OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 // For linux_syscall_support.h. This makes it safe to call embedded system | |
6 // calls when in seccomp mode. | |
7 #define SYS_SYSCALL_ENTRYPOINT "playground$syscallEntryPoint" | |
8 | |
9 #include "chrome/app/breakpad_linux.h" | |
10 | |
11 #include <fcntl.h> | |
12 #include <poll.h> | |
13 #include <stdlib.h> | |
14 #include <sys/socket.h> | |
15 #include <sys/time.h> | |
16 #include <sys/types.h> | |
17 #include <sys/wait.h> | |
18 #include <sys/uio.h> | |
19 #include <time.h> | |
20 #include <unistd.h> | |
21 | |
22 #include <algorithm> | |
23 #include <string> | |
24 | |
25 #include "base/command_line.h" | |
26 #include "base/eintr_wrapper.h" | |
27 #include "base/file_path.h" | |
28 #include "base/global_descriptors_posix.h" | |
29 #include "base/linux_util.h" | |
30 #include "base/path_service.h" | |
31 #include "base/process_util.h" | |
32 #include "base/string_util.h" | |
33 #include "breakpad/src/client/linux/handler/exception_handler.h" | |
34 #include "breakpad/src/client/linux/minidump_writer/directory_reader.h" | |
35 #include "breakpad/src/common/linux/linux_libc_support.h" | |
36 #include "breakpad/src/common/memory.h" | |
37 #include "chrome/browser/crash_upload_list.h" | |
38 #include "chrome/common/child_process_logging.h" | |
39 #include "chrome/common/chrome_paths.h" | |
40 #include "chrome/common/chrome_switches.h" | |
41 #include "chrome/common/chrome_version_info_posix.h" | |
42 #include "chrome/common/env_vars.h" | |
43 #include "chrome/common/logging_chrome.h" | |
44 #include "content/common/chrome_descriptors.h" | |
45 #include "seccompsandbox/linux_syscall_support.h" | |
46 | |
47 #ifndef PR_SET_PTRACER | |
48 #define PR_SET_PTRACER 0x59616d61 | |
49 #endif | |
50 | |
51 // Some versions of gcc are prone to warn about unused return values. In cases | |
52 // where we either a) know the call cannot fail, or b) there is nothing we | |
53 // can do when a call fails, we mark the return code as ignored. This avoids | |
54 // spurious compiler warnings. | |
55 #define IGNORE_RET(x) do { if (x); } while (0) | |
56 | |
57 static const char kUploadURL[] = | |
58 "https://clients2.google.com/cr/report"; | |
59 | |
60 static bool g_is_crash_reporter_enabled = false; | |
61 static uint64_t g_process_start_time = 0; | |
62 static char* g_crash_log_path = NULL; | |
63 static google_breakpad::ExceptionHandler* g_breakpad = NULL; | |
64 | |
65 // Writes the value |v| as 16 hex characters to the memory pointed at by | |
66 // |output|. | |
67 static void write_uint64_hex(char* output, uint64_t v) { | |
68 static const char hextable[] = "0123456789abcdef"; | |
69 | |
70 for (int i = 15; i >= 0; --i) { | |
71 output[i] = hextable[v & 15]; | |
72 v >>= 4; | |
73 } | |
74 } | |
75 | |
76 // The following helper functions are for calculating uptime. | |
77 | |
78 // Converts a struct timeval to milliseconds. | |
79 static uint64_t timeval_to_ms(struct timeval *tv) { | |
80 uint64_t ret = tv->tv_sec; // Avoid overflow by explicitly using a uint64_t. | |
81 ret *= 1000; | |
82 ret += tv->tv_usec / 1000; | |
83 return ret; | |
84 } | |
85 | |
86 // Converts a struct timeval to milliseconds. | |
87 static uint64_t kernel_timeval_to_ms(struct kernel_timeval *tv) { | |
88 uint64_t ret = tv->tv_sec; // Avoid overflow by explicitly using a uint64_t. | |
89 ret *= 1000; | |
90 ret += tv->tv_usec / 1000; | |
91 return ret; | |
92 } | |
93 | |
94 // String buffer size to use to convert a uint64_t to string. | |
95 static size_t kUint64StringSize = 21; | |
96 | |
97 // uint64_t version of my_int_len() from | |
98 // breakpad/src/common/linux/linux_libc_support.h. Return the length of the | |
99 // given, non-negative integer when expressed in base 10. | |
100 static unsigned my_uint64_len(uint64_t i) { | |
101 if (!i) | |
102 return 1; | |
103 | |
104 unsigned len = 0; | |
105 while (i) { | |
106 len++; | |
107 i /= 10; | |
108 } | |
109 | |
110 return len; | |
111 } | |
112 | |
113 // uint64_t version of my_itos() from | |
114 // breakpad/src/common/linux/linux_libc_support.h. Convert a non-negative | |
115 // integer to a string (not null-terminated). | |
116 static void my_uint64tos(char* output, uint64_t i, unsigned i_len) { | |
117 for (unsigned index = i_len; index; --index, i /= 10) | |
118 output[index - 1] = '0' + (i % 10); | |
119 } | |
120 | |
121 namespace { | |
122 | |
123 // MIME substrings. | |
124 static const char g_rn[] = "\r\n"; | |
125 static const char g_form_data_msg[] = "Content-Disposition: form-data; name=\""; | |
126 static const char g_quote_msg[] = "\""; | |
127 static const char g_dashdash_msg[] = "--"; | |
128 static const char g_dump_msg[] = "upload_file_minidump\"; filename=\"dump\""; | |
129 static const char g_content_type_msg[] = | |
