| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/app/nacl_fork_delegate_linux.h" | |
| 6 | |
| 7 #include <signal.h> | |
| 8 #include <stdlib.h> | |
| 9 #include <sys/resource.h> | |
| 10 #include <sys/socket.h> | |
| 11 | |
| 12 #include <set> | |
| 13 | |
| 14 #include "base/basictypes.h" | |
| 15 #include "base/command_line.h" | |
| 16 #include "base/files/file_path.h" | |
| 17 #include "base/logging.h" | |
| 18 #include "base/path_service.h" | |
| 19 #include "base/posix/eintr_wrapper.h" | |
| 20 #include "base/posix/unix_domain_socket_linux.h" | |
| 21 #include "base/process_util.h" | |
| 22 #include "base/third_party/dynamic_annotations/dynamic_annotations.h" | |
| 23 #include "chrome/common/chrome_paths.h" | |
| 24 #include "chrome/common/nacl_helper_linux.h" | |
| 25 #include "chrome/common/nacl_paths.h" | |
| 26 #include "components/nacl/common/nacl_switches.h" | |
| 27 | |
| 28 NaClForkDelegate::NaClForkDelegate() | |
| 29 : status_(kNaClHelperUnused), | |
| 30 fd_(-1) {} | |
| 31 | |
| 32 // Note these need to match up with their counterparts in nacl_helper_linux.c | |
| 33 // and nacl_helper_bootstrap_linux.c. | |
| 34 const char kNaClHelperReservedAtZero[] = | |
| 35 "--reserved_at_zero=0xXXXXXXXXXXXXXXXX"; | |
| 36 const char kNaClHelperRDebug[] = "--r_debug=0xXXXXXXXXXXXXXXXX"; | |
| 37 | |
| 38 void NaClForkDelegate::Init(const int sandboxdesc) { | |
| 39 VLOG(1) << "NaClForkDelegate::Init()"; | |
| 40 int fds[2]; | |
| 41 | |
| 42 // Confirm a hard-wired assumption. | |
| 43 // The NaCl constant is from chrome/nacl/nacl_linux_helper.h | |
| 44 DCHECK(kNaClSandboxDescriptor == sandboxdesc); | |
| 45 | |
| 46 CHECK(socketpair(PF_UNIX, SOCK_SEQPACKET, 0, fds) == 0); | |
| 47 base::FileHandleMappingVector fds_to_map; | |
| 48 fds_to_map.push_back(std::make_pair(fds[1], kNaClZygoteDescriptor)); | |
| 49 fds_to_map.push_back(std::make_pair(sandboxdesc, kNaClSandboxDescriptor)); | |
| 50 | |
| 51 status_ = kNaClHelperUnused; | |
| 52 base::FilePath helper_exe; | |
| 53 base::FilePath helper_bootstrap_exe; | |
| 54 if (!PathService::Get(nacl::FILE_NACL_HELPER, &helper_exe)) { | |
| 55 status_ = kNaClHelperMissing; | |
| 56 } else if (!PathService::Get(nacl::FILE_NACL_HELPER_BOOTSTRAP, | |
| 57 &helper_bootstrap_exe)) { | |
| 58 status_ = kNaClHelperBootstrapMissing; | |
| 59 } else if (RunningOnValgrind()) { | |
| 60 status_ = kNaClHelperValgrind; | |
| 61 } else { | |
| 62 CommandLine cmd_line(helper_bootstrap_exe); | |
| 63 cmd_line.AppendArgPath(helper_exe); | |
| 64 cmd_line.AppendArgNative(kNaClHelperReservedAtZero); | |
| 65 cmd_line.AppendArgNative(kNaClHelperRDebug); | |
| 66 base::LaunchOptions options; | |
| 67 options.fds_to_remap = &fds_to_map; | |
| 68 options.clone_flags = CLONE_FS | SIGCHLD; | |
| 69 | |
| 70 // The NaCl processes spawned may need to exceed the ambient soft limit | |
| 71 // on RLIMIT_AS to allocate the untrusted address space and its guard | |
| 72 // regions. The nacl_helper itself cannot just raise its own limit, | |
| 73 // because the existing limit may prevent the initial exec of | |
| 74 // nacl_helper_bootstrap from succeeding, with its large address space | |
| 75 // reservation. | |
| 76 std::set<int> max_these_limits; | |
| 77 max_these_limits.insert(RLIMIT_AS); | |
| 78 options.maximize_rlimits = &max_these_limits; | |
| 79 | |
| 80 if (!base::LaunchProcess(cmd_line.argv(), options, NULL)) | |
| 81 status_ = kNaClHelperLaunchFailed; | |
