Revert "Reland "macOS V2 Sandbox: Remove the feature flags.""

This reverts commit 4173f201.

Reason for revert: The dependent CL was reverted so this has to be reverted.

https://chromium-review.googlesource.com/c/chromium/src/+/1278162

Original change's description:
> Reland "macOS V2 Sandbox: Remove the feature flags."
> 
> This is a reland of 5c4908e8
> 
> Original change's description:
> > macOS V2 Sandbox: Remove the feature flags.
> >
> > The V2 sandbox is now default for all but the network and GPU processes
> > on macOS. This CL deletes the feature flag. A new experiment will be
> > introduced for the GPU process. The default case for the sandbox profile
> > switch is removed, because previous CHECK() failures were confusing to
> > diagnose. All profiles must now be handled explicitly, so Chrome won't
> > build if a new profile type isn't handled.
> >
> > Bug: 749839
> > CQ-Depend: 1268671
> > Change-Id: I0860d3a5148b0085be6a99dc01c4971602ee5582
> > Reviewed-on: https://chromium-review.googlesource.com/c/1269996
> > Reviewed-by: Robert Sesek <rsesek@chromium.org>
> > Reviewed-by: Mark Pearson <mpearson@chromium.org>
> > Reviewed-by: Avi Drissman <avi@chromium.org>
> > Commit-Queue: Greg Kerr <kerrnel@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#598128}
> 
> CQ-DEPEND=CL:1268671
> 
> Bug: 749839
> Change-Id: I91544907b640c572823f3aae3e29c0cfa003da51
> Reviewed-on: https://chromium-review.googlesource.com/c/1274888
> Reviewed-by: Avi Drissman <avi@chromium.org>
> Reviewed-by: Greg Kerr <kerrnel@chromium.org>
> Reviewed-by: Mark Pearson <mpearson@chromium.org>
> Commit-Queue: Greg Kerr <kerrnel@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#598822}

TBR=avi@chromium.org,mpearson@chromium.org,kerrnel@chromium.org,rsesek@chromium.org,mark@chromium.org

Change-Id: I301c95634bd447d35ef19948cf0488c0bf847e58
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 749839
Reviewed-on: https://chromium-review.googlesource.com/c/1278861Reviewed-by: Greg Kerr <kerrnel@chromium.org>
Commit-Queue: Greg Kerr <kerrnel@chromium.org>
Cr-Commit-Position: refs/heads/master@{#599248}

chrome/browser/about_flags.cc

@@ -2397,6 +2397,9 @@ const FeatureEntry kFeatureEntries[] = {
      SINGLE_VALUE_TYPE(switches::kTrySupportedChannelLayouts)},
 #endif  // OS_WIN
 #if defined(OS_MACOSX)
+    {"mac-v2-sandbox", flag_descriptions::kMacV2SandboxName,
+     flag_descriptions::kMacV2SandboxDescription, kOsMac,
+     FEATURE_VALUE_TYPE(features::kMacV2Sandbox)},
     {"mac-views-task-manager", flag_descriptions::kMacViewsTaskManagerName,
      flag_descriptions::kMacViewsTaskManagerDescription, kOsMac,
      FEATURE_VALUE_TYPE(features::kViewsTaskManager)},

chrome/browser/flag_descriptions.cc

@@ -2985,6 +2985,11 @@ const char kMacRTLDescription[] = "Mirrors the UI for RTL language users";
 const char kMacTouchBarName[] = "Hardware Touch Bar";
 const char kMacTouchBarDescription[] = "Control the use of the Touch Bar.";
 
+const char kMacV2SandboxName[] = "Mac V2 Sandbox";
+const char kMacV2SandboxDescription[] =
+    "Eliminates the unsandboxed warmup phase and sandboxes processes for their "
+    "entire life cycle.";
+
 const char kMacViewsNativeAppWindowsName[] = "Toolkit-Views App Windows.";
 const char kMacViewsNativeAppWindowsDescription[] =
     "Controls whether to use Toolkit-Views based Chrome App windows.";

chrome/browser/flag_descriptions.h

@@ -1803,6 +1803,9 @@ extern const char kMacRTLDescription[];
 extern const char kMacTouchBarName[];
 extern const char kMacTouchBarDescription[];
 
