Allow enterprises to specific a list of sites requiring dedicated processes |
||||||||||||
Issue descriptionFor Site Isolation, isolating all sites from each other may lead to the creation of too many processes, so we're investigating policies for how to select a subset of sites that need dedicated processes. We'd like to support an enterprise mechanism for defining a set of sites that require isolation, since enterprise administrators will likely have a good sense for what to include in this set. (Optionally, we could allow some process sharing among sites in this set via issue 760757, as long as they don't share with sites outside the set.)
,
Sep 19 2017
This is a very good idea! Here is one more idea: To ease the transition on Windows it might be even useful to use the IE zones as signal in the absence of other signal (if possible).
,
Oct 31 2017
,
Nov 17 2017
,
Nov 18 2017
palmer@ has a CL started for this as part of issue 783842 .
,
Nov 22 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e1ea6b1bb320eb9cd9b7d10e70e0a5d69ae9977b commit e1ea6b1bb320eb9cd9b7d10e70e0a5d69ae9977b Author: Alex Moshchuk <alexmos@chromium.org> Date: Wed Nov 22 01:44:20 2017 Don't CHECK when adding a duplicate isolated origin. Ignoring attempts to add a duplicate isolated origin is harmless, and this might prevent an unexpected crash when users specify https://accounts.google.com via a command-line flag or the upcoming enterprise policy for --isolate-origins, which would CHECK once we ship sign-in process isolation. (The latter uses a different path, ChromeContentBrowserClient::GetOriginsRequiringDedicatedProcess(), to add accounts.google.com as an isolated origin.) Bug: 760761 Change-Id: I1fb1695d39b305301046990eedf7b4223b7a4b63 Reviewed-on: https://chromium-review.googlesource.com/784051 Reviewed-by: Charlie Reis <creis@chromium.org> Commit-Queue: Alex Moshchuk <alexmos@chromium.org> Cr-Commit-Position: refs/heads/master@{#518494} [modify] https://crrev.com/e1ea6b1bb320eb9cd9b7d10e70e0a5d69ae9977b/content/browser/child_process_security_policy_impl.cc
,
Nov 22 2017
,
Nov 22 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ac7d75648d323f2e08afd117b09318a4290e52a2 commit ac7d75648d323f2e08afd117b09318a4290e52a2 Author: Chris Palmer <palmer@chromium.org> Date: Wed Nov 22 20:12:54 2017 Add enterprise policy settings for Site Isolation. Introduce enterprise policies to allow setting Site Isolation flags in enterprise environments. BUG= 783842 , 760761 TBR=sky@chromium.org Change-Id: I59b91aad33403a8138e5543bfb6847d68339b5c5 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_site_isolation Reviewed-on: https://chromium-review.googlesource.com/765008 Commit-Queue: Chris Palmer <palmer@chromium.org> Reviewed-by: Chris Palmer <palmer@chromium.org> Reviewed-by: Bernhard Bauer <bauerb@chromium.org> Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Cr-Commit-Position: refs/heads/master@{#518725} [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/browser/chrome_browser_main.cc [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/browser/chrome_content_browser_client.cc [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/browser/chrome_content_browser_client.h [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/browser/policy/configuration_policy_handler_list_factory.cc [add] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/browser/policy/site_isolation_policy_browsertest.cc [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/browser/prefs/browser_prefs.cc [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/browser/prefs/chrome_command_line_pref_store.cc [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/common/pref_names.cc [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/common/pref_names.h [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/test/BUILD.gn [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/chrome/test/data/policy/policy_test_cases.json [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/components/policy/resources/policy_templates.json [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/content/browser/browser_main_loop.cc [modify] https://crrev.com/ac7d75648d323f2e08afd117b09318a4290e52a2/tools/metrics/histograms/enums.xml