130 "Content-Type: application/octet-stream"; | |
131 | |
132 // MimeWriter manages an iovec for writing MIMEs to a file. | |
133 class MimeWriter { | |
134 public: | |
135 static const int kIovCapacity = 30; | |
136 static const size_t kMaxCrashChunkSize = 64; | |
137 | |
138 MimeWriter(int fd, const char* const mime_boundary); | |
139 ~MimeWriter(); | |
140 | |
141 // Append boundary. | |
142 void AddBoundary(); | |
143 | |
144 // Append end of file boundary. | |
145 void AddEnd(); | |
146 | |
147 // Append key/value pair with specified sizes. | |
148 void AddPairData(const char* msg_type, | |
149 size_t msg_type_size, | |
150 const char* msg_data, | |
151 size_t msg_data_size); | |
152 | |
153 // Append key/value pair. | |
154 void AddPairString(const char* msg_type, | |
155 const char* msg_data) { | |
156 AddPairData(msg_type, my_strlen(msg_type), msg_data, my_strlen(msg_data)); | |
157 } | |
158 | |
159 // Append key/value pair, splitting value into chunks no larger than | |
160 // |chunk_size|. |chunk_size| cannot be greater than |kMaxCrashChunkSize|. | |
161 // The msg_type string will have a counter suffix to distinguish each chunk. | |
162 void AddPairDataInChunks(const char* msg_type, | |
163 size_t msg_type_size, | |
164 const char* msg_data, | |
165 size_t msg_data_size, | |
166 size_t chunk_size, | |
167 bool strip_trailing_spaces); | |
168 | |
169 // Add binary file dump. Currently this is only done once, so the name is | |
170 // fixed. | |
171 void AddFileDump(uint8_t* file_data, | |
172 size_t file_size); | |
173 | |
174 // Flush any pending iovecs to the output file. | |
175 void Flush() { | |
176 IGNORE_RET(sys_writev(fd_, iov_, iov_index_)); | |
177 iov_index_ = 0; | |
178 } | |
179 | |
180 private: | |
181 void AddItem(const void* base, size_t size); | |
182 // Minor performance trade-off for easier-to-maintain code. | |
183 void AddString(const char* str) { | |
184 AddItem(str, my_strlen(str)); | |
185 } | |
186 void AddItemWithoutTrailingSpaces(const void* base, size_t size); | |
187 | |
188 struct kernel_iovec iov_[kIovCapacity]; | |
189 int iov_index_; | |
190 | |
191 // Output file descriptor. | |
192 int fd_; | |
193 | |
194 const char* const mime_boundary_; | |
195 | |
196 DISALLOW_COPY_AND_ASSIGN(MimeWriter); | |
197 }; | |
198 | |
199 MimeWriter::MimeWriter(int fd, const char* const mime_boundary) | |
200 : iov_index_(0), | |
201 fd_(fd), | |
202 mime_boundary_(mime_boundary) { | |
203 } | |
204 | |
205 MimeWriter::~MimeWriter() { | |
206 } | |
207 | |
208 void MimeWriter::AddBoundary() { | |
209 AddString(mime_boundary_); | |
210 AddString(g_rn); | |
211 } | |
212 | |
213 void MimeWriter::AddEnd() { | |
214 AddString(mime_boundary_); | |
215 AddString(g_dashdash_msg); | |
216 AddString(g_rn); | |
217 } | |
218 | |
219 void MimeWriter::AddPairData(const char* msg_type, | |
220 size_t msg_type_size, | |
221 const char* msg_data, | |
222 size_t msg_data_size) { | |
223 AddString(g_form_data_msg); | |
224 AddItem(msg_type, msg_type_size); | |
225 AddString(g_quote_msg); | |
226 AddString(g_rn); | |
227 AddString(g_rn); | |
228 AddItem(msg_data, msg_data_size); | |
229 AddString(g_rn); | |
230 } | |
231 | |
232 void MimeWriter::AddPairDataInChunks(const char* msg_type, | |
233 size_t msg_type_size, | |
234 const char* msg_data, | |
235 size_t msg_data_size, | |
236 size_t chunk_size, | |
237 bool strip_trailing_spaces) { | |
238 if (chunk_size > kMaxCrashChunkSize) | |
239 return; | |
240 | |
241 unsigned i = 0; | |
242 size_t done = 0, msg_length = msg_data_size; | |
243 | |
244 while (msg_length) { | |
245 char num[16]; | |
246 const unsigned num_len = my_int_len(++i); | |
247 my_itos(num, i, num_len); | |
248 | |
249 size_t chunk_len = std::min(chunk_size, msg_length); | |
250 | |
251 AddString(g_form_data_msg); | |
252 AddItem(msg_type, msg_type_size); | |
253 AddItem(num, num_len); | |
254 AddString(g_quote_msg); | |
255 AddString(g_rn); | |
256 AddString(g_rn); | |
257 if (strip_trailing_spaces) { | |
258 AddItemWithoutTrailingSpaces(msg_data + done, chunk_len); | |
259 } else { | |
260 AddItem(msg_data + done, chunk_len); | |
261 } | |
262 AddString(g_rn); | |
263 AddBoundary(); | |
264 Flush(); | |
265 | |
266 done += chunk_len; | |
267 msg_length -= chunk_len; | |
268 } | |
269 } | |
270 | |
271 void MimeWriter::AddFileDump(uint8_t* file_data, | |
272 size_t file_size) { | |
273 AddString(g_form_data_msg); | |
274 AddString(g_dump_msg); | |
275 AddString(g_rn); | |
276 AddString(g_content_type_msg); | |
277 AddString(g_rn); | |
278 AddString(g_rn); | |
279 AddItem(file_data, file_size); | |
280 AddString(g_rn); | |
281 } | |
282 | |
283 void MimeWriter::AddItem(const void* base, size_t size) { | |
284 // Check if the iovec is full and needs to be flushed to output file. | |
285 if (iov_index_ == kIovCapacity) { | |
