BASELINE: Update Chromium to 58.0.3029.54

Change-Id: I67f57065a7afdc8e4614adb5c0230281428df4d1
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>

6 files changed, 40 insertions, 11 deletions

diff --git a/chromium/content/ppapi_plugin/BUILD.gn b/chromium/content/ppapi_plugin/BUILD.gn
index 902676a949c..d87e55b3dac 100644
--- a/chromium/content/ppapi_plugin/BUILD.gn
+++ b/chromium/content/ppapi_plugin/BUILD.gn
@@ -2,6 +2,10 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
+import("//ppapi/features/features.gni")
+
+assert(enable_plugins, "PPAPI plugins must be enabled.")
+
 group("ppapi_plugin") {
   visibility = [ "//content/*" ]  # This is an internal content API.
 
diff --git a/chromium/content/ppapi_plugin/OWNERS b/chromium/content/ppapi_plugin/OWNERS
index bf1820623e4..aba37b391aa 100644
--- a/chromium/content/ppapi_plugin/OWNERS
+++ b/chromium/content/ppapi_plugin/OWNERS
@@ -4,3 +4,5 @@ yzshen@chromium.org
 # Mac Sandbox profiles.
 per-file *.sb=set noparent
 per-file *.sb=rsesek@chromium.org
+
+# COMPONENT: Internals>Plugins>Pepper
diff --git a/chromium/content/ppapi_plugin/broker_process_dispatcher.cc b/chromium/content/ppapi_plugin/broker_process_dispatcher.cc
index a6e5ba6d9e8..87babc1b78a 100644
--- a/chromium/content/ppapi_plugin/broker_process_dispatcher.cc
+++ b/chromium/content/ppapi_plugin/broker_process_dispatcher.cc
@@ -10,7 +10,6 @@
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
-#include "base/debug/dump_without_crashing.h"
 #include "base/strings/utf_string_conversions.h"
 #include "build/build_config.h"
 #include "content/child/child_process.h"
@@ -119,14 +118,6 @@ bool BrokerProcessDispatcher::OnMessageReceived(const IPC::Message& msg) {
   if (!peer_is_browser_) {
     // We might want to consider killing the peer instead is we see problems in
     // the future.
-    if (msg.type() == PpapiMsg_GetSitesWithData::ID ||
-        msg.type() == PpapiMsg_ClearSiteData::ID ||
-        msg.type() == PpapiMsg_DeauthorizeContentLicenses::ID ||
-        msg.type() == PpapiMsg_GetPermissionSettings::ID ||
-        msg.type() == PpapiMsg_SetDefaultPermission::ID ||
-        msg.type() == PpapiMsg_SetSitePermission::ID) {
-      base::debug::DumpWithoutCrashing();
-    }
     return false;
   }
 
diff --git a/chromium/content/ppapi_plugin/ppapi_blink_platform_impl.cc b/chromium/content/ppapi_plugin/ppapi_blink_platform_impl.cc
index c4dc0cf3159..92f31e7e738 100644
--- a/chromium/content/ppapi_plugin/ppapi_blink_platform_impl.cc
+++ b/chromium/content/ppapi_plugin/ppapi_blink_platform_impl.cc
@@ -21,7 +21,7 @@
 #if defined(OS_MACOSX)
 #include "third_party/WebKit/public/platform/mac/WebSandboxSupport.h"
 #elif defined(OS_POSIX) && !defined(OS_ANDROID)
-#include "content/common/child_process_sandbox_support_impl_linux.h"
+#include "content/child/child_process_sandbox_support_impl_linux.h"
 #include "third_party/WebKit/public/platform/linux/WebFallbackFont.h"
 #include "third_party/WebKit/public/platform/linux/WebSandboxSupport.h"
 #include "third_party/icu/source/common/unicode/utf16.h"
diff --git a/chromium/content/ppapi_plugin/ppapi_plugin_main.cc b/chromium/content/ppapi_plugin/ppapi_plugin_main.cc
index fcc23cbfa7f..df524aff513 100644
--- a/chromium/content/ppapi_plugin/ppapi_plugin_main.cc
+++ b/chromium/content/ppapi_plugin/ppapi_plugin_main.cc
@@ -16,7 +16,6 @@
 #include "build/build_config.h"
 #include "content/child/child_process.h"
 #include "content/common/content_constants_internal.h"
-#include "content/common/sandbox_linux/sandbox_linux.h"
 #include "content/ppapi_plugin/ppapi_thread.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/content_switches.h"
@@ -42,6 +41,7 @@
 #endif
 
 #if defined(OS_LINUX)
+#include "content/common/sandbox_linux/sandbox_linux.h"
 #include "content/public/common/sandbox_init.h"
 #endif
 
diff --git a/chromium/content/ppapi_plugin/ppapi_thread.cc b/chromium/content/ppapi_plugin/ppapi_thread.cc
index 7aa89dd9015..6743e954f48 100644
--- a/chromium/content/ppapi_plugin/ppapi_thread.cc
+++ b/chromium/content/ppapi_plugin/ppapi_thread.cc
@@ -65,6 +65,10 @@
 #include "content/common/sandbox_init_mac.h"
 #endif
 
+#if BUILDFLAG(ENABLE_PEPPER_CDMS)
+#include "content/common/media/cdm_host_files.h"
+#endif
+
 #if defined(OS_WIN)
 const char kWidevineCdmAdapterFileName[] = "widevinecdmadapter.dll";
 
@@ -372,6 +376,22 @@ void PpapiThread::OnLoadPlugin(const base::FilePath& path,
     }
   }
 
+#if BUILDFLAG(ENABLE_PEPPER_CDMS)
+  // Use a local instance of CdmHostFiles so that if we return early for any
+  // error, all files will closed automatically.
+  std::unique_ptr<CdmHostFiles> cdm_host_files;
+
+#if defined(OS_WIN) || defined(OS_MACOSX)
+  // Open CDM host files before the process is sandboxed.
+  if (!is_broker_ && IsCdm(path))
+    cdm_host_files = CdmHostFiles::Create(path);
+#elif defined(OS_LINUX)
+  cdm_host_files = CdmHostFiles::TakeGlobalInstance();
+  if (is_broker_ || !IsCdm(path))
+    cdm_host_files.reset();  // Close all opened files.
+#endif  // defined(OS_WIN) || defined(OS_MACOSX)
+#endif  // BUILDFLAG(ENABLE_PEPPER_CDMS)
+
 #if defined(OS_WIN)
   // If code subsequently tries to exit using abort(), force a crash (since
   // otherwise these would be silent terminations and fly under the radar).
@@ -458,6 +478,18 @@ void PpapiThread::OnLoadPlugin(const base::FilePath& path,
       ReportLoadResult(path, INIT_FAILED);
       return;
     }
+#if BUILDFLAG(ENABLE_PEPPER_CDMS)
+    // Now the process is sandboxed. Verify CDM host.
+    if (cdm_host_files) {
+      DCHECK(IsCdm(path));
+      if (!cdm_host_files->VerifyFiles(library.get(), path)) {
+        LOG(WARNING) << "CDM host verification failed.";
+        // TODO(xhwang): Add a new load result if needed.
+        ReportLoadResult(path, INIT_FAILED);
+        return;
+      }
+    }
+#endif  // BUILDFLAG(ENABLE_PEPPER_CDMS)
   }
 
   // Initialization succeeded, so keep the plugin DLL loaded.