Remove Lacros leftovers from sandbox/
Lacros is gone. - Replace any IS_CHROMEOS_ASH uses with IS_CHROMEOS. - Replace any is_chromeos uses with is_chromeos. - Remove any IS_CHROMEOS_LACROS uses and associated code. - Remove any is_chromeos_lacros uses. - Where appropriate, remove includes of build/chromeos_buildflags.h or replace with build/build_config.h. - Remove any imports of build/config/chromeos/ui_mode.gni. Bug: b:354842935 Change-Id: Iddd81988fa3f47988528124eef82b69497821f45 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6242475 Auto-Submit: Georg Neis <neis@chromium.org> Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#1417996}
This commit is contained in:

committed by
Chromium LUCI CQ

parent
08e5f2937e
commit
b6b8784e6d
sandbox
@ -99,7 +99,6 @@ source_set("sandbox_linux_unittests_sources") {
|
||||
":sandbox_services_headers",
|
||||
"//base",
|
||||
"//base/test:test_support",
|
||||
"//build:chromeos_buildflags",
|
||||
"//testing/gtest",
|
||||
]
|
||||
|
||||
@ -251,7 +250,6 @@ component("seccomp_bpf") {
|
||||
deps = [
|
||||
":sandbox_services",
|
||||
"//base",
|
||||
"//build:chromeos_buildflags",
|
||||
"//sandbox:sandbox_buildflags",
|
||||
]
|
||||
|
||||
|
@ -43,7 +43,6 @@
|
||||
#include "base/system/sys_info.h"
|
||||
#include "base/threading/thread.h"
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
#include "sandbox/linux/bpf_dsl/bpf_dsl.h"
|
||||
#include "sandbox/linux/bpf_dsl/errorcode.h"
|
||||
#include "sandbox/linux/bpf_dsl/linux_syscall_ranges.h"
|
||||
@ -2164,7 +2163,7 @@ SANDBOX_TEST(SandboxBPF, Tsync) {
|
||||
const bool supports_multi_threaded = SandboxBPF::SupportsSeccompSandbox(
|
||||
SandboxBPF::SeccompLevel::MULTI_THREADED);
|
||||
// On Chrome OS tsync is mandatory.
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
if (base::SysInfo::IsRunningOnChromeOS()) {
|
||||
BPF_ASSERT_EQ(true, supports_multi_threaded);
|
||||
}
|
||||
|
@ -36,7 +36,6 @@
|
||||
#include "base/posix/eintr_wrapper.h"
|
||||
#include "base/threading/thread.h"
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
#include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
|
||||
#include "sandbox/linux/seccomp-bpf/bpf_tests.h"
|
||||
#include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
|
||||
@ -353,7 +352,7 @@ TEST_BASELINE_SIGSYS(__NR_inotify_init)
|
||||
TEST_BASELINE_SIGSYS(__NR_vserver)
|
||||
#endif
|
||||
|
||||
#if defined(LIBC_GLIBC) && !BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if defined(LIBC_GLIBC) && !BUILDFLAG(IS_CHROMEOS)
|
||||
BPF_TEST_C(BaselinePolicy, FutexEINVAL, BaselinePolicy) {
|
||||
int ops[] = {
|
||||
FUTEX_CMP_REQUEUE_PI, FUTEX_CMP_REQUEUE_PI_PRIVATE,
|
||||
@ -390,7 +389,7 @@ BPF_DEATH_TEST_C(BaselinePolicy,
|
||||
syscall(__NR_futex, nullptr, FUTEX_UNLOCK_PI_PRIVATE, 0, nullptr, nullptr, 0);
|
||||
_exit(1);
|
||||
}
|
||||
#endif // defined(LIBC_GLIBC) && !BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // defined(LIBC_GLIBC) && !BUILDFLAG(IS_CHROMEOS)
|
||||
|
||||
BPF_TEST_C(BaselinePolicy, PrctlDumpable, BaselinePolicy) {
|
||||
const int is_dumpable = prctl(PR_GET_DUMPABLE, 0, 0, 0, 0);
|
||||
|
@ -24,7 +24,6 @@
|
||||
#include "base/notreached.h"
|
||||
#include "base/synchronization/synchronization_buildflags.h"
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
#include "sandbox/linux/bpf_dsl/bpf_dsl.h"
|
||||
#include "sandbox/linux/bpf_dsl/seccomp_macros.h"
|
||||
#include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
|
||||
@ -35,8 +34,7 @@
|
||||
#include "sandbox/linux/system_headers/linux_syscalls.h"
|
||||
#include "sandbox/linux/system_headers/linux_time.h"
|
||||
|
||||
#if (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_LACROS)) && \
|
||||
!defined(__arm__) && !defined(__aarch64__) && \
|
||||
#if BUILDFLAG(IS_LINUX) && !defined(__arm__) && !defined(__aarch64__) && \
|
||||
!defined(PTRACE_GET_THREAD_AREA)
|
||||
// Also include asm/ptrace-abi.h since ptrace.h in older libc (for instance
|
||||
// the one in Ubuntu 16.04 LTS) is missing PTRACE_GET_THREAD_AREA.
