summaryrefslogtreecommitdiffstats
path: root/content
diff options
context:
space:
mode:
Diffstat (limited to 'content')
-rw-r--r--content/browser/child_process_launcher.cc6
-rw-r--r--content/browser/zygote_host_linux.cc10
-rw-r--r--content/browser/zygote_host_linux.h10
-rw-r--r--content/browser/zygote_main_linux.cc108
-rw-r--r--content/common/content_switches.cc4
-rw-r--r--content/common/content_switches.h4
-rw-r--r--content/common/sandbox_methods_linux.h4
-rw-r--r--content/common/zygote_fork_delegate_linux.h49
8 files changed, 48 insertions, 147 deletions
diff --git a/content/browser/child_process_launcher.cc b/content/browser/child_process_launcher.cc
index 3ba9d8a..8d0ac12 100644
--- a/content/browser/child_process_launcher.cc
+++ b/content/browser/child_process_launcher.cc
@@ -127,9 +127,8 @@ class ChildProcessLauncher::Context
mapping.push_back(std::pair<uint32_t, int>(kCrashDumpSignal,
crash_signal_fd));
}
- handle = ZygoteHost::GetInstance()->ForkRequest(cmd_line->argv(),
- mapping,
- process_type);
+ handle = ZygoteHost::GetInstance()->ForkRenderer(cmd_line->argv(),
+ mapping);
} else
// Fall through to the normal posix case below when we're not zygoting.
#endif
@@ -375,3 +374,4 @@ void ChildProcessLauncher::SetTerminateChildOnShutdown(
if (context_)
context_->set_terminate_child_on_shutdown(terminate_on_shutdown);
}
+
diff --git a/content/browser/zygote_host_linux.cc b/content/browser/zygote_host_linux.cc
index 16cc514..328c603 100644
--- a/content/browser/zygote_host_linux.cc
+++ b/content/browser/zygote_host_linux.cc
@@ -58,7 +58,8 @@ ZygoteHost::ZygoteHost()
init_(false),
using_suid_sandbox_(false),
have_read_sandbox_status_word_(false),
- sandbox_status_(0) {}
+ sandbox_status_(0) {
+}
ZygoteHost::~ZygoteHost() {
if (init_)
@@ -109,7 +110,6 @@ void ZygoteHost::Init(const std::string& sandbox_cmd) {
switches::kRegisterPepperPlugins,
switches::kDisableSeccompSandbox,
switches::kEnableSeccompSandbox,
- switches::kNaClLinuxHelper,
};
cmd_line.CopySwitchesFrom(browser_command_line, kForwardSwitches,
arraysize(kForwardSwitches));
@@ -221,15 +221,13 @@ ssize_t ZygoteHost::ReadReply(void* buf, size_t buf_len) {
return HANDLE_EINTR(read(control_fd_, buf, buf_len));
}
-pid_t ZygoteHost::ForkRequest(
+pid_t ZygoteHost::ForkRenderer(
const std::vector<std::string>& argv,
- const base::GlobalDescriptors::Mapping& mapping,
- const std::string& process_type) {
+ const base::GlobalDescriptors::Mapping& mapping) {
DCHECK(init_);
Pickle pickle;
pickle.WriteInt(kCmdFork);
- pickle.WriteString(process_type);
pickle.WriteInt(argv.size());
for (std::vector<std::string>::const_iterator
i = argv.begin(); i != argv.end(); ++i)
diff --git a/content/browser/zygote_host_linux.h b/content/browser/zygote_host_linux.h
index 9098e6d..5ead5f5 100644
--- a/content/browser/zygote_host_linux.h
+++ b/content/browser/zygote_host_linux.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -32,12 +32,10 @@ class ZygoteHost {
void Init(const std::string& sandbox_cmd);
- // Tries to start a process of type indicated by process_type.