286 Flush(); | |
287 } | |
288 iov_[iov_index_].iov_base = const_cast<void*>(base); | |
289 iov_[iov_index_].iov_len = size; | |
290 ++iov_index_; | |
291 } | |
292 | |
293 void MimeWriter::AddItemWithoutTrailingSpaces(const void* base, size_t size) { | |
294 while (size > 0) { | |
295 const char* c = static_cast<const char*>(base) + size - 1; | |
296 if (*c != ' ') | |
297 break; | |
298 size--; | |
299 } | |
300 AddItem(base, size); | |
301 } | |
302 | |
303 void DumpProcess() { | |
304 if (g_breakpad) | |
305 g_breakpad->WriteMinidump(); | |
306 } | |
307 | |
308 } // namespace | |
309 | |
310 void HandleCrashDump(const BreakpadInfo& info) { | |
311 // WARNING: this code runs in a compromised context. It may not call into | |
312 // libc nor allocate memory normally. | |
313 | |
314 const int dumpfd = sys_open(info.filename, O_RDONLY, 0); | |
315 if (dumpfd < 0) { | |
316 static const char msg[] = "Cannot upload crash dump: failed to open\n"; | |
317 sys_write(2, msg, sizeof(msg)); | |
318 return; | |
319 } | |
320 struct kernel_stat st; | |
321 if (sys_fstat(dumpfd, &st) != 0) { | |
322 static const char msg[] = "Cannot upload crash dump: stat failed\n"; | |
323 sys_write(2, msg, sizeof(msg)); | |
324 IGNORE_RET(sys_close(dumpfd)); | |
325 return; | |
326 } | |
327 | |
328 google_breakpad::PageAllocator allocator; | |
329 | |
330 uint8_t* dump_data = reinterpret_cast<uint8_t*>(allocator.Alloc(st.st_size)); | |
331 if (!dump_data) { | |
332 static const char msg[] = "Cannot upload crash dump: cannot alloc\n"; | |
333 sys_write(2, msg, sizeof(msg)); | |
334 IGNORE_RET(sys_close(dumpfd)); | |
335 return; | |
336 } | |
337 | |
338 sys_read(dumpfd, dump_data, st.st_size); | |
339 IGNORE_RET(sys_close(dumpfd)); | |
340 | |
341 // We need to build a MIME block for uploading to the server. Since we are | |
342 // going to fork and run wget, it needs to be written to a temp file. | |
343 | |
344 const int ufd = sys_open("/dev/urandom", O_RDONLY, 0); | |
345 if (ufd < 0) { | |
346 static const char msg[] = "Cannot upload crash dump because /dev/urandom" | |
347 " is missing\n"; | |
348 sys_write(2, msg, sizeof(msg) - 1); | |
349 return; | |
350 } | |
351 | |
352 static const char temp_file_template[] = | |
353 "/tmp/chromium-upload-XXXXXXXXXXXXXXXX"; | |
354 char temp_file[sizeof(temp_file_template)]; | |
355 int temp_file_fd = -1; | |
356 if (info.upload) { | |
357 memcpy(temp_file, temp_file_template, sizeof(temp_file_template)); | |
358 | |
359 for (unsigned i = 0; i < 10; ++i) { | |
360 uint64_t t; | |
361 sys_read(ufd, &t, sizeof(t)); | |
362 write_uint64_hex(temp_file + sizeof(temp_file) - (16 + 1), t); | |
363 | |
364 temp_file_fd = sys_open(temp_file, O_WRONLY | O_CREAT | O_EXCL, 0600); | |
365 if (temp_file_fd >= 0) | |
366 break; | |
367 } | |
368 | |
369 if (temp_file_fd < 0) { | |
370 static const char msg[] = "Failed to create temporary file in /tmp: " | |
371 "cannot upload crash dump\n"; | |
372 sys_write(2, msg, sizeof(msg) - 1); | |
373 IGNORE_RET(sys_close(ufd)); | |
374 return; | |
375 } | |
376 } else { | |
377 temp_file_fd = sys_open(info.filename, O_WRONLY, 0600); | |
378 if (temp_file_fd < 0) { | |
379 static const char msg[] = "Failed to save crash dump: failed to open\n"; | |
380 sys_write(2, msg, sizeof(msg) - 1); | |
381 IGNORE_RET(sys_close(ufd)); | |
382 return; | |
383 } | |
384 } | |
385 | |
386 // The MIME boundary is 28 hyphens, followed by a 64-bit nonce and a NUL. | |
387 char mime_boundary[28 + 16 + 1]; | |
388 my_memset(mime_boundary, '-', 28); | |
389 uint64_t boundary_rand; | |
390 sys_read(ufd, &boundary_rand, sizeof(boundary_rand)); | |
391 write_uint64_hex(mime_boundary + 28, boundary_rand); | |
392 mime_boundary[28 + 16] = 0; | |
393 IGNORE_RET(sys_close(ufd)); | |
394 | |
395 // The MIME block looks like this: | |
396 // BOUNDARY \r\n | |
397 // Content-Disposition: form-data; name="prod" \r\n \r\n | |
398 // Chrome_Linux \r\n | |
399 // BOUNDARY \r\n | |
400 // Content-Disposition: form-data; name="ver" \r\n \r\n | |
401 // 1.2.3.4 \r\n | |
402 // BOUNDARY \r\n | |
403 // Content-Disposition: form-data; name="guid" \r\n \r\n | |
404 // 1.2.3.4 \r\n | |
405 // BOUNDARY \r\n | |
406 // | |
407 // zero or one: | |
408 // Content-Disposition: form-data; name="ptime" \r\n \r\n | |
409 // abcdef \r\n | |
410 // BOUNDARY \r\n | |
411 // | |
412 // zero or one: | |
413 // Content-Disposition: form-data; name="ptype" \r\n \r\n | |
414 // abcdef \r\n | |
415 // BOUNDARY \r\n | |
416 // | |
417 // zero or more gpu entries: | |
418 // Content-Disposition: form-data; name="gpu-xxxxx" \r\n \r\n | |
419 // <gpu-xxxxx> \r\n | |
420 // BOUNDARY \r\n | |
421 // | |
422 // zero or one: | |
423 // Content-Disposition: form-data; name="lsb-release" \r\n \r\n | |
424 // abcdef \r\n | |
425 // BOUNDARY \r\n | |