|
||||
@ -107,7 +105,7 @@ inline bool IsArchitectureMips() {
|
||||
// to allow those futex(2) calls to fail with EINVAL, instead of crashing the
|
||||
// process. See crbug.com/598471.
|
||||
inline bool IsBuggyGlibcSemPost() {
|
||||
#if defined(LIBC_GLIBC) && !BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if defined(LIBC_GLIBC) && !BUILDFLAG(IS_CHROMEOS)
|
||||
return true;
|
||||
#else
|
||||
return false;
|
||||
|
@ -4,7 +4,6 @@
|
||||
|
||||
import("//build/buildflag_header.gni")
|
||||
import("//build/config/cast.gni")
|
||||
import("//build/config/chromeos/ui_mode.gni")
|
||||
import("//build/config/sanitizers/sanitizers.gni")
|
||||
import("//chromeos/ash/components/assistant/assistant.gni")
|
||||
import("//testing/test.gni")
|
||||
@ -26,7 +25,6 @@ component("policy") {
|
||||
defines = [ "SANDBOX_POLICY_IMPL" ]
|
||||
deps = [
|
||||
"//base",
|
||||
"//build:chromeos_buildflags",
|
||||
"//ppapi/buildflags",
|
||||
"//sandbox/policy/mojom",
|
||||
]
|
||||
@ -94,7 +92,7 @@ component("policy") {
|
||||
"linux/sandbox_seccomp_bpf_linux.cc",
|
||||
"linux/sandbox_seccomp_bpf_linux.h",
|
||||
]
|
||||
if (is_linux || is_chromeos_ash) {
|
||||
if (is_linux || is_chromeos) {
|
||||
sources += [
|
||||
"linux/bpf_hardware_video_decoding_policy_linux.cc",
|
||||
"linux/bpf_hardware_video_decoding_policy_linux.h",
|
||||
@ -116,7 +114,7 @@ component("policy") {
|
||||
"//sandbox/linux:suid_sandbox_client",
|
||||
]
|
||||
}
|
||||
if (is_chromeos_ash) {
|
||||
if (is_chromeos) {
|
||||
sources += [
|
||||
"linux/bpf_ime_policy_linux.cc",
|
||||
"linux/bpf_ime_policy_linux.h",
|
||||
|
@ -6,7 +6,6 @@
|
||||
|
||||
#include "base/feature_list.h"
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
#include "sandbox/features.h"
|
||||
|
||||
#if BUILDFLAG(IS_WIN)
|
||||
@ -126,14 +125,14 @@ BASE_FEATURE(kWinSboxFilterServiceEnvironment,
|
||||
base::FEATURE_ENABLED_BY_DEFAULT);
|
||||
#endif // BUILDFLAG(IS_WIN)
|
||||
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
// Controls whether the Spectre variant 2 mitigation is enabled. We use a USE
|
||||
// flag on some Chrome OS boards to disable the mitigation by disabling this
|
||||
// feature in exchange for system performance.
