| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/zygote/zygote_main.h" | 5 #include "content/zygote/zygote_main.h" |
| 6 | 6 |
| 7 #include <dlfcn.h> | 7 #include <dlfcn.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <pthread.h> | 9 #include <pthread.h> |
| 10 #include <stdio.h> | 10 #include <stdio.h> |
| 11 #include <sys/socket.h> | 11 #include <sys/socket.h> |
| 12 #include <sys/stat.h> | 12 #include <sys/stat.h> |
| 13 #include <sys/types.h> | 13 #include <sys/types.h> |
| 14 #include <sys/wait.h> | 14 #include <sys/wait.h> |
| 15 #include <unistd.h> | 15 #include <unistd.h> |
| 16 | 16 |
| 17 #include "base/basictypes.h" | 17 #include "base/basictypes.h" |
| 18 #include "base/command_line.h" | 18 #include "base/command_line.h" |
| 19 #include "base/containers/hash_tables.h" | 19 #include "base/containers/hash_tables.h" |
| 20 #include "base/files/file_path.h" | 20 #include "base/files/file_path.h" |
| 21 #include "base/linux_util.h" | 21 #include "base/linux_util.h" |
| 22 #include "base/memory/scoped_ptr.h" | 22 #include "base/memory/scoped_ptr.h" |
| 23 #include "base/native_library.h" |
| 23 #include "base/pickle.h" | 24 #include "base/pickle.h" |
| 24 #include "base/posix/eintr_wrapper.h" | 25 #include "base/posix/eintr_wrapper.h" |
| 25 #include "base/posix/unix_domain_socket_linux.h" | 26 #include "base/posix/unix_domain_socket_linux.h" |
| 26 #include "base/process_util.h" | 27 #include "base/process_util.h" |
| 27 #include "base/rand_util.h" | 28 #include "base/rand_util.h" |
| 28 #include "base/sys_info.h" | 29 #include "base/sys_info.h" |
| 29 #include "build/build_config.h" | 30 #include "build/build_config.h" |
| 30 #include "content/common/font_config_ipc_linux.h" | 31 #include "content/common/font_config_ipc_linux.h" |
| 31 #include "content/common/pepper_plugin_registry.h" | 32 #include "content/common/pepper_plugin_list.h" |
| 32 #include "content/common/sandbox_linux.h" | 33 #include "content/common/sandbox_linux.h" |
| 33 #include "content/common/zygote_commands_linux.h" | 34 #include "content/common/zygote_commands_linux.h" |
| 34 #include "content/public/common/content_switches.h" | 35 #include "content/public/common/content_switches.h" |
| 35 #include "content/public/common/main_function_params.h" | 36 #include "content/public/common/main_function_params.h" |
| 37 #include "content/public/common/pepper_plugin_info.h" |
| 36 #include "content/public/common/sandbox_linux.h" | 38 #include "content/public/common/sandbox_linux.h" |
| 37 #include "content/public/common/zygote_fork_delegate_linux.h" | 39 #include "content/public/common/zygote_fork_delegate_linux.h" |
| 38 #include "content/zygote/zygote_linux.h" | 40 #include "content/zygote/zygote_linux.h" |
| 39 #include "crypto/nss_util.h" | 41 #include "crypto/nss_util.h" |
| 40 #include "sandbox/linux/services/libc_urandom_override.h" | 42 #include "sandbox/linux/services/libc_urandom_override.h" |
| 41 #include "sandbox/linux/suid/client/setuid_sandbox_client.h" | 43 #include "sandbox/linux/suid/client/setuid_sandbox_client.h" |
| 42 #include "third_party/icu/source/i18n/unicode/timezone.h" | 44 #include "third_party/icu/source/i18n/unicode/timezone.h" |
| 43 #include "third_party/skia/include/ports/SkFontConfigInterface.h" | 45 #include "third_party/skia/include/ports/SkFontConfigInterface.h" |
| 44 | 46 |
| 45 #if defined(OS_LINUX) | 47 #if defined(OS_LINUX) |
| (...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 242 if (g_am_zygote_or_renderer) { | 244 if (g_am_zygote_or_renderer) { |
| 243 ProxyLocaltimeCallToBrowser(*timep, result, NULL, 0); | 245 ProxyLocaltimeCallToBrowser(*timep, result, NULL, 0); |
| 244 return result; | 246 return result; |
| 245 } else { | 247 } else { |
| 246 CHECK_EQ(0, pthread_once(&g_libc_localtime_funcs_guard, | 248 CHECK_EQ(0, pthread_once(&g_libc_localtime_funcs_guard, |
| 247 InitLibcLocaltimeFunctions)); | 249 InitLibcLocaltimeFunctions)); |
| 248 return g_libc_localtime64_r(timep, result); | 250 return g_libc_localtime64_r(timep, result); |
| 249 } | 251 } |
| 250 } | 252 } |
| 251 | 253 |
| 254 #if defined(ENABLE_PLUGINS) |
| 255 // Loads the (native) libraries but does not initialize them (i.e., does not |
| 256 // call PPP_InitializeModule). This is needed by the zygote on Linux to get |
| 257 // access to the plugins before entering the sandbox. |
| 258 void PreloadPepperPlugins() { |
| 259 std::vector<PepperPluginInfo> plugins; |
| 260 ComputePepperPluginList(&plugins); |
| 261 for (size_t i = 0; i < plugins.size(); ++i) { |
| 262 if (!plugins[i].is_internal && plugins[i].is_sandboxed) { |
