1 files changed, 0 insertions, 133 deletions
diff --git a/sandbox/mac/bootstrap_sandbox.cc b/sandbox/mac/bootstrap_sandbox.cc
deleted file mode 100644
index a90f570eb4..0000000000
--- a/sandbox/mac/bootstrap_sandbox.cc
+++ /dev/null
@@ -1,133 +0,0 @@
-// Copyright 2014 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "sandbox/mac/bootstrap_sandbox.h"
-
-#include <servers/bootstrap.h>
-#include <unistd.h>
-
-#include "base/logging.h"
-#include "base/mac/foundation_util.h"
-#include "base/mac/mach_logging.h"
-#include "base/strings/stringprintf.h"
-#include "sandbox/mac/launchd_interception_server.h"
-
-namespace sandbox {
-
-const int kNotAPolicy = -1;
-
-// static
-scoped_ptr<BootstrapSandbox> BootstrapSandbox::Create() {
-  scoped_ptr<BootstrapSandbox> null;  // Used for early returns.
-  scoped_ptr<BootstrapSandbox> sandbox(new BootstrapSandbox());
-  sandbox->server_.reset(new LaunchdInterceptionServer(sandbox.get()));
-
-  // Check in with launchd to get the receive right for the server that is
-  // published in the bootstrap namespace.
-  mach_port_t port = MACH_PORT_NULL;
-  kern_return_t kr = bootstrap_check_in(bootstrap_port,
-      sandbox->server_bootstrap_name().c_str(), &port);
-  if (kr != KERN_SUCCESS) {
-    BOOTSTRAP_LOG(ERROR, kr)
-        << "Failed to bootstrap_check_in the sandbox server.";
-    return null.Pass();
-  }
-  base::mac::ScopedMachReceiveRight scoped_port(port);
-
-  // Start the sandbox server.
-  if (sandbox->server_->Initialize(scoped_port.get()))
-    ignore_result(scoped_port.release());  // Transferred to server_.
-  else
-    return null.Pass();
-
-  return sandbox.Pass();
-}
-
-BootstrapSandbox::~BootstrapSandbox() {
-}
-
-void BootstrapSandbox::RegisterSandboxPolicy(
-    int sandbox_policy_id,
-    const BootstrapSandboxPolicy& policy) {
-  CHECK(IsPolicyValid(policy));
-  CHECK_GT(sandbox_policy_id, kNotAPolicy);
-  base::AutoLock lock(lock_);
-  DCHECK(policies_.find(sandbox_policy_id) == policies_.end());
-  policies_.insert(std::make_pair(sandbox_policy_id, policy));
-}
-
-void BootstrapSandbox::PrepareToForkWithPolicy(int sandbox_policy_id) {
-  base::AutoLock lock(lock_);
-
-  // Verify that this is a real policy.
-  CHECK(policies_.find(sandbox_policy_id) != policies_.end());
-  CHECK_EQ(kNotAPolicy, effective_policy_id_)
-      << "Cannot nest calls to PrepareToForkWithPolicy()";
-
-  // Store the policy for the process we're about to create.
-  effective_policy_id_ = sandbox_policy_id;
-}
-
-// TODO(rsesek): The |lock_| needs to be taken twice because
-// base::LaunchProcess handles both fork+exec, and holding the lock for the
-// duration would block servicing of other bootstrap messages. If a better
-// LaunchProcess existed (do arbitrary work without layering violations), this
-// could be avoided.
-
-void BootstrapSandbox::FinishedFork(base::ProcessHandle handle) {
-  base::AutoLock lock(lock_);
-
-  CHECK_NE(kNotAPolicy, effective_policy_id_)
-      << "Must PrepareToForkWithPolicy() before FinishedFork()";
-
-  // Apply the policy to the new process.
-  if (handle != base::kNullProcessHandle) {
-    const auto& existing_process = sandboxed_processes_.find(handle);
-    CHECK(existing_process == sandboxed_processes_.end());
-    sandboxed_processes_.insert(std::make_pair(handle, effective_policy_id_));
-    VLOG(3) << "Bootstrap sandbox enforced for pid " << handle;
-  }
-
-  effective_policy_id_ = kNotAPolicy;
-}
-
-void BootstrapSandbox::ChildDied(base::ProcessHandle handle) {
-  base::AutoLock lock(lock_);
-  const auto& it = sandboxed_processes_.find(handle);
-  if (it != sandboxed_processes_.end())
-    sandboxed_processes_.erase(it);
-}
-
-const BootstrapSandboxPolicy* BootstrapSandbox::PolicyForProcess(
-    pid_t pid) const {
-  base::AutoLock lock(lock_);
-  const auto& process = sandboxed_processes_.find(pid);
-
-  // The new child could send bootstrap requests before the parent calls
-  // FinishedFork().
-  int policy_id = effective_policy_id_;
-  if (process != sandboxed_processes_.end()) {
-    policy_id = process->second;
-  }
-
-  if (policy_id == kNotAPolicy)
-    return NULL;
-
-  return &policies_.find(policy_id)->second;
-}
-
-BootstrapSandbox::BootstrapSandbox()
-    : server_bootstrap_name_(
-          base::StringPrintf("%s.sandbox.%d", base::mac::BaseBundleID(),
-              getpid())),
-      real_bootstrap_port_(MACH_PORT_NULL),
-      effective_policy_id_(kNotAPolicy) {
-  mach_port_t port = MACH_PORT_NULL;
-  kern_return_t kr = task_get_special_port(
-      mach_task_self(), TASK_BOOTSTRAP_PORT, &port);
-  MACH_CHECK(kr == KERN_SUCCESS, kr);
-  real_bootstrap_port_.reset(port);
-}
-
-}  // namespace sandbox