| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/nacl/browser/nacl_process_host.h" | 5 #include "components/nacl/browser/nacl_process_host.h" |
| 6 | 6 |
| 7 #include <string.h> | 7 #include <string.h> |
| 8 #include <algorithm> | 8 #include <algorithm> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 61 #include "ppapi/shared_impl/ppapi_constants.h" | 61 #include "ppapi/shared_impl/ppapi_constants.h" |
| 62 #include "ppapi/shared_impl/ppapi_nacl_plugin_args.h" | 62 #include "ppapi/shared_impl/ppapi_nacl_plugin_args.h" |
| 63 | 63 |
| 64 #if defined(OS_POSIX) | 64 #if defined(OS_POSIX) |
| 65 | 65 |
| 66 #include <arpa/inet.h> | 66 #include <arpa/inet.h> |
| 67 #include <fcntl.h> | 67 #include <fcntl.h> |
| 68 #include <netinet/in.h> | 68 #include <netinet/in.h> |
| 69 #include <sys/socket.h> | 69 #include <sys/socket.h> |
| 70 | 70 |
| 71 #include "content/public/browser/zygote_handle_linux.h" | |
| 72 #include "ipc/ipc_channel_posix.h" | 71 #include "ipc/ipc_channel_posix.h" |
| 73 #elif defined(OS_WIN) | 72 #elif defined(OS_WIN) |
| 74 #include <windows.h> | 73 #include <windows.h> |
| 75 #include <winsock2.h> | 74 #include <winsock2.h> |
| 76 | 75 |
| 77 #include "base/threading/thread.h" | 76 #include "base/threading/thread.h" |
| 78 #include "base/win/scoped_handle.h" | 77 #include "base/win/scoped_handle.h" |
| 79 #include "components/nacl/browser/nacl_broker_service_win.h" | 78 #include "components/nacl/browser/nacl_broker_service_win.h" |
| 80 #include "components/nacl/common/nacl_debug_exception_handler_win.h" | 79 #include "components/nacl/common/nacl_debug_exception_handler_win.h" |
| 81 #include "content/public/common/sandbox_init.h" | 80 #include "content/public/common/sandbox_init.h" |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 149 return (base::win::OSInfo::GetInstance()->wow64_status() == | 148 return (base::win::OSInfo::GetInstance()->wow64_status() == |
| 150 base::win::OSInfo::WOW64_ENABLED); | 149 base::win::OSInfo::WOW64_ENABLED); |
| 151 } | 150 } |
| 152 | 151 |
| 153 } // namespace | 152 } // namespace |
| 154 | 153 |
| 155 #endif // defined(OS_WIN) | 154 #endif // defined(OS_WIN) |
| 156 | 155 |
| 157 namespace { | 156 namespace { |
| 158 | 157 |
| 159 #if defined(OS_POSIX) && !defined(OS_MACOSX) | |
| 160 content::ZygoteHandle g_nacl_zygote; | |
| 161 #endif // defined(OS_POSIX) && !defined(OS_MACOSX) | |
| 162 | |
| 163 // NOTE: changes to this class need to be reviewed by the security team. | 158 // NOTE: changes to this class need to be reviewed by the security team. |
| 164 class NaClSandboxedProcessLauncherDelegate | 159 class NaClSandboxedProcessLauncherDelegate |
| 165 : public content::SandboxedProcessLauncherDelegate { | 160 : public content::SandboxedProcessLauncherDelegate { |
| 166 public: | 161 public: |
| 167 NaClSandboxedProcessLauncherDelegate(ChildProcessHost* host) | 162 NaClSandboxedProcessLauncherDelegate(ChildProcessHost* host) |
| 168 #if defined(OS_POSIX) | 163 #if defined(OS_POSIX) |
| 169 : ipc_fd_(host->TakeClientFileDescriptor()) | 164 : ipc_fd_(host->TakeClientFileDescriptor()) |
| 170 #endif | 165 #endif |
| 171 {} | 166 {} |
| 172 | 167 |
| 173 ~NaClSandboxedProcessLauncherDelegate() override {} | 168 ~NaClSandboxedProcessLauncherDelegate() override {} |
| 174 | 169 |
| 175 #if defined(OS_WIN) | 170 #if defined(OS_WIN) |
| 176 void PostSpawnTarget(base::ProcessHandle process) override { | 171 void PostSpawnTarget(base::ProcessHandle process) override { |
| 177 // For Native Client sel_ldr processes on 32-bit Windows, reserve 1 GB of | 172 // For Native Client sel_ldr processes on 32-bit Windows, reserve 1 GB of |
| 178 // address space to prevent later failure due to address space fragmentation | 173 // address space to prevent later failure due to address space fragmentation |
| 179 // from .dll loading. The NaCl process will attempt to locate this space by | 174 // from .dll loading. The NaCl process will attempt to locate this space by |
| 180 // scanning the address space using VirtualQuery. | 175 // scanning the address space using VirtualQuery. |
| 181 // TODO(bbudge) Handle the --no-sandbox case. | 176 // TODO(bbudge) Handle the --no-sandbox case. |
| 182 // http://code.google.com/p/nativeclient/issues/detail?id=2131 | 177 // http://code.google.com/p/nativeclient/issues/detail?id=2131 |
