| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/renderer_host/sandbox_ipc_linux.h" | 5 #include "content/browser/renderer_host/sandbox_ipc_linux.h" |
| 6 | 6 |
| 7 #include <fcntl.h> | 7 #include <fcntl.h> |
| 8 #include <fontconfig/fontconfig.h> | 8 #include <fontconfig/fontconfig.h> |
| 9 #include <sys/poll.h> | 9 #include <sys/poll.h> |
| 10 #include <sys/socket.h> | 10 #include <sys/socket.h> |
| (...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 151 SetProcessTitleFromCommandLine(NULL); | 151 SetProcessTitleFromCommandLine(NULL); |
| 152 } | 152 } |
| 153 | 153 |
| 154 void SandboxIPCProcess::Run() { | 154 void SandboxIPCProcess::Run() { |
| 155 struct pollfd pfds[2]; | 155 struct pollfd pfds[2]; |
| 156 pfds[0].fd = lifeline_fd_; | 156 pfds[0].fd = lifeline_fd_; |
| 157 pfds[0].events = POLLIN; | 157 pfds[0].events = POLLIN; |
| 158 pfds[1].fd = browser_socket_; | 158 pfds[1].fd = browser_socket_; |
| 159 pfds[1].events = POLLIN; | 159 pfds[1].events = POLLIN; |
| 160 | 160 |
| 161 if (!UnixDomainSocket::EnableReceiveProcessId(browser_socket_)) |
| 162 LOG(FATAL) << "failed to enable receiving PIDs"; |
| 163 |
| 161 int failed_polls = 0; | 164 int failed_polls = 0; |
| 162 for (;;) { | 165 for (;;) { |
| 163 const int r = HANDLE_EINTR(poll(pfds, 2, -1 /* no timeout */)); | 166 const int r = HANDLE_EINTR(poll(pfds, 2, -1 /* no timeout */)); |
| 164 // '0' is not a possible return value with no timeout. | 167 // '0' is not a possible return value with no timeout. |
| 165 DCHECK_NE(0, r); | 168 DCHECK_NE(0, r); |
| 166 if (r < 0) { | 169 if (r < 0) { |
| 167 PLOG(WARNING) << "poll"; | 170 PLOG(WARNING) << "poll"; |
| 168 if (failed_polls++ == 3) { | 171 if (failed_polls++ == 3) { |
| 169 LOG(FATAL) << "poll(2) failing. RenderSandboxHostLinux aborting."; | 172 LOG(FATAL) << "poll(2) failing. RenderSandboxHostLinux aborting."; |
| 170 return; | 173 return; |
| 171 } | 174 } |
| 172 continue; | 175 continue; |
| 173 } | 176 } |
| 174 | 177 |
| 175 failed_polls = 0; | 178 failed_polls = 0; |
| 176 | 179 |
| 177 if (pfds[0].revents) { | 180 if (pfds[0].revents) { |
| 178 // our parent died so we should too. | 181 // our parent died so we should too. |
| 179 _exit(0); | 182 _exit(0); |
| 180 } | 183 } |
| 181 | 184 |
| 182 if (pfds[1].revents) { | 185 if (pfds[1].revents) { |
| 183 HandleRequestFromRenderer(browser_socket_); | 186 HandleRequestFromRenderer(browser_socket_); |
| 184 } | 187 } |
| 185 } | 188 } |
| 186 } | 189 } |
| 187 | 190 |
| 188 void SandboxIPCProcess::HandleRequestFromRenderer(int fd) { | 191 void SandboxIPCProcess::HandleRequestFromRenderer(int fd) { |
| 189 std::vector<int> fds; | 192 std::vector<int> fds; |
| 193 base::ProcessId sender_pid; |
| 190 | 194 |
| 191 // A FontConfigIPC::METHOD_MATCH message could be kMaxFontFamilyLength | 195 // A FontConfigIPC::METHOD_MATCH message could be kMaxFontFamilyLength |
| 192 // bytes long (this is the largest message type). | 196 // bytes long (this is the largest message type). |
