Add UMA reports for Linux nacl_helper startup status

content/browser/zygote_main_linux.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/zygote_host_linux.h"
 
 #include <dlfcn.h>
 #include <fcntl.h>
 #include <pthread.h>
 #include <sys/socket.h>
@@ skipping 78 matching lines @@
 }
 #endif  // CHROMIUM_SELINUX
 
 // This is the object which implements the zygote. The ZygoteMain function,
 // which is called from ChromeMain, simply constructs one of these objects and
 // runs it.
 class Zygote {
  public:
   Zygote(int sandbox_flags, ZygoteForkDelegate* helper)
       : sandbox_flags_(sandbox_flags), helper_(helper) {
+    if (helper_)
+      helper_->InitialUMA(&initial_uma_name_,
+                          &initial_uma_sample_,
+                          &initial_uma_boundary_value_);
   }
 
   bool ProcessRequests() {
     // A SOCK_SEQPACKET socket is installed in fd 3. We get commands from the
     // browser on it.
     // A SOCK_DGRAM is installed in fd 5. This is the sandbox IPC channel.
     // See http://code.google.com/p/chromium/wiki/LinuxSandboxIPC
 
     // We need to accept SIGCHLD, even though our handler is a no-op because
     // otherwise we cannot wait on children. (According to POSIX 2001.)
@@ skipping 137 matching lines @@
     write_pickle.WriteInt(exit_code);
     ssize_t written =
         HANDLE_EINTR(write(fd, write_pickle.data(), write_pickle.size()));
     if (written != static_cast<ssize_t>(write_pickle.size()))
       PLOG(ERROR) << "write";
   }
 
   // This is equivalent to fork(), except that, when using the SUID
   // sandbox, it returns the real PID of the child process as it
   // appears outside the sandbox, rather than returning the PID inside
-  // the sandbox.
+  // the sandbox.  Optionally, it fills in uma_name et al with a report

[agl, 2011/10/19 16:17:27]

nit: only one space after a period (at least in this file by the looks of it).

[Roland McGrath, 2011/10/19 18:34:15]

Done.

+  // the helper wants to make via UMA_HISTOGRAM_ENUMERATION.
   int ForkWithRealPid(const std::string& process_type, std::vector<int>& fds,
-                      const std::string& channel_switch) {
-    const bool use_helper = (helper_ && helper_->CanHelp(process_type));
+                      const std::string& channel_switch,
+                      std::string* uma_name,
+                      int* uma_sample, int* uma_boundary_value) {
+    const bool use_helper = (helper_ && helper_->CanHelp(process_type,
+                                                         uma_name,
+                                                         uma_sample,
+                                                         uma_boundary_value));
     if (!(use_helper || g_suid_sandbox_active)) {
       return fork();
     }
 
     int dummy_fd;
     ino_t dummy_inode;
     int pipe_fds[2] = { -1, -1 };
     base::ProcessId pid = 0;
 
     dummy_fd = socket(PF_UNIX, SOCK_DGRAM, 0);
@@ skipping 105 matching lines @@
     if (pipe_fds[1] >= 0)
       close(pipe_fds[1]);
     return -1;
   }
 
   // Unpacks process type and arguments from |pickle| and forks a new process.
   // Returns -1 on error, otherwise returns twice, returning 0 to the child
   // process and the child process ID to the parent process, like fork().
   base::ProcessId ReadArgsAndFork(const Pickle& pickle,
                                   void* iter,
-                                  std::vector<int>& fds) {
+                                  std::vector<int>& fds,
+                                  std::string* uma_name,
+                                  int* uma_sample,
+                                  int* uma_boundary_value) {
     std::vector<std::string> args;
     int argc = 0;
     int numfds = 0;
     base::GlobalDescriptors::Mapping mapping;
     std::string process_type;
     std::string channel_id;
     const std::string channel_id_prefix = std::string("--")
         + switches::kProcessChannelID + std::string("=");
 
     if (!pickle.ReadString(&iter, &process_type))
@@ skipping 19 matching lines @@
       base::GlobalDescriptors::Key key;
       if (!pickle.ReadUInt32(&iter, &key))
         return -1;
       mapping.push_back(std::make_pair(key, fds[i]));
     }
 
     mapping.push_back(std::make_pair(
         static_cast<uint32_t>(kSandboxIPCChannel), kMagicSandboxIPCDescriptor));
 
