| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/browser_child_process_host_impl.h" | 5 #include "content/browser/browser_child_process_host_impl.h" |
| 6 | 6 |
| 7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" |
| 8 #include "base/bind.h" | 8 #include "base/bind.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/debug/dump_without_crashing.h" | 10 #include "base/debug/dump_without_crashing.h" |
| 11 #include "base/feature_list.h" | 11 #include "base/feature_list.h" |
| 12 #include "base/files/file_path.h" | 12 #include "base/files/file_path.h" |
| 13 #include "base/lazy_instance.h" | 13 #include "base/lazy_instance.h" |
| 14 #include "base/logging.h" | 14 #include "base/logging.h" |
| 15 #include "base/macros.h" | 15 #include "base/macros.h" |
| 16 #include "base/metrics/field_trial.h" | 16 #include "base/metrics/field_trial.h" |
| 17 #include "base/metrics/histogram.h" | 17 #include "base/metrics/histogram.h" |
| 18 #include "base/stl_util.h" | 18 #include "base/stl_util.h" |
| 19 #include "base/strings/string_util.h" | 19 #include "base/strings/string_util.h" |
| 20 #include "base/synchronization/waitable_event.h" | 20 #include "base/synchronization/waitable_event.h" |
| 21 #include "base/threading/thread_task_runner_handle.h" |
| 21 #include "build/build_config.h" | 22 #include "build/build_config.h" |
| 22 #include "components/tracing/common/tracing_switches.h" | 23 #include "components/tracing/common/tracing_switches.h" |
| 23 #include "content/browser/histogram_message_filter.h" | 24 #include "content/browser/histogram_message_filter.h" |
| 24 #include "content/browser/loader/resource_message_filter.h" | 25 #include "content/browser/loader/resource_message_filter.h" |
| 25 #include "content/browser/memory/memory_message_filter.h" | 26 #include "content/browser/memory/memory_message_filter.h" |
| 26 #include "content/browser/profiler_message_filter.h" | 27 #include "content/browser/profiler_message_filter.h" |
| 27 #include "content/browser/tracing/trace_message_filter.h" | 28 #include "content/browser/tracing/trace_message_filter.h" |
| 28 #include "content/common/child_process_host_impl.h" | 29 #include "content/common/child_process_host_impl.h" |
| 29 #include "content/common/child_process_messages.h" | 30 #include "content/common/child_process_messages.h" |
| 30 #include "content/public/browser/browser_child_process_host_delegate.h" | 31 #include "content/public/browser/browser_child_process_host_delegate.h" |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 133 | 134 |
| 134 BrowserChildProcessHostImpl::BrowserChildProcessHostImpl( | 135 BrowserChildProcessHostImpl::BrowserChildProcessHostImpl( |
| 135 content::ProcessType process_type, | 136 content::ProcessType process_type, |
| 136 BrowserChildProcessHostDelegate* delegate, | 137 BrowserChildProcessHostDelegate* delegate, |
| 137 const std::string& mojo_child_token) | 138 const std::string& mojo_child_token) |
| 138 : data_(process_type), | 139 : data_(process_type), |
| 139 delegate_(delegate), | 140 delegate_(delegate), |
| 140 mojo_child_token_(mojo_child_token), | 141 mojo_child_token_(mojo_child_token), |
| 141 power_monitor_message_broadcaster_(this), | 142 power_monitor_message_broadcaster_(this), |
| 142 is_channel_connected_(false), | 143 is_channel_connected_(false), |
| 143 notify_child_disconnected_(false) { | 144 notify_child_disconnected_(false), |
| 145 weak_factory_(this) { |
| 144 data_.id = ChildProcessHostImpl::GenerateChildProcessUniqueId(); | 146 data_.id = ChildProcessHostImpl::GenerateChildProcessUniqueId(); |
| 145 | 147 |
| 146 #if USE_ATTACHMENT_BROKER | 148 #if USE_ATTACHMENT_BROKER |
| 147 // Construct the privileged attachment broker early in the life cycle of a | 149 // Construct the privileged attachment broker early in the life cycle of a |
| 148 // child process. This ensures that when a test is being run in one of the | 150 // child process. This ensures that when a test is being run in one of the |
| 149 // single process modes, the global attachment broker is the privileged | 151 // single process modes, the global attachment broker is the privileged |