| 193 // 128 bytes padding are necessary so recvmsg() does not return MSG_TRUNC | 197 // 128 bytes padding are necessary so recvmsg() does not return MSG_TRUNC |
| 194 // error for a maximum length message. | 198 // error for a maximum length message. |
| 195 char buf[FontConfigIPC::kMaxFontFamilyLength + 128]; | 199 char buf[FontConfigIPC::kMaxFontFamilyLength + 128]; |
| 196 | 200 |
| 197 const ssize_t len = UnixDomainSocket::RecvMsg(fd, buf, sizeof(buf), &fds); | 201 const ssize_t len = |
| 202 UnixDomainSocket::RecvMsgWithPid(fd, buf, sizeof(buf), &fds, &sender_pid); |
| 198 if (len == -1) { | 203 if (len == -1) { |
| 199 // TODO: should send an error reply, or the sender might block forever. | 204 // TODO: should send an error reply, or the sender might block forever. |
| 200 NOTREACHED() << "Sandbox host message is larger than kMaxFontFamilyLength"; | 205 NOTREACHED() << "Sandbox host message is larger than kMaxFontFamilyLength"; |
| 201 return; | 206 return; |
| 202 } | 207 } |
| 203 if (fds.empty()) | 208 if (fds.empty()) |
| 204 return; | 209 return; |
| 205 | 210 |
| 206 Pickle pickle(buf, len); | 211 Pickle pickle(buf, len); |
| 207 PickleIterator iter(pickle); | 212 PickleIterator iter(pickle); |
| (...skipping 11 matching lines...) Expand all Loading... |
| 219 } else if (kind == LinuxSandbox::METHOD_LOCALTIME) { | 224 } else if (kind == LinuxSandbox::METHOD_LOCALTIME) { |
| 220 HandleLocaltime(fd, pickle, iter, fds); | 225 HandleLocaltime(fd, pickle, iter, fds); |
| 221 } else if (kind == LinuxSandbox::METHOD_GET_CHILD_WITH_INODE) { | 226 } else if (kind == LinuxSandbox::METHOD_GET_CHILD_WITH_INODE) { |
| 222 HandleGetChildWithInode(fd, pickle, iter, fds); | 227 HandleGetChildWithInode(fd, pickle, iter, fds); |
| 223 } else if (kind == LinuxSandbox::METHOD_GET_STYLE_FOR_STRIKE) { | 228 } else if (kind == LinuxSandbox::METHOD_GET_STYLE_FOR_STRIKE) { |
| 224 HandleGetStyleForStrike(fd, pickle, iter, fds); | 229 HandleGetStyleForStrike(fd, pickle, iter, fds); |
| 225 } else if (kind == LinuxSandbox::METHOD_MAKE_SHARED_MEMORY_SEGMENT) { | 230 } else if (kind == LinuxSandbox::METHOD_MAKE_SHARED_MEMORY_SEGMENT) { |
| 226 HandleMakeSharedMemorySegment(fd, pickle, iter, fds); | 231 HandleMakeSharedMemorySegment(fd, pickle, iter, fds); |
| 227 } else if (kind == LinuxSandbox::METHOD_MATCH_WITH_FALLBACK) { | 232 } else if (kind == LinuxSandbox::METHOD_MATCH_WITH_FALLBACK) { |
| 228 HandleMatchWithFallback(fd, pickle, iter, fds); | 233 HandleMatchWithFallback(fd, pickle, iter, fds); |
| 234 } else if (kind == LinuxSandbox::METHOD_GET_REAL_PID) { |
| 235 HandleGetRealPid(fd, pickle, iter, fds, sender_pid); |
| 229 } | 236 } |
| 230 | 237 |
| 231 error: | 238 error: |
| 232 for (std::vector<int>::const_iterator i = fds.begin(); i != fds.end(); ++i) { | 239 for (std::vector<int>::const_iterator i = fds.begin(); i != fds.end(); ++i) { |
| 233 close(*i); | 240 close(*i); |
| 234 } | 241 } |
| 235 } | 242 } |
| 236 | 243 |
