Chromium Code Reviews Chromium Code Reviews
Issue 258893004:
Use RecvMsgWithPid to find zygote PID instead of chrome-sandbox (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/zygote_host/zygote_host_impl_linux.h" | 5 #include "content/browser/zygote_host/zygote_host_impl_linux.h" |
| 6 | 6 |
| 7 #include <string.h> | |
| 7 #include <sys/socket.h> | 8 #include <sys/socket.h> |
| 8 #include <sys/stat.h> | 9 #include <sys/stat.h> |
| 9 #include <sys/types.h> | 10 #include <sys/types.h> |
| 10 #include <unistd.h> | 11 #include <unistd.h> |
| 11 | 12 |
| 12 #include "base/base_switches.h" | 13 #include "base/base_switches.h" |
| 13 #include "base/command_line.h" | 14 #include "base/command_line.h" |
| 14 #include "base/environment.h" | 15 #include "base/environment.h" |
| 15 #include "base/file_util.h" | 16 #include "base/file_util.h" |
| 16 #include "base/files/file_enumerator.h" | 17 #include "base/files/file_enumerator.h" |
| 17 #include "base/files/scoped_file.h" | 18 #include "base/files/scoped_file.h" |
| 18 #include "base/linux_util.h" | 19 #include "base/linux_util.h" |
| 19 #include "base/logging.h" | 20 #include "base/logging.h" |
| 20 #include "base/memory/linked_ptr.h" | 21 #include "base/memory/linked_ptr.h" |
| 21 #include "base/memory/scoped_ptr.h" | 22 #include "base/memory/scoped_ptr.h" |
| 22 #include "base/metrics/histogram.h" | 23 #include "base/metrics/histogram.h" |
| 23 #include "base/path_service.h" | 24 #include "base/path_service.h" |
| 24 #include "base/posix/eintr_wrapper.h" | 25 #include "base/posix/eintr_wrapper.h" |
| 25 #include "base/posix/unix_domain_socket_linux.h" | 26 #include "base/posix/unix_domain_socket_linux.h" |
| 26 #include "base/process/launch.h" | 27 #include "base/process/launch.h" |
| 27 #include "base/process/memory.h" | 28 #include "base/process/memory.h" |
| 29 #include "base/process/process_handle.h" | |
| 28 #include "base/strings/string_number_conversions.h" | 30 #include "base/strings/string_number_conversions.h" |
| 29 #include "base/strings/string_util.h" | 31 #include "base/strings/string_util.h" |
| 30 #include "base/strings/utf_string_conversions.h" | 32 #include "base/strings/utf_string_conversions.h" |
| 31 #include "base/time/time.h" | 33 #include "base/time/time.h" |
| 32 #include "content/browser/renderer_host/render_sandbox_host_linux.h" | 34 #include "content/browser/renderer_host/render_sandbox_host_linux.h" |
| 33 #include "content/common/child_process_sandbox_support_impl_linux.h" | 35 #include "content/common/child_process_sandbox_support_impl_linux.h" |
| 34 #include "content/common/zygote_commands_linux.h" | 36 #include "content/common/zygote_commands_linux.h" |
| 35 #include "content/public/browser/content_browser_client.h" | 37 #include "content/public/browser/content_browser_client.h" |
| 36 #include "content/public/common/content_switches.h" | 38 #include "content/public/common/content_switches.h" |
| 37 #include "content/public/common/result_codes.h" | 39 #include "content/public/common/result_codes.h" |
| 38 #include "sandbox/linux/suid/client/setuid_sandbox_client.h" | 40 #include "sandbox/linux/suid/client/setuid_sandbox_client.h" |
| 39 #include "sandbox/linux/suid/common/sandbox.h" | 41 #include "sandbox/linux/suid/common/sandbox.h" |
| 40 #include "ui/base/ui_base_switches.h" | 42 #include "ui/base/ui_base_switches.h" |
| 41 #include "ui/gfx/switches.h" | 43 #include "ui/gfx/switches.h" |
| 42 | 44 |
| 43 #if defined(USE_TCMALLOC) | 45 #if defined(USE_TCMALLOC) |
| 44 #include "third_party/tcmalloc/chromium/src/gperftools/heap-profiler.h" | 46 #include "third_party/tcmalloc/chromium/src/gperftools/heap-profiler.h" |
| 45 #endif | 47 #endif |
| 46 | 48 |
| 47 namespace content { | 49 namespace content { |
| 48 | 50 |
| 51 // Returns true if proc is the same process as or a descendent process of | |
|
jln (very slow on Chromium)
2014/04/26 00:54:10
nit: |proc| is the prevailing style in new code.
