diff options
| -rw-r--r-- | ipc/ipc_channel_posix.cc | 28 | ||||
| -rw-r--r-- | ipc/ipc_channel_posix.h | 23 |
2 files changed, 33 insertions, 18 deletions
diff --git a/ipc/ipc_channel_posix.cc b/ipc/ipc_channel_posix.cc index a285995..7b93c75 100644 --- a/ipc/ipc_channel_posix.cc +++ b/ipc/ipc_channel_posix.cc @@ -294,7 +294,7 @@ Channel::ChannelImpl::ChannelImpl(const IPC::ChannelHandle& channel_handle, server_listen_pipe_(-1), pipe_(-1), client_pipe_(-1), -#if !defined(OS_MACOSX) +#if defined(IPC_USES_READWRITE) fd_pipe_(-1), remote_fd_pipe_(-1), #endif @@ -417,16 +417,10 @@ bool Channel::ChannelImpl::CreatePipe(const IPC::ChannelHandle &channel_handle, scoped_ptr<Message> msg(new Message(MSG_ROUTING_NONE, HELLO_MESSAGE_TYPE, IPC::Message::PRIORITY_NORMAL)); - #if !defined(OS_MACOSX) + #if defined(IPC_USES_READWRITE) if (!uses_fifo_) { - // On Linux, the seccomp sandbox makes it very expensive to call - // recvmsg() and sendmsg(). Often, we are perfectly OK with resorting to - // read() and write(), which are cheap. - // - // As we cannot anticipate, when the sender will provide us with file - // handles, we have to make the decision about whether we call read() or - // recvmsg() before we actually make the call. The easiest option is to - // create a dedicated socketpair() for exchanging file handles. + // Create a dedicated socketpair() for exchanging file descriptors. + // See comments for IPC_USES_READWRITE for details. if (mode == MODE_SERVER) { fd_pipe_ = -1; } else if (remote_fd_pipe_ == -1) { @@ -493,7 +487,7 @@ bool Channel::ChannelImpl::ProcessIncomingMessages() { // Read from pipe. // recvmsg() returns 0 if the connection has closed or EAGAIN if no data // is waiting on the pipe. -#if !defined(OS_MACOSX) +#if defined(IPC_USES_READWRITE) if (fd_pipe_ >= 0) { bytes_read = HANDLE_EINTR(read(pipe_, input_buf_, Channel::kReadBufferSize)); @@ -626,7 +620,7 @@ bool Channel::ChannelImpl::ProcessIncomingMessages() { if (m.header()->num_fds > num_fds - fds_i) { // the message has been completely received, but we didn't get // enough file descriptors. -#if !defined(OS_MACOSX) +#if defined(IPC_USES_READWRITE) if (!uses_fifo_) { char dummy; struct iovec fd_pipe_iov = { &dummy, 1 }; @@ -716,7 +710,7 @@ bool Channel::ChannelImpl::ProcessIncomingMessages() { if (!m.ReadInt(&iter, &pid)) { NOTREACHED(); } -#if !defined(OS_MACOSX) +#if defined(IPC_USES_READWRITE) if (mode_ == MODE_SERVER && !uses_fifo_) { // On non-Mac, the Hello message from the client to the server // also contains the fd_pipe_, which will be used for all @@ -779,7 +773,7 @@ bool Channel::ChannelImpl::ProcessOutgoingMessages() { while (!output_queue_.empty()) { Message* msg = output_queue_.front(); -#if !defined(OS_MACOSX) +#if defined(IPC_USES_READWRITE) scoped_ptr<Message> hello; if (remote_fd_pipe_ != -1 && msg->routing_id() == MSG_ROUTING_NONE && @@ -849,7 +843,7 @@ bool Channel::ChannelImpl::ProcessOutgoingMessages() { // num_fds < MAX_DESCRIPTORS_PER_MESSAGE so no danger of overflow. msg->header()->num_fds = static_cast<uint16>(num_fds); -#if !defined(OS_MACOSX) +#if defined(IPC_USES_READWRITE) if (!uses_fifo_ && (msg->routing_id() != MSG_ROUTING_NONE || msg->type() != HELLO_MESSAGE_TYPE)) { @@ -871,7 +865,7 @@ bool Channel::ChannelImpl::ProcessOutgoingMessages() { if (bytes_written == 1) { fd_written = pipe_; -#if !defined(OS_MACOSX) +#if defined(IPC_USES_READWRITE) if (mode_ != MODE_SERVER && !uses_fifo_ && msg->routing_id() == MSG_ROUTING_NONE && msg->type() == HELLO_MESSAGE_TYPE) { @@ -1040,7 +1034,7 @@ void Channel::ChannelImpl::Close() { PipeMap::GetInstance()->RemoveAndClose(pipe_name_); client_pipe_ = -1; } -#if !defined(OS_MACOSX) +#if defined(IPC_USES_READWRITE) if (fd_pipe_ != -1) { if (HANDLE_EINTR(close(fd_pipe_)) < 0) PLOG(ERROR) << "close"; diff --git a/ipc/ipc_channel_posix.h b/ipc/ipc_channel_posix.h index 77a993e..4ff3de1 100644 --- a/ipc/ipc_channel_posix.h +++ b/ipc/ipc_channel_posix.h @@ -17,6 +17,27 @@ #include "base/message_loop.h" #include "ipc/file_descriptor_set_posix.h" +#if !defined(OS_MACOSX) +// On Linux, the seccomp sandbox makes it very expensive to call +// recvmsg() and sendmsg(). The restriction on calling read() and write(), which +// are cheap, is that we can't pass file descriptors over them. +// +// As we cannot anticipate when the sender will provide us with file +// descriptors, we have to make the decision about whether we call read() or +// recvmsg() before we actually make the call. The easiest option is to +// create a dedicated socketpair() for exchanging file descriptors. +// Mac can also run in IPC_USES_READWRITE mode if necessary, but at this time +// doesn't take a performance hit from recvmsg and sendmsg, so it doesn't +// make sense to waste resources on having the separate dedicated socketpair. +// It is however useful for debugging between Linux and Mac to be able to turn +// this switch 'on' on the Mac as well. + +// The HELLO message from the client to the server is always sent using +// sendmsg because it will contain the file descriptor that the server +// needs to send file descriptors in later messages. +#define IPC_USES_READWRITE 1 +#endif + namespace IPC { // An implementation of ChannelImpl for POSIX systems that works via @@ -73,7 +94,7 @@ class Channel::ChannelImpl : public MessageLoopForIO::Watcher { // pipe_ that is passed to the client. int client_pipe_; -#if !defined(OS_MACOSX) +#if defined(IPC_USES_READWRITE) // Linux/BSD use a dedicated socketpair() for passing file descriptors. int fd_pipe_; int remote_fd_pipe_; |