Move the Linux zygote stuff into its own per-process directory.

content/zygote/zygote_main_linux.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "content/browser/zygote_host_impl_linux.h"
-
 #include <dlfcn.h>
 #include <fcntl.h>
 #include <pthread.h>
 #include <stdio.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <unistd.h>
 
@@ skipping 14 matching lines @@
 #include "base/sys_info.h"
 #include "build/build_config.h"
 #include "crypto/nss_util.h"
 #include "content/common/chrome_descriptors.h"
 #include "content/common/font_config_ipc_linux.h"
 #include "content/common/pepper_plugin_registry.h"
 #include "content/common/sandbox_methods_linux.h"
 #include "content/common/seccomp_sandbox.h"
 #include "content/common/set_process_title.h"
 #include "content/common/unix_domain_socket_posix.h"
+#include "content/common/zygote_commands_linux.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/main_function_params.h"
 #include "content/public/common/result_codes.h"
+#include "content/public/common/sandbox_linux.h"
 #include "content/public/common/zygote_fork_delegate_linux.h"
 #include "skia/ext/SkFontHost_fontconfig_control.h"
 #include "unicode/timezone.h"
 #include "ipc/ipc_channel.h"
 #include "ipc/ipc_switches.h"
 
 #if defined(OS_LINUX)
 #include <sys/epoll.h>
 #include <sys/prctl.h>
 #include <sys/signal.h>
 #else
 #include <signal.h>
 #endif
 
 #if defined(CHROMIUM_SELINUX)
 #include <selinux/selinux.h>
 #include <selinux/context.h>
 #endif
 
+namespace content {
+
 // http://code.google.com/p/chromium/wiki/LinuxZygote
 
 static const int kBrowserDescriptor = 3;
 static const int kMagicSandboxIPCDescriptor = 5;
 static const int kZygoteIdDescriptor = 7;
 static bool g_suid_sandbox_active = false;
 
 static const char kUrandomDevPath[] = "/dev/urandom";
 
 #if defined(SECCOMP_SANDBOX)
@@ skipping 18 matching lines @@
                   "the policies haven't been loaded into the kernel?)";
   }
 }
 #endif  // CHROMIUM_SELINUX
 
 // This is the object which implements the zygote. The ZygoteMain function,
 // which is called from ChromeMain, simply constructs one of these objects and
 // runs it.
 class Zygote {
  public:
-  Zygote(int sandbox_flags, content::ZygoteForkDelegate* helper)
+  Zygote(int sandbox_flags, ZygoteForkDelegate* helper)
       : sandbox_flags_(sandbox_flags),
         helper_(helper),
         initial_uma_sample_(0),
         initial_uma_boundary_value_(0) {
     if (helper_)
       helper_->InitialUMA(&initial_uma_name_,
                           &initial_uma_sample_,
                           &initial_uma_boundary_value_);
   }
 
   bool ProcessRequests() {
     // A SOCK_SEQPACKET socket is installed in fd 3. We get commands from the
     // browser on it.
     // A SOCK_DGRAM is installed in fd 5. This is the sandbox IPC channel.
     // See http://code.google.com/p/chromium/wiki/LinuxSandboxIPC
 
     // We need to accept SIGCHLD, even though our handler is a no-op because
     // otherwise we cannot wait on children. (According to POSIX 2001.)
     struct sigaction action;
     memset(&action, 0, sizeof(action));
     action.sa_handler = SIGCHLDHandler;
     CHECK(sigaction(SIGCHLD, &action, NULL) == 0);
 
     if (g_suid_sandbox_active) {
       // Let the ZygoteHost know we are ready to go.
       // The receiving code is in content/browser/zygote_host_linux.cc.
       std::vector<int> empty;
-      bool r = UnixDomainSocket::SendMsg(kBrowserDescriptor, kZygoteMagic,
-                                         sizeof(kZygoteMagic), empty);
+      bool r = UnixDomainSocket::SendMsg(kBrowserDescriptor,
+                                         kZygoteHelloMessage,
+                                         sizeof(kZygoteHelloMessage), empty);
 #if defined(OS_CHROMEOS)
       LOG_IF(WARNING, !r) << "Sending zygote magic failed";
       // Exit normally on chromeos because session manager may send SIGTERM
       // right after the process starts and it may fail to send zygote magic
       // number to browser process.
       if (!r)
-        _exit(content::RESULT_CODE_NORMAL_EXIT);
+        _exit(RESULT_CODE_NORMAL_EXIT);
 #else
       CHECK(r) << "Sending zygote magic failed";
 #endif
     }
 
     for (;;) {
       // This function call can return multiple times, once per fork().
       if (HandleRequestFromBrowser(kBrowserDescriptor))
         return true;
     }
@@ skipping 24 matching lines @@
       PLOG(ERROR) << "Error reading message from browser";
       return false;
     }
 
     Pickle pickle(buf, len);
     PickleIterator iter(pickle);
 
     int kind;
     if (pickle.ReadInt(&iter, &kind)) {
       switch (kind) {
-        case ZygoteHostImpl::kCmdFork:
+        case kZygoteCommandFork:
           // This function call can return multiple times, once per fork().
           return HandleForkRequest(fd, pickle, iter, fds);
 