- // Returns its pid on success, otherwise
+ // Tries to start a renderer process. Returns its pid on success, otherwise
// base::kNullProcessHandle;
- pid_t ForkRequest(const std::vector<std::string>& command_line,
- const base::GlobalDescriptors::Mapping& mapping,
- const std::string& process_type);
+ pid_t ForkRenderer(const std::vector<std::string>& command_line,
+ const base::GlobalDescriptors::Mapping& mapping);
void EnsureProcessTerminated(pid_t process);
// Get the termination status (and, optionally, the exit code) of
diff --git a/content/browser/zygote_main_linux.cc b/content/browser/zygote_main_linux.cc
index 477ca90..99a7735 100644
--- a/content/browser/zygote_main_linux.cc
+++ b/content/browser/zygote_main_linux.cc
@@ -37,11 +37,9 @@
#include "content/common/sandbox_methods_linux.h"
#include "content/common/set_process_title.h"
#include "content/common/unix_domain_socket_posix.h"
-#include "content/common/zygote_fork_delegate_linux.h"
#include "seccompsandbox/sandbox.h"
#include "skia/ext/SkFontHost_fontconfig_control.h"
#include "unicode/timezone.h"
-#include "ipc/ipc_switches.h"
#if defined(OS_LINUX)
#include <sys/epoll.h>
@@ -99,9 +97,8 @@ static void SELinuxTransitionToTypeOrDie(const char* type) {
// runs it.
class Zygote {
public:
- explicit Zygote(int sandbox_flags, ZygoteForkDelegate& helper)
- : sandbox_flags_(sandbox_flags),
- helper_(helper) {
+ explicit Zygote(int sandbox_flags)
+ : sandbox_flags_(sandbox_flags) {
}
bool ProcessRequests() {
@@ -168,7 +165,6 @@ class Zygote {
case ZygoteHost::kCmdFork:
// This function call can return multiple times, once per fork().
return HandleForkRequest(fd, pickle, iter, fds);
-
case ZygoteHost::kCmdReap:
if (!fds.empty())
break;
@@ -251,12 +247,9 @@ class Zygote {
// sandbox, it returns the real PID of the child process as it
// appears outside the sandbox, rather than returning the PID inside
// the sandbox.
- int ForkWithRealPid(const std::string& process_type, std::vector<int>& fds,
- const std::string& channel_switch) {
- const bool use_helper = helper_.CanHelp(process_type);
- if (!(use_helper || g_suid_sandbox_active)) {
+ int ForkWithRealPid() {
+ if (!g_suid_sandbox_active)
return fork();
- }
int dummy_fd;
ino_t dummy_inode;
@@ -277,13 +270,7 @@ class Zygote {
goto error;
}
- if (use_helper) {
- fds.push_back(dummy_fd);
- fds.push_back(pipe_fds[0]);
- pid = helper_.Fork(fds);
- } else {
- pid = fork();
- }
+ pid = fork();
if (pid < 0) {
goto error;
} else if (pid == 0) {
@@ -307,43 +294,33 @@ class Zygote {
dummy_fd = -1;
close(pipe_fds[0]);
pipe_fds[0] = -1;
- base::ProcessId real_pid;
- if (g_suid_sandbox_active) {
- uint8_t reply_buf[512];
- Pickle request;
- request.WriteInt(LinuxSandbox::METHOD_GET_CHILD_WITH_INODE);
- request.WriteUInt64(dummy_inode);
-
- const ssize_t r = UnixDomainSocket::SendRecvMsg(
- kMagicSandboxIPCDescriptor, reply_buf, sizeof(reply_buf), NULL,
- request);
- if (r == -1) {
- LOG(ERROR) << "Failed to get child process's real PID";
- goto error;
- }
+ uint8_t reply_buf[512];
+ Pickle request;
+ request.WriteInt(LinuxSandbox::METHOD_GET_CHILD_WITH_INODE);
+ request.WriteUInt64(dummy_inode);
+
+ const ssize_t r = UnixDomainSocket::SendRecvMsg(
+ kMagicSandboxIPCDescriptor, reply_buf, sizeof(reply_buf), NULL,
+ request);
+ if (r == -1) {
+ LOG(ERROR) << "Failed to get child process's real PID";
+ goto error;
+ }
- Pickle reply(reinterpret_cast<char*>(reply_buf), r);
- void* iter = NULL;
- if (!reply.ReadInt(&iter, &real_pid))
- goto error;
- if (real_pid <= 0) {
- // METHOD_GET_CHILD_WITH_INODE failed. Did the child die already?