| 150 // attachment broker, rather than an unprivileged attachment broker. | 152 // attachment broker, rather than an unprivileged attachment broker. |
| 151 #if defined(OS_MACOSX) | 153 #if defined(OS_MACOSX) |
| 152 IPC::AttachmentBrokerPrivileged::CreateBrokerIfNeeded( | 154 IPC::AttachmentBrokerPrivileged::CreateBrokerIfNeeded( |
| 153 MachBroker::GetInstance()); | 155 MachBroker::GetInstance()); |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 234 cmd_line->CopySwitchesFrom(browser_command_line, kForwardSwitches, | 236 cmd_line->CopySwitchesFrom(browser_command_line, kForwardSwitches, |
| 235 arraysize(kForwardSwitches)); | 237 arraysize(kForwardSwitches)); |
| 236 | 238 |
| 237 notify_child_disconnected_ = true; | 239 notify_child_disconnected_ = true; |
| 238 child_process_.reset(new ChildProcessLauncher( | 240 child_process_.reset(new ChildProcessLauncher( |
| 239 delegate, | 241 delegate, |
| 240 cmd_line, | 242 cmd_line, |
| 241 data_.id, | 243 data_.id, |
| 242 this, | 244 this, |
| 243 mojo_child_token_, | 245 mojo_child_token_, |
| 246 base::Bind(&BrowserChildProcessHostImpl::OnMojoError, |
| 247 weak_factory_.GetWeakPtr(), |
| 248 base::ThreadTaskRunnerHandle::Get()), |
| 244 terminate_on_shutdown)); | 249 terminate_on_shutdown)); |
| 245 } | 250 } |
| 246 | 251 |
| 247 const ChildProcessData& BrowserChildProcessHostImpl::GetData() const { | 252 const ChildProcessData& BrowserChildProcessHostImpl::GetData() const { |
| 248 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 253 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 249 return data_; | 254 return data_; |
| 250 } | 255 } |
| 251 | 256 |
| 252 ChildProcessHost* BrowserChildProcessHostImpl::GetHost() const { | 257 ChildProcessHost* BrowserChildProcessHostImpl::GetHost() const { |
| 253 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 258 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| (...skipping 208 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 462 data_)); | 467 data_)); |
| 463 } | 468 } |
| 464 } | 469 } |
| 465 | 470 |
| 466 bool BrowserChildProcessHostImpl::IsProcessLaunched() const { | 471 bool BrowserChildProcessHostImpl::IsProcessLaunched() const { |
| 467 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 472 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 468 | 473 |
| 469 return child_process_.get() && child_process_->GetProcess().IsValid(); | 474 return child_process_.get() && child_process_->GetProcess().IsValid(); |
| 470 } | 475 } |
| 471 | 476 |
| 477 // static |
| 478 void BrowserChildProcessHostImpl::OnMojoError( |
| 479 base::WeakPtr<BrowserChildProcessHostImpl> process, |
| 480 scoped_refptr<base::SingleThreadTaskRunner> task_runner, |
| 481 const std::string& error) { |
| 482 if (!task_runner->BelongsToCurrentThread()) { |
| 483 task_runner->PostTask( |
| 484 FROM_HERE, base::Bind(&BrowserChildProcessHostImpl::OnMojoError, |
| 485 process, task_runner, error)); |
| 486 } |
| 487 if (!process) |
| 488 return; |
| 489 HistogramBadMessageTerminated(process->data_.process_type); |
| 490 if (base::CommandLine::ForCurrentProcess()->HasSwitch( |
| 491 switches::kDisableKillAfterBadIPC)) { |
| 492 return; |
| 493 } |
| 494 LOG(ERROR) << "Terminating child process for bad Mojo message: " << error; |
| 495 |
| 496 // Create a memory dump with the error message aliased. This will make it easy |
| 497 // to determine details about what interface call failed. |
| 498 base::debug::Alias(&error); |
| 499 base::debug::DumpWithoutCrashing(); |
| 500 process->child_process_->GetProcess().Terminate( |
| 501 RESULT_CODE_KILLED_BAD_MESSAGE, false); |
| 502 } |
| 503 |
| 472 #if defined(OS_WIN) | 504 #if defined(OS_WIN) |
| 473 | 505 |
| 474 void BrowserChildProcessHostImpl::OnObjectSignaled(HANDLE object) { | 506 void BrowserChildProcessHostImpl::OnObjectSignaled(HANDLE object) { |
| 475 OnChildDisconnected(); | 507 OnChildDisconnected(); |
| 476 } | 508 } |
| 477 | 509 |
| 478 #endif | 510 #endif |
| 479 | 511 |
| 480 } // namespace content | 512 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2054303002:
Kill child processes on bad Mojo messages (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@bad-message