These functions in Windows may result in calls over the CSRSS ALPC
and allocations on CSRSS heaps, both of which are closed as part of
CSRSS lockdown, so they cannot be called from renderer processes if
this sandboxing mode is enabled.
This CL adds mojo support functions that proxy these calls, batching
together multiple calls from blink::LocaleWin where this makes sense.
The mojom calls are `[Sync]`. This is ok as they replace system calls
which themselves required a blocking IPC call, and because each call
is only needed to initialize cached members of Locale objects, which
are also cached by blink.
While initially supporting blink, these functions may support other
child processes than renderers so live in //content/browser.
As the calls to GetLocaleInfo() and LocaleNameToLCID() now happen
in the browser process, the mojom interface limits which properties
can be requested. Rather than allowing any LCTYPE the strings that
can be queried are restricted to those needed by blink.
The mojom implementation is guarded by WinSboxProxyLocale and calls
are only proxied if this feature is enabled.
Bug: 40408399
Change-Id: Ia34f8eff48d2e23e2c9a60825bbabd2ecd48caac
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6108617
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Xianzhu Wang <wangxianzhu@chromium.org>
Commit-Queue: Alex Gough <ajgo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1403046}
a5a75196ef