diff options
| author | mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-28 04:50:52 +0000 |
|---|---|---|
| committer | mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-09-28 04:50:52 +0000 |
| commit | 39f23ea996a2b7fb92be57c9afa62ee1a0b13144 (patch) | |
| tree | ffc0f689247009e491196a6a0ad4f30a206eb325 /chrome/app/chrome_main_mac.mm | |
| parent | 569382c32c61b0821c9a79a9e0337757f18fd279 (diff) | |
| download | chromium_src-39f23ea996a2b7fb92be57c9afa62ee1a0b13144.zip chromium_src-39f23ea996a2b7fb92be57c9afa62ee1a0b13144.tar.gz chromium_src-39f23ea996a2b7fb92be57c9afa62ee1a0b13144.tar.bz2 | |
Give each process its own bootstrap subset port as a subset of its inherited
bootstrap port, and use the bootstrap subset port as the bootstrap port.
This completely eliminates leaks of on-demand Mach services advertised via the
bootstrap server.
This also reverts r34318 and r34534, "temporary" (21-month) hacks to mitigate
the leak. The temporary hacks were never completely effective against Breakpad
ports leaking from child processes.
DestructCrashReporter at process shutdown was deemed unnecessary and is being
removed. As this was the last caller to that function, the implementation is
removed as well.
This is addressed in Chrome rather than Breakpad to account for the potential
leak of rohitfork ports if the browser process crashes or is mercilessly
killed, because library code messing with the task's bootstrap port doesn't
strike me as kosher, and because the Mac Breakpad code is scheduled to be
replaced with something better that doesn't attempt to leak ports like a sieve
within a couple of months anyway.
BUG=28547
TEST=1. "launchctl bslist" should no longer show on-demand
com.Breakpad.Inspector ports (in Breakpad-enabled builds with Breakpad
on) or com.google.Chrome.rohitfork, com.google.Chrome.canary.rohitfork,
or org.chromium.Chromium.rohitfork ports.
2. "launchctl bstree" (as root) should reveal a bootstrap subset for the
browser process as a child of the per-user/per-session bootstrap
namespace containing the rohitfork port and browser's Breakpad port if
crash reporting is on. There should also be a bootstrap subset for
each child process as a child of the browser's bootstrap subset. If
crash reporting is on, each child process' bootstrap subset should
contain a Breakpad port.
3. Breakpad reports should be generated on crashes. For example,
about:crash and about:inducebrowsercrashforrealz should each cause a
minidump to be written in
~/Library/Application Support/Google/Chrome/Crash Reports
when Breakpad is enabled. This tests that the Breakpad ports are
functioning properly.
4. The browser process should be able to access child process data.
Window:Task Manager should show valid values for the Memory, CPU, and
Network columns for all child processes. This tests that the rohitfork
port is functioning properly.
Review URL: http://codereview.chromium.org/8059041
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@103089 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/app/chrome_main_mac.mm')
| -rw-r--r-- | chrome/app/chrome_main_mac.mm | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/chrome/app/chrome_main_mac.mm b/chrome/app/chrome_main_mac.mm index a09f9d6..d6607e0 100644 --- a/chrome/app/chrome_main_mac.mm +++ b/chrome/app/chrome_main_mac.mm @@ -5,6 +5,8 @@ #include "chrome/app/chrome_main_mac.h" #import <Cocoa/Cocoa.h> +#include <mach/mach.h> +#include <servers/bootstrap.h> #include <string> @@ -43,3 +45,45 @@ void SetUpBundleOverrides() { NSBundle* base_bundle = chrome::OuterAppBundle(); base::mac::SetBaseBundleID([[base_bundle bundleIdentifier] UTF8String]); } + +void SwitchToMachBootstrapSubsetPort() { + // Testing tip: use launchctl bstree (as root) to make sure that the + // subset port is created properly and that new mappings wind up added to + // the subset port. + +#ifndef NDEBUG + static bool once_only = false; + DCHECK(!once_only); + once_only = true; +#endif + + mach_port_t self_task = mach_task_self(); + + mach_port_t original_bootstrap_port; + kern_return_t kr = task_get_bootstrap_port(self_task, + &original_bootstrap_port); + if (kr != KERN_SUCCESS) { + LOG(ERROR) << "task_get_bootstrap_port: " << kr << " " + << mach_error_string(kr); + return; + } + + mach_port_t bootstrap_subset_port; + kr = bootstrap_subset(original_bootstrap_port, + self_task, + &bootstrap_subset_port); + if (kr != BOOTSTRAP_SUCCESS) { + LOG(ERROR) << "bootstrap_subset: " << kr << " " << bootstrap_strerror(kr); + return; + } + + kr = task_set_bootstrap_port(self_task, bootstrap_subset_port); + if (kr != KERN_SUCCESS) { + LOG(ERROR) << "task_set_bootstrap_port: " << kr << " " + << mach_error_string(kr); + return; + } + + // Users of the bootstrap port often access it through this global variable. + bootstrap_port = bootstrap_subset_port; +} |