+extern const char kMacV2SandboxName[];
+extern const char kMacV2SandboxDescription[];
+
 extern const char kMacViewsNativeAppWindowsName[];
 extern const char kMacViewsNativeAppWindowsDescription[];
 

content/browser/child_process_launcher_helper_mac.cc

@@ -73,8 +73,34 @@ bool ChildProcessLauncherHelper::BeforeLaunchOnLauncherThread(
       command_line_->HasSwitch(service_manager::switches::kNoSandbox) ||
       service_manager::IsUnsandboxedSandboxType(sandbox_type);
 
-  bool use_v2 =
-      !no_sandbox && (sandbox_type != service_manager::SANDBOX_TYPE_GPU);
+  // TODO(kerrnel): Delete this switch once the V2 sandbox is always enabled.
+  bool use_v2 = base::FeatureList::IsEnabled(features::kMacV2Sandbox);
+
+  switch (sandbox_type) {
+    case service_manager::SANDBOX_TYPE_NO_SANDBOX:
+      break;
+    case service_manager::SANDBOX_TYPE_CDM:
+    case service_manager::SANDBOX_TYPE_PPAPI:
+    case service_manager::SANDBOX_TYPE_RENDERER:
+    case service_manager::SANDBOX_TYPE_UTILITY:
+    case service_manager::SANDBOX_TYPE_NACL_LOADER:
+    case service_manager::SANDBOX_TYPE_PDF_COMPOSITOR:
+    case service_manager::SANDBOX_TYPE_PROFILING:
+      // If the feature experiment is enabled and this process type supports
+      // the v2 sandbox, use it.
+      use_v2 &= true;
+      break;
+    case service_manager::SANDBOX_TYPE_AUDIO:
+      // The audio service only exists with the v2 sandbox.
+      use_v2 |= true;
+      break;
+    default:
+      // This is a 'break' because the V2 sandbox is not enabled for all
+      // processes yet, and so there are sandbox types like NETWORK that
+      // should not be run under the V2 sandbox.
+      use_v2 = false;
+      break;
+  }
 
   if (use_v2 && !no_sandbox) {
     // Generate the profile string.
@@ -107,16 +133,8 @@ bool ChildProcessLauncherHelper::BeforeLaunchOnLauncherThread(
       case service_manager::SANDBOX_TYPE_PROFILING:
         profile += service_manager::kSeatbeltPolicyString_utility;
         break;
-      case service_manager::SANDBOX_TYPE_NETWORK:
-        // Put a separate CHECK() for the network sandbox so that crash reports
-        // will show which invalid case was hit.
-        CHECK(false);
-        break;
-      case service_manager::SANDBOX_TYPE_INVALID:
-      case service_manager::SANDBOX_TYPE_FIRST_TYPE:
-      case service_manager::SANDBOX_TYPE_AFTER_LAST_TYPE:
+      default:
         CHECK(false);
-        break;
     }
 
     // Disable os logging to com.apple.diagnosticd which is a performance

content/public/common/content_features.cc

@@ -656,6 +656,11 @@ const base::Feature kDeviceMonitorMac{"DeviceMonitorMac",
 // Enable IOSurface based screen capturer.
 const base::Feature kIOSurfaceCapturer{"IOSurfaceCapturer",
                                        base::FEATURE_ENABLED_BY_DEFAULT};
+
+// The V2 sandbox on MacOS removes the unsandboed warmup phase and sandboxes the
+// entire life of the process.
+const base::Feature kMacV2Sandbox{"MacV2Sandbox",
+                                  base::FEATURE_ENABLED_BY_DEFAULT};
 #endif  // defined(OS_MACOSX)
 
 enum class VideoCaptureServiceConfiguration {

content/public/common/content_features.h

@@ -159,6 +159,7 @@ CONTENT_EXPORT extern const base::Feature kWebUIPolymer2;
 #if defined(OS_MACOSX)
 CONTENT_EXPORT extern const base::Feature kDeviceMonitorMac;
 CONTENT_EXPORT extern const base::Feature kIOSurfaceCapturer;
+CONTENT_EXPORT extern const base::Feature kMacV2Sandbox;
 #endif  // defined(OS_MACOSX)
 
 // DON'T ADD RANDOM STUFF HERE. Put it in the main section above in

testing/variations/fieldtrial_testing_config.json

@@ -2434,6 +2434,21 @@
             ]
         }
     ],
+    "MacV2Sandbox": [
+        {
+            "platforms": [
+                "mac"
+            ],
+            "experiments": [
+                {
+                    "name": "Enabled",
+                    "enable_features": [
+                        "MacV2Sandbox"
+                    ]
+                }
+            ]
+        }
+    ],
     "MediaFoundationH264Encoding": [
         {
             "platforms": [