OLD | NEW |
---|---|
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <dirent.h> | 5 #include <dirent.h> |
6 #include <errno.h> | 6 #include <errno.h> |
7 #include <fcntl.h> | 7 #include <fcntl.h> |
8 #include <signal.h> | 8 #include <signal.h> |
9 #include <stdlib.h> | 9 #include <stdlib.h> |
10 #include <sys/resource.h> | 10 #include <sys/resource.h> |
(...skipping 206 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
217 if ((flags == -1) || (fcntl(i, F_SETFD, flags | FD_CLOEXEC) == -1)) { | 217 if ((flags == -1) || (fcntl(i, F_SETFD, flags | FD_CLOEXEC) == -1)) { |
218 DLOG(ERROR) << "fcntl failure."; | 218 DLOG(ERROR) << "fcntl failure."; |
219 } | 219 } |
220 } | 220 } |
221 } | 221 } |
222 | 222 |
223 bool LaunchApp(const std::vector<std::string>& argv, | 223 bool LaunchApp(const std::vector<std::string>& argv, |
224 const environment_vector& environ, | 224 const environment_vector& environ, |
225 const file_handle_mapping_vector& fds_to_remap, | 225 const file_handle_mapping_vector& fds_to_remap, |
226 bool wait, ProcessHandle* process_handle) { | 226 bool wait, ProcessHandle* process_handle) { |
227 pid_t pid = fork(); | 227 // We call vfork() for additional performance (avoids touching the page |
228 // tables). This makes things a bit more dangerous since the child and | |
229 // parent share the same address space and stack. Try to do most of our | |
230 // operations before the fork, and hope that everything we do have to do | |
231 // will be ok... | |
232 bool use_vfork = (environ.size() == 0); | |
agl
2009/08/20 20:35:16
const
agl
2009/08/20 20:35:16
Comment about why we can't modify the environment
| |
233 | |
234 InjectiveMultimap fd_shuffle; | |
235 for (file_handle_mapping_vector::const_iterator | |
236 it = fds_to_remap.begin(); it != fds_to_remap.end(); ++it) { | |
237 fd_shuffle.push_back(InjectionArc(it->first, it->second, false)); | |
238 } | |
239 | |
240 scoped_array<char*> argv_cstr(new char*[argv.size() + 1]); | |
241 for (size_t i = 0; i < argv.size(); i++) | |
242 argv_cstr[i] = const_cast<char*>(argv[i].c_str()); | |
243 argv_cstr[argv.size()] = NULL; | |
244 | |
245 pid_t pid = use_vfork ? vfork() : fork(); | |
228 if (pid < 0) | 246 if (pid < 0) |
229 return false; | 247 return false; |
230 | 248 |
231 if (pid == 0) { | 249 if (pid == 0) { |
232 // Child process | 250 // Child process |
233 InjectiveMultimap fd_shuffle; | |
234 for (file_handle_mapping_vector::const_iterator | |
235 it = fds_to_remap.begin(); it != fds_to_remap.end(); ++it) { | |
236 fd_shuffle.push_back(InjectionArc(it->first, it->second, false)); | |
237 } | |
238 | 251 |
239 for (environment_vector::const_iterator it = environ.begin(); | 252 if (!use_vfork) { |
240 it != environ.end(); ++it) { | 253 for (environment_vector::const_iterator it = environ.begin(); |
241 if (it->first) { | 254 it != environ.end(); ++it) { |
242 if (it->second) { | 255 if (it->first) { |
243 setenv(it->first, it->second, 1); | 256 if (it->second) { |
244 } else { | 257 setenv(it->first, it->second, 1); |
245 unsetenv(it->first); | 258 } else { |
259 unsetenv(it->first); | |
260 } | |
246 } | 261 } |
247 } | 262 } |
248 } | 263 } |
249 | 264 |
250 // Obscure fork() rule: in the child, if you don't end up doing exec*(), | 265 // Obscure fork() rule: in the child, if you don't end up doing exec*(), |
251 // you call _exit() instead of exit(). This is because _exit() does not | 266 // you call _exit() instead of exit(). This is because _exit() does not |
252 // call any previously-registered (in the parent) exit handlers, which | 267 // call any previously-registered (in the parent) exit handlers, which |
253 // might do things like block waiting for threads that don't even exist | 268 // might do things like block waiting for threads that don't even exist |
254 // in the child. | 269 // in the child. |
255 if (!ShuffleFileDescriptors(fd_shuffle)) | 270 if (!ShuffleFileDescriptors(fd_shuffle)) |
256 _exit(127); | 271 _exit(127); |
257 | 272 |
258 // If we are using the SUID sandbox, it sets a magic environment variable | |
259 // ("SBX_D"), so we remove that variable from the environment here on the | |
260 // off chance that it's already set. | |
261 unsetenv("SBX_D"); | |
262 | |
263 CloseSuperfluousFds(fd_shuffle); | 273 CloseSuperfluousFds(fd_shuffle); |
264 | 274 |
265 scoped_array<char*> argv_cstr(new char*[argv.size() + 1]); | |
266 for (size_t i = 0; i < argv.size(); i++) | |
267 argv_cstr[i] = const_cast<char*>(argv[i].c_str()); | |
268 argv_cstr[argv.size()] = NULL; | |
269 execvp(argv_cstr[0], argv_cstr.get()); | 275 execvp(argv_cstr[0], argv_cstr.get()); |
270 LOG(ERROR) << "LaunchApp: exec failed!, argv_cstr[0] " << argv_cstr[0] | 276 LOG(ERROR) << "LaunchApp: exec failed!, argv_cstr[0] " << argv_cstr[0] |
271 << ", errno " << errno; | 277 << ", errno " << errno; |
272 _exit(127); | 278 _exit(127); |
273 } else { | 279 } else { |
274 // Parent process | 280 // Parent process |
275 if (wait) | 281 if (wait) |
276 HANDLE_EINTR(waitpid(pid, 0, 0)); | 282 HANDLE_EINTR(waitpid(pid, 0, 0)); |
277 | 283 |
278 if (process_handle) | 284 if (process_handle) |
(...skipping 345 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
624 const ProcessFilter* filter) { | 630 const ProcessFilter* filter) { |
625 bool exited_cleanly = | 631 bool exited_cleanly = |
626 WaitForProcessesToExit(executable_name, wait_milliseconds, | 632 WaitForProcessesToExit(executable_name, wait_milliseconds, |
627 filter); | 633 filter); |
628 if (!exited_cleanly) | 634 if (!exited_cleanly) |
629 KillProcesses(executable_name, exit_code, filter); | 635 KillProcesses(executable_name, exit_code, filter); |
630 return exited_cleanly; | 636 return exited_cleanly; |
631 } | 637 } |
632 | 638 |
633 } // namespace base | 639 } // namespace base |
OLD | NEW |