- LOG(ERROR) << "METHOD_GET_CHILD_WITH_INODE failed";
- goto error;
- }
- real_pids_to_sandbox_pids[real_pid] = pid;
+ base::ProcessId real_pid;
+ Pickle reply(reinterpret_cast<char*>(reply_buf), r);
+ void* iter2 = NULL;
+ if (!reply.ReadInt(&iter2, &real_pid))
+ goto error;
+ if (real_pid <= 0) {
+ // METHOD_GET_CHILD_WITH_INODE failed. Did the child die already?
+ LOG(ERROR) << "METHOD_GET_CHILD_WITH_INODE failed";
+ goto error;
}
- if (use_helper) {
- real_pid = pid;
- if (!helper_.AckChild(pipe_fds[1], channel_switch)) {
- LOG(ERROR) << "Failed to synchronise with NaCl child process";
- goto error;
- }
- } else {
- if (HANDLE_EINTR(write(pipe_fds[1], "x", 1)) != 1) {
- LOG(ERROR) << "Failed to synchronise with child process";
- goto error;
- }
+ real_pids_to_sandbox_pids[real_pid] = pid;
+ if (HANDLE_EINTR(write(pipe_fds[1], "x", 1)) != 1) {
+ LOG(ERROR) << "Failed to synchronise with child process";
+ goto error;
}
close(pipe_fds[1]);
return real_pid;
@@ -365,19 +342,12 @@ class Zygote {
// Handle a 'fork' request from the browser: this means that the browser
// wishes to start a new renderer.
- bool HandleForkRequest(int fd, const Pickle& pickle,
- void* iter, std::vector<int>& fds) {
+ bool HandleForkRequest(int fd, const Pickle& pickle, void* iter,
+ std::vector<int>& fds) {
std::vector<std::string> args;
int argc, numfds;
base::GlobalDescriptors::Mapping mapping;
base::ProcessId child;
- std::string process_type;
- std::string channel_id;
- const std::string channel_id_prefix = std::string("--")
- + switches::kProcessChannelID + std::string("=");
-
- if (!pickle.ReadString(&iter, &process_type))
- goto error;
if (!pickle.ReadInt(&iter, &argc))
goto error;
@@ -387,8 +357,6 @@ class Zygote {
if (!pickle.ReadString(&iter, &arg))
goto error;
args.push_back(arg);
- if (arg.compare(0, channel_id_prefix.length(), channel_id_prefix) == 0)
- channel_id = arg;
}
if (!pickle.ReadInt(&iter, &numfds))
@@ -406,7 +374,7 @@ class Zygote {
mapping.push_back(std::make_pair(
static_cast<uint32_t>(kSandboxIPCChannel), kMagicSandboxIPCDescriptor));
- child = ForkWithRealPid(process_type, fds, channel_id);
+ child = ForkWithRealPid();
if (!child) {
#if defined(SECCOMP_SANDBOX)
@@ -479,7 +447,6 @@ class Zygote {
ProcessMap real_pids_to_sandbox_pids;
const int sandbox_flags_;
- ZygoteForkDelegate& helper_;
};
// With SELinux we can carve out a precise sandbox, so we don't have to play
@@ -738,8 +705,7 @@ static bool EnterSandbox() {
#endif // CHROMIUM_SELINUX
-bool ZygoteMain(const MainFunctionParams& params,
- const ZygoteForkDelegate& forkdelegate) {
+bool ZygoteMain(const MainFunctionParams& params) {
#if !defined(CHROMIUM_SELINUX)
g_am_zygote_or_renderer = true;
#endif
@@ -758,10 +724,6 @@ bool ZygoteMain(const MainFunctionParams& params,
}
#endif // SECCOMP_SANDBOX
- VLOG(1) << "initializing fork delegate";
- forkdelegate.Init(getenv("SBX_D") != NULL, // g_suid_sandbox_active,
- kBrowserDescriptor, kMagicSandboxIPCDescriptor);
-
// Turn on the SELinux or SUID sandbox
if (!EnterSandbox()) {
LOG(FATAL) << "Failed to enter sandbox. Fail safe abort. (errno: "
@@ -798,7 +760,7 @@ bool ZygoteMain(const MainFunctionParams& params,
}
#endif // SECCOMP_SANDBOX
- Zygote zygote(sandbox_flags, forkdelegate);
+ Zygote zygote(sandbox_flags);
// This function call can return multiple times, once per fork().
return zygote.ProcessRequests();
}
diff --git a/content/common/content_switches.cc b/content/common/content_switches.cc
index 3e22610..7033c7f 100644
--- a/content/common/content_switches.cc
+++ b/content/common/content_switches.cc
@@ -274,10 +274,6 @@ const char kLogPluginMessages[] = "log-plugin-messages";
// (used for launching NaCl loader processes on 64-bit Windows).
const char kNaClBrokerProcess[] = "nacl-broker";
-// Enables experimental lightweight Native Client launcher for Linux
-// Value is the path to the helper binary.
