Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(165)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/nacl/nacl_helper_linux.cc

Issue 10736017: Share the zygote's fopen overrides with nacl_helper. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rename Created 8 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/nacl/DEPS ('k') | content/content_browser.gypi » ('j') | content/content_browser.gypi » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // A mini-zygote specifically for Native Client. 5 // A mini-zygote specifically for Native Client.
6 6
7 #include "chrome/common/nacl_helper_linux.h" 7 #include "chrome/common/nacl_helper_linux.h"
8 8
9 #include <errno.h> 9 #include <errno.h>
10 #include <link.h> 10 #include <link.h>
(...skipping 10 matching lines...) Expand all
21 #include "base/eintr_wrapper.h" 21 #include "base/eintr_wrapper.h"
22 #include "base/global_descriptors_posix.h" 22 #include "base/global_descriptors_posix.h"
23 #include "base/logging.h" 23 #include "base/logging.h"
24 #include "base/message_loop.h" 24 #include "base/message_loop.h"
25 #include "base/posix/unix_domain_socket.h" 25 #include "base/posix/unix_domain_socket.h"
26 #include "base/rand_util.h" 26 #include "base/rand_util.h"
27 #include "chrome/nacl/nacl_listener.h" 27 #include "chrome/nacl/nacl_listener.h"
28 #include "crypto/nss_util.h" 28 #include "crypto/nss_util.h"
29 #include "ipc/ipc_descriptors.h" 29 #include "ipc/ipc_descriptors.h"
30 #include "ipc/ipc_switches.h" 30 #include "ipc/ipc_switches.h"
31 #include "sandbox/linux/services/libc_urandom_override.h"
31 32
32 namespace { 33 namespace {
33 34
34 // The child must mimic the behavior of zygote_main_linux.cc on the child 35 // The child must mimic the behavior of zygote_main_linux.cc on the child
35 // side of the fork. See zygote_main_linux.cc:HandleForkRequest from 36 // side of the fork. See zygote_main_linux.cc:HandleForkRequest from
36 // if (!child) { 37 // if (!child) {
37 // Note: this code doesn't attempt to support SELINUX or the SECCOMP sandbox. 38 // Note: this code doesn't attempt to support SELINUX or the SECCOMP sandbox.
38 void BecomeNaClLoader(const std::vector<int>& child_fds, 39 void BecomeNaClLoader(const std::vector<int>& child_fds,
39 size_t prereserved_sandbox_size) { 40 size_t prereserved_sandbox_size) {
40 VLOG(1) << "NaCl loader: setting up IPC descriptor"; 41 VLOG(1) << "NaCl loader: setting up IPC descriptor";
(...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after
193 LOG(ERROR) << "Could not parse reserved_at_zero argument value of " 194 LOG(ERROR) << "Could not parse reserved_at_zero argument value of "
194 << reserved_at_zero_switch_value; 195 << reserved_at_zero_switch_value;
195 } 196 }
196 return prereserved_sandbox_size; 197 return prereserved_sandbox_size;
197 } 198 }
198 199
199 int main(int argc, char *argv[]) { 200 int main(int argc, char *argv[]) {
200 CommandLine::Init(argc, argv); 201 CommandLine::Init(argc, argv);
201 base::AtExitManager exit_manager; 202 base::AtExitManager exit_manager;
202 base::RandUint64(); // acquire /dev/urandom fd before sandbox is raised 203 base::RandUint64(); // acquire /dev/urandom fd before sandbox is raised
204 #if !defined(CHROMIUM_SELINUX)
205 // Allows NSS to fopen() /dev/urandom.
206 sandbox::InitLibcUrandomOverrides();
207 #endif
203 #if defined(USE_NSS) 208 #if defined(USE_NSS)
204 // Configure NSS for use inside the NaCl process. 209 // Configure NSS for use inside the NaCl process.
205 // The fork check has not caused problems for NaCl, but this appears to be 210 // The fork check has not caused problems for NaCl, but this appears to be
206 // best practice (see other places LoadNSSLibraries is called.) 211 // best practice (see other places LoadNSSLibraries is called.)
207 crypto::DisableNSSForkCheck(); 212 crypto::DisableNSSForkCheck();
208 // Without this line on Linux, HMAC::Init will instantiate a singleton that 213 // Without this line on Linux, HMAC::Init will instantiate a singleton that
209 // in turn attempts to open a file. Disabling this behavior avoids a ~70 ms 214 // in turn attempts to open a file. Disabling this behavior avoids a ~70 ms
210 // stall the first time HMAC is used. 215 // stall the first time HMAC is used.
211 crypto::ForceNSSNoDBInit(); 216 crypto::ForceNSSNoDBInit();
212 // Load shared libraries before sandbox is raised. 217 // Load shared libraries before sandbox is raised.
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
252 } 257 }
253 } 258 }
254 // if fork fails, send PID=-1 to zygote 259 // if fork fails, send PID=-1 to zygote
255 if (!UnixDomainSocket::SendMsg(kNaClZygoteDescriptor, &badpid, 260 if (!UnixDomainSocket::SendMsg(kNaClZygoteDescriptor, &badpid,
256 sizeof(badpid), empty)) { 261 sizeof(badpid), empty)) {
257 LOG(ERROR) << "*** send() to zygote failed"; 262 LOG(ERROR) << "*** send() to zygote failed";
258 } 263 }
259 } 264 }
260 CHECK(false); // This routine must not return 265 CHECK(false); // This routine must not return
261 } 266 }
OLDNEW
« no previous file with comments | « chrome/nacl/DEPS ('k') | content/content_browser.gypi » ('j') | content/content_browser.gypi » ('J')

Powered by Google App Engine
This is Rietveld 408576698