Do not use Win32k renderer lockdown if DirectWrite is disabled.

OOP PDF is now enabled by default, so remove the check in ChromeBrowserMainPartsWin::PreCreateThreads

BUG=442157
TEST=launch with --enable-win32k-renderer-lockdown or --force-fieldtrials=Win32kLockdown/Enabled/ check chrome://histograms that Win32k lockdown is enabled.  Check OOP PDF still works both with and without --disable-direct-write switch.

Review URL: https://codereview.chromium.org/872673002

Cr-Commit-Position: refs/heads/master@{#313423}

chrome/browser/chrome_browser_main_win.cc

@@ -228,20 +228,6 @@ int ChromeBrowserMainPartsWin::PreCreateThreads() {
         chrome::MESSAGE_BOX_TYPE_WARNING);
   }
 
-  // Windows 8+ provides a mode where by a process cannot call Win32K/GDI
-  // functions in the kernel (win32k.sys). If we are on Windows 8+ and if
-  // we are launched with the kEnableWin32kRendererLockDown switch then we
-  // force the PDF pepper plugin to run out of process. This is because the
-  // PDF plugin uses GDI for text rendering which does not work in the
-  // Win32K lockdown mode. Running it out of process ensures that the process
-  // launched for the plugin does not have the Win32K lockdown mode enabled.
-  // TODO(ananta)
-  // Revisit this when the pdf plugin uses skia and stops using GDI.
-  if (switches::IsWin32kRendererLockdownEnabled() &&
-      base::win::GetVersion() >= base::win::VERSION_WIN8) {
-    base::CommandLine::ForCurrentProcess()->AppendSwitch(
-        switches::kEnableOutOfProcessPdf);
-  }
   return rv;
 }
 
@@ -274,8 +260,6 @@ void ChromeBrowserMainPartsWin::PostBrowserStart() {
   ChromeBrowserMainParts::PostBrowserStart();
 
   UMA_HISTOGRAM_BOOLEAN("Windows.Tablet", base::win::IsTabletDevice());
-  UMA_HISTOGRAM_BOOLEAN("Windows.Win32kRendererLockdown",
-                        switches::IsWin32kRendererLockdownEnabled());
 
   // Set up a task to verify installed modules in the current process. Use a
   // delay to reduce the impact on startup time.

content/browser/browser_main_loop.cc

@@ -40,6 +40,7 @@
 #include "content/browser/time_zone_monitor.h"
 #include "content/browser/webui/content_web_ui_controller_factory.h"
 #include "content/browser/webui/url_data_manager.h"
+#include "content/common/content_switches_internal.h"
 #include "content/public/browser/browser_main_parts.h"
 #include "content/public/browser/browser_shutdown.h"
 #include "content/public/browser/content_browser_client.h"
@@ -1087,6 +1088,10 @@ int BrowserMainLoop::BrowserThreadsStarted() {
   device_monitor_mac_.reset(new DeviceMonitorMac());
 #endif
 
+#if defined(OS_WIN)
+  LOCAL_HISTOGRAM_BOOLEAN("Windows.Win32kRendererLockdown",
+                          IsWin32kRendererLockdownEnabled());
+#endif
   // RDH needs the IO thread to be created
   {
     TRACE_EVENT0("startup",

content/common/content_switches_internal.cc

@@ -5,10 +5,12 @@
 #include "content/common/content_switches_internal.h"
 
 #include "base/command_line.h"
+#include "base/metrics/field_trial.h"
 #include "content/public/common/content_switches.h"
 
 #if defined(OS_WIN)
 #include "base/win/windows_version.h"
+#include "ui/gfx/win/direct_write.h"
 #endif
 
 namespace content {
@@ -31,4 +33,23 @@ bool IsPinchToZoomEnabled() {
 #endif
 }
 
+#if defined(OS_WIN)
+
+bool IsWin32kRendererLockdownEnabled() {
+  const std::string group_name =
+      base::FieldTrialList::FindFullName("Win32kLockdown");
+  if (base::win::GetVersion() < base::win::VERSION_WIN8)
+    return false;
+  if (!gfx::win::ShouldUseDirectWrite())
+    return false;
+  const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess();
+  if (cmd_line->HasSwitch(switches::kEnableWin32kRendererLockDown))
+    return true;
+  if (cmd_line->HasSwitch(switches::kDisableWin32kRendererLockDown))
+    return false;
+  // Default.
+  return group_name == "Enabled";
+}
+#endif
+
 } // namespace content

content/common/content_switches_internal.h

@@ -8,6 +8,9 @@
 namespace content {
 
 bool IsPinchToZoomEnabled();
+#if defined(OS_WIN)
+bool IsWin32kRendererLockdownEnabled();
+#endif
 
 } // namespace content
 

content/common/sandbox_win.cc

@@ -20,6 +20,7 @@
 #include "base/win/scoped_handle.h"
 #include "base/win/scoped_process_information.h"
 #include "base/win/windows_version.h"
+#include "content/common/content_switches_internal.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/sandbox_init.h"
@@ -620,9 +621,9 @@ base::Process StartSandboxedProcess(
                                          sandbox::MITIGATION_DEP_NO_ATL_THUNK |
                                          sandbox::MITIGATION_SEHOP;
 