-        case ZygoteHostImpl::kCmdReap:
+        case kZygoteCommandReap:
           if (!fds.empty())
             break;
           HandleReapRequest(fd, pickle, iter);
           return false;
-        case ZygoteHostImpl::kCmdGetTerminationStatus:
+        case kZygoteCommandGetTerminationStatus:
           if (!fds.empty())
             break;
           HandleGetTerminationStatus(fd, pickle, iter);
           return false;
-        case ZygoteHostImpl::kCmdGetSandboxStatus:
+        case kZygoteCommandGetSandboxStatus:
           HandleGetSandboxStatus(fd, pickle, iter);
           return false;
         default:
           NOTREACHED();
           break;
       }
     }
 
     LOG(WARNING) << "Error parsing message from browser";
     for (std::vector<int>::const_iterator
@@ skipping 37 matching lines @@
     base::TerminationStatus status;
     int exit_code;
     if (g_suid_sandbox_active)
       child = real_pids_to_sandbox_pids[child];
     if (child) {
       status = base::GetTerminationStatus(child, &exit_code);
     } else {
       // Assume that if we can't find the child in the sandbox, then
       // it terminated normally.
       status = base::TERMINATION_STATUS_NORMAL_TERMINATION;
-      exit_code = content::RESULT_CODE_NORMAL_EXIT;
+      exit_code = RESULT_CODE_NORMAL_EXIT;
     }
 
     Pickle write_pickle;
     write_pickle.WriteInt(static_cast<int>(status));
     write_pickle.WriteInt(exit_code);
     ssize_t written =
         HANDLE_EINTR(write(fd, write_pickle.data(), write_pickle.size()));
     if (written != static_cast<ssize_t>(write_pickle.size()))
       PLOG(ERROR) << "write";
   }
@@ skipping 278 matching lines @@
     return false;
   }
 
   // In the SUID sandbox, we try to use a new PID namespace. Thus the PIDs
   // fork() returns are not the real PIDs, so we need to map the Real PIDS
   // into the sandbox PID namespace.
   typedef base::hash_map<base::ProcessHandle, base::ProcessHandle> ProcessMap;
   ProcessMap real_pids_to_sandbox_pids;
 
   const int sandbox_flags_;
-  content::ZygoteForkDelegate* helper_;
+  ZygoteForkDelegate* helper_;
 
   // These might be set by helper_->InitialUMA.  They supply a UMA
   // enumeration sample we should report on the first fork.
   std::string initial_uma_name_;
   int initial_uma_sample_;
   int initial_uma_boundary_value_;
 };
 
 // With SELinux we can carve out a precise sandbox, so we don't have to play
 // with intercepting libc calls.
@@ skipping 372 matching lines @@
 
 static bool EnterSandbox() {
   PreSandboxInit();
   SkiaFontConfigSetImplementation(
       new FontConfigIPC(kMagicSandboxIPCDescriptor));
   return true;
 }
 
 #endif  // CHROMIUM_SELINUX
 
-bool ZygoteMain(const content::MainFunctionParams& params,
-                content::ZygoteForkDelegate* forkdelegate) {
+bool ZygoteMain(const MainFunctionParams& params,
+                ZygoteForkDelegate* forkdelegate) {
 #if !defined(CHROMIUM_SELINUX)
   g_am_zygote_or_renderer = true;
 #endif
 
 #if defined(SECCOMP_SANDBOX)
   if (SeccompSandboxEnabled()) {
     // The seccomp sandbox needs access to files in /proc, which might be denied
     // after one of the other sandboxes have been started. So, obtain a suitable
     // file handle in advance.
     g_proc_fd = open("/proc", O_DIRECTORY | O_RDONLY);
@@ skipping 15 matching lines @@
 
   // Turn on the SELinux or SUID sandbox
   if (!EnterSandbox()) {
     LOG(FATAL) << "Failed to enter sandbox. Fail safe abort. (errno: "
                << errno << ")";
     return false;
   }
 
   int sandbox_flags = 0;
   if (getenv("SBX_D"))
-    sandbox_flags |= ZygoteHostImpl::kSandboxSUID;
+    sandbox_flags |= kSandboxLinuxSUID;
   if (getenv("SBX_PID_NS"))
-    sandbox_flags |= ZygoteHostImpl::kSandboxPIDNS;
+    sandbox_flags |= kSandboxLinuxPIDNS;
   if (getenv("SBX_NET_NS"))
-    sandbox_flags |= ZygoteHostImpl::kSandboxNetNS;
+    sandbox_flags |= kSandboxLinuxNetNS;
 
 #if defined(SECCOMP_SANDBOX)
   // The seccomp sandbox will be turned on when the renderers start. But we can
   // already check if sufficient support is available so that we only need to
   // print one error message for the entire browser session.
   if (g_proc_fd >= 0 && SeccompSandboxEnabled()) {
     if (!SupportsSeccompSandbox(g_proc_fd)) {
       // There are a good number of users who cannot use the seccomp sandbox
       // (e.g. because their distribution does not enable seccomp mode by
       // default). While we would prefer to deny execution in this case, it
       // seems more realistic to continue in degraded mode.
       LOG(ERROR) << "WARNING! This machine lacks support needed for the "
                     "Seccomp sandbox. Running renderers with Seccomp "
                     "sandboxing disabled.";
     } else {
       VLOG(1) << "Enabling experimental Seccomp sandbox.";
-      sandbox_flags |= ZygoteHostImpl::kSandboxSeccomp;
+      sandbox_flags |= kSandboxLinuxSeccomp;
     }
   }
 #endif  // SECCOMP_SANDBOX
 
   Zygote zygote(sandbox_flags, forkdelegate);
   // This function call can return multiple times, once per fork().
   return zygote.ProcessRequests();
 }
+
+}  // namespace content