,
Nov 27 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005 commit e782cd2ad2e04d16a01b0a5d093f0dbcb125b005 Author: Chris Palmer <palmer@chromium.org> Date: Mon Nov 27 23:18:12 2017 Add enterprise policy settings for Site Isolation. Introduce enterprise policies to allow setting Site Isolation flags in enterprise environments. BUG= 783842 , 760761 TBR=palmer@chromium.org, sky@chromium.org (cherry picked from commit ac7d75648d323f2e08afd117b09318a4290e52a2) Change-Id: I59b91aad33403a8138e5543bfb6847d68339b5c5 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_site_isolation Reviewed-on: https://chromium-review.googlesource.com/765008 Commit-Queue: Chris Palmer <palmer@chromium.org> Reviewed-by: Chris Palmer <palmer@chromium.org> Reviewed-by: Bernhard Bauer <bauerb@chromium.org> Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#518725} Reviewed-on: https://chromium-review.googlesource.com/792130 Cr-Commit-Position: refs/branch-heads/3239@{#576} Cr-Branched-From: adb61db19020ed8ecee5e91b1a0ea4c924ae2988-refs/heads/master@{#508578} [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/browser/chrome_browser_main.cc [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/browser/chrome_content_browser_client.cc [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/browser/chrome_content_browser_client.h [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/browser/policy/configuration_policy_handler_list_factory.cc [add] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/browser/policy/site_isolation_policy_browsertest.cc [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/browser/prefs/browser_prefs.cc [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/browser/prefs/chrome_command_line_pref_store.cc [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/common/pref_names.cc [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/common/pref_names.h [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/test/BUILD.gn [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/chrome/test/data/policy/policy_test_cases.json [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/components/policy/resources/policy_templates.json [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/content/browser/browser_main_loop.cc [modify] https://crrev.com/e782cd2ad2e04d16a01b0a5d093f0dbcb125b005/tools/metrics/histograms/enums.xml
,
Nov 28 2017
,
Nov 30 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/49f1b6c8563eaeef13628490d5f233d5f4c18094 commit 49f1b6c8563eaeef13628490d5f233d5f4c18094 Author: Chris Palmer <palmer@chromium.org> Date: Thu Nov 30 03:24:14 2017 Minor code clean-up for Site Isolation enterprise policy. Bug: 760761 Change-Id: I416ead54dc5f32a9665862c1e9441b3b11bb4a48 Reviewed-on: https://chromium-review.googlesource.com/791815 Reviewed-by: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Commit-Queue: Chris Palmer <palmer@chromium.org> Cr-Commit-Position: refs/heads/master@{#520414} [modify] https://crrev.com/49f1b6c8563eaeef13628490d5f233d5f4c18094/chrome/browser/chrome_browser_main.cc [modify] https://crrev.com/49f1b6c8563eaeef13628490d5f233d5f4c18094/chrome/common/pref_names.cc [modify] https://crrev.com/49f1b6c8563eaeef13628490d5f233d5f4c18094/components/policy/resources/policy_templates.json
,
Nov 30 2017
This isn't entirely fixed; 1 TODO remains in chrome/browser/prefs/chrome_command_line_pref_store.cc:
// TODO( https://crbug.com/760761 ): This is not the ideal way to
// implement this. Refactor enterprise policy and command line handling
// so that this line isn't necessary, if possible.
{switches::kIsolateOrigins, prefs::kIsolateOrigins},
That said, I might not be the best person to do that work, since it's not my area. pastarmovj, perhaps?
