Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(247)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/zygote_main_linux.cc

Issue 155366: Linux: don't bother passing the chroot directory fd to the zygote. (Closed)
Patch Set: Created 11 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | sandbox/linux/suid/sandbox.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <unistd.h> 5 #include <unistd.h>
6 #include <sys/epoll.h> 6 #include <sys/epoll.h>
7 #include <sys/types.h> 7 #include <sys/types.h>
8 #include <sys/socket.h> 8 #include <sys/socket.h>
9 #include <sys/signal.h> 9 #include <sys/signal.h>
10 #include <sys/prctl.h> 10 #include <sys/prctl.h>
(...skipping 203 matching lines...) Expand 10 before | Expand all | Expand 10 after
214 214
215 static const char kChrootMe = 'C'; 215 static const char kChrootMe = 'C';
216 static const char kChrootMeSuccess = 'O'; 216 static const char kChrootMeSuccess = 'O';
217 217
218 if (HANDLE_EINTR(write(fd, &kChrootMe, 1)) != 1) { 218 if (HANDLE_EINTR(write(fd, &kChrootMe, 1)) != 1) {
219 LOG(ERROR) << "Failed to write to chroot pipe: " << errno; 219 LOG(ERROR) << "Failed to write to chroot pipe: " << errno;
220 return false; 220 return false;
221 } 221 }
222 222
223 char reply; 223 char reply;
224 std::vector<int> fds; 224 if (HANDLE_EINTR(read(fd, &reply, 1)) != 1) {
225 if (!base::RecvMsg(fd, &reply, 1, &fds)) {
226 LOG(ERROR) << "Failed to read from chroot pipe: " << errno; 225 LOG(ERROR) << "Failed to read from chroot pipe: " << errno;
227 return false; 226 return false;
228 } 227 }
228
229 if (reply != kChrootMeSuccess) { 229 if (reply != kChrootMeSuccess) {
230 LOG(ERROR) << "Error code reply from chroot helper"; 230 LOG(ERROR) << "Error code reply from chroot helper";
231 for (size_t i = 0; i < fds.size(); ++i)
232 HANDLE_EINTR(close(fds[i]));
233 return false; 231 return false;
234 } 232 }
235 if (fds.size() != 1) {
236 LOG(ERROR) << "Bad number of file descriptors from chroot helper";
237 for (size_t i = 0; i < fds.size(); ++i)
238 HANDLE_EINTR(close(fds[i]));
239 return false;
240 }
241 if (fchdir(fds[0]) == -1) {
242 LOG(ERROR) << "Failed to chdir to root directory: " << errno;
243 HANDLE_EINTR(close(fds[0]));
244 return false;
245 }
246 HANDLE_EINTR(close(fds[0]));
247 233
248 static const int kMagicSandboxIPCDescriptor = 5; 234 static const int kMagicSandboxIPCDescriptor = 5;
249 SkiaFontConfigUseIPCImplementation(kMagicSandboxIPCDescriptor); 235 SkiaFontConfigUseIPCImplementation(kMagicSandboxIPCDescriptor);
250 236
251 // Previously, we required that the binary be non-readable. This causes the 237 // Previously, we required that the binary be non-readable. This causes the
252 // kernel to mark the process as non-dumpable at startup. The thinking was 238 // kernel to mark the process as non-dumpable at startup. The thinking was
253 // that, although we were putting the renderers into a PID namespace (with 239 // that, although we were putting the renderers into a PID namespace (with
254 // the SUID sandbox), they would nonetheless be in the /same/ PID 240 // the SUID sandbox), they would nonetheless be in the /same/ PID
255 // namespace. So they could ptrace each other unless they were non-dumpable. 241 // namespace. So they could ptrace each other unless they were non-dumpable.
256 // 242 //
(...skipping 19 matching lines...) Expand all
276 bool ZygoteMain(const MainFunctionParams& params) { 262 bool ZygoteMain(const MainFunctionParams& params) {
277 if (!MaybeEnterChroot()) { 263 if (!MaybeEnterChroot()) {
278 LOG(FATAL) << "Failed to enter sandbox. Fail safe abort. (errno: " 264 LOG(FATAL) << "Failed to enter sandbox. Fail safe abort. (errno: "
279 << errno << ")"; 265 << errno << ")";
280 return false; 266 return false;
281 } 267 }
282 268
283 Zygote zygote; 269 Zygote zygote;
284 return zygote.ProcessRequests(); 270 return zygote.ProcessRequests();
285 } 271 }
OLDNEW
« no previous file with comments | « no previous file | sandbox/linux/suid/sandbox.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698