Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(624)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/nacl/loader/nacl_helper_linux.cc

Issue 2025763002: Use ChannelMojo in Pepper and NaCl processes. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@mojo-utility-channel-mojo
Patch Set: iujbhirtughfbnjrthiubj Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/nacl/loader/BUILD.gn ('k') | components/nacl/loader/nacl_listener.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // A mini-zygote specifically for Native Client. 5 // A mini-zygote specifically for Native Client.
6 6
7 #include "components/nacl/loader/nacl_helper_linux.h" 7 #include "components/nacl/loader/nacl_helper_linux.h"
8 8
9 #include <errno.h> 9 #include <errno.h>
10 #include <fcntl.h> 10 #include <fcntl.h>
(...skipping 18 matching lines...) Expand all
29 #include "base/posix/eintr_wrapper.h" 29 #include "base/posix/eintr_wrapper.h"
30 #include "base/posix/global_descriptors.h" 30 #include "base/posix/global_descriptors.h"
31 #include "base/posix/unix_domain_socket_linux.h" 31 #include "base/posix/unix_domain_socket_linux.h"
32 #include "base/process/kill.h" 32 #include "base/process/kill.h"
33 #include "base/process/process_handle.h" 33 #include "base/process/process_handle.h"
34 #include "base/rand_util.h" 34 #include "base/rand_util.h"
35 #include "build/build_config.h" 35 #include "build/build_config.h"
36 #include "components/nacl/common/nacl_switches.h" 36 #include "components/nacl/common/nacl_switches.h"
37 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" 37 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h"
38 #include "content/public/common/content_descriptors.h" 38 #include "content/public/common/content_descriptors.h"
39 #include "content/public/common/mojo_channel_switches.h"
39 #include "content/public/common/send_zygote_child_ping_linux.h" 40 #include "content/public/common/send_zygote_child_ping_linux.h"
40 #include "content/public/common/zygote_fork_delegate_linux.h" 41 #include "content/public/common/zygote_fork_delegate_linux.h"
41 #include "ipc/ipc_descriptors.h" 42 #include "ipc/ipc_descriptors.h"
42 #include "ipc/ipc_switches.h" 43 #include "ipc/ipc_switches.h"
43 #include "sandbox/linux/services/credentials.h" 44 #include "sandbox/linux/services/credentials.h"
44 #include "sandbox/linux/services/namespace_sandbox.h" 45 #include "sandbox/linux/services/namespace_sandbox.h"
45 46
46 #if defined(OS_NACL_NONSFI) 47 #if defined(OS_NACL_NONSFI)
47 #include "components/nacl/loader/nonsfi/nonsfi_listener.h" 48 #include "components/nacl/loader/nonsfi/nonsfi_listener.h"
48 #include "native_client/src/public/nonsfi/irt_exception_handling.h" 49 #include "native_client/src/public/nonsfi/irt_exception_handling.h"
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
108 // because some IPC code, such as sync_socket_posix.cc, requires this. 109 // because some IPC code, such as sync_socket_posix.cc, requires this.
109 // We do this before seccomp-bpf is initialized. 110 // We do this before seccomp-bpf is initialized.
110 PCHECK(signal(SIGPIPE, SIG_IGN) != SIG_ERR); 111 PCHECK(signal(SIGPIPE, SIG_IGN) != SIG_ERR);
111 112
112 // Finish layer-1 sandbox initialization and initialize the layer-2 sandbox. 113 // Finish layer-1 sandbox initialization and initialize the layer-2 sandbox.