n
mdempsky
2014/04/26 03:07:15
Oops, done.
| |
| 52 // ancestor. | |
| 53 static bool SameOrDescendantOf(base::ProcessId proc, base::ProcessId root) { | |
| 54 for (unsigned i = 0; i < 100; i++) { | |
| 55 if (proc == root) | |
| 56 return true; | |
| 57 | |
| 58 // Walk up process tree. | |
| 59 base::ProcessHandle handle; | |
| 60 CHECK(base::OpenProcessHandle(proc, &handle)); | |
| 61 proc = base::GetParentProcessId(handle); | |
| 62 base::CloseProcessHandle(handle); | |
| 63 if (proc < 0) | |
| 64 return false; | |
| 65 } | |
| 66 | |
| 67 NOTREACHED(); | |
| 68 return false; | |
| 69 } | |
| 70 | |
| 49 // static | 71 // static |
| 50 ZygoteHost* ZygoteHost::GetInstance() { | 72 ZygoteHost* ZygoteHost::GetInstance() { |
| 51 return ZygoteHostImpl::GetInstance(); | 73 return ZygoteHostImpl::GetInstance(); |
| 52 } | 74 } |
| 53 | 75 |
| 54 ZygoteHostImpl::ZygoteHostImpl() | 76 ZygoteHostImpl::ZygoteHostImpl() |
| 55 : control_fd_(-1), | 77 : control_fd_(-1), |
| 56 control_lock_(), | 78 control_lock_(), |
| 57 pid_(-1), | 79 pid_(-1), |
| 58 init_(false), | 80 init_(false), |
| (...skipping 17 matching lines...) Expand all Loading... | |
| 76 init_ = true; | 98 init_ = true; |
| 77 | 99 |
| 78 base::FilePath chrome_path; | 100 base::FilePath chrome_path; |
| 79 CHECK(PathService::Get(base::FILE_EXE, &chrome_path)); | 101 CHECK(PathService::Get(base::FILE_EXE, &chrome_path)); |
| 80 CommandLine cmd_line(chrome_path); | 102 CommandLine cmd_line(chrome_path); |
| 81 | 103 |
| 82 cmd_line.AppendSwitchASCII(switches::kProcessType, switches::kZygoteProcess); | 104 cmd_line.AppendSwitchASCII(switches::kProcessType, switches::kZygoteProcess); |
| 83 | 105 |
| 84 int fds[2]; | 106 int fds[2]; |
| 85 CHECK(socketpair(AF_UNIX, SOCK_SEQPACKET, 0, fds) == 0); | 107 CHECK(socketpair(AF_UNIX, SOCK_SEQPACKET, 0, fds) == 0); |
| 108 CHECK(UnixDomainSocket::EnableReceiveProcessId(fds[0])); | |
| 86 base::FileHandleMappingVector fds_to_map; | 109 base::FileHandleMappingVector fds_to_map; |
| 87 fds_to_map.push_back(std::make_pair(fds[1], kZygoteSocketPairFd)); | 110 fds_to_map.push_back(std::make_pair(fds[1], kZygoteSocketPairFd)); |
| 88 | 111 |
| 89 base::LaunchOptions options; | 112 base::LaunchOptions options; |
| 90 const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess(); | 113 const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess(); |
| 91 if (browser_command_line.HasSwitch(switches::kZygoteCmdPrefix)) { | 114 if (browser_command_line.HasSwitch(switches::kZygoteCmdPrefix)) { |
| 92 cmd_line.PrependWrapper( | 115 cmd_line.PrependWrapper( |
| 93 browser_command_line.GetSwitchValueNative(switches::kZygoteCmdPrefix)); | 116 browser_command_line.GetSwitchValueNative(switches::kZygoteCmdPrefix)); |
| 94 } | 117 } |
| 95 // Append any switches from the browser process that need to be forwarded on | 118 // Append any switches from the browser process that need to be forwarded on |
| (...skipping 23 matching lines...) Expand all Loading... | |
| 119 sandbox_binary_ = sandbox_cmd.c_str(); | 142 sandbox_binary_ = sandbox_cmd.c_str(); |
