| OLD | NEW | 
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be | 
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. | 
| 4 | 4 | 
| 5 #include "mojo/runner/child_process.h" | 5 #include "mojo/runner/child_process.h" | 
| 6 | 6 | 
| 7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" | 
| 8 #include "base/bind.h" | 8 #include "base/bind.h" | 
| 9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" | 
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" | 
| 11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" | 
| 12 #include "base/i18n/icu_util.h" |  | 
| 13 #include "base/location.h" | 12 #include "base/location.h" | 
| 14 #include "base/logging.h" | 13 #include "base/logging.h" | 
| 15 #include "base/macros.h" | 14 #include "base/macros.h" | 
| 16 #include "base/memory/ref_counted.h" | 15 #include "base/memory/ref_counted.h" | 
| 17 #include "base/memory/scoped_ptr.h" | 16 #include "base/memory/scoped_ptr.h" | 
| 18 #include "base/message_loop/message_loop.h" | 17 #include "base/message_loop/message_loop.h" | 
| 19 #include "base/single_thread_task_runner.h" | 18 #include "base/single_thread_task_runner.h" | 
| 20 #include "base/synchronization/waitable_event.h" | 19 #include "base/synchronization/waitable_event.h" | 
| 21 #include "base/thread_task_runner_handle.h" | 20 #include "base/thread_task_runner_handle.h" | 
| 22 #include "base/threading/thread.h" | 21 #include "base/threading/thread.h" | 
| 23 #include "base/threading/thread_checker.h" | 22 #include "base/threading/thread_checker.h" | 
| 24 #include "mojo/message_pump/message_pump_mojo.h" | 23 #include "mojo/message_pump/message_pump_mojo.h" | 
| 25 #include "mojo/public/cpp/bindings/binding.h" | 24 #include "mojo/public/cpp/bindings/binding.h" | 
| 26 #include "mojo/public/cpp/system/core.h" | 25 #include "mojo/public/cpp/system/core.h" | 
| 27 #include "mojo/runner/child/child_controller.mojom.h" | 26 #include "mojo/runner/child/child_controller.mojom.h" | 
| 28 #include "mojo/runner/init.h" |  | 
| 29 #include "mojo/runner/native_application_support.h" | 27 #include "mojo/runner/native_application_support.h" | 
| 30 #include "mojo/runner/switches.h" | 28 #include "mojo/runner/switches.h" | 
| 31 #include "third_party/mojo/src/mojo/edk/embedder/embedder.h" | 29 #include "third_party/mojo/src/mojo/edk/embedder/embedder.h" | 
| 32 #include "third_party/mojo/src/mojo/edk/embedder/platform_channel_pair.h" | 30 #include "third_party/mojo/src/mojo/edk/embedder/platform_channel_pair.h" | 
| 33 #include "third_party/mojo/src/mojo/edk/embedder/process_delegate.h" | 31 #include "third_party/mojo/src/mojo/edk/embedder/process_delegate.h" | 
| 34 #include "third_party/mojo/src/mojo/edk/embedder/scoped_platform_handle.h" | 32 #include "third_party/mojo/src/mojo/edk/embedder/scoped_platform_handle.h" | 
| 35 | 33 | 
| 36 #if defined(OS_LINUX) && !defined(OS_ANDROID) | 34 #if defined(OS_LINUX) && !defined(OS_ANDROID) | 
| 37 #include "base/rand_util.h" | 35 #include "base/rand_util.h" | 
| 38 #include "base/sys_info.h" | 36 #include "base/sys_info.h" | 
| (...skipping 248 matching lines...) Expand 10 before | Expand all | Expand 10 after  Loading... | 
| 287 #if defined(OS_LINUX) && !defined(OS_ANDROID) | 285 #if defined(OS_LINUX) && !defined(OS_ANDROID) | 
| 288   using sandbox::syscall_broker::BrokerFilePermission; | 286   using sandbox::syscall_broker::BrokerFilePermission; | 
| 289   scoped_ptr<mandoline::LinuxSandbox> sandbox; | 287   scoped_ptr<mandoline::LinuxSandbox> sandbox; | 
| 290 #endif | 288 #endif | 
| 291   base::NativeLibrary app_library = 0; | 289   base::NativeLibrary app_library = 0; | 
