Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(54)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/zygote_host/zygote_host_impl_linux.cc

Issue 2950153002: Improve process launch handle sharing API. (Closed)
Patch Set: Fix Mojo launcher, review comments Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« components/browser_watcher/window_hang_monitor_win_unittest.cc ('K') | « content/browser/zygote_host/zygote_communication_linux.cc ('k') | content/common/sandbox_win.cc » ('j') | mojo/edk/test/multiprocess_test_helper.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/zygote_host/zygote_host_impl_linux.h" 5 #include "content/browser/zygote_host/zygote_host_impl_linux.h"
6 6
7 #include <sys/socket.h> 7 #include <sys/socket.h>
8 8
9 #include "base/allocator/allocator_extension.h" 9 #include "base/allocator/allocator_extension.h"
10 #include "base/files/file_enumerator.h" 10 #include "base/files/file_enumerator.h"
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after
132 int ZygoteHostImpl::GetRendererSandboxStatus() const { 132 int ZygoteHostImpl::GetRendererSandboxStatus() const {
133 return renderer_sandbox_status_; 133 return renderer_sandbox_status_;
134 } 134 }
135 135
136 pid_t ZygoteHostImpl::LaunchZygote(base::CommandLine* cmd_line, 136 pid_t ZygoteHostImpl::LaunchZygote(base::CommandLine* cmd_line,
137 base::ScopedFD* control_fd) { 137 base::ScopedFD* control_fd) {
138 int fds[2]; 138 int fds[2];
139 CHECK_EQ(0, socketpair(AF_UNIX, SOCK_SEQPACKET, 0, fds)); 139 CHECK_EQ(0, socketpair(AF_UNIX, SOCK_SEQPACKET, 0, fds));
140 CHECK(base::UnixDomainSocket::EnableReceiveProcessId(fds[0])); 140 CHECK(base::UnixDomainSocket::EnableReceiveProcessId(fds[0]));
141 141
142 base::FileHandleMappingVector fds_to_map; 142 base::LaunchOptions options;
143 fds_to_map.push_back(std::make_pair(fds[1], kZygoteSocketPairFd)); 143 options.fds_to_remap.push_back(std::make_pair(fds[1], kZygoteSocketPairFd));
144 144
145 // Start up the sandbox host process and get the file descriptor for the 145 // Start up the sandbox host process and get the file descriptor for the
146 // renderers to talk to it. 146 // renderers to talk to it.
147 const int sfd = RenderSandboxHostLinux::GetInstance()->GetRendererSocket(); 147 const int sfd = RenderSandboxHostLinux::GetInstance()->GetRendererSocket();
148 fds_to_map.push_back(std::make_pair(sfd, GetSandboxFD())); 148 options.fds_to_remap.push_back(std::make_pair(sfd, GetSandboxFD()));
149 149
150 base::LaunchOptions options;
151 base::ScopedFD dummy_fd; 150 base::ScopedFD dummy_fd;
152 if (use_suid_sandbox_) { 151 if (use_suid_sandbox_) {
153 std::unique_ptr<sandbox::SetuidSandboxHost> sandbox_host( 152 std::unique_ptr<sandbox::SetuidSandboxHost> sandbox_host(
154 sandbox::SetuidSandboxHost::Create()); 153 sandbox::SetuidSandboxHost::Create());
155 sandbox_host->PrependWrapper(cmd_line); 154 sandbox_host->PrependWrapper(cmd_line);
156 sandbox_host->SetupLaunchOptions(&options, &fds_to_map, &dummy_fd); 155 sandbox_host->SetupLaunchOptions(&options, &dummy_fd);
157 sandbox_host->SetupLaunchEnvironment(); 156 sandbox_host->SetupLaunchEnvironment();
158 } 157 }
159 158
160 options.fds_to_remap = &fds_to_map;
161 base::Process process = 159 base::Process process =
162 use_namespace_sandbox_ 160 use_namespace_sandbox_
163 ? sandbox::NamespaceSandbox::LaunchProcess(*cmd_line, options) 161 ? sandbox::NamespaceSandbox::LaunchProcess(*cmd_line, options)
164 : base::LaunchProcess(*cmd_line, options); 162 : base::LaunchProcess(*cmd_line, options);
165 CHECK(process.IsValid()) << "Failed to launch zygote process"; 163 CHECK(process.IsValid()) << "Failed to launch zygote process";
166 164
167 dummy_fd.reset(); 165 dummy_fd.reset();
168 close(fds[1]); 166 close(fds[1]);
169 control_fd->reset(fds[0]); 167 control_fd->reset(fds[0]);
170 168
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after
275 options.allow_new_privs = true; 273 options.allow_new_privs = true;
276 274
277 base::Process sandbox_helper_process = 275 base::Process sandbox_helper_process =
278 base::LaunchProcess(adj_oom_score_cmdline, options); 276 base::LaunchProcess(adj_oom_score_cmdline, options);
279 if (sandbox_helper_process.IsValid()) 277 if (sandbox_helper_process.IsValid())
280 base::EnsureProcessGetsReaped(sandbox_helper_process.Pid()); 278 base::EnsureProcessGetsReaped(sandbox_helper_process.Pid());
281 } 279 }
282 #endif 280 #endif
283 281
284 } // namespace content 282 } // namespace content
OLDNEW
« components/browser_watcher/window_hang_monitor_win_unittest.cc ('K') | « content/browser/zygote_host/zygote_communication_linux.cc ('k') | content/common/sandbox_win.cc » ('j') | mojo/edk/test/multiprocess_test_helper.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698