| 120 | 143 |
| 121 // A non empty sandbox_cmd means we want a SUID sandbox. | 144 // A non empty sandbox_cmd means we want a SUID sandbox. |
| 122 using_suid_sandbox_ = !sandbox_cmd.empty(); | 145 using_suid_sandbox_ = !sandbox_cmd.empty(); |
| 123 | 146 |
| 124 // Start up the sandbox host process and get the file descriptor for the | 147 // Start up the sandbox host process and get the file descriptor for the |
| 125 // renderers to talk to it. | 148 // renderers to talk to it. |
| 126 const int sfd = RenderSandboxHostLinux::GetInstance()->GetRendererSocket(); | 149 const int sfd = RenderSandboxHostLinux::GetInstance()->GetRendererSocket(); |
| 127 fds_to_map.push_back(std::make_pair(sfd, GetSandboxFD())); | 150 fds_to_map.push_back(std::make_pair(sfd, GetSandboxFD())); |
| 128 | 151 |
| 129 int dummy_fd = -1; | 152 base::ScopedFD dummy_fd; |
| 130 if (using_suid_sandbox_) { | 153 if (using_suid_sandbox_) { |
| 131 scoped_ptr<sandbox::SetuidSandboxClient> | 154 scoped_ptr<sandbox::SetuidSandboxClient> |
| 132 sandbox_client(sandbox::SetuidSandboxClient::Create()); | 155 sandbox_client(sandbox::SetuidSandboxClient::Create()); |
| 133 sandbox_client->PrependWrapper(&cmd_line, &options); | 156 sandbox_client->PrependWrapper(&cmd_line, &options); |
| 134 sandbox_client->SetupLaunchEnvironment(); | 157 sandbox_client->SetupLaunchEnvironment(); |
| 135 | 158 |
| 159 // We no longer need this dummy socket for discovering the zygote's PID, | |
| 160 // but the sandbox is still hard-coded to expect a file descriptor at | |
| 161 // kZygoteIdFd. Fixing this requires a sandbox API change. :( | |
| 136 CHECK_EQ(kZygoteIdFd, sandbox_client->GetUniqueToChildFileDescriptor()); | 162 CHECK_EQ(kZygoteIdFd, sandbox_client->GetUniqueToChildFileDescriptor()); |
| 137 dummy_fd = socket(AF_UNIX, SOCK_DGRAM, 0); | 163 dummy_fd.reset(socket(AF_UNIX, SOCK_DGRAM, 0)); |
| 138 CHECK(dummy_fd >= 0); | 164 CHECK_GE(dummy_fd.get(), 0); |
| 139 fds_to_map.push_back(std::make_pair(dummy_fd, kZygoteIdFd)); | 165 fds_to_map.push_back(std::make_pair(dummy_fd.get(), kZygoteIdFd)); |
| 140 } | 166 } |
| 141 | 167 |
| 142 base::ProcessHandle process = -1; | 168 base::ProcessHandle process = -1; |
| 143 options.fds_to_remap = &fds_to_map; | 169 options.fds_to_remap = &fds_to_map; |
| 144 base::LaunchProcess(cmd_line.argv(), options, &process); | 170 base::LaunchProcess(cmd_line.argv(), options, &process); |
| 145 CHECK(process != -1) << "Failed to launch zygote process"; | 171 CHECK(process != -1) << "Failed to launch zygote process"; |
| 172 dummy_fd.reset(); | |
| 146 | 173 |
| 147 if (using_suid_sandbox_) { | 174 if (using_suid_sandbox_) { |
| 148 // In the SUID sandbox, the real zygote is forked from the sandbox. | 175 // In the SUID sandbox, the real zygote is forked from the sandbox. |
| 149 // We need to look for it. | 176 // Wait for the zygote to tell us it's running, and receive its PID. |
|
jln (very slow on Chromium)
2014/04/26 00:54:10
Do you want to add a longer comment here?
