Google Git
Sign in
chromium / chromium / src / sandbox / aef91cb54412e4c4b28d4460636f5bec2a24ad29
commitaef91cb54412e4c4b28d4460636f5bec2a24ad29[log] [tgz]
authorWill Harris <wfh@chromium.org>Thu Oct 28 06:53:20 2021
committerCopybara-Service <copybara-worker@google.com>Thu Oct 28 07:08:26 2021
tree52f07b28e130ab2272ed63d326c3349d120b28ae
parent790e8d05e1de803dfeb0e3e147dcf760e10894aa [diff]
Use multiple timeouts for the UDP socket tests.

These tests were flaky on slow bots because process startup times
could vary depending on machine configuration.

This CL separates the process startup timeout from the socket
connection timeout and should fix the reliability issues, as the
UDP server now only needs to start waiting once it is signalled that
the child process has fully warmed up. This is not needed for the TCP
tests as the 'server' on 445 is always running.

It also standardizes on a one second network timeout for
connections for both TCP and UDP.

BUG=1264188

Change-Id: I5648ab622ea3a6143a0b79b7f6f9549925c9a2aa
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3248275
Reviewed-by: Alex Gough <ajgo@chromium.org>
Commit-Queue: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#935727}
NOKEYCHECK=True
GitOrigin-RevId: e49912b16cc0364438912e95423a92e11af3cd8a
1 file changed
tree: 52f07b28e130ab2272ed63d326c3349d120b28ae
  1. linux/
  2. mac/
  3. policy/
  4. win/
  5. BUILD.gn
  6. COMMON_METADATA
  7. constants.h
  8. DEPS
  9. DIR_METADATA
  10. features.gni
  11. ipc.dict
  12. OWNERS
  13. README.md
  14. sandbox_export.h
README.md

Sandbox Library

This directory contains platform-specific sandboxing libraries. Sandboxing is a technique that can improve the security of an application by separating untrustworthy code (or code that handles untrustworthy data) and restricting its privileges and capabilities.

Each platform relies on the operating system's process primitive to isolate code into distinct security principals, and platform-specific technologies are used to implement the privilege reduction. At a high-level:

  • mac/ uses the Seatbelt sandbox. See the detailed design for more.
  • linux/ uses namespaces and Seccomp-BPF. See the detailed design for more.
  • win/ uses a combination of restricted tokens, distinct job objects, alternate desktops, and integrity levels. See the detailed design for more.

Built on top of the low-level sandboxing library is the //sandbox/policy component, which provides concrete policies and helper utilities for sandboxing specific Chromium processes and services. The core sandbox library cannot depend on the policy component.