I am submitting this with LGTMs from agl@ and evanm@. I'm marking this as TBR=jam@ because he is on vacation. He previously LGTMed the reverted CL (link below) and there are not substantive changes since then.

Modify the Chrome Linux zygote to support a nacl_helper executable, facilitating a special address-space layout as required by NaCl on ARM and ATOM CPUs. In passing, simplify some shared elements of launching NaCl modules in Chrome. This is an update to a previously reverted CL. Please see http://codereview.chromium.org/6995121 for the earlier reviews. Patching nacl_helper CL into fresh branch. BUG=nativeclient:480 TEST=nativeclient in-browser tests TBR=jam@chromium.org git-svn-id: svn://svn.chromium.org/chrome/trunk/src@90805 0039d316-1c4b-4281-b951-d872f2087c98
author: bradchen@google.com <bradchen@google.com@0039d316-1c4b-4281-b951-d872f2087c98> 2011-06-28 18:32:33 +0000
committer: bradchen@google.com <bradchen@google.com@0039d316-1c4b-4281-b951-d872f2087c98> 2011-06-28 18:32:33 +0000
commit: 0e0e9b100f7c66eaf74bebb6048fa70a361d4629 (patch)
tree: f783dbefd213a5873a09a57dbb2a76c5ad7856e9 /base
parent: f4455c16ed296ab630db75b017d5c1ddea80c736 (diff)
download: chromium_src-0e0e9b100f7c66eaf74bebb6048fa70a361d4629.zip
chromium_src-0e0e9b100f7c66eaf74bebb6048fa70a361d4629.tar.gz
chromium_src-0e0e9b100f7c66eaf74bebb6048fa70a361d4629.tar.bz2
2 files changed, 41 insertions, 5 deletions
diff --git a/base/process_util.h b/base/process_util.h
index 3e758d4..9f66669 100644
--- a/base/process_util.h
+++ b/base/process_util.h
@@ -286,6 +286,15 @@ BASE_API bool LaunchAppInNewProcessGroup(
     bool wait,
     ProcessHandle* process_handle);
 
+#if defined(OS_LINUX)
+// Similar to LaunchApp variants above except uses clone(.. clone_flags ..)
+// rather than fork(). This is useful for work inside the setuid sandbox.
+BASE_API bool LaunchAppWithClone(const std::vector<std::string>& argv,
+                                 const file_handle_mapping_vector& fds_to_remap,
+                                 bool wait, ProcessHandle* process_handle,
+                                 int clone_flags);
+#endif
+
 // AlterEnvironment returns a modified environment vector, constructed from the
 // given environment and the list of changes given in |changes|. Each key in
 // the environment is matched against the first element of the pairs. In the
diff --git a/base/process_util_posix.cc b/base/process_util_posix.cc
index a2398ed..1486128 100644
--- a/base/process_util_posix.cc
+++ b/base/process_util_posix.cc
@@ -508,15 +508,25 @@ bool LaunchAppImpl(
     const file_handle_mapping_vector& fds_to_remap,
     bool wait,
     ProcessHandle* process_handle,
-    bool start_new_process_group) {
-  pid_t pid;
+    bool start_new_process_group,
+    bool use_clone,
+    int clone_flags) {
+  pid_t pid = -1;
   InjectiveMultimap fd_shuffle1, fd_shuffle2;
   fd_shuffle1.reserve(fds_to_remap.size());
   fd_shuffle2.reserve(fds_to_remap.size());
   scoped_array<char*> argv_cstr(new char*[argv.size() + 1]);
   scoped_array<char*> new_environ(AlterEnvironment(env_changes, environ));
 
-  pid = fork();
+  if (use_clone) {
+#if defined(OS_LINUX)
+    pid = syscall(__NR_clone, clone_flags, 0, 0, 0);
+#else
+    NOTREACHED() << "Tried to use clone() on non-Linux system.";
+#endif
+  } else {
+    pid = fork();
+  }
   if (pid < 0) {
     PLOG(ERROR) << "fork";
     return false;
@@ -617,7 +627,10 @@ bool LaunchApp(
     bool wait,
     ProcessHandle* process_handle) {
   return LaunchAppImpl(argv, env_changes, fds_to_remap,
-                       wait, process_handle, false);
+                       wait, process_handle,
+                       false,  // don't start new process group
+                       false,  // don't use clone()
+                       0);     // clone flags
 }
 
 bool LaunchAppInNewProcessGroup(
@@ -627,7 +640,21 @@ bool LaunchAppInNewProcessGroup(
     bool wait,
     ProcessHandle* process_handle) {
   return LaunchAppImpl(argv, env_changes, fds_to_remap, wait,
-                       process_handle, true);
+                       process_handle,
+                       true,   // start new process group
+                       false,  // don't use clone()
+                       0);     // clone flags
+}
+
+BASE_API bool LaunchAppWithClone(const std::vector<std::string>& argv,
+                                 const file_handle_mapping_vector& fds_to_remap,
+                                 bool wait, ProcessHandle* process_handle,
+                                 int clone_flags) {
+  base::environment_vector no_env;
+  return LaunchAppImpl(argv, no_env, fds_to_remap, wait, process_handle,
+                       false,  // don't start new process group
+                       true,   // use clone()
+                       clone_flags);
 }
 
 bool LaunchApp(const std::vector<std::string>& argv,
author	bradchen@google.com <bradchen@google.com@0039d316-1c4b-4281-b951-d872f2087c98>	2011-06-28 18:32:33 +0000
committer	bradchen@google.com <bradchen@google.com@0039d316-1c4b-4281-b951-d872f2087c98>	2011-06-28 18:32:33 +0000
commit	0e0e9b100f7c66eaf74bebb6048fa70a361d4629 (patch)
tree	f783dbefd213a5873a09a57dbb2a76c5ad7856e9 /base
parent	f4455c16ed296ab630db75b017d5c1ddea80c736 (diff)
download	chromium_src-0e0e9b100f7c66eaf74bebb6048fa70a361d4629.zip chromium_src-0e0e9b100f7c66eaf74bebb6048fa70a361d4629.tar.gz chromium_src-0e0e9b100f7c66eaf74bebb6048fa70a361d4629.tar.bz2