chromium/src
0
Fork 0
Code Activity
Files
d62ef43218b7401df20088ea10937abdd1a79a09
src/sandbox
History
Alex Gough 134ead4152 Use mojom | conditionals for mixed build conditions 
Mojom now supports `|` and `&` when testing `EnableIf` and
`EnableIfNot` conditions in mojom files. Previously, to
support multiple conditions, a build.gn file would define
a specific `enabled_feature`:

```build.gn
if (is_linux || is_win) {
  enabled_features += [ "is_linux_or_win" ]
}
```

This can now be handled directly in the mojom:

```mojom
  [EnableIf=is_linux|is_win]
  struct Foo {
    ...
  };
```

This CL applies this build.gn simplification where mixed
OS conditionals have been defined, and where no corresponding
build flag exists in the .cc/.h source (i.e. the .cc file
uses `BUILDFLAG(IS_WIN)||BUILDFLAG(IS_LINUX)`).

There should be no functional changes.

Bug: 378692747
Change-Id: I2bc404b838f47fe138c0291bb955eed403b11485
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6021499
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Owners-Override: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Colin Blundell <blundell@chromium.org>
Commit-Queue: Alex Gough <ajgo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1383260}
2024-11-14 21:55:05 +00:00
..
linux
[self_freeze] Fix sandbox
2024-10-29 17:29:00 +00:00
mac
sandbox: use apropraite deps type for proto_library targets
2024-10-10 14:34:47 +00:00
policy
Use mojom | conditionals for mixed build conditions
2024-11-14 21:55:05 +00:00
win
Use auto& in interception.cc
2024-11-14 01:25:43 +00:00
BUILD.gn
COMMON_METADATA
constants.h
DEPS
DIR_METADATA
features.cc
features.gni
features.h
OWNERS
README.md
sandbox_export.h

README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.