426 // | |
427 // zero or more: | |
428 // Content-Disposition: form-data; name="url-chunk-1" \r\n \r\n | |
429 // abcdef \r\n | |
430 // BOUNDARY \r\n | |
431 // | |
432 // zero or one: | |
433 // Content-Disposition: form-data; name="channel" \r\n \r\n | |
434 // beta \r\n | |
435 // BOUNDARY \r\n | |
436 // | |
437 // zero or one: | |
438 // Content-Disposition: form-data; name="num-views" \r\n \r\n | |
439 // 3 \r\n | |
440 // BOUNDARY \r\n | |
441 // | |
442 // zero or one: | |
443 // Content-Disposition: form-data; name="num-extensions" \r\n \r\n | |
444 // 5 \r\n | |
445 // BOUNDARY \r\n | |
446 // | |
447 // zero to 10: | |
448 // Content-Disposition: form-data; name="extension-1" \r\n \r\n | |
449 // abcdefghijklmnopqrstuvwxyzabcdef \r\n | |
450 // BOUNDARY \r\n | |
451 // | |
452 // zero to 4: | |
453 // Content-Disposition: form-data; name="prn-info-1" \r\n \r\n | |
454 // abcdefghijklmnopqrstuvwxyzabcdef \r\n | |
455 // BOUNDARY \r\n | |
456 // | |
457 // zero or one: | |
458 // Content-Disposition: form-data; name="num-switches" \r\n \r\n | |
459 // 5 \r\n | |
460 // BOUNDARY \r\n | |
461 // | |
462 // zero to 15: | |
463 // Content-Disposition: form-data; name="switch-1" \r\n \r\n | |
464 // --foo \r\n | |
465 // BOUNDARY \r\n | |
466 // | |
467 // zero or one: | |
468 // Content-Disposition: form-data; name="oom-size" \r\n \r\n | |
469 // 1234567890 \r\n | |
470 // BOUNDARY \r\n | |
471 // | |
472 // Content-Disposition: form-data; name="dump"; filename="dump" \r\n | |
473 // Content-Type: application/octet-stream \r\n \r\n | |
474 // <dump contents> | |
475 // \r\n BOUNDARY -- \r\n | |
476 | |
477 MimeWriter writer(temp_file_fd, mime_boundary); | |
478 { | |
479 #if defined(OS_CHROMEOS) | |
480 static const char chrome_product_msg[] = "Chrome_ChromeOS"; | |
481 #else // OS_LINUX | |
482 static const char chrome_product_msg[] = "Chrome_Linux"; | |
483 #endif | |
484 static const char version_msg[] = PRODUCT_VERSION; | |
485 | |
486 writer.AddBoundary(); | |
487 writer.AddPairString("prod", chrome_product_msg); | |
488 writer.AddBoundary(); | |
489 writer.AddPairString("ver", version_msg); | |
490 writer.AddBoundary(); | |
491 writer.AddPairString("guid", info.guid); | |
492 writer.AddBoundary(); | |
493 writer.Flush(); | |
494 } | |
495 | |
496 if (info.process_start_time > 0) { | |
497 struct kernel_timeval tv; | |
498 if (!sys_gettimeofday(&tv, NULL)) { | |
499 uint64_t time = kernel_timeval_to_ms(&tv); | |
500 if (time > info.process_start_time) { | |
501 time -= info.process_start_time; | |
502 char time_str[kUint64StringSize]; | |
503 const unsigned time_len = my_uint64_len(time); | |
504 my_uint64tos(time_str, time, time_len); | |
505 | |
506 static const char process_time_msg[] = "ptime"; | |
507 writer.AddPairData(process_time_msg, sizeof(process_time_msg) - 1, | |
508 time_str, time_len); | |
509 writer.AddBoundary(); | |
510 writer.Flush(); | |
511 } | |
512 } | |
513 } | |
514 | |
515 if (info.process_type_length) { | |
516 writer.AddPairString("ptype", info.process_type); | |
517 writer.AddBoundary(); | |
518 writer.Flush(); | |
519 } | |
520 | |
521 // If GPU info is known, send it. | |
522 unsigned gpu_vendor_len = my_strlen(child_process_logging::g_gpu_vendor_id); | |
523 if (gpu_vendor_len) { | |
524 static const char vendor_msg[] = "gpu-venid"; | |
525 static const char device_msg[] = "gpu-devid"; | |
526 static const char driver_msg[] = "gpu-driver"; | |
527 static const char psver_msg[] = "gpu-psver"; | |
528 static const char vsver_msg[] = "gpu-vsver"; | |
529 | |
530 writer.AddPairString(vendor_msg, child_process_logging::g_gpu_vendor_id); | |
531 writer.AddBoundary(); | |
532 writer.AddPairString(device_msg, child_process_logging::g_gpu_device_id); | |
533 writer.AddBoundary(); | |
534 writer.AddPairString(driver_msg, child_process_logging::g_gpu_driver_ver); | |
535 writer.AddBoundary(); | |
536 writer.AddPairString(psver_msg, child_process_logging::g_gpu_ps_ver); | |
537 writer.AddBoundary(); | |
538 writer.AddPairString(vsver_msg, child_process_logging::g_gpu_vs_ver); | |
539 writer.AddBoundary(); | |
540 writer.Flush(); | |
541 } | |
542 | |
543 if (info.distro_length) { | |
544 static const char distro_msg[] = "lsb-release"; | |
545 writer.AddPairString(distro_msg, info.distro); | |
546 writer.AddBoundary(); | |
547 writer.Flush(); | |
548 } | |
549 | |
550 // For renderers and plugins. | |
551 if (info.crash_url_length) { | |
552 static const char url_chunk_msg[] = "url-chunk-"; | |
553 static const unsigned kMaxUrlLength = 8 * MimeWriter::kMaxCrashChunkSize; | |
554 writer.AddPairDataInChunks(url_chunk_msg, sizeof(url_chunk_msg) - 1, | |
555 info.crash_url, std::min(info.crash_url_length, kMaxUrlLength), | |
556 MimeWriter::kMaxCrashChunkSize, false /* Don't strip whitespaces. */); | |
