Chromium Code Reviews Chromium Code Reviews
Issue 177863002:
Refactor configuration of sandboxes - first steps (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/child_process_launcher.h" | 5 #include "content/browser/child_process_launcher.h" |
| 6 | 6 |
| 7 #include <utility> // For std::pair. | 7 #include <utility> // For std::pair. |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| 11 #include "base/file_util.h" | 11 #include "base/file_util.h" |
| 12 #include "base/logging.h" | 12 #include "base/logging.h" |
| 13 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
| 14 #include "base/metrics/histogram.h" | 14 #include "base/metrics/histogram.h" |
| 15 #include "base/process/process.h" | 15 #include "base/process/process.h" |
| 16 #include "base/synchronization/lock.h" | 16 #include "base/synchronization/lock.h" |
| 17 #include "base/threading/thread.h" | 17 #include "base/threading/thread.h" |
| 18 #include "content/public/browser/browser_thread.h" | 18 #include "content/public/browser/browser_thread.h" |
| 19 #include "content/public/browser/content_browser_client.h" | 19 #include "content/public/browser/content_browser_client.h" |
| 20 #include "content/public/common/content_descriptors.h" | 20 #include "content/public/common/content_descriptors.h" |
| 21 #include "content/public/common/content_switches.h" | 21 #include "content/public/common/content_switches.h" |
| 22 #include "content/public/common/result_codes.h" | 22 #include "content/public/common/result_codes.h" |
| 23 #include "content/public/common/sandboxed_process_launcher_delegate.h" | |
| 23 | 24 |
| 24 #if defined(OS_WIN) | 25 #if defined(OS_WIN) |
| 25 #include "base/files/file_path.h" | 26 #include "base/files/file_path.h" |
| 26 #include "content/common/sandbox_win.h" | 27 #include "content/common/sandbox_win.h" |
| 27 #include "content/public/common/sandbox_init.h" | 28 #include "content/public/common/sandbox_init.h" |
| 28 #include "content/public/common/sandboxed_process_launcher_delegate.h" | |
| 29 #elif defined(OS_MACOSX) | 29 #elif defined(OS_MACOSX) |
| 30 #include "content/browser/mach_broker_mac.h" | 30 #include "content/browser/mach_broker_mac.h" |
| 31 #elif defined(OS_ANDROID) | 31 #elif defined(OS_ANDROID) |
| 32 #include "base/android/jni_android.h" | 32 #include "base/android/jni_android.h" |
| 33 #include "content/browser/android/child_process_launcher_android.h" | 33 #include "content/browser/android/child_process_launcher_android.h" |
| 34 #elif defined(OS_POSIX) | 34 #elif defined(OS_POSIX) |
| 35 #include "base/memory/shared_memory.h" | 35 #include "base/memory/shared_memory.h" |
| 36 #include "base/memory/singleton.h" | 36 #include "base/memory/singleton.h" |
| 37 #include "content/browser/renderer_host/render_sandbox_host_linux.h" | 37 #include "content/browser/renderer_host/render_sandbox_host_linux.h" |
| 38 #include "content/browser/zygote_host/zygote_host_impl_linux.h" | 38 #include "content/browser/zygote_host/zygote_host_impl_linux.h" |
| (...skipping 25 matching lines...) Expand all Loading... | |
| 64 { | 64 { |
| 65 #if defined(OS_POSIX) | 65 #if defined(OS_POSIX) |
| 66 terminate_child_on_shutdown_ = !CommandLine::ForCurrentProcess()-> | 66 terminate_child_on_shutdown_ = !CommandLine::ForCurrentProcess()-> |
| 67 HasSwitch(switches::kChildCleanExit); | 67 HasSwitch(switches::kChildCleanExit); |
| 68 #else | 68 #else |
| 69 terminate_child_on_shutdown_ = true; | 69 terminate_child_on_shutdown_ = true; |
| 70 #endif | 70 #endif |
| 71 } | 71 } |
| 72 | 72 |
| 73 void Launch( | 73 void Launch( |
| 74 #if defined(OS_WIN) | |
| 75 SandboxedProcessLauncherDelegate* delegate, | 74 SandboxedProcessLauncherDelegate* delegate, |