,
Nov 30 2017
OK, tracking the last bit of work in a new bug: https://bugs.chromium.org/p/chromium/issues/detail?id=790800
,
Jan 6 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3cc28e744dcaf51b94cd7bdf80d5b91d796f654b commit 3cc28e744dcaf51b94cd7bdf80d5b91d796f654b Author: Xiyuan Xia <xiyuan@chromium.org> Date: Sat Jan 06 16:28:58 2018 cros: Add per-user command line for site isolate policy Apply per-user command line for IsolateOrigins and SitePerProcess policy. TBR=jdufault@chromium.org Bug: 783842 , 760761 Change-Id: I26aa567b7689ea0886062c91f539d7e07d354b8b Reviewed-on: https://chromium-review.googlesource.com/853121 Commit-Queue: Xiyuan Xia <xiyuan@chromium.org> Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Cr-Commit-Position: refs/heads/master@{#527521} [modify] https://crrev.com/3cc28e744dcaf51b94cd7bdf80d5b91d796f654b/chrome/browser/chromeos/login/session/user_session_manager.cc [modify] https://crrev.com/3cc28e744dcaf51b94cd7bdf80d5b91d796f654b/chrome/browser/chromeos/login/session/user_session_manager.h [modify] https://crrev.com/3cc28e744dcaf51b94cd7bdf80d5b91d796f654b/chrome/browser/ui/webui/flags_ui.cc
,
Jan 6 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c13b2f4bb1a9da416c942c8cadd2c5443fd7ae54 commit c13b2f4bb1a9da416c942c8cadd2c5443fd7ae54 Author: Xiyuan Xia <xiyuan@chromium.org> Date: Sat Jan 06 23:32:26 2018 [Merge M64] cros: Add per-user command line for site isolate policy Apply per-user command line for IsolateOrigins and SitePerProcess policy. TBR=jdufault@chromium.org (cherry picked from commit 3cc28e744dcaf51b94cd7bdf80d5b91d796f654b) Bug: 783842 , 760761 Change-Id: I26aa567b7689ea0886062c91f539d7e07d354b8b Reviewed-on: https://chromium-review.googlesource.com/853121 Commit-Queue: Xiyuan Xia <xiyuan@chromium.org> Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#527521} Reviewed-on: https://chromium-review.googlesource.com/853076 Cr-Commit-Position: refs/branch-heads/3282@{#433} Cr-Branched-From: 5fdc0fab22ce7efd32532ee989b223fa12f8171e-refs/heads/master@{#520840} [modify] https://crrev.com/c13b2f4bb1a9da416c942c8cadd2c5443fd7ae54/chrome/browser/chromeos/login/session/user_session_manager.cc [modify] https://crrev.com/c13b2f4bb1a9da416c942c8cadd2c5443fd7ae54/chrome/browser/chromeos/login/session/user_session_manager.h [modify] https://crrev.com/c13b2f4bb1a9da416c942c8cadd2c5443fd7ae54/chrome/browser/ui/webui/flags_ui.cc
,
May 11 2018
,
May 17 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5171e8ebb578393308ccbc8beb9c376542c1feb8 commit 5171e8ebb578393308ccbc8beb9c376542c1feb8 Author: Chris Palmer <palmer@chromium.org> Date: Thu May 17 00:09:58 2018 Create Android-specific enterprise policy settings for Site Isolation. SitePerProcess and IsolateOrigins work on Chrome Desktop (including Chrome OS). We don't want to make them work on Android, because enterprises that want and can use SI on Desktop might not have an Android fleet capable of it yet. For those that do also want SI on Android, these new Android-specific settings enable that. BUG= 783842 , 760761 TEST=Enable one of the new Android-specific policy settings (e.g. IsolateOriginsAndroid) for an enterprise-managed Android device, then follow the verification steps given in https://support.google.com/chrome/a/answer/7581529 (under "Verify Site Isolation"). Then do the same but with the other policy setting (e.g. SitePerProcessAndroid). For both, check also that enabling only the Android-specific policies does not enable SI on Desktop machines in the same management domain. Change-Id: Id304937132723a6856b0e507bc4b9d801403c429 Reviewed-on: https://chromium-review.googlesource.com/1026390 Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Bernhard Bauer <bauerb@chromium.org> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Commit-Queue: Chris Palmer <palmer@chromium.org> Cr-Commit-Position: refs/heads/master@{#559352} [modify] https://crrev.com/5171e8ebb578393308ccbc8beb9c376542c1feb8/chrome/browser/policy/configuration_policy_handler_list_factory.cc [modify] https://crrev.com/5171e8ebb578393308ccbc8beb9c376542c1feb8/chrome/test/data/policy/policy_test_cases.json [modify] https://crrev.com/5171e8ebb578393308ccbc8beb9c376542c1feb8/components/policy/resources/policy_templates.json [modify] https://crrev.com/5171e8ebb578393308ccbc8beb9c376542c1feb8/tools/metrics/histograms/enums.xml |
||||||||||||
►
Sign in to add a comment |
||||||||||||
Comment 1 by nrpeter@chromium.org
, Sep 15 2017