557 } | |
558 | |
559 if (my_strlen(child_process_logging::g_channel)) { | |
560 writer.AddPairString("channel", child_process_logging::g_channel); | |
561 writer.AddBoundary(); | |
562 writer.Flush(); | |
563 } | |
564 | |
565 if (my_strlen(child_process_logging::g_num_views)) { | |
566 writer.AddPairString("num-views", child_process_logging::g_num_views); | |
567 writer.AddBoundary(); | |
568 writer.Flush(); | |
569 } | |
570 | |
571 if (my_strlen(child_process_logging::g_num_extensions)) { | |
572 writer.AddPairString("num-extensions", | |
573 child_process_logging::g_num_extensions); | |
574 writer.AddBoundary(); | |
575 writer.Flush(); | |
576 } | |
577 | |
578 unsigned extension_ids_len = | |
579 my_strlen(child_process_logging::g_extension_ids); | |
580 if (extension_ids_len) { | |
581 static const char extension_msg[] = "extension-"; | |
582 static const unsigned kMaxExtensionsLen = | |
583 kMaxReportedActiveExtensions * child_process_logging::kExtensionLen; | |
584 writer.AddPairDataInChunks(extension_msg, sizeof(extension_msg) - 1, | |
585 child_process_logging::g_extension_ids, | |
586 std::min(extension_ids_len, kMaxExtensionsLen), | |
587 child_process_logging::kExtensionLen, | |
588 false /* Don't strip whitespace. */); | |
589 } | |
590 | |
591 unsigned printer_info_len = | |
592 my_strlen(child_process_logging::g_printer_info); | |
593 if (printer_info_len) { | |
594 static const char printer_info_msg[] = "prn-info-"; | |
595 static const unsigned kMaxPrnInfoLen = | |
596 kMaxReportedPrinterRecords * child_process_logging::kPrinterInfoStrLen; | |
597 writer.AddPairDataInChunks(printer_info_msg, sizeof(printer_info_msg) - 1, | |
598 child_process_logging::g_printer_info, | |
599 std::min(printer_info_len, kMaxPrnInfoLen), | |
600 child_process_logging::kPrinterInfoStrLen, | |
601 true); | |
602 } | |
603 | |
604 if (my_strlen(child_process_logging::g_num_switches)) { | |
605 writer.AddPairString("num-switches", | |
606 child_process_logging::g_num_switches); | |
607 writer.AddBoundary(); | |
608 writer.Flush(); | |
609 } | |
610 | |
611 unsigned switches_len = | |
612 my_strlen(child_process_logging::g_switches); | |
613 if (switches_len) { | |
614 static const char switch_msg[] = "switch-"; | |
615 static const unsigned kMaxSwitchLen = | |
616 kMaxSwitches * child_process_logging::kSwitchLen; | |
617 writer.AddPairDataInChunks(switch_msg, sizeof(switch_msg) - 1, | |
618 child_process_logging::g_switches, | |
619 std::min(switches_len, kMaxSwitchLen), | |
620 child_process_logging::kSwitchLen, | |
621 true /* Strip whitespace since switches are padded to kSwitchLen. */); | |
622 } | |
623 | |
624 if (info.oom_size) { | |
625 char oom_size_str[kUint64StringSize]; | |
626 const unsigned oom_size_len = my_uint64_len(info.oom_size); | |
627 my_uint64tos(oom_size_str, info.oom_size, oom_size_len); | |
628 static const char oom_size_msg[] = "oom-size"; | |
629 writer.AddPairData(oom_size_msg, sizeof(oom_size_msg) - 1, | |
630 oom_size_str, oom_size_len); | |
631 writer.AddBoundary(); | |
632 writer.Flush(); | |
633 } | |
634 | |
635 writer.AddFileDump(dump_data, st.st_size); | |
636 writer.AddEnd(); | |
637 writer.Flush(); | |
638 | |
639 IGNORE_RET(sys_close(temp_file_fd)); | |
640 | |
641 if (!info.upload) | |
642 return; | |
643 | |
644 // The --header argument to wget looks like: | |
645 // --header=Content-Type: multipart/form-data; boundary=XYZ | |
646 // where the boundary has two fewer leading '-' chars | |
647 static const char header_msg[] = | |
648 "--header=Content-Type: multipart/form-data; boundary="; | |
649 char* const header = reinterpret_cast<char*>(allocator.Alloc( | |
650 sizeof(header_msg) - 1 + sizeof(mime_boundary) - 2)); | |
651 memcpy(header, header_msg, sizeof(header_msg) - 1); | |
652 memcpy(header + sizeof(header_msg) - 1, mime_boundary + 2, | |
653 sizeof(mime_boundary) - 2); | |
654 // We grab the NUL byte from the end of |mime_boundary|. | |
655 | |
656 // The --post-file argument to wget looks like: | |
657 // --post-file=/tmp/... | |
658 static const char post_file_msg[] = "--post-file="; | |
659 char* const post_file = reinterpret_cast<char*>(allocator.Alloc( | |
660 sizeof(post_file_msg) - 1 + sizeof(temp_file))); | |
661 memcpy(post_file, post_file_msg, sizeof(post_file_msg) - 1); | |
662 memcpy(post_file + sizeof(post_file_msg) - 1, temp_file, sizeof(temp_file)); | |
663 | |
664 const pid_t child = sys_fork(); | |
665 if (!child) { | |
666 // Spawned helper process. | |
667 // | |
668 // This code is called both when a browser is crashing (in which case, | |
669 // nothing really matters any more) and when a renderer/plugin crashes, in | |
670 // which case we need to continue. | |
671 // | |
672 // Since we are a multithreaded app, if we were just to fork(), we might | |