| 263 std::string error; |
| 264 base::NativeLibrary library = base::LoadNativeLibrary(plugins[i].path, |
| 265 &error); |
| 266 DLOG_IF(WARNING, !library) << "Unable to load plugin " |
| 267 << plugins[i].path.value() << " " |
| 268 << error; |
| 269 (void)library; // Prevent release-mode warning. |
| 270 } |
| 271 } |
| 272 } |
| 273 #endif |
| 274 |
| 252 // This function triggers the static and lazy construction of objects that need | 275 // This function triggers the static and lazy construction of objects that need |
| 253 // to be created before imposing the sandbox. | 276 // to be created before imposing the sandbox. |
| 254 static void PreSandboxInit() { | 277 static void PreSandboxInit() { |
| 255 base::RandUint64(); | 278 base::RandUint64(); |
| 256 | 279 |
| 257 base::SysInfo::MaxSharedMemorySize(); | 280 base::SysInfo::MaxSharedMemorySize(); |
| 258 | 281 |
| 259 // ICU DateFormat class (used in base/time_format.cc) needs to get the | 282 // ICU DateFormat class (used in base/time_format.cc) needs to get the |
| 260 // Olson timezone ID by accessing the zoneinfo files on disk. After | 283 // Olson timezone ID by accessing the zoneinfo files on disk. After |
| 261 // TimeZone::createDefault is called once here, the timezone ID is | 284 // TimeZone::createDefault is called once here, the timezone ID is |
| 262 // cached and there's no more need to access the file system. | 285 // cached and there's no more need to access the file system. |
| 263 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); | 286 scoped_ptr<icu::TimeZone> zone(icu::TimeZone::createDefault()); |
| 264 | 287 |
| 265 #if defined(USE_NSS) | 288 #if defined(USE_NSS) |
| 266 // NSS libraries are loaded before sandbox is activated. This is to allow | 289 // NSS libraries are loaded before sandbox is activated. This is to allow |
| 267 // successful initialization of NSS which tries to load extra library files. | 290 // successful initialization of NSS which tries to load extra library files. |
| 268 crypto::LoadNSSLibraries(); | 291 crypto::LoadNSSLibraries(); |
| 269 #elif defined(USE_OPENSSL) | 292 #elif defined(USE_OPENSSL) |
| 270 // OpenSSL is intentionally not supported in the sandboxed processes, see | 293 // OpenSSL is intentionally not supported in the sandboxed processes, see |
| 271 // http://crbug.com/99163. If that ever changes we'll likely need to init | 294 // http://crbug.com/99163. If that ever changes we'll likely need to init |
| 272 // OpenSSL here (at least, load the library and error strings). | 295 // OpenSSL here (at least, load the library and error strings). |
| 273 #else | 296 #else |
| 274 // It's possible that another hypothetical crypto stack would not require | 297 // It's possible that another hypothetical crypto stack would not require |
| 275 // pre-sandbox init, but more likely this is just a build configuration error. | 298 // pre-sandbox init, but more likely this is just a build configuration error. |
| 276 #error Which SSL library are you using? | 299 #error Which SSL library are you using? |
| 277 #endif | 300 #endif |
| 278 #if defined(ENABLE_PLUGINS) | 301 #if defined(ENABLE_PLUGINS) |
| 279 // Ensure access to the Pepper plugins before the sandbox is turned on. | 302 // Ensure access to the Pepper plugins before the sandbox is turned on. |
| 280 PepperPluginRegistry::PreloadModules(); | 303 PreloadPepperPlugins(); |
| 281 #endif | 304 #endif |
| 282 #if defined(ENABLE_WEBRTC) | 305 #if defined(ENABLE_WEBRTC) |
| 283 InitializeWebRtcModule(); | 306 InitializeWebRtcModule(); |
| 284 #endif | 307 #endif |
| 285 } | 308 } |
| 286 | 309 |
| 287 // Do nothing here | 310 // Do nothing here |
| 288 static void SIGCHLDHandler(int signal) { | 311 static void SIGCHLDHandler(int signal) { |
| 289 } | 312 } |
| 290 | 313 |
| (...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 468 } | 491 } |
| 469 | 492 |
| 470 int sandbox_flags = linux_sandbox->GetStatus(); | 493 int sandbox_flags = linux_sandbox->GetStatus(); |
| 471 | 494 |
| 472 Zygote zygote(sandbox_flags, forkdelegate); | 495 Zygote zygote(sandbox_flags, forkdelegate); |
| 473 // This function call can return multiple times, once per fork(). | 496 // This function call can return multiple times, once per fork(). |
| 474 return zygote.ProcessRequests(); | 497 return zygote.ProcessRequests(); |
| 475 } | 498 } |
| 476 | 499 |
| 477 } // namespace content | 500 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 20172004:
Split PepperPluginRegistry into the pieces that are needed in each process. content/common only nee… (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/