| 76 bool launch_elevated, | |
| 77 #elif defined(OS_ANDROID) | |
| 78 int ipcfd, | |
| 79 #elif defined(OS_POSIX) | |
| 80 bool use_zygote, | |
| 81 const base::EnvironmentMap& environ, | |
| 82 int ipcfd, | |
| 83 #endif | |
| 84 CommandLine* cmd_line, | 75 CommandLine* cmd_line, |
| 85 int child_process_id, | 76 int child_process_id, |
| 86 Client* client) { | 77 Client* client) { |
| 87 client_ = client; | 78 client_ = client; |
| 88 | 79 |
| 89 CHECK(BrowserThread::GetCurrentThreadIdentifier(&client_thread_id_)); | 80 CHECK(BrowserThread::GetCurrentThreadIdentifier(&client_thread_id_)); |
| 90 | 81 |
| 91 #if defined(OS_ANDROID) | 82 #if defined(OS_ANDROID) |
| 92 // We need to close the client end of the IPC channel to reliably detect | 83 // We need to close the client end of the IPC channel to reliably detect |
| 93 // child termination. We will close this fd after we create the child | 84 // child termination. We will close this fd after we create the child |
| 94 // process which is asynchronous on Android. | 85 // process which is asynchronous on Android. |
| 95 ipcfd_ = ipcfd; | 86 ipcfd_ = delegate->IpcFd(); |
| 96 #endif | 87 #endif |
| 97 BrowserThread::PostTask( | 88 BrowserThread::PostTask( |
| 98 BrowserThread::PROCESS_LAUNCHER, FROM_HERE, | 89 BrowserThread::PROCESS_LAUNCHER, FROM_HERE, |
| 99 base::Bind( | 90 base::Bind( |
| 100 &Context::LaunchInternal, | 91 &Context::LaunchInternal, |
| 101 make_scoped_refptr(this), | 92 make_scoped_refptr(this), |
| 102 client_thread_id_, | 93 client_thread_id_, |
| 103 child_process_id, | 94 child_process_id, |
| 104 #if defined(OS_WIN) | |
| 105 delegate, | 95 delegate, |
| 106 launch_elevated, | |
| 107 #elif defined(OS_ANDROID) | |
| 108 ipcfd, | |
| 109 #elif defined(OS_POSIX) | |
| 110 use_zygote, | |
| 111 environ, | |
| 112 ipcfd, | |
| 113 #endif | |
| 114 cmd_line)); | 96 cmd_line)); |
| 115 } | 97 } |
| 116 | 98 |
| 117 #if defined(OS_ANDROID) | 99 #if defined(OS_ANDROID) |
| 118 static void OnChildProcessStarted( | 100 static void OnChildProcessStarted( |
| 119 // |this_object| is NOT thread safe. Only use it to post a task back. | 101 // |this_object| is NOT thread safe. Only use it to post a task back. |
| 120 scoped_refptr<Context> this_object, | 102 scoped_refptr<Context> this_object, |
| 121 BrowserThread::ID client_thread_id, | 103 BrowserThread::ID client_thread_id, |
| 122 const base::TimeTicks begin_launch_time, | 104 const base::TimeTicks begin_launch_time, |
| 123 base::ProcessHandle handle) { | 105 base::ProcessHandle handle) { |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 178 UMA_HISTOGRAM_TIMES("MPArch.ChildProcessLaunchFirst", launch_time); | 160 UMA_HISTOGRAM_TIMES("MPArch.ChildProcessLaunchFirst", launch_time); |
| 179 done_first_launch = true; | 161 done_first_launch = true; |
| 180 } | 162 } |
| 181 } | 163 } |
| 182 | 164 |
| 183 static void LaunchInternal( | 165 static void LaunchInternal( |
| 184 // |this_object| is NOT thread safe. Only use it to post a task back. | 166 // |this_object| is NOT thread safe. Only use it to post a task back. |
| 185 scoped_refptr<Context> this_object, | 167 scoped_refptr<Context> this_object, |
| 186 BrowserThread::ID client_thread_id, | 168 BrowserThread::ID client_thread_id, |
| 187 int child_process_id, | 169 int child_process_id, |
| 170 SandboxedProcessLauncherDelegate* delegate, | |
| 171 CommandLine* cmd_line) { | |
| 188 #if defined(OS_WIN) | 172 #if defined(OS_WIN) |
| 189 SandboxedProcessLauncherDelegate* delegate, | 173 bool launch_elevated = delegate -> LaunchElevated(); |
|
jam
2014/02/26 19:47:52
nit: no space
aberent
2014/02/28 08:51:06
Done.
