Fix headless mode under the MacV2Sandbox.

- The standalone headless_shell needs to invoke the Seatbelt server
  in its child processes.
- The --headless flag in Chrome needs to set up the CHILD_PROCESS_EXE
  override for finding the Helper.app. The --headless flag was incorrectly
  spawning the main app executable rather than the helper.

Bug: 866606, 689306
Change-Id: I0e4fec109fad5577263059fd0b62dea3bb966860
Reviewed-on: https://chromium-review.googlesource.com/1148478Reviewed-by: David Vallet <dvallet@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#577949}

chrome/app/chrome_main_delegate.cc

@@ -761,12 +761,6 @@ void ChromeMainDelegate::PreSandboxStartup() {
 #endif
 
 #if defined(OS_MACOSX)
-  // On the Mac, the child executable lives at a predefined location within
-  // the app bundle's versioned directory.
-  base::PathService::Override(content::CHILD_PROCESS_EXE,
-                              chrome::GetVersionedDirectory().Append(
-                                  chrome::kHelperProcessExecutablePath));
-
   InitMacCrashReporter(command_line, process_type);
   SetUpInstallerPreferences(command_line);
 #endif

chrome/app/chrome_main_mac.mm

@@ -13,8 +13,11 @@
 #import "base/mac/bundle_locations.h"
 #import "base/mac/foundation_util.h"
 #import "base/mac/scoped_nsautorelease_pool.h"
+#include "base/path_service.h"
 #include "base/strings/sys_string_conversions.h"
+#include "chrome/common/chrome_constants.h"
 #include "chrome/common/chrome_paths_internal.h"
+#include "content/public/common/content_paths.h"
 
 void SetUpBundleOverrides() {
   base::mac::ScopedNSAutoreleasePool pool;
@@ -23,4 +26,10 @@ void SetUpBundleOverrides() {
 
   NSBundle* base_bundle = chrome::OuterAppBundle();
   base::mac::SetBaseBundleID([[base_bundle bundleIdentifier] UTF8String]);
+
+  // On the Mac, the child executable lives at a predefined location within
+  // the app bundle's versioned directory.
+  base::PathService::Override(content::CHILD_PROCESS_EXE,
+                              chrome::GetVersionedDirectory().Append(
+                                  chrome::kHelperProcessExecutablePath));
 }

headless/BUILD.gn

@@ -930,6 +930,10 @@ executable("headless_shell") {
   if (is_win) {
     deps += [ "//build/win:default_exe_manifest" ]
   }
+
+  if (is_mac) {
+    deps += [ "//sandbox/mac:seatbelt" ]
+  }
 }
 
 process_version("version_header") {

headless/app/DEPS

 include_rules = {
   "+cc/base/switches.h",
   "+components/viz/common/switches.h",
+  "+sandbox/mac",
 }
 

headless/app/headless_shell_main.cc

@@ -8,6 +8,9 @@
 #if defined(OS_WIN)
 #include "content/public/app/sandbox_helper_win.h"
 #include "sandbox/win/src/sandbox_types.h"
+#elif defined(OS_MACOSX)
+#include "base/logging.h"
+#include "sandbox/mac/seatbelt_exec.h"
 #endif
 
 int main(int argc, const char** argv) {
@@ -16,6 +19,15 @@ int main(int argc, const char** argv) {
   content::InitializeSandboxInfo(&sandbox_info);
   return headless::HeadlessShellMain(0, &sandbox_info);
 #else
+#if defined(OS_MACOSX)
+  sandbox::SeatbeltExecServer::CreateFromArgumentsResult seatbelt =
+      sandbox::SeatbeltExecServer::CreateFromArguments(
+          argv[0], argc, const_cast<char**>(argv));
+  if (seatbelt.sandbox_required) {
+    CHECK(seatbelt.server->InitializeSandbox());
+  }
+#endif  // defined(OS_MACOSX)
+
   return headless::HeadlessShellMain(argc, argv);
 #endif  // defined(OS_WIN)
 }