| 237 int SandboxIPCProcess::FindOrAddPath(const SkString& path) { | 244 int SandboxIPCProcess::FindOrAddPath(const SkString& path) { |
| 238 int count = paths_.count(); | 245 int count = paths_.count(); |
| (...skipping 367 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 606 | 613 |
| 607 Pickle reply; | 614 Pickle reply; |
| 608 SendRendererReply(fds, reply, font_fd); | 615 SendRendererReply(fds, reply, font_fd); |
| 609 | 616 |
| 610 if (font_fd >= 0) { | 617 if (font_fd >= 0) { |
| 611 if (IGNORE_EINTR(close(font_fd)) < 0) | 618 if (IGNORE_EINTR(close(font_fd)) < 0) |
| 612 PLOG(ERROR) << "close"; | 619 PLOG(ERROR) << "close"; |
| 613 } | 620 } |
| 614 } | 621 } |
| 615 | 622 |
| 623 void SandboxIPCProcess::HandleGetRealPid(int fd, |
| 624 const Pickle& pickle, |
| 625 PickleIterator iter, |
| 626 std::vector<int>& fds, |
| 627 base::ProcessId sender_pid) { |
| 628 if (fds.size() != 2) |
| 629 return; |
| 630 |
| 631 bool return_pid; |
| 632 if (!iter.ReadBool(&return_pid)) |
| 633 return; |
| 634 |
| 635 // Write it to the zygote process. |
| 636 const ssize_t written = |
| 637 HANDLE_EINTR(write(fds[1], &sender_pid, sizeof(sender_pid))); |
| 638 if (written != sizeof(sender_pid)) |
| 639 LOG(ERROR) << "Failed to write real pid to zygote"; |
| 640 |
| 641 Pickle reply; |
| 642 reply.WriteInt(return_pid ? sender_pid : 0); |
| 643 SendRendererReply(fds, reply, -1); |
| 644 } |
| 645 |
| 616 void SandboxIPCProcess::SendRendererReply(const std::vector<int>& fds, | 646 void SandboxIPCProcess::SendRendererReply(const std::vector<int>& fds, |
| 617 const Pickle& reply, | 647 const Pickle& reply, |
| 618 int reply_fd) { | 648 int reply_fd) { |
| 619 struct msghdr msg; | 649 struct msghdr msg; |
| 620 memset(&msg, 0, sizeof(msg)); | 650 memset(&msg, 0, sizeof(msg)); |
| 621 struct iovec iov = {const_cast<void*>(reply.data()), reply.size()}; | 651 struct iovec iov = {const_cast<void*>(reply.data()), reply.size()}; |
| 622 msg.msg_iov = &iov; | 652 msg.msg_iov = &iov; |
| 623 msg.msg_iovlen = 1; | 653 msg.msg_iovlen = 1; |
| 624 | 654 |
| 625 char control_buffer[CMSG_SPACE(sizeof(int))]; | 655 char control_buffer[CMSG_SPACE(sizeof(int))]; |
| (...skipping 29 matching lines...) Expand all Loading... |
| 655 } | 685 } |
| 656 | 686 |
| 657 void SandboxIPCProcess::EnsureWebKitInitialized() { | 687 void SandboxIPCProcess::EnsureWebKitInitialized() { |
| 658 if (webkit_platform_support_) | 688 if (webkit_platform_support_) |
| 659 return; | 689 return; |
| 660 webkit_platform_support_.reset(new BlinkPlatformImpl); | 690 webkit_platform_support_.reset(new BlinkPlatformImpl); |
| 661 blink::initializeWithoutV8(webkit_platform_support_.get()); | 691 blink::initializeWithoutV8(webkit_platform_support_.get()); |
| 662 } | 692 } |
| 663 | 693 |
| 664 } // namespace content | 694 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 240463005:
Stop using chrome-sandbox to determine real pids (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src