Let's e
mdempsky
2014/04/26 03:07:15
Done. PTAL and let me know if you think the new w
| |
| 150 // But first, wait for the zygote to tell us it's running. | |
| 151 // The sending code is in content/browser/zygote_main_linux.cc. | 177 // The sending code is in content/browser/zygote_main_linux.cc. |
| 152 std::vector<int> fds_vec; | 178 std::vector<int> fds_vec; |
| 153 const int kExpectedLength = sizeof(kZygoteHelloMessage); | 179 const size_t kExpectedLength = sizeof(kZygoteHelloMessage); |
| 154 char buf[kExpectedLength]; | 180 char buf[kExpectedLength]; |
| 155 const ssize_t len = UnixDomainSocket::RecvMsg(fds[0], buf, sizeof(buf), | 181 const ssize_t len = UnixDomainSocket::RecvMsgWithPid( |
| 156 &fds_vec); | 182 fds[0], buf, sizeof(buf), &fds_vec, &pid_); |
| 157 CHECK_EQ(kExpectedLength, len) << "Incorrect zygote magic length"; | 183 CHECK_EQ(kExpectedLength, static_cast<size_t>(len)) |
| 158 CHECK(0 == strcmp(buf, kZygoteHelloMessage)) << "Incorrect zygote hello"; | 184 << "Incorrect zygote magic length"; |
| 185 CHECK_EQ(0, memcmp(buf, kZygoteHelloMessage, kExpectedLength)) | |
| 186 << "Incorrect zygote hello"; | |
| 187 CHECK_EQ(0U, fds_vec.size()) | |
| 188 << "Zygote hello should not include file descriptors"; | |
| 159 | 189 |
| 160 std::string inode_output; | 190 static const char kInvalidPID[] = |
| 161 ino_t inode = 0; | 191 "Received invalid process ID for zygote; kernel might be too old? " |
| 162 // Figure out the inode for |dummy_fd|, close |dummy_fd| on our end, | 192 "See crbug.com/357670."; |
|
jln (very slow on Chromium)
2014/04/26 00:54:10
Let's add a note that they can use "--" + kDisable
mdempsky
2014/04/26 03:07:15
Done.
| |
| 163 // and find the zygote process holding |dummy_fd|. | 193 CHECK_GE(pid_, 1) << kInvalidPID; |
| 164 CHECK(base::FileDescriptorGetInode(&inode, dummy_fd)) | 194 CHECK(SameOrDescendantOf(pid_, base::GetProcId(process))) << kInvalidPID; |
| 165 << "Cannot get inode for dummy_fd " << dummy_fd; | |
| 166 close(dummy_fd); | |
| 167 | |
| 168 std::vector<std::string> get_inode_cmdline; | |
| 169 get_inode_cmdline.push_back(sandbox_binary_); | |
| 170 get_inode_cmdline.push_back(base::kFindInodeSwitch); | |
| 171 get_inode_cmdline.push_back(base::Int64ToString(inode)); | |
| 172 CommandLine get_inode_cmd(get_inode_cmdline); | |
| 173 CHECK(base::GetAppOutput(get_inode_cmd, &inode_output)) | |
| 174 << "Find inode command failed for inode " << inode; | |
| 175 | |
| 176 base::TrimWhitespaceASCII(inode_output, base::TRIM_ALL, &inode_output); | |
| 177 CHECK(base::StringToInt(inode_output, &pid_)) | |
| 178 << "Invalid find inode output: " << inode_output; | |
| 179 CHECK(pid_ > 0) << "Did not find zygote process (using sandbox binary " | |
| 180 << sandbox_binary_ << ")"; | |
| 181 | 195 |
| 182 if (process != pid_) { | 196 if (process != pid_) { |
| 183 // Reap the sandbox. | 197 // Reap the sandbox. |
| 184 base::EnsureProcessGetsReaped(process); | 198 base::EnsureProcessGetsReaped(process); |
| 185 } | 199 } |
| 186 } else { | 200 } else { |
| 187 // Not using the SUID sandbox. | 201 // Not using the SUID sandbox. |
| 188 pid_ = process; | 202 pid_ = process; |
| 189 } | 203 } |
| 190 | 204 |
| (...skipping 315 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 506 return RenderSandboxHostLinux::GetInstance()->pid(); | 520 return RenderSandboxHostLinux::GetInstance()->pid(); |
| 507 } | 521 } |
| 508 | 522 |
| 509 int ZygoteHostImpl::GetSandboxStatus() const { | 523 int ZygoteHostImpl::GetSandboxStatus() const { |
| 510 if (have_read_sandbox_status_word_) | 524 if (have_read_sandbox_status_word_) |
| 511 return sandbox_status_; | 525 return sandbox_status_; |
| 512 return 0; | 526 return 0; |
| 513 } | 527 } |
| 514 | 528 |
| 515 } // namespace content | 529 } // namespace content |
| OLD | NEW |
