chrome/browser/zygote_main_linux.cc - Issue 149462: Linux: have the sandbox binary create the sandbox directory.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/zygote_main_linux.cc

Issue 149462: Linux: have the sandbox binary create the sandbox directory. (Closed)

Patch Set: ... Created 11 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/zygote_main_linux.cc

diff --git a/chrome/browser/zygote_main_linux.cc b/chrome/browser/zygote_main_linux.cc

index c6854e9a8bbe0910f73ec76153cd572fa7dc6466..9b8ef98bdc72a35a3283e52be75a258422df94fe 100644

--- a/chrome/browser/zygote_main_linux.cc

+++ b/chrome/browser/zygote_main_linux.cc

@@ -215,16 +215,35 @@ static bool MaybeEnterChroot() {

static const char kChrootMe = 'C';

static const char kChrootMeSuccess = 'O';

- if (HANDLE_EINTR(write(fd, &kChrootMe, 1)) != 1)

+ if (HANDLE_EINTR(write(fd, &kChrootMe, 1)) != 1) {

+ LOG(ERROR) << "Failed to write to chroot pipe: " << errno;

return false;

+ }

char reply;

- if (HANDLE_EINTR(read(fd, &reply, 1)) != 1)

+ std::vector<int> fds;

+ if (!base::RecvMsg(fd, &reply, 1, &fds)) {

+ LOG(ERROR) << "Failed to read from chroot pipe: " << errno;

+ return false;

+ }

+ if (reply != kChrootMeSuccess) {

+ LOG(ERROR) << "Error code reply from chroot helper";

+ for (size_t i = 0; i < fds.size(); ++i)

+ HANDLE_EINTR(close(fds[i]));

return false;

- if (reply != kChrootMeSuccess)

+ }

+ if (fds.size() != 1) {

+ LOG(ERROR) << "Bad number of file descriptors from chroot helper";

+ for (size_t i = 0; i < fds.size(); ++i)

+ HANDLE_EINTR(close(fds[i]));

return false;

- if (chdir("/") == -1)

+ }

+ if (fchdir(fds[0]) == -1) {

+ LOG(ERROR) << "Failed to chdir to root directory: " << errno;

+ HANDLE_EINTR(close(fds[0]));

return false;

+ }

+ HANDLE_EINTR(close(fds[0]));

static const int kMagicSandboxIPCDescriptor = 5;

SkiaFontConfigUseIPCImplementation(kMagicSandboxIPCDescriptor);

@@ -243,8 +262,10 @@ static bool MaybeEnterChroot() {

// exists at this point and we can set the non-dumpable flag which is

// inherited by all our renderer children.

prctl(PR_SET_DUMPABLE, 0, 0, 0, 0);

- if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0))

+ if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0)) {

+ LOG(ERROR) << "Failed to set non-dumpable flag";

return false;

+ }

} else {

SkiaFontConfigUseDirectImplementation();

}

« no previous file with comments | « chrome/browser/zygote_host_linux.cc ('k') | sandbox/linux/suid/sandbox.cc » ('j') | no next file with comments »