Update to Chromium revision 9ef2aa86 (#550428)

This commit is contained in:
Marshall Greenblatt
2018-04-19 11:44:42 -04:00
parent f6c9a96a12
commit a3c55f1d26
130 changed files with 1601 additions and 1522 deletions

View File

@@ -1,18 +1,20 @@
diff --git services/service_manager/sandbox/win/sandbox_win.cc services/service_manager/sandbox/win/sandbox_win.cc
index 6c7356eacc42..4804ce497e1b 100644
index 50430a8e2f8f..424af4cb70f6 100644
--- services/service_manager/sandbox/win/sandbox_win.cc
+++ services/service_manager/sandbox/win/sandbox_win.cc
@@ -865,8 +865,11 @@ sandbox::ResultCode SandboxWin::StartSandboxedProcess(
@@ -865,10 +865,13 @@ sandbox::ResultCode SandboxWin::StartSandboxedProcess(
#endif
// Post-startup mitigations.
- mitigations = sandbox::MITIGATION_STRICT_HANDLE_CHECKS |
- sandbox::MITIGATION_DLL_SEARCH_ORDER;
+ mitigations = sandbox::MITIGATION_DLL_SEARCH_ORDER;
if (!cmd_line->HasSwitch(switches::kAllowThirdPartyModules))
mitigations |= sandbox::MITIGATION_FORCE_MS_SIGNED_BINS;
+ if (!launcher_process_command_line.HasSwitch("win-rt-app")) {
+ // Don't enable this mitigation in WinRT apps. See issue #2274.
+ mitigations |= sandbox::MITIGATION_STRICT_HANDLE_CHECKS;
+ }
if (base::FeatureList::IsEnabled(
service_manager::features::kWinSboxForceMsSigned) &&
!cmd_line->HasSwitch(switches::kAllowThirdPartyModules)) {
result = policy->SetDelayedProcessMitigations(mitigations);
if (result != sandbox::SBOX_ALL_OK)