Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(367)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/nacl/loader/nacl_helper_linux.cc

Issue 269543014: Use RecvMsgWithPid to find real PID for zygote children (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Restore error handling code paths Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | content/browser/zygote_host/zygote_host_impl_linux.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/nacl/loader/nacl_helper_linux.cc
diff --git a/components/nacl/loader/nacl_helper_linux.cc b/components/nacl/loader/nacl_helper_linux.cc
index eaf6204d69673cddd343fdaf58f91044f57f8499..e170c526da5b2dcd302a5e17c83b05f6d4432a7d 100644
--- a/components/nacl/loader/nacl_helper_linux.cc
+++ b/components/nacl/loader/nacl_helper_linux.cc
@@ -36,6 +36,7 @@
#include "components/nacl/loader/nacl_listener.h"
#include "components/nacl/loader/nonsfi/irt_exception_handling.h"
#include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h"
+#include "content/public/common/child_process_sandbox_support_linux.h"
#include "content/public/common/content_descriptors.h"
#include "content/public/common/zygote_fork_delegate_linux.h"
#include "crypto/nss_util.h"
@@ -114,41 +115,24 @@ void ChildNaClLoaderInit(ScopedVector<base::ScopedFD> child_fds,
bool uses_nonsfi_mode,
nacl::NaClSandbox* nacl_sandbox,
const std::string& channel_id) {
- bool validack = false;
- base::ProcessId real_pid;
- // Wait until the parent process has discovered our PID. We
- // should not fork any child processes (which the seccomp
- // sandbox does) until then, because that can interfere with the
- // parent's discovery of our PID.
- const ssize_t nread = HANDLE_EINTR(
- read(child_fds[content::ZygoteForkDelegate::kParentFDIndex]->get(),
- &real_pid,
- sizeof(real_pid)));
- if (static_cast<size_t>(nread) == sizeof(real_pid)) {
- // Make sure the parent didn't accidentally send us our real PID.
- // We don't want it to be discoverable anywhere in our address space
- // when we start running untrusted code.
- CHECK(real_pid == 0);
-
- CommandLine::ForCurrentProcess()->AppendSwitchASCII(
- switches::kProcessChannelID, channel_id);
- validack = true;
- } else {
- if (nread < 0)
- perror("read");
- LOG(ERROR) << "read returned " << nread;
- }
+ DCHECK(child_fds.size() >
+ std::max(content::ZygoteForkDelegate::kPIDOracleFDIndex,
+ content::ZygoteForkDelegate::kBrowserFDIndex));
+
+ // Ping the PID oracle socket.
+ CHECK(content::SendZygoteChildPing(
+ child_fds[content::ZygoteForkDelegate::kPIDOracleFDIndex]->get()));
+ CommandLine::ForCurrentProcess()->AppendSwitchASCII(
+ switches::kProcessChannelID, channel_id);
+
+ // Save the browser socket and close the rest.
base::ScopedFD browser_fd(
child_fds[content::ZygoteForkDelegate::kBrowserFDIndex]->Pass());
child_fds.clear();
- if (validack) {
- BecomeNaClLoader(
- browser_fd.Pass(), system_info, uses_nonsfi_mode, nacl_sandbox);
- } else {
- LOG(ERROR) << "Failed to synch with zygote";
- }
+ BecomeNaClLoader(
+ browser_fd.Pass(), system_info, uses_nonsfi_mode, nacl_sandbox);
_exit(1);
}
« no previous file with comments | « no previous file | content/browser/zygote_host/zygote_host_impl_linux.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698