Extract CreateInitProcessReaper() from the Zygote.

content/zygote/zygote_main_linux.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/zygote/zygote_main.h"
 
 #include <dlfcn.h>
 #include <fcntl.h>
 #include <pthread.h>
 #include <stdio.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <unistd.h>
 
 #include "base/basictypes.h"
+#include "base/bind.h"
+#include "base/callback.h"
 #include "base/command_line.h"
 #include "base/linux_util.h"
 #include "base/native_library.h"
 #include "base/pickle.h"
 #include "base/posix/eintr_wrapper.h"
 #include "base/posix/unix_domain_socket_linux.h"
 #include "base/rand_util.h"
 #include "base/sys_info.h"
 #include "build/build_config.h"
 #include "content/common/child_process_sandbox_support_impl_linux.h"
@@ skipping 273 matching lines @@
   // Ensure access to the Pepper plugins before the sandbox is turned on.
   PreloadPepperPlugins();
 #endif
 #if defined(ENABLE_WEBRTC)
   InitializeWebRtcModule();
 #endif
   SkFontConfigInterface::SetGlobal(
       new FontConfigIPC(GetSandboxFD()))->unref();
 }
 
-// Do nothing here
-static void SIGCHLDHandler(int signal) {
-}
-
-// The current process will become a process reaper like init.
-// We fork a child that will continue normally, when it dies, we can safely
-// exit.
-// We need to be careful we close the magic kZygoteIdFd properly in the parent
-// before this function returns.
-static bool CreateInitProcessReaper() {
-  int sync_fds[2];
-  // We want to use send, so we can't use a pipe
-  if (socketpair(AF_UNIX, SOCK_STREAM, 0, sync_fds)) {
-    LOG(ERROR) << "Failed to create socketpair";
-    return false;
-  }
-
-  // We use normal fork, not the ForkDelegate in this case since we are not a
-  // true Zygote yet.
-  pid_t child_pid = fork();
-  if (child_pid == -1) {
-    (void) HANDLE_EINTR(close(sync_fds[0]));
-    (void) HANDLE_EINTR(close(sync_fds[1]));
-    return false;
-  }
-  if (child_pid) {
-    // We are the parent, assuming the role of an init process.
-    // The disposition for SIGCHLD cannot be SIG_IGN or wait() will only return
-    // once all of our childs are dead. Since we're init we need to reap childs
-    // as they come.
-    struct sigaction action;
-    memset(&action, 0, sizeof(action));
-    action.sa_handler = &SIGCHLDHandler;
-    CHECK(sigaction(SIGCHLD, &action, NULL) == 0);
-
-    (void) HANDLE_EINTR(close(sync_fds[0]));
-    shutdown(sync_fds[1], SHUT_RD);
-    // This "magic" socket must only appear in one process.
-    (void) HANDLE_EINTR(close(kZygoteIdFd));
-    // Tell the child to continue
-    CHECK(HANDLE_EINTR(send(sync_fds[1], "C", 1, MSG_NOSIGNAL)) == 1);
-    (void) HANDLE_EINTR(close(sync_fds[1]));
-
-    for (;;) {
-      // Loop until we have reaped our one natural child
-      siginfo_t reaped_child_info;
-      int wait_ret =
-        HANDLE_EINTR(waitid(P_ALL, 0, &reaped_child_info, WEXITED));
-      if (wait_ret)
-        _exit(1);
-      if (reaped_child_info.si_pid == child_pid) {
-        int exit_code = 0;
-        // We're done waiting
-        if (reaped_child_info.si_code == CLD_EXITED) {
-          exit_code = reaped_child_info.si_status;
-        }
-        // Exit with the same exit code as our parent. This is most likely
-        // useless. _exit with 0 if we got signaled.
-        _exit(exit_code);
-      }
-    }
-  } else {
-    // The child needs to wait for the parent to close kZygoteIdFd to avoid a
-    // race condition
-    (void) HANDLE_EINTR(close(sync_fds[1]));
-    shutdown(sync_fds[0], SHUT_WR);
-    char should_continue;
-    int read_ret = HANDLE_EINTR(read(sync_fds[0], &should_continue, 1));
-    (void) HANDLE_EINTR(close(sync_fds[0]));
-    if (read_ret == 1)
-      return true;
-    else
-      return false;
-  }
+static void CloseFdAndHandleEintr(int fd) {
+  (void) HANDLE_EINTR(close(fd));
 }
 
 // This will set the *using_suid_sandbox variable to true if the SUID sandbox
 // is enabled. This does not necessarily exclude other types of sandboxing.
 static bool EnterSuidSandbox(LinuxSandbox* linux_sandbox,
                              bool* using_suid_sandbox,
                              bool* has_started_new_init) {
   *using_suid_sandbox = false;
   *has_started_new_init = false;
 
@@ skipping 19 matching lines @@
        "https://code.google.com/p/chromium/wiki/LinuxSUIDSandboxDevelopment."
        "\n\n";
     }
 
     if (!setuid_sandbox->ChrootMe())
       return false;
 
     if (getpid() == 1) {
       // The setuid sandbox has created a new PID namespace and we need
       // to assume the role of init.
-      if (!CreateInitProcessReaper()) {
+      // This "magic" socket must only appear in one process, so make sure
+      // it gets closed in the parent after fork().
+      base::Closure zygoteid_fd_closer =
+          base::Bind(CloseFdAndHandleEintr, kZygoteIdFd);
+      const bool init_created =
+          setuid_sandbox->CreateInitProcessReaper(&zygoteid_fd_closer);
+      if (!init_created) {
         LOG(ERROR) << "Error creating an init process to reap zombies";
         return false;
       }
       *has_started_new_init = true;
     }
 
 #if !defined(OS_OPENBSD)
     // Previously, we required that the binary be non-readable. This causes the
     // kernel to mark the process as non-dumpable at startup. The thinking was
     // that, although we were putting the renderers into a PID namespace (with
@@ skipping 63 matching lines @@
   }
 
   int sandbox_flags = linux_sandbox->GetStatus();
 
   Zygote zygote(sandbox_flags, forkdelegate);
   // This function call can return multiple times, once per fork().
   return zygote.ProcessRequests();
 }
 
 }  // namespace content