673 // grab file descriptors which have just been created in another thread and | |
674 // hold them open for too long. | |
675 // | |
676 // Thus, we have to loop and try and close everything. | |
677 const int fd = sys_open("/proc/self/fd", O_DIRECTORY | O_RDONLY, 0); | |
678 if (fd < 0) { | |
679 for (unsigned i = 3; i < 8192; ++i) | |
680 IGNORE_RET(sys_close(i)); | |
681 } else { | |
682 google_breakpad::DirectoryReader reader(fd); | |
683 const char* name; | |
684 while (reader.GetNextEntry(&name)) { | |
685 int i; | |
686 if (my_strtoui(&i, name) && i > 2 && i != fd) | |
687 IGNORE_RET(sys_close(i)); | |
688 reader.PopEntry(); | |
689 } | |
690 | |
691 IGNORE_RET(sys_close(fd)); | |
692 } | |
693 | |
694 IGNORE_RET(sys_setsid()); | |
695 | |
696 // Leave one end of a pipe in the wget process and watch for it getting | |
697 // closed by the wget process exiting. | |
698 int fds[2]; | |
699 if (sys_pipe(fds) >= 0) { | |
700 const pid_t wget_child = sys_fork(); | |
701 if (!wget_child) { | |
702 // Wget process. | |
703 IGNORE_RET(sys_close(fds[0])); | |
704 IGNORE_RET(sys_dup2(fds[1], 3)); | |
705 static const char* const kWgetBinary = "/usr/bin/wget"; | |
706 const char* args[] = { | |
707 kWgetBinary, | |
708 header, | |
709 post_file, | |
710 kUploadURL, | |
711 "--timeout=10", // Set a timeout so we don't hang forever. | |
712 "--tries=1", // Don't retry if the upload fails. | |
713 "-O", // output reply to fd 3 | |
714 "/dev/fd/3", | |
715 NULL, | |
716 }; | |
717 | |
718 execve(kWgetBinary, const_cast<char**>(args), environ); | |
719 static const char msg[] = "Cannot upload crash dump: cannot exec " | |
720 "/usr/bin/wget\n"; | |
721 sys_write(2, msg, sizeof(msg) - 1); | |
722 sys__exit(1); | |
723 } | |
724 | |
725 // Helper process. | |
726 if (wget_child > 0) { | |
727 IGNORE_RET(sys_close(fds[1])); | |
728 char id_buf[17]; // Crash report IDs are expected to be 16 chars. | |
729 ssize_t len = -1; | |
730 // Wget should finish in about 10 seconds. Add a few more 500 ms | |
731 // internals to account for process startup time. | |
732 for (size_t wait_count = 0; wait_count < 24; ++wait_count) { | |
733 struct kernel_pollfd poll_fd; | |
734 poll_fd.fd = fds[0]; | |
735 poll_fd.events = POLLIN | POLLPRI | POLLERR; | |
736 int ret = sys_poll(&poll_fd, 1, 500); | |
737 if (ret < 0) { | |
738 // Error | |
739 break; | |
740 } else if (ret > 0) { | |
741 // There is data to read. | |
742 len = HANDLE_EINTR(sys_read(fds[0], id_buf, sizeof(id_buf) - 1)); | |
743 break; | |
744 } | |
745 // ret == 0 -> timed out, continue waiting. | |
746 } | |
747 if (len > 0) { | |
748 // Write crash dump id to stderr. | |
749 id_buf[len] = 0; | |
750 static const char msg[] = "\nCrash dump id: "; | |
751 sys_write(2, msg, sizeof(msg) - 1); | |
752 sys_write(2, id_buf, my_strlen(id_buf)); | |
753 sys_write(2, "\n", 1); | |
754 | |
755 // Write crash dump id to crash log as: seconds_since_epoch,crash_id | |
756 struct kernel_timeval tv; | |
757 if (g_crash_log_path && !sys_gettimeofday(&tv, NULL)) { | |
758 uint64_t time = kernel_timeval_to_ms(&tv) / 1000; | |
759 char time_str[kUint64StringSize]; | |
760 const unsigned time_len = my_uint64_len(time); | |
761 my_uint64tos(time_str, time, time_len); | |
762 | |
763 int log_fd = sys_open(g_crash_log_path, | |
764 O_CREAT | O_WRONLY | O_APPEND, | |
765 0600); | |
766 if (log_fd > 0) { | |
767 sys_write(log_fd, time_str, time_len); | |
768 sys_write(log_fd, ",", 1); | |
769 sys_write(log_fd, id_buf, my_strlen(id_buf)); | |
770 sys_write(log_fd, "\n", 1); | |
771 IGNORE_RET(sys_close(log_fd)); | |
772 } | |
773 } | |
774 } | |
775 if (sys_waitpid(wget_child, NULL, WNOHANG) == 0) { | |
776 // Wget process is still around, kill it. | |
777 sys_kill(wget_child, SIGKILL); | |
778 } | |
779 } | |
780 } | |
781 | |
782 // Helper process. | |
783 IGNORE_RET(sys_unlink(info.filename)); | |
784 IGNORE_RET(sys_unlink(temp_file)); | |
785 sys__exit(0); | |
786 } | |
787 | |
788 // Main browser process. | |
789 if (child <= 0) | |
790 return; | |
791 HANDLE_EINTR(sys_waitpid(child, NULL, 0)); | |
792 } | |
793 | |
794 static bool CrashDone(const char* dump_path, | |
795 const char* minidump_id, | |
796 const bool upload, | |
797 const bool succeeded) { | |
798 // WARNING: this code runs in a compromised context. It may not call into | |
799 // libc nor allocate memory normally. | |
800 if (!succeeded) | |
801 return false; | |
802 | |
803 google_breakpad::PageAllocator allocator; | |
804 const unsigned dump_path_len = my_strlen(dump_path); | |
805 const unsigned minidump_id_len = my_strlen(minidump_id); | |
806 char* const path = reinterpret_cast<char*>(allocator.Alloc( | |
807 dump_path_len + 1 /* '/' */ + minidump_id_len + | |
808 4 /* ".dmp" */ + 1 /* NUL */)); | |
809 memcpy(path, dump_path, dump_path_len); | |
