ports/www/chromium/patches/patch-content_utility_utility_main_cc

Index: content/utility/utility_main.cc
--- content/utility/utility_main.cc.orig
+++ content/utility/utility_main.cc
@@ -31,7 +31,7 @@
 #include "third_party/icu/source/common/unicode/unistr.h"
 #include "third_party/icu/source/i18n/unicode/timezone.h"
 
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD)
 #include "base/file_descriptor_store.h"
 #include "base/files/file_util.h"
 #include "base/pickle.h"
@@ -39,7 +39,9 @@
 #include "content/utility/speech/speech_recognition_sandbox_hook_linux.h"
 #include "gpu/config/gpu_info_collector.h"
 #include "media/gpu/sandbox/hardware_video_encoding_sandbox_hook_linux.h"
+#if !BUILDFLAG(IS_BSD)
 #include "sandbox/policy/linux/sandbox_linux.h"
+#endif
 #include "services/audio/audio_sandbox_hook_linux.h"
 #include "services/network/network_sandbox_hook_linux.h"
 // gn check is not smart enough to realize that this include only applies to
@@ -51,10 +53,14 @@
 #endif
 #endif
 
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_BSD)
 #include "media/gpu/sandbox/hardware_video_decoding_sandbox_hook_linux.h"
 #endif  // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
 
+#if BUILDFLAG(IS_BSD)
+#include "sandbox/policy/sandbox.h"
+#endif
+
 #if BUILDFLAG(IS_CHROMEOS_ASH)
 #include "chromeos/ash/components/assistant/buildflags.h"
 #include "chromeos/ash/services/ime/ime_sandbox_hook.h"
@@ -66,7 +72,7 @@
 #endif  // BUILDFLAG(IS_CHROMEOS_ASH)
 
 #if (BUILDFLAG(ENABLE_SCREEN_AI_SERVICE) && \
-     (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)))
+     (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD)))
 #include "components/services/screen_ai/sandbox/screen_ai_sandbox_hook_linux.h"  // nogncheck
 #endif
 
@@ -92,7 +98,7 @@ namespace content {
 
 namespace {
 
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD)
 std::vector<std::string> GetNetworkContextsParentDirectories() {
   base::MemoryMappedFile::Region region;
   base::ScopedFD read_pipe_fd = base::FileDescriptorStore::GetInstance().TakeFD(
@@ -120,7 +126,7 @@ std::vector<std::string> GetNetworkContextsParentDirec
 
 bool ShouldUseAmdGpuPolicy(sandbox::mojom::Sandbox sandbox_type) {
   const bool obtain_gpu_info =
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_BSD)
       sandbox_type == sandbox::mojom::Sandbox::kHardwareVideoDecoding ||
 #endif  // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
       sandbox_type == sandbox::mojom::Sandbox::kHardwareVideoEncoding;
@@ -236,7 +242,7 @@ int UtilityMain(MainFunctionParams parameters) {
     }
   }
 
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_BSD)
   // Initializes the sandbox before any threads are created.
   // TODO(jorgelo): move this after GTK initialization when we enable a strict
   // Seccomp-BPF policy.
@@ -265,7 +271,7 @@ int UtilityMain(MainFunctionParams parameters) {
       pre_sandbox_hook = base::BindOnce(&screen_ai::ScreenAIPreSandboxHook);
       break;
 #endif
-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH)
+#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_BSD)
     case sandbox::mojom::Sandbox::kHardwareVideoDecoding:
       pre_sandbox_hook =
           base::BindOnce(&media::HardwareVideoDecodingPreSandboxHook);
@@ -292,6 +298,7 @@ int UtilityMain(MainFunctionParams parameters) {
     default:
       break;
   }
+#if !BUILDFLAG(IS_BSD)
   if (!sandbox::policy::IsUnsandboxedSandboxType(sandbox_type) &&
       (parameters.zygote_child || !pre_sandbox_hook.is_null())) {
     sandbox::policy::SandboxLinux::Options sandbox_options;
@@ -300,6 +307,11 @@ int UtilityMain(MainFunctionParams parameters) {
     sandbox::policy::Sandbox::Initialize(
         sandbox_type, std::move(pre_sandbox_hook), sandbox_options);
   }
+#else
+  sandbox::policy::Sandbox::Initialize(
+      sandbox_type, std::move(pre_sandbox_hook),
+      sandbox::policy::SandboxLinux::Options());
+#endif
 #elif BUILDFLAG(IS_WIN)
   g_utility_target_services = parameters.sandbox_info->target_services;
SecBSD's official ports repository 2023-08-16 22:26:55 +00:00			`Index: content/utility/utility_main.cc`
			`--- content/utility/utility_main.cc.orig`
			`+++ content/utility/utility_main.cc`
			`@@ -31,7 +31,7 @@`
			`#include "third_party/icu/source/common/unicode/unistr.h"`
			`#include "third_party/icu/source/i18n/unicode/timezone.h"`

			`-#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS)`
			`+#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS) \|\| BUILDFLAG(IS_BSD)`
			`#include "base/file_descriptor_store.h"`
			`#include "base/files/file_util.h"`
			`#include "base/pickle.h"`
			`@@ -39,7 +39,9 @@`
			`#include "content/utility/speech/speech_recognition_sandbox_hook_linux.h"`
			`#include "gpu/config/gpu_info_collector.h"`
			`#include "media/gpu/sandbox/hardware_video_encoding_sandbox_hook_linux.h"`
			`+#if !BUILDFLAG(IS_BSD)`
			`#include "sandbox/policy/linux/sandbox_linux.h"`
			`+#endif`
			`#include "services/audio/audio_sandbox_hook_linux.h"`
			`#include "services/network/network_sandbox_hook_linux.h"`
			`// gn check is not smart enough to realize that this include only applies to`
			`@@ -51,10 +53,14 @@`
			`#endif`
			`#endif`

