| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/zygote_host_impl_linux.h" | 5 #include "content/browser/zygote_host_impl_linux.h" |
| 6 | 6 |
| 7 #include <sys/socket.h> | 7 #include <sys/socket.h> |
| 8 #include <sys/stat.h> | 8 #include <sys/stat.h> |
| 9 #include <sys/types.h> | 9 #include <sys/types.h> |
| 10 #include <unistd.h> | 10 #include <unistd.h> |
| 11 | 11 |
| 12 #include "base/base_switches.h" | 12 #include "base/base_switches.h" |
| 13 #include "base/command_line.h" | 13 #include "base/command_line.h" |
| 14 #include "base/eintr_wrapper.h" | 14 #include "base/eintr_wrapper.h" |
| 15 #include "base/environment.h" | 15 #include "base/environment.h" |
| 16 #include "base/file_util.h" | 16 #include "base/file_util.h" |
| 17 #include "base/linux_util.h" | 17 #include "base/linux_util.h" |
| 18 #include "base/logging.h" | 18 #include "base/logging.h" |
| 19 #include "base/memory/scoped_ptr.h" | 19 #include "base/memory/scoped_ptr.h" |
| 20 #include "base/metrics/histogram.h" | 20 #include "base/metrics/histogram.h" |
| 21 #include "base/path_service.h" | 21 #include "base/path_service.h" |
| 22 #include "base/pickle.h" | 22 #include "base/pickle.h" |
| 23 #include "base/process_util.h" | 23 #include "base/process_util.h" |
| 24 #include "base/string_number_conversions.h" | 24 #include "base/string_number_conversions.h" |
| 25 #include "base/string_util.h" | 25 #include "base/string_util.h" |
| 26 #include "base/time.h" | 26 #include "base/time.h" |
| 27 #include "base/utf_string_conversions.h" | 27 #include "base/utf_string_conversions.h" |
| 28 #include "content/browser/renderer_host/render_sandbox_host_linux.h" | 28 #include "content/browser/renderer_host/render_sandbox_host_linux.h" |
| 29 #include "content/common/unix_domain_socket_posix.h" | 29 #include "content/common/unix_domain_socket_posix.h" |
| 30 #include "content/common/zygote_commands_linux.h" |
| 30 #include "content/public/browser/content_browser_client.h" | 31 #include "content/public/browser/content_browser_client.h" |
| 31 #include "content/public/common/content_switches.h" | 32 #include "content/public/common/content_switches.h" |
| 32 #include "content/public/common/result_codes.h" | 33 #include "content/public/common/result_codes.h" |
| 33 #include "sandbox/linux/suid/sandbox.h" | 34 #include "sandbox/linux/suid/sandbox.h" |
| 34 #include "sandbox/linux/suid/suid_unsafe_environment_variables.h" | 35 #include "sandbox/linux/suid/suid_unsafe_environment_variables.h" |
| 35 | 36 |
| 36 #if defined(USE_TCMALLOC) | 37 #if defined(USE_TCMALLOC) |
| 37 #include "third_party/tcmalloc/chromium/src/gperftools/heap-profiler.h" | 38 #include "third_party/tcmalloc/chromium/src/gperftools/heap-profiler.h" |
| 38 #endif | 39 #endif |
| 39 | 40 |
| (...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 174 options.fds_to_remap = &fds_to_map; | 175 options.fds_to_remap = &fds_to_map; |
| 175 base::LaunchProcess(cmd_line.argv(), options, &process); | 176 base::LaunchProcess(cmd_line.argv(), options, &process); |
| 176 CHECK(process != -1) << "Failed to launch zygote process"; | 177 CHECK(process != -1) << "Failed to launch zygote process"; |
| 177 | 178 |
| 178 if (using_suid_sandbox_) { | 179 if (using_suid_sandbox_) { |
| 179 // In the SUID sandbox, the real zygote is forked from the sandbox. | 180 // In the SUID sandbox, the real zygote is forked from the sandbox. |
| 180 // We need to look for it. | 181 // We need to look for it. |
| 181 // But first, wait for the zygote to tell us it's running. | 182 // But first, wait for the zygote to tell us it's running. |
| 182 // The sending code is in content/browser/zygote_main_linux.cc. | 183 // The sending code is in content/browser/zygote_main_linux.cc. |
| 183 std::vector<int> fds_vec; | 184 std::vector<int> fds_vec; |
| 184 const int kExpectedLength = sizeof(kZygoteMagic); | 185 const int kExpectedLength = sizeof(content::kZygoteHelloMessage); |
| 185 char buf[kExpectedLength]; | 186 char buf[kExpectedLength]; |
