content/browser/renderer_host/render_sandbox_host_linux.cc - Issue 255693002: Make SandboxIPCProcess a thread.

Side by Side Diff: content/browser/renderer_host/render_sandbox_host_linux.cc

Issue 255693002: Make SandboxIPCProcess a thread. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Really fix compile. Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « content/browser/renderer_host/render_sandbox_host_linux.h ('k') | content/browser/renderer_host/sandbox_ipc_linux.h » ('j') | content/browser/renderer_host/sandbox_ipc_linux.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/renderer_host/render_sandbox_host_linux.h"	5 #include "content/browser/renderer_host/render_sandbox_host_linux.h"

6	6

7 #include <sys/socket.h>	7 #include <sys/socket.h>

8	8

9 #include "base/memory/singleton.h"	9 #include "base/memory/singleton.h"

10 #include "base/posix/eintr_wrapper.h"	10 #include "base/posix/eintr_wrapper.h"

11 #include "content/browser/renderer_host/sandbox_ipc_linux.h"

12	11

13 namespace content {	12 namespace content {

14	13

15 // Runs on the main thread at startup.	14 // Runs on the main thread at startup.

16 RenderSandboxHostLinux::RenderSandboxHostLinux()	15 RenderSandboxHostLinux::RenderSandboxHostLinux()

17 : initialized_(false),	16 : initialized_(false), renderer_socket_(0) {

18 renderer_socket_(0),

19 childs_lifeline_fd_(0),

20 pid_(0) {

21 }	17 }

22	18

23 // static	19 // static

24 RenderSandboxHostLinux* RenderSandboxHostLinux::GetInstance() {	20 RenderSandboxHostLinux* RenderSandboxHostLinux::GetInstance() {

25 return Singleton<RenderSandboxHostLinux>::get();	21 return Singleton<RenderSandboxHostLinux>::get();

26 }	22 }

27	23

28 void RenderSandboxHostLinux::Init(const std::string& sandbox_path) {	24 void RenderSandboxHostLinux::Init(const std::string& sandbox_path) {

29 DCHECK(!initialized_);	25 DCHECK(!initialized_);

30 initialized_ = true;	26 initialized_ = true;

31	27

32 int fds[2];	28 int fds[2];

33 // We use SOCK_SEQPACKET rather than SOCK_DGRAM to prevent the renderer from	29 // We use SOCK_SEQPACKET rather than SOCK_DGRAM to prevent the renderer from

34 // sending datagrams to other sockets on the system. The sandbox may prevent	30 // sending datagrams to other sockets on the system. The sandbox may prevent

35 // the renderer from calling socket() to create new sockets, but it'll still	31 // the renderer from calling socket() to create new sockets, but it'll still

36 // inherit some sockets. With AF_UNIX+SOCK_DGRAM, it can call sendmsg to send	32 // inherit some sockets. With AF_UNIX+SOCK_DGRAM, it can call sendmsg to send

37 // a datagram to any (abstract) socket on the same system. With	33 // a datagram to any (abstract) socket on the same system. With

38 // SOCK_SEQPACKET, this is prevented.	34 // SOCK_SEQPACKET, this is prevented.

39 CHECK(socketpair(AF_UNIX, SOCK_SEQPACKET, 0, fds) == 0);	35 CHECK(socketpair(AF_UNIX, SOCK_SEQPACKET, 0, fds) == 0);

40	36

41 renderer_socket_ = fds[0];	37 renderer_socket_ = fds[0];

42 const int browser_socket = fds[1];	38 const int browser_socket = fds[1];

43	39

44 int pipefds[2];	40 ipc_handler_.reset(new SandboxIPCHandler(browser_socket, sandbox_path));

45 CHECK(0 == pipe(pipefds));	41 ipc_thread_.reset(

46 const int child_lifeline_fd = pipefds[0];	42 new base::DelegateSimpleThread(ipc_handler_.get(), "sandbox_ipc_thread"));

47 childs_lifeline_fd_ = pipefds[1];	43 ipc_thread_->Start();

48

49 // We need to be monothreaded before we fork().

50 #if !defined(THREAD_SANITIZER)

51 DCHECK_EQ(1, base::GetNumberOfThreads(base::GetCurrentProcessHandle()));

52 #endif // !defined(THREAD_SANITIZER)
piman 2014/04/29 00:25:46 Has the zygote been launched at this point? Has the zygote been launched at this point? Jorge Lucangeli Obes 2014/04/30 17:58:20 I don't think that would be an issue. The browser Show quoted text On 2014/04/29 00:25:46, piman wrote: > Has the zygote been launched at this point? I don't think that would be an issue. The browser keeps the fd that it will pass to the zygote.
53 pid_ = fork();

54 if (pid_ == 0) {

55 if (IGNORE_EINTR(close(fds[0])) < 0)

56 DPLOG(ERROR) << "close";

57 if (IGNORE_EINTR(close(pipefds[1])) < 0)

58 DPLOG(ERROR) << "close";

59

60 SandboxIPCProcess handler(child_lifeline_fd, browser_socket, sandbox_path);

61 handler.Run();

62 _exit(0);

63 }

64 }	44 }

65	45

66 RenderSandboxHostLinux::~RenderSandboxHostLinux() {	46 RenderSandboxHostLinux::~RenderSandboxHostLinux() {

67 if (initialized_) {	47 if (initialized_) {

68 if (IGNORE_EINTR(close(renderer_socket_)) < 0)	48 if (IGNORE_EINTR(close(renderer_socket_)) < 0)

69 PLOG(ERROR) << "close";	49 PLOG(ERROR) << "close";

70 if (IGNORE_EINTR(close(childs_lifeline_fd_)) < 0)	50

71 PLOG(ERROR) << "close";	51 ipc_thread_->Join();

72 }	52 }

73 }	53 }

74	54

75 } // namespace content	55 } // namespace content

OLD	NEW