|
||||
BASE_FEATURE(kSpectreVariant2Mitigation,
|
||||
"SpectreVariant2Mitigation",
|
||||
base::FEATURE_ENABLED_BY_DEFAULT);
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
// Increase the renderer sandbox memory limit. As of 2023, there are no limits
|
||||
|
@ -10,7 +10,6 @@
|
||||
|
||||
#include "base/feature_list.h"
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
#include "sandbox/policy/export.h"
|
||||
|
||||
namespace sandbox::policy::features {
|
||||
@ -41,9 +40,9 @@ SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kEnableCsrssLockdown);
|
||||
SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kWinSboxFilterServiceEnvironment);
|
||||
#endif // BUILDFLAG(IS_WIN)
|
||||
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kSpectreVariant2Mitigation);
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
SANDBOX_POLICY_EXPORT BASE_DECLARE_FEATURE(kHigherRendererMemoryLimit);
|
||||
|
@ -12,7 +12,6 @@
|
||||
|
||||
#include "base/compiler_specific.h"
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
#include "sandbox/linux/bpf_dsl/bpf_dsl.h"
|
||||
#include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"
|
||||
#include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h"
|
||||
@ -101,7 +100,7 @@ ResultExpr GpuProcessPolicy::EvaluateSyscall(int sysno) const {
|
||||
break;
|
||||
}
|
||||
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_LACROS)
|
||||
#if BUILDFLAG(IS_LINUX)
|
||||
if (SyscallSets::IsSystemVSharedMemory(sysno))
|
||||
return Allow();
|
||||
#endif
|
||||
|
@ -32,7 +32,6 @@
|
||||
#include "base/threading/platform_thread.h"
|
||||
#include "base/threading/thread_id_name_manager.h"
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
#include "ppapi/buildflags/buildflags.h"
|
||||
#include "sandbox/constants.h"
|
||||
#include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
|
||||
@ -400,10 +399,6 @@ bool SandboxLinux::InitializeSandbox(sandbox::mojom::Sandbox sandbox_type,
|
||||
sandbox_failure_fatal = switch_value != "no";
|
||||
}
|
||||
|
||||
#if BUILDFLAG(IS_CHROMEOS_LACROS)
|
||||
CHECK(process_type != switches::kGpuProcess || sandbox_failure_fatal);
|
||||
#endif
|
||||
|
||||
if (sandbox_failure_fatal && !IsUnsandboxedSandboxType(sandbox_type)) {
|
||||
error_message += " Try waiting for /proc to be updated.";
|
||||
LOG(ERROR) << error_message;
|
||||
|
@ -18,7 +18,6 @@
|
||||
#include "base/feature_list.h"
|
||||
#include "base/notreached.h"
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
#include "ppapi/buildflags/buildflags.h"
|
||||
#include "sandbox/linux/bpf_dsl/bpf_dsl.h"
|
||||
#include "sandbox/linux/bpf_dsl/trap_registry.h"
|
||||
@ -56,7 +55,7 @@
|
||||
#include "sandbox/policy/linux/bpf_speech_recognition_policy_linux.h"
|
||||
#include "sandbox/policy/linux/bpf_utility_policy_linux.h"
|
||||
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
#include "chromeos/ash/components/assistant/buildflags.h"
|
||||
#include "sandbox/policy/features.h"
|
||||
#include "sandbox/policy/linux/bpf_ime_policy_linux.h"
|
||||
@ -65,11 +64,11 @@
|
||||
#if BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
#include "sandbox/policy/linux/bpf_libassistant_policy_linux.h"
|
||||
#endif // BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
#include "sandbox/policy/linux/bpf_hardware_video_decoding_policy_linux.h"
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
|
||||
#if BUILDFLAG(IS_LINUX)
|
||||
#include "sandbox/policy/linux/bpf_on_device_translation_policy_linux.h"
|
||||
@ -224,18 +223,18 @@ std::unique_ptr<BPFBasePolicy> SandboxSeccompBPF::PolicyForSandboxType(
|
||||
case sandbox::mojom::Sandbox::kVideoEffects:
|
||||
return std::make_unique<ServiceProcessPolicy>();
|
||||
#endif // BUILDFLAG(IS_LINUX)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
case sandbox::mojom::Sandbox::kHardwareVideoDecoding:
|
||||
return std::make_unique<HardwareVideoDecodingProcessPolicy>(
|
||||
HardwareVideoDecodingProcessPolicy::ComputePolicyType(
|
||||
options.use_amd_specific_policies));
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
case sandbox::mojom::Sandbox::kHardwareVideoEncoding:
|
||||
// TODO(b/255554267): we're using the GPU process sandbox policy for now
|
||||
// as a transition step. However, we should create a policy that's tighter
|
||||
// just for hardware video encoding.