| 186 const ssize_t len = UnixDomainSocket::RecvMsg(fds[0], buf, sizeof(buf), | 187 const ssize_t len = UnixDomainSocket::RecvMsg(fds[0], buf, sizeof(buf), |
| 187 &fds_vec); | 188 &fds_vec); |
| 188 CHECK(len == kExpectedLength) << "Incorrect zygote magic length"; | 189 CHECK(len == kExpectedLength) << "Incorrect zygote magic length"; |
| 189 CHECK(0 == strcmp(buf, kZygoteMagic)) << "Incorrect zygote magic"; | 190 CHECK(0 == strcmp(buf, content::kZygoteHelloMessage)) |
| 191 << "Incorrect zygote hello"; |
| 190 | 192 |
| 191 std::string inode_output; | 193 std::string inode_output; |
| 192 ino_t inode = 0; | 194 ino_t inode = 0; |
| 193 // Figure out the inode for |dummy_fd|, close |dummy_fd| on our end, | 195 // Figure out the inode for |dummy_fd|, close |dummy_fd| on our end, |
| 194 // and find the zygote process holding |dummy_fd|. | 196 // and find the zygote process holding |dummy_fd|. |
| 195 if (base::FileDescriptorGetInode(&inode, dummy_fd)) { | 197 if (base::FileDescriptorGetInode(&inode, dummy_fd)) { |
| 196 close(dummy_fd); | 198 close(dummy_fd); |
| 197 std::vector<std::string> get_inode_cmdline; | 199 std::vector<std::string> get_inode_cmdline; |
| 198 get_inode_cmdline.push_back(sandbox_binary_); | 200 get_inode_cmdline.push_back(sandbox_binary_); |
| 199 get_inode_cmdline.push_back(base::kFindInodeSwitch); | 201 get_inode_cmdline.push_back(base::kFindInodeSwitch); |
| (...skipping 12 matching lines...) Expand all Loading... |
| 212 } | 214 } |
| 213 } else { | 215 } else { |
| 214 // Not using the SUID sandbox. | 216 // Not using the SUID sandbox. |
| 215 pid_ = process; | 217 pid_ = process; |
| 216 } | 218 } |
| 217 | 219 |
| 218 close(fds[1]); | 220 close(fds[1]); |
| 219 control_fd_ = fds[0]; | 221 control_fd_ = fds[0]; |
| 220 | 222 |
| 221 Pickle pickle; | 223 Pickle pickle; |
| 222 pickle.WriteInt(kCmdGetSandboxStatus); | 224 pickle.WriteInt(content::kZygoteCommandGetSandboxStatus); |
| 223 std::vector<int> empty_fds; | 225 std::vector<int> empty_fds; |
| 224 if (!UnixDomainSocket::SendMsg(control_fd_, pickle.data(), pickle.size(), | 226 if (!UnixDomainSocket::SendMsg(control_fd_, pickle.data(), pickle.size(), |
| 225 empty_fds)) | 227 empty_fds)) |
| 226 LOG(FATAL) << "Cannot communicate with zygote"; | 228 LOG(FATAL) << "Cannot communicate with zygote"; |
| 227 // We don't wait for the reply. We'll read it in ReadReply. | 229 // We don't wait for the reply. We'll read it in ReadReply. |
| 228 } | 230 } |
| 229 | 231 |
| 230 ssize_t ZygoteHostImpl::ReadReply(void* buf, size_t buf_len) { | 232 ssize_t ZygoteHostImpl::ReadReply(void* buf, size_t buf_len) { |
| 231 // At startup we send a kCmdGetSandboxStatus request to the zygote, but don't | 233 // At startup we send a kZygoteCommandGetSandboxStatus request to the zygote, |
| 232 // wait for the reply. Thus, the first time that we read from the zygote, we | 234 // but don't wait for the reply. Thus, the first time that we read from the |
| 233 // get the reply to that request. | 235 // zygote, we get the reply to that request. |
| 234 if (!have_read_sandbox_status_word_) { | 236 if (!have_read_sandbox_status_word_) { |
| 235 if (HANDLE_EINTR(read(control_fd_, &sandbox_status_, | 237 if (HANDLE_EINTR(read(control_fd_, &sandbox_status_, |
| 236 sizeof(sandbox_status_))) != | 238 sizeof(sandbox_status_))) != |
| 237 sizeof(sandbox_status_)) { | 239 sizeof(sandbox_status_)) { |
| 238 return -1; | 240 return -1; |
| 239 } | 241 } |
| 240 have_read_sandbox_status_word_ = true; | 242 have_read_sandbox_status_word_ = true; |
| 241 } | 243 } |
| 242 | 244 |
| 243 return HANDLE_EINTR(read(control_fd_, buf, buf_len)); | 245 return HANDLE_EINTR(read(control_fd_, buf, buf_len)); |
| 244 } | 246 } |
| 245 | 247 |
| 246 pid_t ZygoteHostImpl::ForkRequest( | 248 pid_t ZygoteHostImpl::ForkRequest( |
| 247 const std::vector<std::string>& argv, | 249 const std::vector<std::string>& argv, |
| 248 const base::GlobalDescriptors::Mapping& mapping, | 250 const base::GlobalDescriptors::Mapping& mapping, |