| |
| 190 bool launch_elevated, | |
| 191 #elif defined(OS_ANDROID) | 174 #elif defined(OS_ANDROID) |
| 192 int ipcfd, | 175 int ipcfd = delegate->IpcFd(); |
| 176 #elif defined(OS_MACOSX) | |
| 177 base::EnvironmentMap env = delegate->GetEnvironment(); | |
| 178 int ipcfd = delegate->IpcFd(); | |
| 193 #elif defined(OS_POSIX) | 179 #elif defined(OS_POSIX) |
| 194 bool use_zygote, | 180 bool use_zygote = delegate->UseZygote(); |
| 195 const base::EnvironmentMap& env, | 181 base::EnvironmentMap env = delegate->GetEnvironment(); |
| 196 int ipcfd, | 182 int ipcfd = delegate->IpcFd(); |
| 197 #endif | 183 #endif |
| 198 CommandLine* cmd_line) { | |
| 199 scoped_ptr<CommandLine> cmd_line_deleter(cmd_line); | 184 scoped_ptr<CommandLine> cmd_line_deleter(cmd_line); |
| 200 base::TimeTicks begin_launch_time = base::TimeTicks::Now(); | 185 base::TimeTicks begin_launch_time = base::TimeTicks::Now(); |
| 201 | 186 |
| 202 #if defined(OS_WIN) | 187 #if defined(OS_WIN) |
| 203 base::ProcessHandle handle = base::kNullProcessHandle; | 188 base::ProcessHandle handle = base::kNullProcessHandle; |
| 204 if (launch_elevated) { | 189 if (launch_elevated) { |
| 205 base::LaunchOptions options; | 190 base::LaunchOptions options; |
| 206 options.start_hidden = true; | 191 options.start_hidden = true; |
| 207 base::LaunchElevatedProcess(*cmd_line, options, &handle); | 192 base::LaunchElevatedProcess(*cmd_line, options, &handle); |
| 208 } else { | 193 } else { |
| (...skipping 214 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 423 #if defined(OS_ANDROID) | 408 #if defined(OS_ANDROID) |
| 424 // The fd to close after creating the process. | 409 // The fd to close after creating the process. |
| 425 int ipcfd_; | 410 int ipcfd_; |
| 426 #elif defined(OS_POSIX) && !defined(OS_MACOSX) | 411 #elif defined(OS_POSIX) && !defined(OS_MACOSX) |
| 427 bool zygote_; | 412 bool zygote_; |
| 428 #endif | 413 #endif |
| 429 }; | 414 }; |
| 430 | 415 |
| 431 | 416 |
| 432 ChildProcessLauncher::ChildProcessLauncher( | 417 ChildProcessLauncher::ChildProcessLauncher( |
| 433 #if defined(OS_WIN) | |
| 434 SandboxedProcessLauncherDelegate* delegate, | 418 SandboxedProcessLauncherDelegate* delegate, |
| 435 bool launch_elevated, | |
| 436 #elif defined(OS_POSIX) | |
| 437 bool use_zygote, | |
| 438 const base::EnvironmentMap& environ, | |
| 439 int ipcfd, | |
| 440 #endif | |
| 441 CommandLine* cmd_line, | 419 CommandLine* cmd_line, |
| 442 int child_process_id, | 420 int child_process_id, |
| 443 Client* client) { | 421 Client* client) { |
| 444 context_ = new Context(); | 422 context_ = new Context(); |
| 445 context_->Launch( | 423 context_->Launch( |
| 446 #if defined(OS_WIN) | |
| 447 delegate, | 424 delegate, |
| 448 launch_elevated, | |
| 449 #elif defined(OS_ANDROID) | |
| 450 ipcfd, | |
| 451 #elif defined(OS_POSIX) | |
| 452 use_zygote, | |
| 453 environ, | |
| 454 ipcfd, | |
| 455 #endif | |
| 456 cmd_line, | 425 cmd_line, |
| 457 child_process_id, | 426 child_process_id, |
| 458 client); | 427 client); |
| 459 } | 428 } |
| 460 | 429 |
| 461 ChildProcessLauncher::~ChildProcessLauncher() { | 430 ChildProcessLauncher::~ChildProcessLauncher() { |
| 462 context_->ResetClient(); | 431 context_->ResetClient(); |
| 463 } | 432 } |
| 464 | 433 |
| 465 bool ChildProcessLauncher::IsStarting() { | 434 bool ChildProcessLauncher::IsStarting() { |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 528 GetHandle(), background)); | 497 GetHandle(), background)); |
| 529 } | 498 } |
| 530 | 499 |
| 531 void ChildProcessLauncher::SetTerminateChildOnShutdown( | 500 void ChildProcessLauncher::SetTerminateChildOnShutdown( |
| 532 bool terminate_on_shutdown) { | 501 bool terminate_on_shutdown) { |
| 533 if (context_.get()) | 502 if (context_.get()) |
| 534 context_->set_terminate_child_on_shutdown(terminate_on_shutdown); | 503 context_->set_terminate_child_on_shutdown(terminate_on_shutdown); |
| 535 } | 504 } |
| 536 | 505 |
| 537 } // namespace content | 506 } // namespace content |
| OLD | NEW |
