$OpenBSD: patch-content_app_content_main_runner_impl_cc,v 1.8 2021/04/01 10:24:44 robert Exp $

Index: content/app/content_main_runner_impl.cc
--- content/app/content_main_runner_impl.cc.orig
+++ content/app/content_main_runner_impl.cc
@@ -124,17 +124,17 @@
 #include "base/posix/global_descriptors.h"
 #include "content/public/common/content_descriptors.h"
 
-#if !defined(OS_MAC)
+#if !defined(OS_MAC) && !defined(OS_BSD)
 #include "content/public/common/zygote/zygote_fork_delegate_linux.h"
 #endif
-#if !defined(OS_MAC) && !defined(OS_ANDROID)
+#if !defined(OS_MAC) && !defined(OS_ANDROID) && !defined(OS_BSD)
 #include "content/zygote/zygote_main.h"
 #include "sandbox/linux/services/libc_interceptor.h"
 #endif
 
 #endif  // OS_POSIX || OS_FUCHSIA
 
-#if defined(OS_LINUX) || defined(OS_CHROMEOS)
+#if defined(OS_LINUX) || defined(OS_CHROMEOS) || defined(OS_BSD)
 #include "base/native_library.h"
 #include "base/rand_util.h"
 #include "content/public/common/zygote/sandbox_support_linux.h"
@@ -166,6 +166,13 @@
 #include "media/base/media_switches.h"
 #endif
 
+#if defined(OS_BSD)
+#include "base/system/sys_info.h"
+#include "content/public/common/common_sandbox_support_linux.h"
+#include "content/public/common/sandbox_init.h"
+#include "sandbox/policy/linux/sandbox_linux.h"
+#endif
+
 #if defined(OS_ANDROID)
 #include "content/browser/android/browser_startup_controller.h"
 #include "content/common/android/cpu_affinity.h"
@@ -310,7 +317,7 @@ void InitializeZygoteSandboxForBrowserProcess(
 }
 #endif  // BUILDFLAG(USE_ZYGOTE_HANDLE)
 
-#if defined(OS_LINUX) || defined(OS_CHROMEOS)
+#if defined(OS_LINUX) || defined(OS_CHROMEOS) || defined(OS_BSD)
 
 #if BUILDFLAG(ENABLE_PLUGINS)
 // Loads the (native) libraries but does not initialize them (i.e., does not
@@ -349,11 +356,14 @@ void PreloadLibraryCdms() {
 }
 #endif  // BUILDFLAG(ENABLE_LIBRARY_CDMS)
 
-#if BUILDFLAG(USE_ZYGOTE_HANDLE)
+#if BUILDFLAG(USE_ZYGOTE_HANDLE) || defined(OS_BSD)
 void PreSandboxInit() {
+// arc4random
+#if !defined(OS_OPENBSD)
   // Pre-acquire resources needed by BoringSSL. See
   // https://boringssl.googlesource.com/boringssl/+/HEAD/SANDBOXING.md
   CRYPTO_pre_sandbox_init();
+#endif
 
 #if BUILDFLAG(ENABLE_PLUGINS)
   // Ensure access to the Pepper plugins before the sandbox is turned on.
@@ -365,6 +375,11 @@ void PreSandboxInit() {
 #endif
   InitializeWebRtcModule();
 
+#if defined(OS_BSD)
+  // "cache" the amount of physical memory before pledge(2)
+  base::SysInfo::AmountOfPhysicalMemoryMB();
+#endif
+
   // Set the android SkFontMgr for blink. We need to ensure this is done
   // before the sandbox is initialized to allow the font manager to access
   // font configuration files on disk.
@@ -464,7 +479,7 @@ int RunZygote(ContentMainDelegate* delegate) {
   delegate->ZygoteStarting(&zygote_fork_delegates);
   media::InitializeMediaLibrary();
 
-#if defined(OS_LINUX) || defined(OS_CHROMEOS)
+#if defined(OS_LINUX) || defined(OS_CHROMEOS) || defined(OS_BSD)
   PreSandboxInit();
 #endif
 
@@ -615,10 +630,10 @@ int ContentMainRunnerImpl::Initialize(const ContentMai
              kFieldTrialDescriptor + base::GlobalDescriptors::kBaseDescriptor);
 #endif  // !OS_ANDROID
 
-#if defined(OS_LINUX) || defined(OS_CHROMEOS) || defined(OS_OPENBSD)
+#if defined(OS_LINUX) || defined(OS_CHROMEOS)
   g_fds->Set(kCrashDumpSignal,
              kCrashDumpSignal + base::GlobalDescriptors::kBaseDescriptor);
-#endif  // defined(OS_LINUX) || defined(OS_CHROMEOS) || defined(OS_OPENBSD)
+#endif  // defined(OS_LINUX) || defined(OS_CHROMEOS)
 
 #endif  // !OS_WIN
 
@@ -811,6 +826,16 @@ int ContentMainRunnerImpl::Initialize(const ContentMai
     }
 #endif
 
+#if defined(OS_OPENBSD)
+    if (process_type.empty()) {
+      sandbox::policy::SandboxLinux::Options sandbox_options;
+      sandbox::policy::SandboxLinux::GetInstance()->InitializeSandbox(
+          sandbox::policy::SandboxTypeFromCommandLine(
+              *base::CommandLine::ForCurrentProcess()),
+          sandbox::policy::SandboxLinux::PreSandboxHook(), sandbox_options);
+    }
+#endif
+
     delegate_->SandboxInitialized(process_type);
 
 #if BUILDFLAG(USE_ZYGOTE_HANDLE)
@@ -855,7 +880,7 @@ int ContentMainRunnerImpl::Run(bool start_service_mana
       mojo::core::InitFeatures();
     }
 
-#if defined(OS_LINUX) || defined(OS_CHROMEOS)
+#if defined(OS_LINUX) || defined(OS_CHROMEOS) || defined(OS_BSD)
     // If dynamic Mojo Core is being used, ensure that it's loaded very early in
     // the child/zygote process, before any sandbox is initialized. The library
     // is not fully initialized with IPC support until a ChildProcess is later
@@ -878,6 +903,11 @@ int ContentMainRunnerImpl::Run(bool start_service_mana
 #endif
 
   RegisterMainThreadFactories();
+
+#if defined(OS_OPENBSD)
+  if (!process_type.empty())
+    PreSandboxInit();
+#endif
 
   if (process_type.empty())
     return RunServiceManager(main_params, start_service_manager_only);
