diff options
| -rw-r--r-- | content/browser/child_process_launcher.cc | 3 | ||||
| -rw-r--r-- | content/browser/zygote_host/zygote_host_impl_linux.cc | 3 | ||||
| -rw-r--r-- | content/common/zygote_commands_linux.h | 7 | ||||
| -rw-r--r-- | content/zygote/zygote_linux.cc | 13 | ||||
| -rw-r--r-- | content/zygote/zygote_linux.h | 3 | ||||
| -rw-r--r-- | content/zygote/zygote_main_linux.cc | 7 |
6 files changed, 19 insertions, 17 deletions
diff --git a/content/browser/child_process_launcher.cc b/content/browser/child_process_launcher.cc index a7927b3..ff17607 100644 --- a/content/browser/child_process_launcher.cc +++ b/content/browser/child_process_launcher.cc @@ -35,6 +35,7 @@ #include "base/memory/singleton.h" #include "content/browser/renderer_host/render_sandbox_host_linux.h" #include "content/browser/zygote_host/zygote_host_impl_linux.h" +#include "content/common/child_process_sandbox_support_impl_linux.h" #endif #if defined(OS_POSIX) @@ -256,7 +257,7 @@ class ChildProcessLauncher::Context RenderSandboxHostLinux::GetInstance()->GetRendererSocket(); fds_to_map.push_back(std::make_pair( sandbox_fd, - kSandboxIPCChannel + base::GlobalDescriptors::kBaseDescriptor)); + GetSandboxFD())); } #endif // defined(OS_MACOSX) diff --git a/content/browser/zygote_host/zygote_host_impl_linux.cc b/content/browser/zygote_host/zygote_host_impl_linux.cc index bb84e62..3629a84 100644 --- a/content/browser/zygote_host/zygote_host_impl_linux.cc +++ b/content/browser/zygote_host/zygote_host_impl_linux.cc @@ -29,6 +29,7 @@ #include "base/strings/utf_string_conversions.h" #include "base/time/time.h" #include "content/browser/renderer_host/render_sandbox_host_linux.h" +#include "content/common/child_process_sandbox_support_impl_linux.h" #include "content/common/zygote_commands_linux.h" #include "content/public/browser/content_browser_client.h" #include "content/public/common/content_switches.h" @@ -149,7 +150,7 @@ void ZygoteHostImpl::Init(const std::string& sandbox_cmd) { // Start up the sandbox host process and get the file descriptor for the // renderers to talk to it. const int sfd = RenderSandboxHostLinux::GetInstance()->GetRendererSocket(); - fds_to_map.push_back(std::make_pair(sfd, kZygoteRendererSocketFd)); + fds_to_map.push_back(std::make_pair(sfd, GetSandboxFD())); int dummy_fd = -1; if (using_suid_sandbox_) { diff --git a/content/common/zygote_commands_linux.h b/content/common/zygote_commands_linux.h index 6df1fda..893fb33 100644 --- a/content/common/zygote_commands_linux.h +++ b/content/common/zygote_commands_linux.h @@ -5,6 +5,9 @@ #ifndef CONTENT_COMMON_ZYGOTE_COMMANDS_LINUX_H_ #define CONTENT_COMMON_ZYGOTE_COMMANDS_LINUX_H_ +#include "base/posix/global_descriptors.h" +#include "ipc/ipc_descriptors.h" + namespace content { // Contents of the initial message sent from the zygote to the browser when it @@ -15,8 +18,8 @@ static const char kZygoteHelloMessage[] = "ZYGOTE_OK"; const size_t kZygoteMaxMessageLength = 8192; // File descriptors initialized by the Zygote Host -const int kZygoteSocketPairFd = 3; -const int kZygoteRendererSocketFd = 5; +const int kZygoteSocketPairFd = + kPrimaryIPCChannel + base::GlobalDescriptors::kBaseDescriptor; // This file descriptor is special. It is passed to the Zygote and a setuid // helper will be called to locate the process of the Zygote on the system. // This mechanism is used when multiple PID namespaces exist because of the diff --git a/content/zygote/zygote_linux.cc b/content/zygote/zygote_linux.cc index 4b83444..4146f92 100644 --- a/content/zygote/zygote_linux.cc +++ b/content/zygote/zygote_linux.cc @@ -20,6 +20,7 @@ #include "base/posix/global_descriptors.h" #include "base/posix/unix_domain_socket_linux.h" #include "base/process/kill.h" +#include "content/common/child_process_sandbox_support_impl_linux.h" #include "content/common/sandbox_linux.h" #include "content/common/set_process_title.h" #include "content/common/zygote_commands_linux.h" @@ -42,8 +43,6 @@ void SIGCHLDHandler(int signal) { } // namespace -const int Zygote::kMagicSandboxIPCDescriptor; - Zygote::Zygote(int sandbox_flags, ZygoteForkDelegate* helper) : sandbox_flags_(sandbox_flags), @@ -77,7 +76,7 @@ bool Zygote::ProcessRequests() { // Let the ZygoteHost know we are ready to go. // The receiving code is in content/browser/zygote_host_linux.cc. std::vector<int> empty; - bool r = UnixDomainSocket::SendMsg(kBrowserDescriptor, + bool r = UnixDomainSocket::SendMsg(kZygoteSocketPairFd, kZygoteHelloMessage, sizeof(kZygoteHelloMessage), empty); #if defined(OS_CHROMEOS) @@ -94,7 +93,7 @@ bool Zygote::ProcessRequests() { for (;;) { // This function call can return multiple times, once per fork(). - if (HandleRequestFromBrowser(kBrowserDescriptor)) + if (HandleRequestFromBrowser(kZygoteSocketPairFd)) return true; } } @@ -363,7 +362,7 @@ int Zygote::ForkWithRealPid(const std::string& process_type, request.WriteUInt64(dummy_inode); const ssize_t r = UnixDomainSocket::SendRecvMsg( - kMagicSandboxIPCDescriptor, reply_buf, sizeof(reply_buf), NULL, + GetSandboxFD(), reply_buf, sizeof(reply_buf), NULL, request); if (r == -1) { LOG(ERROR) << "Failed to get child process's real PID"; @@ -466,7 +465,7 @@ base::ProcessId Zygote::ReadArgsAndFork(const Pickle& pickle, } mapping.push_back(std::make_pair( - static_cast<uint32_t>(kSandboxIPCChannel), kMagicSandboxIPCDescriptor)); + static_cast<uint32_t>(kSandboxIPCChannel), GetSandboxFD())); // Returns twice, once per process. base::ProcessId child_pid = ForkWithRealPid(process_type, fds, channel_id, @@ -475,7 +474,7 @@ base::ProcessId Zygote::ReadArgsAndFork(const Pickle& pickle, if (!child_pid) { // This is the child process. - close(kBrowserDescriptor); // Our socket from the browser. + close(kZygoteSocketPairFd); // Our socket from the browser. if (UsingSUIDSandbox()) close(kZygoteIdFd); // Another socket from the browser. base::GlobalDescriptors::GetInstance()->Reset(mapping); diff --git a/content/zygote/zygote_linux.h b/content/zygote/zygote_linux.h index c39bfd0..ffea49a 100644 --- a/content/zygote/zygote_linux.h +++ b/content/zygote/zygote_linux.h @@ -30,9 +30,6 @@ class Zygote { bool ProcessRequests(); - static const int kBrowserDescriptor = 3; - static const int kMagicSandboxIPCDescriptor = 5; - private: struct ZygoteProcessInfo { // Pid from inside the Zygote's PID namespace. diff --git a/content/zygote/zygote_main_linux.cc b/content/zygote/zygote_main_linux.cc index 3ae08e5..567b305 100644 --- a/content/zygote/zygote_main_linux.cc +++ b/content/zygote/zygote_main_linux.cc @@ -24,6 +24,7 @@ #include "base/rand_util.h" #include "base/sys_info.h" #include "build/build_config.h" +#include "content/common/child_process_sandbox_support_impl_linux.h" #include "content/common/font_config_ipc_linux.h" #include "content/common/pepper_plugin_list.h" #include "content/common/sandbox_linux.h" @@ -66,7 +67,7 @@ static void ProxyLocaltimeCallToBrowser(time_t input, struct tm* output, uint8_t reply_buf[512]; const ssize_t r = UnixDomainSocket::SendRecvMsg( - Zygote::kMagicSandboxIPCDescriptor, reply_buf, sizeof(reply_buf), NULL, + GetSandboxFD(), reply_buf, sizeof(reply_buf), NULL, request); if (r == -1) { memset(output, 0, sizeof(struct tm)); @@ -302,7 +303,7 @@ static void PreSandboxInit() { InitializeWebRtcModule(); #endif SkFontConfigInterface::SetGlobal( - new FontConfigIPC(Zygote::kMagicSandboxIPCDescriptor))->unref(); + new FontConfigIPC(GetSandboxFD()))->unref(); } // Do nothing here @@ -468,7 +469,7 @@ bool ZygoteMain(const MainFunctionParams& params, if (forkdelegate != NULL) { VLOG(1) << "ZygoteMain: initializing fork delegate"; - forkdelegate->Init(Zygote::kMagicSandboxIPCDescriptor); + forkdelegate->Init(GetSandboxFD()); } else { VLOG(1) << "ZygoteMain: fork delegate is NULL"; } |