| 183 const SIZE_T kNaClSandboxSize = 1 << 30; | 178 const SIZE_T kNaClSandboxSize = 1 << 30; |
| 184 if (!nacl::AllocateAddressSpaceASLR(process, kNaClSandboxSize)) { | 179 if (!nacl::AllocateAddressSpaceASLR(process, kNaClSandboxSize)) { |
| 185 DLOG(WARNING) << "Failed to reserve address space for Native Client"; | 180 DLOG(WARNING) << "Failed to reserve address space for Native Client"; |
| 186 } | 181 } |
| 187 } | 182 } |
| 188 #elif defined(OS_POSIX) | 183 #elif defined(OS_POSIX) |
| 189 #if !defined(OS_MACOSX) | 184 bool ShouldUseZygote() override { return true; } |
| 190 content::ZygoteHandle* GetZygote() override { return &g_nacl_zygote; } | |
| 191 #endif // !defined(OS_MACOSX) | |
| 192 | |
| 193 base::ScopedFD TakeIpcFd() override { return std::move(ipc_fd_); } | 185 base::ScopedFD TakeIpcFd() override { return std::move(ipc_fd_); } |
| 194 #endif // OS_WIN | 186 #endif // OS_WIN |
| 195 | 187 |
| 196 private: | 188 private: |
| 197 #if defined(OS_POSIX) | 189 #if defined(OS_POSIX) |
| 198 base::ScopedFD ipc_fd_; | 190 base::ScopedFD ipc_fd_; |
| 199 #endif // OS_POSIX | 191 #endif // OS_POSIX |
| 200 }; | 192 }; |
| 201 | 193 |
| 202 void SetCloseOnExec(NaClHandle fd) { | 194 void SetCloseOnExec(NaClHandle fd) { |
| (...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 418 cmd->GetSwitchValueASCII(switches::kNaClDebugMask); | 410 cmd->GetSwitchValueASCII(switches::kNaClDebugMask); |
| 419 // By default, exclude debugging SSH and the PNaCl translator. | 411 // By default, exclude debugging SSH and the PNaCl translator. |
| 420 // about::flags only allows empty flags as the default, so replace | 412 // about::flags only allows empty flags as the default, so replace |
| 421 // the empty setting with the default. To debug all apps, use a wild-card. | 413 // the empty setting with the default. To debug all apps, use a wild-card. |
| 422 if (nacl_debug_mask.empty()) { | 414 if (nacl_debug_mask.empty()) { |
| 423 nacl_debug_mask = "!*://*/*ssh_client.nmf,chrome://pnacl-translator/*"; | 415 nacl_debug_mask = "!*://*/*ssh_client.nmf,chrome://pnacl-translator/*"; |
| 424 } | 416 } |
| 425 NaClBrowser::GetDelegate()->SetDebugPatterns(nacl_debug_mask); | 417 NaClBrowser::GetDelegate()->SetDebugPatterns(nacl_debug_mask); |
| 426 } | 418 } |
| 427 | 419 |
| 428 #if defined(OS_POSIX) && !defined(OS_MACOSX) | |
| 429 // static | |
| 430 void NaClProcessHost::EarlyZygoteLaunch() { | |
| 431 DCHECK(!g_nacl_zygote); | |
| 432 g_nacl_zygote = content::CreateZygote(); | |
| 433 } | |
| 434 #endif // defined(OS_POSIX) && !defined(OS_MACOSX) | |
| 435 | |
| 436 // static | 420 // static |
| 437 void NaClProcessHost::SetPpapiKeepAliveThrottleForTesting( | 421 void NaClProcessHost::SetPpapiKeepAliveThrottleForTesting( |
| 438 unsigned milliseconds) { | 422 unsigned milliseconds) { |
| 439 keepalive_throttle_interval_milliseconds_ = milliseconds; | 423 keepalive_throttle_interval_milliseconds_ = milliseconds; |
| 440 } | 424 } |
| 441 | 425 |
| 442 void NaClProcessHost::Launch( | 426 void NaClProcessHost::Launch( |
| 443 NaClHostMessageFilter* nacl_host_message_filter, | 427 NaClHostMessageFilter* nacl_host_message_filter, |
| 444 IPC::Message* reply_msg, | 428 IPC::Message* reply_msg, |
| 445 const base::FilePath& manifest_path) { | 429 const base::FilePath& manifest_path) { |
| (...skipping 943 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1389 NaClStartDebugExceptionHandlerThread( | 1373 NaClStartDebugExceptionHandlerThread( |
| 1390 process.Pass(), info, base::ThreadTaskRunnerHandle::Get(), | 1374 process.Pass(), info, base::ThreadTaskRunnerHandle::Get(), |
| 1391 base::Bind(&NaClProcessHost::OnDebugExceptionHandlerLaunchedByBroker, | 1375 base::Bind(&NaClProcessHost::OnDebugExceptionHandlerLaunchedByBroker, |
| 1392 weak_factory_.GetWeakPtr())); | 1376 weak_factory_.GetWeakPtr())); |
| 1393 return true; | 1377 return true; |
| 1394 } | 1378 } |
| 1395 } | 1379 } |
| 1396 #endif | 1380 #endif |
| 1397 | 1381 |
| 1398 } // namespace nacl | 1382 } // namespace nacl |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1640123005:
Revert of Have each SandboxedProcessLauncherDelegate maintain a zygote. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master