810 path[dump_path_len] = '/'; | |
811 memcpy(path + dump_path_len + 1, minidump_id, minidump_id_len); | |
812 memcpy(path + dump_path_len + 1 + minidump_id_len, ".dmp", 4); | |
813 path[dump_path_len + 1 + minidump_id_len + 4] = 0; | |
814 | |
815 BreakpadInfo info; | |
816 info.filename = path; | |
817 info.process_type = "browser"; | |
818 info.process_type_length = 7; | |
819 info.crash_url = NULL; | |
820 info.crash_url_length = 0; | |
821 info.guid = child_process_logging::g_client_id; | |
822 info.guid_length = my_strlen(child_process_logging::g_client_id); | |
823 info.distro = base::g_linux_distro; | |
824 info.distro_length = my_strlen(base::g_linux_distro); | |
825 info.upload = upload; | |
826 info.process_start_time = g_process_start_time; | |
827 info.oom_size = base::g_oom_size; | |
828 HandleCrashDump(info); | |
829 return true; | |
830 } | |
831 | |
832 // Wrapper function, do not add more code here. | |
833 static bool CrashDoneNoUpload(const char* dump_path, | |
834 const char* minidump_id, | |
835 void* context, | |
836 bool succeeded) { | |
837 return CrashDone(dump_path, minidump_id, false, succeeded); | |
838 } | |
839 | |
840 // Wrapper function, do not add more code here. | |
841 static bool CrashDoneUpload(const char* dump_path, | |
842 const char* minidump_id, | |
843 void* context, | |
844 bool succeeded) { | |
845 return CrashDone(dump_path, minidump_id, true, succeeded); | |
846 } | |
847 | |
848 void EnableCrashDumping(const bool unattended) { | |
849 g_is_crash_reporter_enabled = true; | |
850 | |
851 FilePath tmp_path("/tmp"); | |
852 PathService::Get(base::DIR_TEMP, &tmp_path); | |
853 | |
854 FilePath dumps_path(tmp_path); | |
855 if (PathService::Get(chrome::DIR_CRASH_DUMPS, &dumps_path)) { | |
856 FilePath logfile = | |
857 dumps_path.AppendASCII(CrashUploadList::kReporterLogFilename); | |
858 std::string logfile_str = logfile.value(); | |
859 const size_t crash_log_path_len = logfile_str.size() + 1; | |
860 g_crash_log_path = new char[crash_log_path_len]; | |
861 strncpy(g_crash_log_path, logfile_str.c_str(), crash_log_path_len); | |
862 } | |
863 | |
864 DCHECK(!g_breakpad); | |
865 if (unattended) { | |
866 g_breakpad = new google_breakpad::ExceptionHandler( | |
867 dumps_path.value().c_str(), | |
868 NULL, | |
869 CrashDoneNoUpload, | |
870 NULL, | |
871 true /* install handlers */); | |
872 } else { | |
873 g_breakpad = new google_breakpad::ExceptionHandler( | |
874 tmp_path.value().c_str(), | |
875 NULL, | |
876 CrashDoneUpload, | |
877 NULL, | |
878 true /* install handlers */); | |
879 } | |
880 } | |
881 | |
882 // Non-Browser = Extension, Gpu, Plugins, Ppapi and Renderer | |
883 static bool NonBrowserCrashHandler(const void* crash_context, | |
884 size_t crash_context_size, | |
885 void* context) { | |
886 const int fd = reinterpret_cast<intptr_t>(context); | |
887 int fds[2] = { -1, -1 }; | |
888 if (sys_socketpair(AF_UNIX, SOCK_STREAM, 0, fds) < 0) { | |
889 static const char msg[] = "Failed to create socket for crash dumping.\n"; | |
890 sys_write(2, msg, sizeof(msg)-1); | |
891 return false; | |
892 } | |
893 | |
894 // On kernels with ptrace protection, e.g. Ubuntu 10.10+, the browser cannot | |
895 // ptrace this crashing process and crash dumping will fail. When using the | |
896 // SUID sandbox, this crashing process is likely to be in its own PID | |
897 // namespace, and thus there is no way to permit only the browser process to | |
898 // ptrace it. | |
899 // The workaround is to allow all processes to ptrace this process if we | |
900 // reach this point, by passing -1 as the allowed PID. However, support for | |
901 // passing -1 as the PID won't reach kernels until around the Ubuntu 12.04 | |
902 // timeframe. | |
903 sys_prctl(PR_SET_PTRACER, -1); | |
904 | |
905 // Start constructing the message to send to the browser. | |
906 char guid[kGuidSize + 1] = {0}; | |
907 char crash_url[kMaxActiveURLSize + 1] = {0}; | |
908 char distro[kDistroSize + 1] = {0}; | |
909 const size_t guid_len = | |
910 std::min(my_strlen(child_process_logging::g_client_id), kGuidSize); | |
911 const size_t crash_url_len = | |
912 std::min(my_strlen(child_process_logging::g_active_url), | |
913 kMaxActiveURLSize); | |
914 const size_t distro_len = | |
915 std::min(my_strlen(base::g_linux_distro), kDistroSize); | |
916 memcpy(guid, child_process_logging::g_client_id, guid_len); | |
917 memcpy(crash_url, child_process_logging::g_active_url, crash_url_len); | |
918 memcpy(distro, base::g_linux_distro, distro_len); | |
919 | |
920 char b; // Dummy variable for sys_read below. | |
921 const char* b_addr = &b; // Get the address of |b| so we can create the | |
922 // expected /proc/[pid]/syscall content in the | |
923 // browser to convert namespace tids. | |
924 | |
925 // The length of the control message: | |
