Google Git
Sign in
chromium / chromium / src / dac11fb82f38e80f305c8b23ad1c6305d45280c0
commitdac11fb82f38e80f305c8b23ad1c6305d45280c0[log] [tgz]
authorWill Harris <wfh@chromium.org>Wed Sep 08 02:21:41 2021
committerChromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com>Wed Sep 08 02:21:41 2021
tree818a748709659734fe786a88de2c0274f10fea67
parentf0fbfb42b200782eec7b9dce42b99d795a320e39 [diff]
Reland "Permit migration of network service data to a subdirectory."

This is a reland of 08d0ba0537b4b254f8b561ba86e46540ffe39741

The previous CL did not take into account that the APIs needed
to support LPAC are only available on Windows 10 or later.

This CL does not attempt to set the ACE if running on a version
of Windows where LPAC sandbox will never be enabled due to lack
of support.

In addition, on Android webview, where a pending reciever to the
cookie manager is passed in the network context params, do not
attempt to migrate data or grant sandbox access as the state
of the filesystem backing the cookies cannot be guaranteed, and
migration or sandbox granting will never be attempted anyway
as the network service always runs in-process.

BUG=841001,1173622

Original change's description:
> Permit migration of network service data to a subdirectory.
>
> This CL adds a new field in the NetworkContextFilePaths
> called `unsandboxed_data_path` which enables the migration
> of data currently contained in the `data_path` to a new
> directory.
>
> Setting `unsandboxed_data_path` will perform a migration
> of any network context data from `unsandboxed_data_path`
> to `data_path` and also allow the sandbox access to files
> contained within `data_path`. This is achieved on
> Windows by setting an ACE (Access Control Entry) to allow
> the LPAC sandbox to access these files. Support for other
> platforms will be added in future CLs, thus allowing the
> set of files that the network service process can access
> to be further tightened as the sandbox is enabled.
>
> It now becomes an unsupported operation (protected by
> DCHECK) to try and enable the LPAC sandbox on Windows
> without specifying a `unsandboxed_data_path`.
>
> This CL does not yet migrate any data, as no code outside
> of testing specifies the `unsandboxed_data_path`. As such,
> no behavior changes are to be expected. These will be
> added in follow-up CLs.
>
> This CL also removes
> MaybeSetNetworkContextSandboxPermissions which was an
> unused function.
>
> BUG=841001,1173622
>
> Change-Id: I68303a25be4327994169e8abfac18bd96289f9e5
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3105176
> Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
> Reviewed-by: Nasko Oskov <nasko@chromium.org>
> Reviewed-by: Matt Menke <mmenke@chromium.org>
> Commit-Queue: Will Harris <wfh@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#917395}

Bug: 841001,1173622
Change-Id: I553cd43908768af1191d824cfe4ce5383306fdbb
Cq-Include-Trybots: luci.chromium.try:android-webview-pie-arm64-fyi-rel
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3140445
Commit-Queue: Will Harris <wfh@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/main@{#919055}
9 files changed
tree: 818a748709659734fe786a88de2c0274f10fea67
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. buildtools/
  8. cc/
  9. chrome/
  10. chromecast/
  11. chromeos/
  12. cloud_print/
  13. codelabs/
  14. components/
  15. content/
  16. courgette/
  17. crypto/
  18. dbus/
  19. device/
  20. docs/
  21. extensions/
  22. fuchsia/
  23. gin/
  24. google_apis/
  25. google_update/
  26. gpu/
  27. headless/
  28. infra/
  29. ios/
  30. ipc/
  31. jingle/
  32. media/
  33. mojo/
  34. native_client_sdk/
  35. net/
  36. pdf/
  37. ppapi/
  38. printing/
  39. remoting/
  40. rlz/
  41. sandbox/
  42. services/
  43. skia/
  44. sql/
  45. storage/
  46. styleguide/
  47. testing/
  48. third_party/
  49. tools/
  50. ui/
  51. url/
  52. weblayer/
  53. .clang-format
  54. .clang-tidy
  55. .eslintrc.js
  56. .git-blame-ignore-revs
  57. .gitattributes
  58. .gitignore
  59. .gn
  60. .mailmap
  61. .vpython
  62. .vpython3
  63. .yapfignore
  64. AUTHORS
  65. BUILD.gn
  66. CODE_OF_CONDUCT.md
  67. codereview.settings
  68. DEPS
  69. DIR_METADATA
  70. ENG_REVIEW_OWNERS
  71. LICENSE
  72. LICENSE.chromium_os
  73. OWNERS
  74. PRESUBMIT.py
  75. PRESUBMIT_test.py
  76. PRESUBMIT_test_mocks.py
  77. README.md
  78. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

To check out the source code locally, don't use git clone! Instead, follow the instructions on how to get the code.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .

For historical reasons, there are some small top level directories. Now the guidance is that new top level directories are for product (e.g. Chrome, Android WebView, Ash). Even if these products have multiple executables, the code should be in subdirectories of the product.

If you found a bug, please file it at https://crbug.com/new.