| 249 const std::string& process_type) { | 251 const std::string& process_type) { |
| 250 DCHECK(init_); | 252 DCHECK(init_); |
| 251 Pickle pickle; | 253 Pickle pickle; |
| 252 | 254 |
| 253 pickle.WriteInt(kCmdFork); | 255 pickle.WriteInt(content::kZygoteCommandFork); |
| 254 pickle.WriteString(process_type); | 256 pickle.WriteString(process_type); |
| 255 pickle.WriteInt(argv.size()); | 257 pickle.WriteInt(argv.size()); |
| 256 for (std::vector<std::string>::const_iterator | 258 for (std::vector<std::string>::const_iterator |
| 257 i = argv.begin(); i != argv.end(); ++i) | 259 i = argv.begin(); i != argv.end(); ++i) |
| 258 pickle.WriteString(*i); | 260 pickle.WriteString(*i); |
| 259 | 261 |
| 260 pickle.WriteInt(mapping.size()); | 262 pickle.WriteInt(mapping.size()); |
| 261 | 263 |
| 262 std::vector<int> fds; | 264 std::vector<int> fds; |
| 263 for (base::GlobalDescriptors::Mapping::const_iterator | 265 for (base::GlobalDescriptors::Mapping::const_iterator |
| (...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 422 // Low memory notification is currently only implemented on ChromeOS. | 424 // Low memory notification is currently only implemented on ChromeOS. |
| 423 NOTREACHED() << "AdjustLowMemoryMargin not implemented"; | 425 NOTREACHED() << "AdjustLowMemoryMargin not implemented"; |
| 424 #endif // defined(OS_CHROMEOS) | 426 #endif // defined(OS_CHROMEOS) |
| 425 } | 427 } |
| 426 | 428 |
| 427 | 429 |
| 428 void ZygoteHostImpl::EnsureProcessTerminated(pid_t process) { | 430 void ZygoteHostImpl::EnsureProcessTerminated(pid_t process) { |
| 429 DCHECK(init_); | 431 DCHECK(init_); |
| 430 Pickle pickle; | 432 Pickle pickle; |
| 431 | 433 |
| 432 pickle.WriteInt(kCmdReap); | 434 pickle.WriteInt(content::kZygoteCommandReap); |
| 433 pickle.WriteInt(process); | 435 pickle.WriteInt(process); |
| 434 | 436 |
| 435 if (HANDLE_EINTR(write(control_fd_, pickle.data(), pickle.size())) < 0) | 437 if (HANDLE_EINTR(write(control_fd_, pickle.data(), pickle.size())) < 0) |
| 436 PLOG(ERROR) << "write"; | 438 PLOG(ERROR) << "write"; |
| 437 } | 439 } |
| 438 | 440 |
| 439 base::TerminationStatus ZygoteHostImpl::GetTerminationStatus( | 441 base::TerminationStatus ZygoteHostImpl::GetTerminationStatus( |
| 440 base::ProcessHandle handle, | 442 base::ProcessHandle handle, |
| 441 int* exit_code) { | 443 int* exit_code) { |
| 442 DCHECK(init_); | 444 DCHECK(init_); |
| 443 Pickle pickle; | 445 Pickle pickle; |
| 444 pickle.WriteInt(kCmdGetTerminationStatus); | 446 pickle.WriteInt(content::kZygoteCommandGetTerminationStatus); |
| 445 pickle.WriteInt(handle); | 447 pickle.WriteInt(handle); |
| 446 | 448 |
| 447 // Set this now to handle the early termination cases. | 449 // Set this now to handle the early termination cases. |
| 448 if (exit_code) | 450 if (exit_code) |
| 449 *exit_code = content::RESULT_CODE_NORMAL_EXIT; | 451 *exit_code = content::RESULT_CODE_NORMAL_EXIT; |
| 450 | 452 |
| 451 static const unsigned kMaxMessageLength = 128; | 453 static const unsigned kMaxMessageLength = 128; |
| 452 char buf[kMaxMessageLength]; | 454 char buf[kMaxMessageLength]; |
| 453 ssize_t len; | 455 ssize_t len; |
| 454 { | 456 { |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 488 | 490 |
| 489 pid_t ZygoteHostImpl::GetSandboxHelperPid() const { | 491 pid_t ZygoteHostImpl::GetSandboxHelperPid() const { |
| 490 return RenderSandboxHostLinux::GetInstance()->pid(); | 492 return RenderSandboxHostLinux::GetInstance()->pid(); |
| 491 } | 493 } |
| 492 | 494 |
| 493 int ZygoteHostImpl::GetSandboxStatus() const { | 495 int ZygoteHostImpl::GetSandboxStatus() const { |
| 494 if (have_read_sandbox_status_word_) | 496 if (have_read_sandbox_status_word_) |
| 495 return sandbox_status_; | 497 return sandbox_status_; |
| 496 return 0; | 498 return 0; |
| 497 } | 499 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10388013:
Move the Linux zygote stuff into its own per-process directory. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src