Google Git
Sign in
chromium / chromium / src / sandbox / 07639e08226c99f6cad55c9223e9fe1351e5069d
commit07639e08226c99f6cad55c9223e9fe1351e5069d[log] [tgz]
authorRamin Halavati <rhalavati@chromium.org>Wed Feb 23 13:11:14 2022
committerCopybara-Service <copybara-worker@google.com>Wed Feb 23 13:24:33 2022
treef9501da32b24a9394feb5e70468c02d65f569738
parent6155bd3051255038b0aa62e72fb51898e4ba771e [diff]
Add Screen AI service for accessibility annotations.

To improve the accessibility tree based on visual data, a snapshot of
the screen is sent to a local machine learning library. The library will
provide annotations for the snapshot and the annotations will be used
to update the accessibility tree.
This CL adds a Screen AI sand-boxed service to load the library, and
general infrastructure to pass the images from renderer to the library
and getting back and applying the annotations.
The actual details on how the annotations are processed and used will be
added in subsequent CLs.

See more in go/chrome-screen-ai.

This change is behind kScreenAI flag and disabled by default.

Bug: 1278249
AX-Relnotes: ‌ N/A
Change-Id: I25861e9b288c729eafb6162992bc6fbe611f2152
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3358073
Reviewed-by: David Tseng <dtseng@chromium.org>
Reviewed-by: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Alex Gough <ajgo@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Colin Blundell <blundell@chromium.org>
Commit-Queue: Ramin Halavati <rhalavati@chromium.org>
Cr-Commit-Position: refs/heads/main@{#974138}
NOKEYCHECK=True
GitOrigin-RevId: 26dcce2cb72770b0ea7a10a2c21c01ab0f1ee347
9 files changed
tree: f9501da32b24a9394feb5e70468c02d65f569738
  1. linux/
  2. mac/
  3. policy/
  4. win/
  5. BUILD.gn
  6. COMMON_METADATA
  7. constants.h
  8. DEPS
  9. DIR_METADATA
  10. features.gni
  11. ipc.dict
  12. OWNERS
  13. README.md
  14. sandbox_export.h
README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.