| 292   if (command_line.HasSwitch(switches::kChildProcess)) { | 290   if (command_line.HasSwitch(switches::kChildProcess)) { | 
| 293     // Load the application library before we engage the sandbox. | 291     // Load the application library before we engage the sandbox. | 
| 294     app_library = mojo::runner::LoadNativeApplication( | 292     app_library = mojo::runner::LoadNativeApplication( | 
| 295         command_line.GetSwitchValuePath(switches::kChildProcess)); | 293         command_line.GetSwitchValuePath(switches::kChildProcess)); | 
| 296 | 294 | 
| 297     base::i18n::InitializeICU(); |  | 
| 298     CallLibraryEarlyInitialization(app_library); |  | 
| 299 |  | 
| 300 #if defined(OS_LINUX) && !defined(OS_ANDROID) | 295 #if defined(OS_LINUX) && !defined(OS_ANDROID) | 
| 301     if (command_line.HasSwitch(switches::kEnableSandbox)) { | 296     if (command_line.HasSwitch(switches::kEnableSandbox)) { | 
| 302       // Warm parts of base in the copy of base in the mojo runner. | 297       // Warm parts of base. | 
| 303       base::RandUint64(); | 298       base::RandUint64(); | 
| 304       base::SysInfo::AmountOfPhysicalMemory(); | 299       base::SysInfo::AmountOfPhysicalMemory(); | 
| 305       base::SysInfo::MaxSharedMemorySize(); | 300       base::SysInfo::MaxSharedMemorySize(); | 
| 306       base::SysInfo::NumberOfProcessors(); | 301       base::SysInfo::NumberOfProcessors(); | 
| 307 | 302 | 
|  | 303       // Do whatever warming that the mojo application wants. | 
|  | 304       typedef void (*SandboxWarmFunction)(); | 
|  | 305       SandboxWarmFunction sandbox_warm = reinterpret_cast<SandboxWarmFunction>( | 
|  | 306           base::GetFunctionPointerFromNativeLibrary(app_library, | 
|  | 307                                                     "MojoSandboxWarm")); | 
|  | 308       if (sandbox_warm) | 
|  | 309         sandbox_warm(); | 
|  | 310 | 
| 308       // TODO(erg,jln): Allowing access to all of /dev/shm/ makes it easy to | 311       // TODO(erg,jln): Allowing access to all of /dev/shm/ makes it easy to | 
| 309       // spy on other shared memory using processes. This is a temporary hack | 312       // spy on other shared memory using processes. This is a temporary hack | 
| 310       // so that we have some sandbox until we have proper shared memory | 313       // so that we have some sandbox until we have proper shared memory | 
| 311       // support integrated into mojo. | 314       // support integrated into mojo. | 
| 312       std::vector<BrokerFilePermission> permissions; | 315       std::vector<BrokerFilePermission> permissions; | 
| 313       permissions.push_back( | 316       permissions.push_back( | 
| 314           BrokerFilePermission::ReadWriteCreateUnlinkRecursive("/dev/shm/")); | 317           BrokerFilePermission::ReadWriteCreateUnlinkRecursive("/dev/shm/")); | 
| 315       sandbox.reset(new mandoline::LinuxSandbox(permissions)); | 318       sandbox.reset(new mandoline::LinuxSandbox(permissions)); | 
| 316       sandbox->Warmup(); | 319       sandbox->Warmup(); | 
| 317       sandbox->EngageNamespaceSandbox(); | 320       sandbox->EngageNamespaceSandbox(); | 
| (...skipping 22 matching lines...) Expand all  Loading... | 
| 340   // This will block, then run whatever the controller wants. | 343   // This will block, then run whatever the controller wants. | 
| 341   blocker.Block(); | 344   blocker.Block(); | 
| 342 | 345 | 
| 343   app_context.Shutdown(); | 346   app_context.Shutdown(); | 
| 344 | 347 | 
| 345   return 0; | 348   return 0; | 
| 346 } | 349 } | 
| 347 | 350 | 
| 348 }  // namespace runner | 351 }  // namespace runner | 
| 349 }  // namespace mojo | 352 }  // namespace mojo | 
| OLD | NEW | 
|---|