| 82 // parent and error cases are handled below | |
| 83 } | |
| 84 if (HANDLE_EINTR(close(fds[1])) != 0) | |
| 85 LOG(ERROR) << "close(fds[1]) failed"; | |
| 86 if (status_ == kNaClHelperUnused) { | |
| 87 const ssize_t kExpectedLength = strlen(kNaClHelperStartupAck); | |
| 88 char buf[kExpectedLength]; | |
| 89 | |
| 90 // Wait for ack from nacl_helper, indicating it is ready to help | |
| 91 const ssize_t nread = HANDLE_EINTR(read(fds[0], buf, sizeof(buf))); | |
| 92 if (nread == kExpectedLength && | |
| 93 memcmp(buf, kNaClHelperStartupAck, nread) == 0) { | |
| 94 // all is well | |
| 95 status_ = kNaClHelperSuccess; | |
| 96 fd_ = fds[0]; | |
| 97 return; | |
| 98 } | |
| 99 | |
| 100 status_ = kNaClHelperAckFailed; | |
| 101 LOG(ERROR) << "Bad NaCl helper startup ack (" << nread << " bytes)"; | |
| 102 } | |
| 103 // TODO(bradchen): Make this LOG(ERROR) when the NaCl helper | |
| 104 // becomes the default. | |
| 105 fd_ = -1; | |
| 106 if (HANDLE_EINTR(close(fds[0])) != 0) | |
| 107 LOG(ERROR) << "close(fds[0]) failed"; | |
| 108 } | |
| 109 | |
| 110 void NaClForkDelegate::InitialUMA(std::string* uma_name, | |
| 111 int* uma_sample, | |
| 112 int* uma_boundary_value) { | |
| 113 *uma_name = "NaCl.Client.Helper.InitState"; | |
| 114 *uma_sample = status_; | |
| 115 *uma_boundary_value = kNaClHelperStatusBoundary; | |
| 116 } | |
| 117 | |
| 118 NaClForkDelegate::~NaClForkDelegate() { | |
| 119 // side effect of close: delegate process will terminate | |
| 120 if (status_ == kNaClHelperSuccess) { | |
| 121 if (HANDLE_EINTR(close(fd_)) != 0) | |
| 122 LOG(ERROR) << "close(fd_) failed"; | |
| 123 } | |
| 124 } | |
| 125 | |
| 126 bool NaClForkDelegate::CanHelp(const std::string& process_type, | |
| 127 std::string* uma_name, | |
| 128 int* uma_sample, | |
| 129 int* uma_boundary_value) { | |
| 130 if (process_type != switches::kNaClLoaderProcess) | |
| 131 return false; | |
| 132 *uma_name = "NaCl.Client.Helper.StateOnFork"; | |
| 133 *uma_sample = status_; | |
| 134 *uma_boundary_value = kNaClHelperStatusBoundary; | |
| 135 return status_ == kNaClHelperSuccess; | |
| 136 } | |
| 137 | |
| 138 pid_t NaClForkDelegate::Fork(const std::vector<int>& fds) { | |
| 139 base::ProcessId naclchild; | |
| 140 VLOG(1) << "NaClForkDelegate::Fork"; | |
| 141 | |
| 142 DCHECK(fds.size() == kNaClParentFDIndex + 1); | |
| 143 if (!UnixDomainSocket::SendMsg(fd_, kNaClForkRequest, | |
| 144 strlen(kNaClForkRequest), fds)) { | |
| 145 LOG(ERROR) << "NaClForkDelegate::Fork: SendMsg failed"; | |
| 146 return -1; | |
| 147 } | |
| 148 int nread = HANDLE_EINTR(read(fd_, &naclchild, sizeof(naclchild))); | |
| 149 if (nread != sizeof(naclchild)) { | |
| 150 LOG(ERROR) << "NaClForkDelegate::Fork: read failed"; | |
| 151 return -1; | |
| 152 } | |
| 153 VLOG(1) << "nacl_child is " << naclchild << " (" << nread << " bytes)"; | |
| 154 return naclchild; | |
| 155 } | |
| 156 | |
| 157 bool NaClForkDelegate::AckChild(const int fd, | |
| 158 const std::string& channel_switch) { | |
| 159 int nwritten = HANDLE_EINTR(write(fd, channel_switch.c_str(), | |
| 160 channel_switch.length())); | |
| 161 if (nwritten != static_cast<int>(channel_switch.length())) { | |
| 162 return false; | |
| 163 } | |
| 164 return true; | |
| 165 } | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 16881004:
Move chrome/nacl to components/nacl. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master