| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/zygote_host/zygote_host_impl_linux.h" | 5 #include "content/browser/zygote_host/zygote_host_impl_linux.h" |
| 6 | 6 |
| 7 #include <sys/socket.h> | 7 #include <sys/socket.h> |
| 8 #include <sys/stat.h> | 8 #include <sys/stat.h> |
| 9 #include <sys/types.h> | 9 #include <sys/types.h> |
| 10 #include <unistd.h> | 10 #include <unistd.h> |
| (...skipping 11 matching lines...) Expand all Loading... |
| 22 #include "base/path_service.h" | 22 #include "base/path_service.h" |
| 23 #include "base/posix/eintr_wrapper.h" | 23 #include "base/posix/eintr_wrapper.h" |
| 24 #include "base/posix/unix_domain_socket_linux.h" | 24 #include "base/posix/unix_domain_socket_linux.h" |
| 25 #include "base/process/launch.h" | 25 #include "base/process/launch.h" |
| 26 #include "base/process/memory.h" | 26 #include "base/process/memory.h" |
| 27 #include "base/strings/string_number_conversions.h" | 27 #include "base/strings/string_number_conversions.h" |
| 28 #include "base/strings/string_util.h" | 28 #include "base/strings/string_util.h" |
| 29 #include "base/strings/utf_string_conversions.h" | 29 #include "base/strings/utf_string_conversions.h" |
| 30 #include "base/time/time.h" | 30 #include "base/time/time.h" |
| 31 #include "content/browser/renderer_host/render_sandbox_host_linux.h" | 31 #include "content/browser/renderer_host/render_sandbox_host_linux.h" |
| 32 #include "content/common/child_process_sandbox_support_impl_linux.h" |
| 32 #include "content/common/zygote_commands_linux.h" | 33 #include "content/common/zygote_commands_linux.h" |
| 33 #include "content/public/browser/content_browser_client.h" | 34 #include "content/public/browser/content_browser_client.h" |
| 34 #include "content/public/common/content_switches.h" | 35 #include "content/public/common/content_switches.h" |
| 35 #include "content/public/common/result_codes.h" | 36 #include "content/public/common/result_codes.h" |
| 36 #include "sandbox/linux/suid/client/setuid_sandbox_client.h" | 37 #include "sandbox/linux/suid/client/setuid_sandbox_client.h" |
| 37 #include "sandbox/linux/suid/common/sandbox.h" | 38 #include "sandbox/linux/suid/common/sandbox.h" |
| 38 #include "ui/base/ui_base_switches.h" | 39 #include "ui/base/ui_base_switches.h" |
| 39 | 40 |
| 40 #if defined(USE_TCMALLOC) | 41 #if defined(USE_TCMALLOC) |
| 41 #include "third_party/tcmalloc/chromium/src/gperftools/heap-profiler.h" | 42 #include "third_party/tcmalloc/chromium/src/gperftools/heap-profiler.h" |
| (...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 142 LOG(FATAL) << "The SUID sandbox helper binary was found, but is not " | 143 LOG(FATAL) << "The SUID sandbox helper binary was found, but is not " |
| 143 "configured correctly. Rather than run without sandboxing " | 144 "configured correctly. Rather than run without sandboxing " |
| 144 "I'm aborting now. You need to make sure that " | 145 "I'm aborting now. You need to make sure that " |
| 145 << sandbox_binary_ << " is owned by root and has mode 4755."; | 146 << sandbox_binary_ << " is owned by root and has mode 4755."; |
| 146 } | 147 } |
| 147 } | 148 } |
| 148 | 149 |
| 149 // Start up the sandbox host process and get the file descriptor for the | 150 // Start up the sandbox host process and get the file descriptor for the |
| 150 // renderers to talk to it. | 151 // renderers to talk to it. |
| 151 const int sfd = RenderSandboxHostLinux::GetInstance()->GetRendererSocket(); | 152 const int sfd = RenderSandboxHostLinux::GetInstance()->GetRendererSocket(); |
| 152 fds_to_map.push_back(std::make_pair(sfd, kZygoteRendererSocketFd)); | 153 fds_to_map.push_back(std::make_pair(sfd, GetSandboxFD())); |
| 153 | 154 |
| 154 int dummy_fd = -1; | 155 int dummy_fd = -1; |
| 155 if (using_suid_sandbox_) { | 156 if (using_suid_sandbox_) { |
| 156 dummy_fd = socket(PF_UNIX, SOCK_DGRAM, 0); | 157 dummy_fd = socket(PF_UNIX, SOCK_DGRAM, 0); |
| 157 CHECK(dummy_fd >= 0); | 158 CHECK(dummy_fd >= 0); |
| 158 fds_to_map.push_back(std::make_pair(dummy_fd, kZygoteIdFd)); | 159 fds_to_map.push_back(std::make_pair(dummy_fd, kZygoteIdFd)); |
| 159 } | 160 } |
| 160 | 161 |
| 161 base::ProcessHandle process = -1; | 162 base::ProcessHandle process = -1; |
| 162 base::LaunchOptions options; | 163 base::LaunchOptions options; |
| (...skipping 342 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 505 return RenderSandboxHostLinux::GetInstance()->pid(); | 506 return RenderSandboxHostLinux::GetInstance()->pid(); |
| 506 } | 507 } |
| 507 | 508 |
| 508 int ZygoteHostImpl::GetSandboxStatus() const { | 509 int ZygoteHostImpl::GetSandboxStatus() const { |
| 509 if (have_read_sandbox_status_word_) | 510 if (have_read_sandbox_status_word_) |
| 510 return sandbox_status_; | 511 return sandbox_status_; |
| 511 return 0; | 512 return 0; |
| 512 } | 513 } |
| 513 | 514 |
| 514 } // namespace content | 515 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 23956010:
Define magic descriptors in one place. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master