This CL makes the following changes:
* Renames GetNetMaximumFileSizeFromCommandLine() to
GetNetLogMaximumFileSizeFromCommandLine().
* Changes its return type from int64_t to uint64_t, because it may
return the maximum uint64_t value.
* Adds an explicit cast to uint64_t before shifting. This fixes parsing
for values >= 2**12.
* Adds test coverage, including a regression test for the linked bug.
Bug: 352496169
Change-Id: Ifd44fe4a1b58f83ba806753899e2e55ad02b37b8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5695988
Reviewed-by: Adam Rice <ricea@chromium.org>
Commit-Queue: Dan McArdle <dmcardle@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1326747}
OnRestartNetworkServiceForTesting() ran a callback when the network
service was deliberately restarted. RegisterNetworkServiceCrashHandler()
ran a stack of callback handlers whenever the network service crashed.
The crash handlers wouldn't run when the network service was
deliberately restarted, but they probably should. And
OnRestartNetworkServiceForTesting() didn't allow registering multiple
callbacks. This CL combines the two functions into one.
The resulting RegisterNetworkServiceProcessGoneHandler() will be
useful for components that want to configure the network service, and
need to resend the configuration every time the network service
restarts.
Change-Id: I26a5c5a2849d0eb8878864738005d2376f372d80
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4990533
Reviewed-by: Adam Rice <ricea@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1219135}
This is a reland of commit 5dfa5d11f4
The new sandbox tests should be skipped if the sandbox is disabled
on the command line.
Original change's description:
> Cros network service sandbox: Unsandboxed if kerberos is enabled
>
> The Linux/cros network service sandbox is incompatible with kerberos.
> So, the network service will start unsandboxed if kerberos is
> enabled, regardless of feature state or enterprise policy.
>
> The KerberosEnabled enterprise policy can change at runtime. If it
> flips to enabled, shut down the network service so it restarts
> unsandboxed. This is not a sandbox hole because only admins
> can enable kerberos.
>
> Change-Id: I4ae1356f31c3f9182a0db803a2ee22ec7bd1744e
> Bug: 1079808
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4753004
> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
> Reviewed-by: Matt Menke <mmenke@chromium.org>
> Commit-Queue: Matthew Denton <mpdenton@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1180982}
Bug: 1079808, 1473197
Change-Id: I877ff17df78e1d3d34f90ff95ebd0e8886b3cf2f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4777750
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Auto-Submit: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1185061}
This reverts commit 5dfa5d11f4.
Reason for revert:
SystemNetworkContextManagerNetworkServiceSandboxEnabledBrowsertest.NetworkServiceRestartsUnsandboxedOnKerberosEnabled
is failing on Linux Chromium OS ASan LSan
First failure: https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20Chromium%20OS%20ASan%20LSan%20Tests%20(1)/52807/overview
Original change's description:
> Cros network service sandbox: Unsandboxed if kerberos is enabled
>
> The Linux/cros network service sandbox is incompatible with kerberos.
> So, the network service will start unsandboxed if kerberos is
> enabled, regardless of feature state or enterprise policy.
>
> The KerberosEnabled enterprise policy can change at runtime. If it
> flips to enabled, shut down the network service so it restarts
> unsandboxed. This is not a sandbox hole because only admins
> can enable kerberos.
>
> Change-Id: I4ae1356f31c3f9182a0db803a2ee22ec7bd1744e
> Bug: 1079808
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4753004
> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
> Reviewed-by: Matt Menke <mmenke@chromium.org>
> Commit-Queue: Matthew Denton <mpdenton@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1180982}
Bug: 1079808
Change-Id: Ida288eec87d64b363f7c68ce327e2904f00769ad
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4763626
Auto-Submit: Christos Froussios <cfroussios@google.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Christos Froussios <cfroussios@google.com>
Owners-Override: Christos Froussios <cfroussios@google.com>
Cr-Commit-Position: refs/heads/main@{#1181303}
The Linux/cros network service sandbox is incompatible with kerberos.
So, the network service will start unsandboxed if kerberos is
enabled, regardless of feature state or enterprise policy.
The KerberosEnabled enterprise policy can change at runtime. If it
flips to enabled, shut down the network service so it restarts
unsandboxed. This is not a sandbox hole because only admins
can enable kerberos.
Change-Id: I4ae1356f31c3f9182a0db803a2ee22ec7bd1744e
Bug: 1079808
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4753004
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1180982}
This CL adds empty network service out of process for measuring memory
impact on Android.
The empty network service lives on new utility process and virtually does
nothing (implementation is ~20 lines of code in c/u/services.cc.)
The empty service is enabled only if the canonical network service
is in process to see additional process overhead on Android.
Bug: 1395707
Change-Id: Ieb0902a87134d1ae0af56f6b9d7940944863e450
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4374282
Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
Commit-Queue: Yoichi Osato <yoichio@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1143838}
This CL removes expired histograms:
- Navigation.CommitTimeout.NetworkServiceAvailability (expired as of M82)
- Navigation.CommitTimeout.NetworkServiceLastCrashTime (expired as of M82)
- Navigation.CommitTimeout.NetworkServicePingTime (expired as of M82)
- Navigation.CommitTimeout.Scheme (expired as of M82)
- Navigation.IsSameProcess.* (expired as of M85)
No behavior changes.
