diff options
| author | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-12-16 19:09:48 +0000 |
|---|---|---|
| committer | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-12-16 19:09:48 +0000 |
| commit | 583c2f2ac18fef7751e93fcc491a641b6d285fc8 (patch) | |
| tree | 82e9346eb4daba2f95b4494545dde97526e6a433 /sandbox | |
| parent | c8b998c01f4ff37bd1b14af9fa8e7c810a103178 (diff) | |
| download | chromium_src-583c2f2ac18fef7751e93fcc491a641b6d285fc8.zip chromium_src-583c2f2ac18fef7751e93fcc491a641b6d285fc8.tar.gz chromium_src-583c2f2ac18fef7751e93fcc491a641b6d285fc8.tar.bz2 | |
Revert 240670 "Revert 239894 "Linux Sandbox: check no threads be..."
> Revert 239894 "Linux Sandbox: check no threads before fork()."
>
> BUG=327241, 328249
>
> > Linux Sandbox: check no threads before fork().
> >
> > Always check that no threads are running before fork().
> >
> > BUG=327241
> > NOTRY=true
> >
> > Review URL: https://codereview.chromium.org/108173008
>
> TBR=jln@chromium.org
>
> Review URL: https://codereview.chromium.org/106903012
TBR=jln@chromium.org
Review URL: https://codereview.chromium.org/100623014
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240961 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox')
| -rw-r--r-- | sandbox/linux/seccomp-bpf/sandbox_bpf.cc | 4 | ||||
| -rw-r--r-- | sandbox/linux/services/broker_process.cc | 2 |
2 files changed, 6 insertions, 0 deletions
diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf.cc b/sandbox/linux/seccomp-bpf/sandbox_bpf.cc index 15faef6..6b2327e 100644 --- a/sandbox/linux/seccomp-bpf/sandbox_bpf.cc +++ b/sandbox/linux/seccomp-bpf/sandbox_bpf.cc @@ -268,6 +268,10 @@ bool SandboxBPF::RunFunctionInPolicy(void (*code_in_sandbox)(), SANDBOX_DIE("Process started without standard file descriptors"); } + // This code is using fork() and should only ever run single-threaded. + // Most of the code below is "async-signal-safe" and only minor changes + // would be needed to support threads. + DCHECK(IsSingleThreaded(proc_fd_)); pid_t pid = fork(); if (pid < 0) { // Die if we cannot fork(). We would probably fail a little later diff --git a/sandbox/linux/services/broker_process.cc b/sandbox/linux/services/broker_process.cc index 316883d..438e972 100644 --- a/sandbox/linux/services/broker_process.cc +++ b/sandbox/linux/services/broker_process.cc @@ -21,6 +21,7 @@ #include "base/pickle.h" #include "base/posix/eintr_wrapper.h" #include "base/posix/unix_domain_socket_linux.h" +#include "base/process/process_metrics.h" #include "build/build_config.h" #include "sandbox/linux/services/linux_syscalls.h" @@ -146,6 +147,7 @@ bool BrokerProcess::Init(bool (*sandbox_callback)(void)) { return false; } + DCHECK_EQ(1, base::GetNumberOfThreads(base::GetCurrentProcessHandle())); int child_pid = fork(); if (child_pid == -1) { close(socket_pair[0]); |