|
||||
return GetGpuProcessSandbox(options);
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
case sandbox::mojom::Sandbox::kIme:
|
||||
return std::make_unique<ImeProcessPolicy>();
|
||||
case sandbox::mojom::Sandbox::kTts:
|
||||
@ -246,7 +245,7 @@ std::unique_ptr<BPFBasePolicy> SandboxSeccompBPF::PolicyForSandboxType(
|
||||
case sandbox::mojom::Sandbox::kLibassistant:
|
||||
return std::make_unique<LibassistantProcessPolicy>();
|
||||
#endif // BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
case sandbox::mojom::Sandbox::kZygoteIntermediateSandbox:
|
||||
case sandbox::mojom::Sandbox::kNoSandbox:
|
||||
NOTREACHED();
|
||||
@ -292,17 +291,17 @@ void SandboxSeccompBPF::RunSandboxSanityChecks(
|
||||
CHECK_EQ(EPERM, errno);
|
||||
#endif // !defined(NDEBUG)
|
||||
} break;
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
case sandbox::mojom::Sandbox::kHardwareVideoDecoding:
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
case sandbox::mojom::Sandbox::kIme:
|
||||
case sandbox::mojom::Sandbox::kTts:
|
||||
case sandbox::mojom::Sandbox::kNearby:
|
||||
#if BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
case sandbox::mojom::Sandbox::kLibassistant:
|
||||
#endif // BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
case sandbox::mojom::Sandbox::kScreenAI:
|
||||
case sandbox::mojom::Sandbox::kHardwareVideoEncoding:
|
||||
@ -341,10 +340,10 @@ bool SandboxSeccompBPF::StartSandboxWithExternalPolicy(
|
||||
SandboxBPF sandbox(std::move(policy));
|
||||
sandbox.SetProcFd(std::move(proc_fd));
|
||||
bool enable_ibpb = true;
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
enable_ibpb =
|
||||
base::FeatureList::IsEnabled(features::kSpectreVariant2Mitigation);
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
CHECK(sandbox.StartSandbox(seccomp_level, enable_ibpb));
|
||||
return true;
|
||||
}
|
||||
|
@ -2,7 +2,6 @@
|
||||
# Use of this source code is governed by a BSD-style license that can be
|
||||
# found in the LICENSE file.
|
||||
|
||||
import("//build/config/chromeos/ui_mode.gni")
|
||||
import("//chromeos/ash/components/assistant/assistant.gni")
|
||||
import("//mojo/public/tools/bindings/mojom.gni")
|
||||
import("//ppapi/buildflags/buildflags.gni")
|
||||
|
@ -112,7 +112,7 @@ enum Sandbox {
|
||||
// TODO(b/195769334): we're using the GPU process sandbox policy for now as a
|
||||
// transition step. However, we should create a policy that's tighter just for
|
||||
// hardware video decoding.
|
||||
[EnableIf=is_chromeos_ash|is_linux] kHardwareVideoDecoding,
|
||||
[EnableIf=is_chromeos|is_linux] kHardwareVideoDecoding,
|
||||
|
||||
// Used to protect processes that perform hardware video encode acceleration.
|
||||
// Currently uses the same policy as the GPU process sandbox. Warm-up does
|
||||
@ -127,10 +127,10 @@ enum Sandbox {
|
||||
[EnableIf=is_chromeos|is_linux] kHardwareVideoEncoding,
|
||||
|
||||
// Hosts Input Method Editors.
|
||||
[EnableIf=is_chromeos_ash] kIme,
|
||||
[EnableIf=is_chromeos] kIme,
|
||||
|
||||
// Text-to-speech.
|
||||
[EnableIf=is_chromeos_ash] kTts,
|
||||
[EnableIf=is_chromeos] kTts,
|
||||
|
||||
// Hosts the Libassistant service on ChromeOS Ash, only used for
|
||||
// Chrome branded builds.
|
||||
@ -145,7 +145,7 @@ enum Sandbox {
|
||||
|
||||
// Hosts the shared Nearby library for both Nearby Connections and
|
||||
// Nearby Presence.
|
||||
[EnableIf=is_chromeos_ash] kNearby,
|
||||
[EnableIf=is_chromeos] kNearby,
|
||||
|
||||
// Hosts On Device Translation service.