Bug: 1384581, 1088973
Change-Id: I1cac5483f960efcebc62f6839987c007bf987a5a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4442185
Reviewed-by: Luc Nguyen <lucnguyen@google.com>
Commit-Queue: Asami Doi <asamidoi@chromium.org>
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Auto-Submit: Asami Doi <asamidoi@chromium.org>
Code-Coverage: Findit <findit-for-me@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#1134475}
In some unit tests, ForceCreateNetworkServiceDirectlyForTesting() but
ForceInProcessNetworkService(true) was not. So
IsOutOfProcessNetworkService() returned true even though it wasn't.
So have the former call the latter.
The NetworkService() constructor was using the existing of `registry_`
as an indication that the network service was out of process. That
also wasn't true. So just don't create a BinderRegistry if it's
unused (in the in-process case).
Bug: 1312226
Change-Id: I7aa319b5baa6017b2adf2d634ad22260f762b493
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4371542
Auto-Submit: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Adam Rice <ricea@chromium.org>
Commit-Queue: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1122903}
This is a reland of a5f1ceaa8a
This additionally wraps the DCHECKs in DCHECK_IS_ON() to prevent
the compiler from complaining.
BYPASS_POLICY_COMPATIBILITY_CHECK=No suitable default exists.
Original change's description:
> Add enterprise policy for enabling or disabling network sandbox.
>
> This CL adds a new enterprise policy `NetworkServiceSandboxEnabled`
> for force enabling or disabling the network service sandbox.
>
> This allows enterprises to force enable now to get feedback on any
> potential future compatibility issues during rollout, and will also
> permit opting out of the sandbox if any third party compatibility
> issues are encountered after rollout.
>
> If this policy is not set, then the default from content will be
> used.
>
> This CL also removes some DCHECKs in sandbox as control of whether
> network service sandbox is enabled is now fully in content.
>
> BUG=841001
> BYPASS_POLICY_COMPATIBILITY_CHECK=No suitable default exists.
>
> Change-Id: Icdbbadd71a7b93fab947a00e1a14e6bedbb8c8f1
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3198860
> Reviewed-by: Nasko Oskov <nasko@chromium.org>
> Reviewed-by: Scott Violet <sky@chromium.org>
> Reviewed-by: Alex Gough <ajgo@chromium.org>
> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org>
> Commit-Queue: Will Harris <wfh@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#928449}
Bug: 841001
Change-Id: I528dab0c8c3a3584aca91e8e73638a6a074b0118
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3207411
Reviewed-by: Alex Gough <ajgo@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Commit-Queue: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#928719}
This CL adds a new enterprise policy `NetworkServiceSandboxEnabled`
for force enabling or disabling the network service sandbox.
This allows enterprises to force enable now to get feedback on any
potential future compatibility issues during rollout, and will also
permit opting out of the sandbox if any third party compatibility
issues are encountered after rollout.
If this policy is not set, then the default from content will be
used.
This CL also removes some DCHECKs in sandbox as control of whether
network service sandbox is enabled is now fully in content.
BUG=841001
BYPASS_POLICY_COMPATIBILITY_CHECK=No suitable default exists.
Change-Id: Icdbbadd71a7b93fab947a00e1a14e6bedbb8c8f1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3198860
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Reviewed-by: Alex Gough <ajgo@chromium.org>
Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org>
Commit-Queue: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#928449}
Third party DLLs will not load successfully in the sandbox, so for
now just disable the sandbox if they can be detected. Going forward,
there will be more services/extension points that might cause
the sandbox to be disabled.
This adds UMA metrics for SSP/AP status, as well as removing
some unneeded CONTENT_EXPORT from a header file.
BUG=991265
Change-Id: Idcaf6fe20448affc2fd2cf0e4606c8fe5ef4bf30
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2674523
Commit-Queue: Will Harris <wfh@chromium.org>
Auto-Submit: Will Harris <wfh@chromium.org>
Reviewed-by: Alexei Svitkine <asvitkine@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Alex Gough <ajgo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#851263}
This switches Network Service to a simpler service model which does not
involve the Service Manager. Instead, the browser directly controls a
singleton Network Service process or in-process instance.
This should not change existing Network Service lifetime or behavior; it
only gives the browser direct control of process lifetime instead of
relying on the Service Manager to do that work.
Bug: 977637
Change-Id: I626ec8bec935e02f7c0d66a3c379a5fc0c547a1e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1673442
Commit-Queue: Ken Rockot <rockot@google.com>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Cr-Commit-Position: refs/heads/master@{#705260}
There are three fixes:
1) The main fix is that network::NetworkService needs to be torn down between tests. One reason is that so a test don't leave it misconfigured for other tests. The pressing reason is that if network::NetworkService is bound to a pipe in one test it'll also be bound to that test's BrowserThreadTestBundle's sequence; that means for other tests no mojo messages will be dispatched. Fix this by resetting the interface pointer at the end of each test.
2) We need to delete the network::NetworkService object to avoid leaks; depending on connection error dispatching again might not be delivered. This is fixed by storing the pointer in SequenceLocalStorageSlot.
3) We create network::NetworkService directly instead of trying to use the global ServiceManager. For most tests this happens because there's no global Connector. However some tests would instantiate a test service manager objects, so we need to force the direct instantiation through a test only method.
Bug: 966633
Change-Id: I1c181733af692e7a6742a45c10a16c863e2642a5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1632494
Commit-Queue: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Ken Rockot <rockot@google.com>
Cr-Commit-Position: refs/heads/master@{#664068}