     // Returns twice, once per process.
-    base::ProcessId child_pid = ForkWithRealPid(process_type, fds, channel_id);
+    base::ProcessId child_pid = ForkWithRealPid(process_type, fds, channel_id,
+                                                uma_name, uma_sample,
+                                                uma_boundary_value);
     if (!child_pid) {
       // This is the child process.
 #if defined(SECCOMP_SANDBOX)
       if (SeccompSandboxEnabled() && g_proc_fd >= 0) {
         // Try to open /proc/self/maps as the seccomp sandbox needs access to it
         int proc_self_maps = openat(g_proc_fd, "self/maps", O_RDONLY);
         if (proc_self_maps >= 0) {
           SeccompSandboxSetProcSelfMaps(proc_self_maps);
         } else {
           PLOG(ERROR) << "openat(/proc/self/maps)";
@@ skipping 27 matching lines @@
     }
     return child_pid;
   }
 
   // Handle a 'fork' request from the browser: this means that the browser
   // wishes to start a new renderer.  Returns true if we are in a new process,
   // otherwise writes the child_pid back to the browser via |fd|.  Writes a
   // child_pid of -1 on error.
   bool HandleForkRequest(int fd, const Pickle& pickle,
                          void* iter, std::vector<int>& fds) {
-    base::ProcessId child_pid = ReadArgsAndFork(pickle, iter, fds);
+    std::string uma_name;
+    int uma_sample;
+    int uma_boundary_value;
+    base::ProcessId child_pid = ReadArgsAndFork(pickle, iter, fds,
+                                                &uma_name, &uma_sample,
+                                                &uma_boundary_value);
     if (child_pid == 0)
       return true;
     for (std::vector<int>::const_iterator
          i = fds.begin(); i != fds.end(); ++i)
       close(*i);
+    if (uma_name.empty()) {
+      // There is no UMA report from this particular fork.
+      // Use the initial UMA report if any, and clear that record for next time.
+      uma_name.swap(initial_uma_name_);

[agl, 2011/10/19 16:17:27]

Would these initial values not be returned for any fork that doesn't return its
own values? I think they might need to be cleared after returning them once.

[Roland McGrath, 2011/10/19 18:34:15]

It is cleared, as the comment says.  Using swap is the efficient way to do this.
 I added a comment pointing out that subtlety.

+      uma_sample = initial_uma_sample_;
+      uma_boundary_value = initial_uma_boundary_value_;
+    }
     // Must always send reply, as ZygoteHost blocks while waiting for it.
-    if (HANDLE_EINTR(write(fd, &child_pid, sizeof(child_pid))) < 0)
+    Pickle reply_pickle;
+    reply_pickle.WriteInt(child_pid);
+    reply_pickle.WriteString(uma_name);
+    if (!uma_name.empty()) {
+      reply_pickle.WriteInt(uma_sample);
+      reply_pickle.WriteInt(uma_boundary_value);
+    }
+    if (HANDLE_EINTR(write(fd, reply_pickle.data(), reply_pickle.size())) !=
+        (ssize_t) reply_pickle.size())
       PLOG(ERROR) << "write";
     return false;
   }
 
   bool HandleGetSandboxStatus(int fd, const Pickle& pickle, void* iter) {
     if (HANDLE_EINTR(write(fd, &sandbox_flags_, sizeof(sandbox_flags_)) !=
                      sizeof(sandbox_flags_))) {
       PLOG(ERROR) << "write";
     }
 
     return false;
   }
 
   // In the SUID sandbox, we try to use a new PID namespace. Thus the PIDs
   // fork() returns are not the real PIDs, so we need to map the Real PIDS
   // into the sandbox PID namespace.
   typedef base::hash_map<base::ProcessHandle, base::ProcessHandle> ProcessMap;
   ProcessMap real_pids_to_sandbox_pids;
 
   const int sandbox_flags_;
   ZygoteForkDelegate* helper_;
+
+  // These might be set by helper_->InitialUMA.  They supply a UMA
+  // enumeration sample we should report on the first fork.
+  std::string initial_uma_name_;
+  int initial_uma_sample_;
+  int initial_uma_boundary_value_;
 };
 
 // With SELinux we can carve out a precise sandbox, so we don't have to play
 // with intercepting libc calls.
 #if !defined(CHROMIUM_SELINUX)
 
 static void ProxyLocaltimeCallToBrowser(time_t input, struct tm* output,
                                         char* timezone_out,
                                         size_t timezone_out_len) {
   Pickle request;
@@ skipping 310 matching lines @@
       VLOG(1) << "Enabling experimental Seccomp sandbox.";
       sandbox_flags |= ZygoteHost::kSandboxSeccomp;
     }
   }
 #endif  // SECCOMP_SANDBOX
 
   Zygote zygote(sandbox_flags, forkdelegate);
   // This function call can return multiple times, once per fork().
   return zygote.ProcessRequests();
 }