1 // Copyright 2020 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CONTENT_BROWSER_SERVICE_SANDBOX_TYPE_H_ 6 #define CONTENT_BROWSER_SERVICE_SANDBOX_TYPE_H_ 7 8 #include "base/feature_list.h" 9 #include "build/build_config.h" 10 #include "content/public/browser/content_browser_client.h" 11 #include "content/public/browser/service_process_host.h" 12 #include "content/public/common/content_client.h" 13 #include "sandbox/policy/sandbox_type.h" 14 15 // This file maps service classes to sandbox types. Services which 16 // require a non-utility sandbox can be added here. See 17 // ServiceProcessHost::Launch() for how these templates are consumed. 18 19 // audio::mojom::AudioService 20 namespace audio { 21 namespace mojom { 22 class AudioService; 23 } 24 } // namespace audio 25 template <> 26 inline sandbox::policy::SandboxType 27 content::GetServiceSandboxType<audio::mojom::AudioService>() { 28 return GetContentClient()->browser()->ShouldSandboxAudioService() 29 ? sandbox::policy::SandboxType::kAudio 30 : sandbox::policy::SandboxType::kNoSandbox; 31 } 32 33 // media::mojom::CdmService 34 namespace media { 35 namespace mojom { 36 class CdmService; 37 } 38 } // namespace media 39 template <> 40 inline sandbox::policy::SandboxType 41 content::GetServiceSandboxType<media::mojom::CdmService>() { 42 return sandbox::policy::SandboxType::kCdm; 43 } 44 45 // network::mojom::NetworkService 46 namespace network { 47 namespace mojom { 48 class NetworkService; 49 } 50 } // namespace network 51 template <> 52 inline sandbox::policy::SandboxType 53 content::GetServiceSandboxType<network::mojom::NetworkService>() { 54 return sandbox::policy::SandboxType::kNetwork; 55 } 56 57 // device::mojom::XRDeviceService 58 #if defined(OS_WIN) 59 namespace device { 60 namespace mojom { 61 class XRDeviceService; 62 } 63 } // namespace device 64 template <> 65 inline sandbox::policy::SandboxType 66 content::GetServiceSandboxType<device::mojom::XRDeviceService>() { 67 return sandbox::policy::SandboxType::kXrCompositing; 68 } 69 #endif // OS_WIN 70 71 // video_capture::mojom::VideoCaptureService 72 namespace video_capture { 73 namespace mojom { 74 class VideoCaptureService; 75 } 76 } // namespace video_capture 77 template <> 78 inline sandbox::policy::SandboxType 79 content::GetServiceSandboxType<video_capture::mojom::VideoCaptureService>() { 80 return sandbox::policy::SandboxType::kVideoCapture; 81 } 82 83 #endif // CONTENT_BROWSER_SERVICE_SANDBOX_TYPE_H_ 84