			`-#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS_ASH)`
			`+#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS_ASH) \|\| BUILDFLAG(IS_BSD)`
			`#include "media/gpu/sandbox/hardware_video_decoding_sandbox_hook_linux.h"`
			`#endif // BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS_ASH)`

			`+#if BUILDFLAG(IS_BSD)`
			`+#include "sandbox/policy/sandbox.h"`
			`+#endif`
			`+`
			`#if BUILDFLAG(IS_CHROMEOS_ASH)`
			`#include "chromeos/ash/components/assistant/buildflags.h"`
			`#include "chromeos/ash/services/ime/ime_sandbox_hook.h"`
			`@@ -66,7 +72,7 @@`
			`#endif // BUILDFLAG(IS_CHROMEOS_ASH)`

			`#if (BUILDFLAG(ENABLE_SCREEN_AI_SERVICE) && \`
			`- (BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS)))`
			`+ (BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS) \|\| BUILDFLAG(IS_BSD)))`
			`#include "components/services/screen_ai/sandbox/screen_ai_sandbox_hook_linux.h" // nogncheck`
			`#endif`

sync ports with The Matrix 2023-08-18 18:38:43 +00:00			`@@ -92,7 +98,7 @@ namespace content {`
SecBSD's official ports repository 2023-08-16 22:26:55 +00:00
			`namespace {`

			`-#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS)`
			`+#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS) \|\| BUILDFLAG(IS_BSD)`
			`std::vector<std::string> GetNetworkContextsParentDirectories() {`
			`base::MemoryMappedFile::Region region;`
			`base::ScopedFD read_pipe_fd = base::FileDescriptorStore::GetInstance().TakeFD(`
sync ports with The Matrix 2023-08-18 18:38:43 +00:00			`@@ -120,7 +126,7 @@ std::vector<std::string> GetNetworkContextsParentDirec`
SecBSD's official ports repository 2023-08-16 22:26:55 +00:00
			`bool ShouldUseAmdGpuPolicy(sandbox::mojom::Sandbox sandbox_type) {`
			`const bool obtain_gpu_info =`
			`-#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS_ASH)`
			`+#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS_ASH) \|\| BUILDFLAG(IS_BSD)`
			`sandbox_type == sandbox::mojom::Sandbox::kHardwareVideoDecoding \|\|`
			`#endif // BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS_ASH)`
			`sandbox_type == sandbox::mojom::Sandbox::kHardwareVideoEncoding;`
sync ports with The Matrix 2023-08-18 18:38:43 +00:00			`@@ -236,7 +242,7 @@ int UtilityMain(MainFunctionParams parameters) {`
SecBSD's official ports repository 2023-08-16 22:26:55 +00:00			`}`
			`}`

			`-#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS)`
			`+#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS) \|\| BUILDFLAG(IS_BSD)`
			`// Initializes the sandbox before any threads are created.`
			`// TODO(jorgelo): move this after GTK initialization when we enable a strict`
			`// Seccomp-BPF policy.`
sync ports with The Matrix 2023-08-18 18:38:43 +00:00			`@@ -265,7 +271,7 @@ int UtilityMain(MainFunctionParams parameters) {`
SecBSD's official ports repository 2023-08-16 22:26:55 +00:00			`pre_sandbox_hook = base::BindOnce(&screen_ai::ScreenAIPreSandboxHook);`
			`break;`
			`#endif`
			`-#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS_ASH)`
			`+#if BUILDFLAG(IS_LINUX) \|\| BUILDFLAG(IS_CHROMEOS_ASH) \|\| BUILDFLAG(IS_BSD)`
			`case sandbox::mojom::Sandbox::kHardwareVideoDecoding:`
			`pre_sandbox_hook =`
			`base::BindOnce(&media::HardwareVideoDecodingPreSandboxHook);`
sync ports with The Matrix 2023-08-18 18:38:43 +00:00			`@@ -292,6 +298,7 @@ int UtilityMain(MainFunctionParams parameters) {`
SecBSD's official ports repository 2023-08-16 22:26:55 +00:00			`default:`
			`break;`
			`}`
			`+#if !BUILDFLAG(IS_BSD)`
			`if (!sandbox::policy::IsUnsandboxedSandboxType(sandbox_type) &&`
			`(parameters.zygote_child \|\| !pre_sandbox_hook.is_null())) {`
			`sandbox::policy::SandboxLinux::Options sandbox_options;`
sync ports with The Matrix 2023-08-18 18:38:43 +00:00			`@@ -300,6 +307,11 @@ int UtilityMain(MainFunctionParams parameters) {`
SecBSD's official ports repository 2023-08-16 22:26:55 +00:00			`sandbox::policy::Sandbox::Initialize(`
			`sandbox_type, std::move(pre_sandbox_hook), sandbox_options);`
			`}`
			`+#else`
			`+ sandbox::policy::Sandbox::Initialize(`
			`+ sandbox_type, std::move(pre_sandbox_hook),`
			`+ sandbox::policy::SandboxLinux::Options());`
			`+#endif`
			`#elif BUILDFLAG(IS_WIN)`
			`g_utility_target_services = parameters.sandbox_info->target_services;`