(broker_services)) 22 return false; 23 24 // IMPORTANT: This piece of code needs to run as early as possible in the 25 // process because it will initialize the sandbox broker, which requires the 26 // process to swap its window station. During this time all the UI will be 27 // broken. This has to run before threads and windows are created. 28 if (!command_line.HasSwitch(switches::kNoSandbox)) { 29 // Precreate the desktop and window station used by the renderers. 30 sandbox::TargetPolicy* policy = broker_services->CreatePolicy(); 31 sandbox::ResultCode result = policy->CreateAlternateDesktop(true); 32 CHECK(sandbox::SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION != result); 33 policy->Release(); 34 } 35 return true; 36 } 37 38 if (command_line.HasSwitch(switches::kNoSandbox)) 39 return true; 40 41 sandbox::TargetServices* target_services = sandbox_info->target_services; 42 return InitTargetServices(target_services); 43 } 44 45 } // namespace content 46