926 static const unsigned kControlMsgSize = sizeof(fds); | |
927 static const unsigned kControlMsgSpaceSize = CMSG_SPACE(kControlMsgSize); | |
928 static const unsigned kControlMsgLenSize = CMSG_LEN(kControlMsgSize); | |
929 | |
930 const size_t kIovSize = 8; | |
931 struct kernel_msghdr msg; | |
932 my_memset(&msg, 0, sizeof(struct kernel_msghdr)); | |
933 struct kernel_iovec iov[kIovSize]; | |
934 iov[0].iov_base = const_cast<void*>(crash_context); | |
935 iov[0].iov_len = crash_context_size; | |
936 iov[1].iov_base = guid; | |
937 iov[1].iov_len = kGuidSize + 1; | |
938 iov[2].iov_base = crash_url; | |
939 iov[2].iov_len = kMaxActiveURLSize + 1; | |
940 iov[3].iov_base = distro; | |
941 iov[3].iov_len = kDistroSize + 1; | |
942 iov[4].iov_base = &b_addr; | |
943 iov[4].iov_len = sizeof(b_addr); | |
944 iov[5].iov_base = &fds[0]; | |
945 iov[5].iov_len = sizeof(fds[0]); | |
946 iov[6].iov_base = &g_process_start_time; | |
947 iov[6].iov_len = sizeof(g_process_start_time); | |
948 iov[7].iov_base = &base::g_oom_size; | |
949 iov[7].iov_len = sizeof(base::g_oom_size); | |
950 | |
951 msg.msg_iov = iov; | |
952 msg.msg_iovlen = kIovSize; | |
953 char cmsg[kControlMsgSpaceSize]; | |
954 my_memset(cmsg, 0, kControlMsgSpaceSize); | |
955 msg.msg_control = cmsg; | |
956 msg.msg_controllen = sizeof(cmsg); | |
957 | |
958 struct cmsghdr *hdr = CMSG_FIRSTHDR(&msg); | |
959 hdr->cmsg_level = SOL_SOCKET; | |
960 hdr->cmsg_type = SCM_RIGHTS; | |
961 hdr->cmsg_len = kControlMsgLenSize; | |
962 ((int*) CMSG_DATA(hdr))[0] = fds[0]; | |
963 ((int*) CMSG_DATA(hdr))[1] = fds[1]; | |
964 | |
965 if (HANDLE_EINTR(sys_sendmsg(fd, &msg, 0)) < 0) { | |
966 static const char errmsg[] = "Failed to tell parent about crash.\n"; | |
967 sys_write(2, errmsg, sizeof(errmsg)-1); | |
968 IGNORE_RET(sys_close(fds[1])); | |
969 return false; | |
970 } | |
971 IGNORE_RET(sys_close(fds[1])); | |
972 | |
973 if (HANDLE_EINTR(sys_read(fds[0], &b, 1)) != 1) { | |
974 static const char errmsg[] = "Parent failed to complete crash dump.\n"; | |
975 sys_write(2, errmsg, sizeof(errmsg)-1); | |
976 } | |
977 | |
978 return true; | |
979 } | |
980 | |
981 void EnableNonBrowserCrashDumping() { | |
982 const int fd = base::GlobalDescriptors::GetInstance()->Get(kCrashDumpSignal); | |
983 g_is_crash_reporter_enabled = true; | |
984 // We deliberately leak this object. | |
985 DCHECK(!g_breakpad); | |
986 g_breakpad = new google_breakpad::ExceptionHandler( | |
987 "" /* unused */, NULL, NULL, reinterpret_cast<void*>(fd), true); | |
988 g_breakpad->set_crash_handler(NonBrowserCrashHandler); | |
989 } | |
990 | |
991 void InitCrashReporter() { | |
992 // Determine the process type and take appropriate action. | |
993 const CommandLine& parsed_command_line = *CommandLine::ForCurrentProcess(); | |
994 if (parsed_command_line.HasSwitch(switches::kDisableBreakpad)) | |
995 return; | |
996 | |
997 const std::string process_type = | |
998 parsed_command_line.GetSwitchValueASCII(switches::kProcessType); | |
999 if (process_type.empty()) { | |
1000 EnableCrashDumping(getenv(env_vars::kHeadless) != NULL); | |
1001 } else if (process_type == switches::kRendererProcess || | |
1002 process_type == switches::kPluginProcess || | |
1003 process_type == switches::kPpapiPluginProcess || | |
1004 process_type == switches::kZygoteProcess || | |
1005 process_type == switches::kGpuProcess) { | |
1006 // We might be chrooted in a zygote or renderer process so we cannot call | |
1007 // GetCollectStatsConsent because that needs access the the user's home | |
1008 // dir. Instead, we set a command line flag for these processes. | |
1009 // Even though plugins are not chrooted, we share the same code path for | |
1010 // simplicity. | |
1011 if (!parsed_command_line.HasSwitch(switches::kEnableCrashReporter)) | |
1012 return; | |
1013 // Get the guid and linux distro from the command line switch. | |
1014 std::string switch_value = | |
1015 parsed_command_line.GetSwitchValueASCII(switches::kEnableCrashReporter); | |
1016 size_t separator = switch_value.find(","); | |
1017 if (separator != std::string::npos) { | |
1018 child_process_logging::SetClientId(switch_value.substr(0, separator)); | |
1019 base::SetLinuxDistro(switch_value.substr(separator + 1)); | |
1020 } else { | |
1021 child_process_logging::SetClientId(switch_value); | |
1022 } | |
1023 EnableNonBrowserCrashDumping(); | |
1024 } | |
1025 | |
1026 // Set the base process start time value. | |
1027 struct timeval tv; | |
1028 if (!gettimeofday(&tv, NULL)) | |
1029 g_process_start_time = timeval_to_ms(&tv); | |
1030 else | |
1031 g_process_start_time = 0; | |
1032 | |
1033 logging::SetDumpWithoutCrashingFunction(&DumpProcess); | |
1034 } | |
1035 | |
1036 bool IsCrashReporterEnabled() { | |
1037 return g_is_crash_reporter_enabled; | |
1038 } | |
OLD | NEW |