|
||||
// Currently the sandboxing of the On Device Translation service needs
|
||||
|
@ -9,14 +9,13 @@
|
||||
#include "base/check.h"
|
||||
#include "base/notreached.h"
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
#include "ppapi/buildflags/buildflags.h"
|
||||
#include "sandbox/policy/mojom/sandbox.mojom.h"
|
||||
#include "sandbox/policy/switches.h"
|
||||
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
#include "chromeos/ash/components/assistant/buildflags.h"
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
|
||||
namespace sandbox::policy {
|
||||
|
||||
@ -65,21 +64,19 @@ constexpr char kVideoEffectsSandbox[] = "video_effects";
|
||||
constexpr char kVideoCaptureSandbox[] = "video_capture";
|
||||
#endif
|
||||
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
constexpr char kHardwareVideoDecodingSandbox[] = "hardware_video_decoding";
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
constexpr char kHardwareVideoDecodingSandbox[] = "hardware_video_decoding";
|
||||
constexpr char kHardwareVideoEncodingSandbox[] = "hardware_video_encoding";
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
constexpr char kImeSandbox[] = "ime";
|
||||
constexpr char kTtsSandbox[] = "tts";
|
||||
constexpr char kNearbySandbox[] = "nearby";
|
||||
#if BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
constexpr char kLibassistantSandbox[] = "libassistant";
|
||||
#endif // BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_MAC)
|
||||
constexpr char kOnDeviceTranslationSandbox[] = "on_device_translation";
|
||||
@ -154,20 +151,18 @@ void SetCommandLineFlagsForSandboxType(base::CommandLine* command_line,
|
||||
case Sandbox::kMediaFoundationCdm:
|
||||
case Sandbox::kWindowsSystemProxyResolver:
|
||||
#endif // BUILDFLAG(IS_WIN)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
case Sandbox::kHardwareVideoDecoding:
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
case Sandbox::kHardwareVideoDecoding:
|
||||
case Sandbox::kHardwareVideoEncoding:
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
case Sandbox::kIme:
|
||||
case Sandbox::kTts:
|
||||
case Sandbox::kNearby:
|
||||
#if BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
case Sandbox::kLibassistant:
|
||||
#endif // BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
#if BUILDFLAG(IS_MAC)
|
||||
case Sandbox::kMirroring:
|
||||
#endif // BUILDFLAG(IS_MAC)
|
||||
@ -313,15 +308,13 @@ std::string StringFromUtilitySandboxType(Sandbox sandbox_type) {
|
||||
case Sandbox::kMirroring:
|
||||
return kMirroringSandbox;
|
||||
#endif
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
case Sandbox::kHardwareVideoDecoding:
|
||||
return kHardwareVideoDecodingSandbox;
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
case Sandbox::kHardwareVideoEncoding:
|
||||
return kHardwareVideoEncodingSandbox;
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
case Sandbox::kIme:
|
||||
return kImeSandbox;
|
||||
case Sandbox::kTts:
|
||||
@ -332,7 +325,7 @@ std::string StringFromUtilitySandboxType(Sandbox sandbox_type) {
|
||||
case Sandbox::kLibassistant:
|
||||
return kLibassistantSandbox;
|
||||
#endif // BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
// The following are not utility processes so should not occur.
|
||||
case Sandbox::kRenderer:
|
||||
case Sandbox::kGpu:
|
||||
@ -437,17 +430,15 @@ sandbox::mojom::Sandbox UtilitySandboxTypeFromString(
|
||||
return Sandbox::kVideoCapture;
|
||||
}
|
||||
#endif
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
if (sandbox_string == kHardwareVideoDecodingSandbox) {
|
||||
return Sandbox::kHardwareVideoDecoding;
|
||||
}
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
if (sandbox_string == kHardwareVideoEncodingSandbox) {
|
||||
return Sandbox::kHardwareVideoEncoding;
|
||||
}
|
||||
#endif // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
|
||||
#if BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#if BUILDFLAG(IS_CHROMEOS)
|
||||
if (sandbox_string == kImeSandbox) {
|
||||
return Sandbox::kIme;
|
||||
}
|
||||
@ -462,7 +453,7 @@ sandbox::mojom::Sandbox UtilitySandboxTypeFromString(
|
||||
return Sandbox::kLibassistant;
|
||||
}
|
||||
#endif // BUILDFLAG(ENABLE_CROS_LIBASSISTANT)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
|
||||
#endif // BUILDFLAG(IS_CHROMEOS)
|
||||
NOTREACHED()
|
||||
<< "Command line does not provide a valid sandbox configuration: "
|
||||
<< sandbox_string;
|
||||
|
@ -5,7 +5,6 @@
|
||||
#include "sandbox/policy/switches.h"
|
||||
|
||||
#include "build/build_config.h"
|
||||
#include "build/chromeos_buildflags.h"
|
||||
|
||||
namespace sandbox::policy::switches {
|
||||
|
||||
|
Reference in New Issue
Block a user