-const char kNaClLinuxHelper[] = "nacl-linux-helper";
-
// Causes the process to run as a NativeClient loader.
const char kNaClLoaderProcess[] = "nacl-loader";
diff --git a/content/common/content_switches.h b/content/common/content_switches.h
index 1b2384f..f48e69a 100644
--- a/content/common/content_switches.h
+++ b/content/common/content_switches.h
@@ -92,10 +92,6 @@ extern const char kLogPluginMessages[];
// TODO(jam): this doesn't belong in content.
extern const char kNaClBrokerProcess[];
extern const char kNaClLoaderProcess[];
-// TODO(bradchen): remove kNaClLinuxHelper switch.
-// This switch enables the experimental lightweight nacl_helper for Linux.
-// It will be going away soon, when the helper is enabled permanently.
-extern const char kNaClLinuxHelper[];
extern const char kNoDisplayingInsecureContent[];
extern const char kNoJsRandomness[];
extern const char kNoReferrers[];
diff --git a/content/common/sandbox_methods_linux.h b/content/common/sandbox_methods_linux.h
index f048ad8..02287f6d 100644
--- a/content/common/sandbox_methods_linux.h
+++ b/content/common/sandbox_methods_linux.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -7,7 +7,7 @@
#pragma once
// This is a list of sandbox IPC methods which the renderer may send to the
-// sandbox host. See http://code.google.com/p/chromium/wiki/LinuxSandboxIPC
+// sandbox host. See http://code.google.com/p/chromium/LinuxSandboxIPC
// This isn't the full list, values < 32 are reserved for methods called from
// Skia.
class LinuxSandbox {
diff --git a/content/common/zygote_fork_delegate_linux.h b/content/common/zygote_fork_delegate_linux.h
deleted file mode 100644
index 26dfbc9..0000000
--- a/content/common/zygote_fork_delegate_linux.h
+++ /dev/null
@@ -1,49 +0,0 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef CONTENT_COMMON_ZYGOTE_FORK_DELEGATE_LINUX_H_
-#define CONTENT_COMMON_ZYGOTE_FORK_DELEGATE_LINUX_H_
-#pragma once
-
-#include <unistd.h>
-
-#include <string>
-#include <vector>
-
-#include "base/basictypes.h"
-
-// The ZygoteForkDelegate allows the Chrome Linux zygote to delegate
-// fork operations to another class that knows how to do some
-// specialized version of fork.
-class ZygoteForkDelegate {
- public:
- // A ZygoteForkDelegate is created during Chrome linux zygote
- // initialization, and provides "fork()" functionality with
- // as an alternative to forking the zygote. A new delegate is
- // passed in as an argument to ZygoteMain().
- ZygoteForkDelegate() {}
- virtual ~ZygoteForkDelegate() {}
-
- // Initialization happens in the zygote after it has been
- // started by ZygoteMain.
- virtual void Init(bool sandboxed,
- int browserdesc,
- int sandboxdesc) = 0;
-
- // Returns 'true' if the delegate would like to handle a given
- // fork request. Otherwise returns false.
- virtual bool CanHelp(const std::string& process_type) = 0;
-
- // Delegate forks, returning a -1 on failure. Outside the
- // suid sandbox, Fork() returns the Linux process ID. Inside
- // the sandbox, returns a positive integer, with PID discovery
- // handled by the sandbox.
- virtual pid_t Fork(const std::vector<int>& fds) = 0;
-
- // After a successful for, signal the child to indicate that
- // the child's PID has been received. Also communicate the
- // channel switch as a part of acknowledgement message.
- virtual bool AckChild(int fd, const std::string& channel_switch) = 0;
-};
-#endif // CONTENT_COMMON_ZYGOTE_FORK_DELEGATE_LINUX_H_
generated by cgit v1.1 at 2025-01-31 06:51:15 +0000