| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // A mini-zygote specifically for Native Client. | 5 // A mini-zygote specifically for Native Client. |
| 6 | 6 |
| 7 #include "components/nacl/loader/nacl_helper_linux.h" | 7 #include "components/nacl/loader/nacl_helper_linux.h" |
| 8 | 8 |
| 9 // Exclude most of code in this file for nacl_helper_nonsfi temporarily. | 9 // Exclude most of code in this file for nacl_helper_nonsfi temporarily. |
| 10 // TODO(hidehiko): Enable this code path as dependencies become ready. | 10 // TODO(hidehiko): Enable this code path as dependencies become ready. |
| (...skipping 30 matching lines...) Expand all Loading... |
| 41 #include "base/rand_util.h" | 41 #include "base/rand_util.h" |
| 42 #include "components/nacl/common/nacl_switches.h" | 42 #include "components/nacl/common/nacl_switches.h" |
| 43 #include "components/nacl/loader/nacl_listener.h" | 43 #include "components/nacl/loader/nacl_listener.h" |
| 44 #include "components/nacl/loader/nonsfi/irt_exception_handling.h" | 44 #include "components/nacl/loader/nonsfi/irt_exception_handling.h" |
| 45 #include "components/nacl/loader/nonsfi/nonsfi_listener.h" | 45 #include "components/nacl/loader/nonsfi/nonsfi_listener.h" |
| 46 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" | 46 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" |
| 47 #include "content/public/common/child_process_sandbox_support_linux.h" | 47 #include "content/public/common/child_process_sandbox_support_linux.h" |
| 48 #include "content/public/common/content_descriptors.h" | 48 #include "content/public/common/content_descriptors.h" |
| 49 #include "content/public/common/zygote_fork_delegate_linux.h" | 49 #include "content/public/common/zygote_fork_delegate_linux.h" |
| 50 #include "crypto/nss_util.h" | 50 #include "crypto/nss_util.h" |
| 51 #include "ipc/ipc_channel.h" |
| 51 #include "ipc/ipc_descriptors.h" | 52 #include "ipc/ipc_descriptors.h" |
| 52 #include "ipc/ipc_switches.h" | 53 #include "ipc/ipc_switches.h" |
| 53 #include "sandbox/linux/services/libc_urandom_override.h" | 54 #include "sandbox/linux/services/libc_urandom_override.h" |
| 54 | 55 |
| 55 namespace { | 56 namespace { |
| 56 | 57 |
| 57 struct NaClLoaderSystemInfo { | 58 struct NaClLoaderSystemInfo { |
| 58 size_t prereserved_sandbox_size; | 59 size_t prereserved_sandbox_size; |
| 59 long number_of_cores; | 60 long number_of_cores; |
| 60 }; | 61 }; |
| (...skipping 339 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 400 const char* __asan_default_options() { | 401 const char* __asan_default_options() { |
| 401 return kAsanDefaultOptionsNaCl; | 402 return kAsanDefaultOptionsNaCl; |
| 402 } | 403 } |
| 403 #endif | 404 #endif |
| 404 #endif // !defined(__native_client_nonsfi__) | 405 #endif // !defined(__native_client_nonsfi__) |
| 405 | 406 |
| 406 int main(int argc, char* argv[]) { | 407 int main(int argc, char* argv[]) { |
| 407 // Now do nothing in main for nacl_helper_nonsfi. | 408 // Now do nothing in main for nacl_helper_nonsfi. |
| 408 #if !defined(__native_client_nonsfi__) | 409 #if !defined(__native_client_nonsfi__) |
| 409 CommandLine::Init(argc, argv); | 410 CommandLine::Init(argc, argv); |
| 411 IPC::Channel::SetGlobalPid(-1); // Set dummy PID for IPC. |
| 410 base::AtExitManager exit_manager; | 412 base::AtExitManager exit_manager; |
| 411 base::RandUint64(); // acquire /dev/urandom fd before sandbox is raised | 413 base::RandUint64(); // acquire /dev/urandom fd before sandbox is raised |
| 412 // Allows NSS to fopen() /dev/urandom. | 414 // Allows NSS to fopen() /dev/urandom. |
| 413 sandbox::InitLibcUrandomOverrides(); | 415 sandbox::InitLibcUrandomOverrides(); |
| 414 #if defined(USE_NSS) | 416 #if defined(USE_NSS) |
| 415 // Configure NSS for use inside the NaCl process. | 417 // Configure NSS for use inside the NaCl process. |
| 416 // The fork check has not caused problems for NaCl, but this appears to be | 418 // The fork check has not caused problems for NaCl, but this appears to be |
| 417 // best practice (see other places LoadNSSLibraries is called.) | 419 // best practice (see other places LoadNSSLibraries is called.) |
| 418 crypto::DisableNSSForkCheck(); | 420 crypto::DisableNSSForkCheck(); |
| 419 // Without this line on Linux, HMAC::Init will instantiate a singleton that | 421 // Without this line on Linux, HMAC::Init will instantiate a singleton that |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 454 while (true) { | 456 while (true) { |
| 455 bool request_handled = HandleZygoteRequest( | 457 bool request_handled = HandleZygoteRequest( |
| 456 kNaClZygoteDescriptor, system_info, nacl_sandbox.get()); | 458 kNaClZygoteDescriptor, system_info, nacl_sandbox.get()); |
| 457 // Do not turn this into a CHECK() without thinking about robustness | 459 // Do not turn this into a CHECK() without thinking about robustness |
| 458 // against malicious IPC requests. | 460 // against malicious IPC requests. |
| 459 DCHECK(request_handled); | 461 DCHECK(request_handled); |
| 460 } | 462 } |
| 461 NOTREACHED(); | 463 NOTREACHED(); |
| 462 #endif // !defined(__native_client_nonsfi__) | 464 #endif // !defined(__native_client_nonsfi__) |
| 463 } | 465 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 695353005:
Non-SFI mode: Use dummy PID for NaCl's IPC channel on Linux platform. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master