113 CHECK(!nacl_sandbox->HasOpenDirectory()); 114 CHECK(!nacl_sandbox->HasOpenDirectory());
114 nacl_sandbox->InitializeLayerTwoSandbox(uses_nonsfi_mode); 115 nacl_sandbox->InitializeLayerTwoSandbox(uses_nonsfi_mode);
115 nacl_sandbox->SealLayerOneSandbox(); 116 nacl_sandbox->SealLayerOneSandbox();
116 nacl_sandbox->CheckSandboxingStateWithPolicy(); 117 nacl_sandbox->CheckSandboxingStateWithPolicy();
117 118
118 base::GlobalDescriptors::GetInstance()->Set(kPrimaryIPCChannel, 119 base::GlobalDescriptors::GetInstance()->Set(kMojoIPCChannel,
119 browser_fd.release()); 120 browser_fd.release());
120 121
121 base::MessageLoopForIO main_message_loop; 122 base::MessageLoopForIO main_message_loop;
122 #if defined(OS_NACL_NONSFI) 123 #if defined(OS_NACL_NONSFI)
123 CHECK(uses_nonsfi_mode); 124 CHECK(uses_nonsfi_mode);
124 nacl::nonsfi::NonSfiListener listener; 125 nacl::nonsfi::NonSfiListener listener;
125 listener.Listen(); 126 listener.Listen();
126 #else 127 #else
127 CHECK(!uses_nonsfi_mode); 128 CHECK(!uses_nonsfi_mode);
128 NaClListener listener; 129 NaClListener listener;
(...skipping 12 matching lines...) Expand all
141 const std::string& channel_id) { 142 const std::string& channel_id) {
142 DCHECK(child_fds.size() > 143 DCHECK(child_fds.size() >
143 std::max(content::ZygoteForkDelegate::kPIDOracleFDIndex, 144 std::max(content::ZygoteForkDelegate::kPIDOracleFDIndex,
144 content::ZygoteForkDelegate::kBrowserFDIndex)); 145 content::ZygoteForkDelegate::kBrowserFDIndex));
145 146
146 // Ping the PID oracle socket. 147 // Ping the PID oracle socket.
147 CHECK(content::SendZygoteChildPing( 148 CHECK(content::SendZygoteChildPing(
148 child_fds[content::ZygoteForkDelegate::kPIDOracleFDIndex].get())); 149 child_fds[content::ZygoteForkDelegate::kPIDOracleFDIndex].get()));
149 150
150 base::CommandLine::ForCurrentProcess()->AppendSwitchASCII( 151 base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
151 switches::kProcessChannelID, channel_id); 152 switches::kMojoChannelToken, channel_id);
152 153
153 // Save the browser socket and close the rest. 154 // Save the browser socket and close the rest.
154 base::ScopedFD browser_fd( 155 base::ScopedFD browser_fd(
155 std::move(child_fds[content::ZygoteForkDelegate::kBrowserFDIndex])); 156 std::move(child_fds[content::ZygoteForkDelegate::kBrowserFDIndex]));
156 child_fds.clear(); 157 child_fds.clear();
157 158
158 BecomeNaClLoader(std::move(browser_fd), system_info, uses_nonsfi_mode, 159 BecomeNaClLoader(std::move(browser_fd), system_info, uses_nonsfi_mode,
159 nacl_sandbox); 160 nacl_sandbox);
160 _exit(1); 161 _exit(1);
161 } 162 }
(...skipping 301 matching lines...) Expand 10 before | Expand all | Expand 10 after
463 // Now handle requests from the Zygote. 464 // Now handle requests from the Zygote.
464 while (true) { 465 while (true) {
465 bool request_handled = HandleZygoteRequest( 466 bool request_handled = HandleZygoteRequest(
466 kNaClZygoteDescriptor, system_info, nacl_sandbox.get()); 467 kNaClZygoteDescriptor, system_info, nacl_sandbox.get());
467 // Do not turn this into a CHECK() without thinking about robustness 468 // Do not turn this into a CHECK() without thinking about robustness
468 // against malicious IPC requests. 469 // against malicious IPC requests.
469 DCHECK(request_handled); 470 DCHECK(request_handled);
470 } 471 }
471 NOTREACHED(); 472 NOTREACHED();
472 } 473 }
OLDNEW
« no previous file with comments | « components/nacl/loader/BUILD.gn ('k') | components/nacl/loader/nacl_listener.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698