-  if (base::win::GetVersion() >= base::win::VERSION_WIN8 &&
-      type_str == switches::kRendererProcess &&
-      switches::IsWin32kRendererLockdownEnabled()) {
+#if !defined(NACL_WIN64)
+  if (type_str == switches::kRendererProcess &&
+      IsWin32kRendererLockdownEnabled()) {
     if (policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN,
                         sandbox::TargetPolicy::FAKE_USER_GDI_INIT,
                         NULL) != sandbox::SBOX_ALL_OK) {
@@ -630,6 +631,7 @@ base::Process StartSandboxedProcess(
     }
     mitigations |= sandbox::MITIGATION_WIN32K_DISABLE;
   }
+#endif
 
   if (policy->SetProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK)
     return base::Process();

content/public/common/content_switches.cc

@@ -4,9 +4,6 @@
 
 #include "content/public/common/content_switches.h"
 
-#include "base/command_line.h"
-#include "base/metrics/field_trial.h"
-
 namespace switches {
 
 // The number of MSAA samples for canvas2D. Requires MSAA support by GPU to
@@ -966,20 +963,6 @@ const char kEnableNpapi[]                   = "enable-npapi";
 const char kEnablePluginPowerSaver[] = "enable-plugin-power-saver";
 #endif
 
-#if defined(OS_WIN)
-bool IsWin32kRendererLockdownEnabled() {
-  const std::string group_name =
-      base::FieldTrialList::FindFullName("Win32kLockdown");
-  const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess();
-  if (cmd_line->HasSwitch(kEnableWin32kRendererLockDown))
-    return true;
-  if (cmd_line->HasSwitch(kDisableWin32kRendererLockDown))
-    return false;
-  // Default.
-  return group_name == "Enabled";
-}
-#endif
-
 // Don't dump stuff here, follow the same order as the header.
 
 }  // namespace switches

content/public/common/content_switches.h

@@ -289,7 +289,6 @@ CONTENT_EXPORT extern const char kEnableWin32kRendererLockDown[];
 // Switch to uniquely identify names shared memory section for font cache
 // across chromium flavors.
 CONTENT_EXPORT extern const char kFontCacheSharedMemSuffix[];
-CONTENT_EXPORT bool IsWin32kRendererLockdownEnabled();
 #endif
 
 CONTENT_EXPORT extern const char kEnableNpapi[];

content/renderer/pepper/content_renderer_pepper_host_factory.cc

@@ -6,6 +6,7 @@
 
 #include "base/logging.h"
 #include "base/strings/string_util.h"
+#include "content/common/content_switches_internal.h"
 #include "content/public/common/content_client.h"
 #include "content/public/renderer/content_renderer_client.h"
 #include "content/renderer/pepper/pepper_audio_input_host.h"
@@ -35,9 +36,7 @@
 #include "third_party/WebKit/public/web/WebPluginContainer.h"
 
 #if defined(OS_WIN)
-#include "base/command_line.h"
 #include "base/win/windows_version.h"
-#include "content/public/common/content_switches.h"
 #endif
 
 using ppapi::host::ResourceHost;
@@ -145,10 +144,8 @@ scoped_ptr<ResourceHost> ContentRendererPepperHostFactory::CreateResourceHost(
       // TODO(ananta)
       // Look into whether this causes a loss of functionality. From cursory
       // testing things seem to work well.
-      if (switches::IsWin32kRendererLockdownEnabled() &&
-          base::win::GetVersion() >= base::win::VERSION_WIN8) {
+      if (IsWin32kRendererLockdownEnabled())
         image_type = ppapi::PPB_ImageData_Shared::SIMPLE;
-      }
 #endif
       scoped_refptr<PPB_ImageData_Impl> image_data(new PPB_ImageData_Impl(
           instance, image_type));

content/renderer/pepper/resource_creation_impl.cc

@@ -4,6 +4,7 @@
 
 #include "content/renderer/pepper/resource_creation_impl.h"
 
+#include "content/common/content_switches_internal.h"
 #include "content/renderer/pepper/ppb_audio_impl.h"
 #include "content/renderer/pepper/ppb_broker_impl.h"
 #include "content/renderer/pepper/ppb_buffer_impl.h"
@@ -24,7 +25,6 @@
 #if defined(OS_WIN)
 #include "base/command_line.h"
 #include "base/win/windows_version.h"
-#include "content/public/common/content_switches.h"
 #endif
 
 using ppapi::InputEventData;
@@ -140,10 +140,8 @@ PP_Resource ResourceCreationImpl::CreateImageData(PP_Instance instance,
   // TODO(ananta)
   // Look into whether this causes a loss of functionality. From cursory
   // testing things seem to work well.
-  if (switches::IsWin32kRendererLockdownEnabled() &&
-      base::win::GetVersion() >= base::win::VERSION_WIN8) {
+  if (IsWin32kRendererLockdownEnabled())
     return CreateImageDataSimple(instance, format, size, init_to_zero);
-  }
 #endif
   return PPB_ImageData_Impl::Create(instance,
                                     ppapi::PPB_ImageData_Shared::PLATFORM,