| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
BUG=579813
Review URL: https://codereview.chromium.org/1669493005
Cr-Commit-Position: refs/heads/master@{#379669}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original CL:
https://crrev.com/eb199fbaecd8e5d294010dfbe8897b7d83aeab07
broke NaCL integration tests on some bots. After some
extensive investigation this is somehow tied to an
obscure dependency on the value of kIPCDescriptorMax.
Moving kMojoIPCChannel to content_descriptors.h allows
us to avoid changing that value and thus avoid the
mysterious breakage. :|
Original CL description follows:
This initializes Mojo IPC very early in child process
startup so we can start using cross-process pipes in
content without a dependency on Chrome IPC.
On all supported platforms, a new OS pipe handle is
passed through ChildProcessLauncher and hooked up to
the EDK on ChildThreadImpl startup to establish a
Mojo IPC channel to the parent.
A command-line argument is also to used to share a
unique pipe token with the child, and this token is
exchanged over the Mojo IPC channel to bootstrap a
primordial message pipe.
While this CL establishes these facilities in a way
that can be used for all child processes, only
render processes are brought up in this way for now.
BUG=583557
TEST=Chrome still runs in mash with Mus-in-renderer support.
TBR=ben@chromium.org,jschuh@chromium.org
Review URL: https://codereview.chromium.org/1747053003
Cr-Commit-Position: refs/heads/master@{#378704}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
id:340001 of https://codereview.chromium.org/1685183004/ )
Reason for revert:
Breaking NaCl in a way that somehow was not caught in the CQ... :{
Will reland once that's sorted out.
Original issue's description:
> Bootstrap Mojo IPC independent of Chrome IPC
>
> This initializes Mojo IPC very early in child process
> startup so we can start using cross-process pipes in
> content without a dependency on Chrome IPC.
>
> On all supported platforms, a new OS pipe handle is
> passed through ChildProcessLauncher and hooked up to
> the EDK on ChildThreadImpl startup to establish a
> Mojo IPC channel to the parent.
>
> A command-line argument is also to used to share a
> unique pipe token with the child, and this token is
> exchanged over the Mojo IPC channel to bootstrap a
> primordial message pipe.
>
> While this CL establishes these facilities in a way
> that can be used for all child processes, only
> render processes are brought up in this way for now.
>
> BUG=583557
> TEST=Chrome still runs in mash with Mus-in-renderer support.
>
> Committed: https://crrev.com/eb199fbaecd8e5d294010dfbe8897b7d83aeab07
> Cr-Commit-Position: refs/heads/master@{#378272}
TBR=ben@chromium.org,jam@chromium.org,jschuh@chromium.org,pennymac@chromium.org,tsepez@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=583557
Review URL: https://codereview.chromium.org/1748973003
Cr-Commit-Position: refs/heads/master@{#378373}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This initializes Mojo IPC very early in child process
startup so we can start using cross-process pipes in
content without a dependency on Chrome IPC.
On all supported platforms, a new OS pipe handle is
passed through ChildProcessLauncher and hooked up to
the EDK on ChildThreadImpl startup to establish a
Mojo IPC channel to the parent.
A command-line argument is also to used to share a
unique pipe token with the child, and this token is
exchanged over the Mojo IPC channel to bootstrap a
primordial message pipe.
While this CL establishes these facilities in a way
that can be used for all child processes, only
render processes are brought up in this way for now.
BUG=583557
TEST=Chrome still runs in mash with Mus-in-renderer support.
Review URL: https://codereview.chromium.org/1685183004
Cr-Commit-Position: refs/heads/master@{#378272}
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Handles to be inherited by a child process can now be set in a delegate
passed to StartSandboxedProcess(), and/or through the TargetPolicy API.
TEST=sbox_integration_tests, content_unittests
BUG=588190
Review URL: https://codereview.chromium.org/1703953002
Cr-Commit-Position: refs/heads/master@{#378007}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Child processes are in the best position to determine which files
to use, therefore it is simplest just to provide both 32 and 64
bit versions from the parent.
BUG=581409,455699
Committed: https://crrev.com/c560d75783aca05249092dd11503b53f7b631be1
Cr-Commit-Position: refs/heads/master@{#374371}
Review URL: https://codereview.chromium.org/1665513002
Cr-Commit-Position: refs/heads/master@{#374643}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
processes. (patchset #3 id:40001 of https://codereview.chromium.org/1665513002/ )
Reason for revert:
Added a static initializer: https://build.chromium.org/p/chromium/builders/Linux/builds/71576
# v8_initializer.cc _GLOBAL__sub_I_v8_initializer.cc+0xf
# v8_initializer.cc __cxa_atexit@plt [registers a dtor to run at exit]
Original issue's description:
> Pass both 32 and 64 bit snapshot and natives fds to child processes.
>
> Child processes are in the best position to determine which files
> to use, therefore it is simplest just to provide both 32 and 64
> bit versions from the parent.
>
> BUG=581380,455699
>
> Committed: https://crrev.com/c560d75783aca05249092dd11503b53f7b631be1
> Cr-Commit-Position: refs/heads/master@{#374371}
TBR=jochen@chromium.org,torne@chromium.org,tobiasjs@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=581380,455699
Review URL: https://codereview.chromium.org/1681003003
Cr-Commit-Position: refs/heads/master@{#374380}
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Child processes are in the best position to determine which files
to use, therefore it is simplest just to provide both 32 and 64
bit versions from the parent.
BUG=581380,455699
Review URL: https://codereview.chromium.org/1665513002
Cr-Commit-Position: refs/heads/master@{#374371}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To improve component updates of PPAPI plugins, Chrome needs multiple zygotes.
This will allow the PPAPI zygote to be recreated when a plugin is updated.
This CL allows Chrome to maintain a zygote for each process type by having
each SandboxedProcessLauncherDelegate maintain a class which can communicate
with its respective zygote. This CL will be followed up with work to allow
customization of zygotes, which will give Chrome the improve component update
experience.
BUG=569191
Committed: https://crrev.com/3c1e16b490255119b6f70f94d1716645e897b185
Cr-Commit-Position: refs/heads/master@{#370488}
Review URL: https://codereview.chromium.org/1532423003
Cr-Commit-Position: refs/heads/master@{#371042}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(patchset #15 id:440001 of https://codereview.chromium.org/1532423003/ )
Reason for revert:
Revert "Have each SandboxedProcessLauncherDelegate maintain a zygote."
This reverts commit 3c1e16b490255119b6f70f94d1716645e897b185.
This broke the Site Isolation FYI bot failure:
https://build.chromium.org/p/chromium.fyi/builders/Site%20Isolation%20Linux/builds/7700
To re-land the CL, that failure needs to be diagnosed and corrected.
Original issue's description:
> Have each SandboxedProcessLauncherDelegate maintain a zygote.
>
> To improve component updates of PPAPI plugins, Chrome needs multiple zygotes.
> This will allow the PPAPI zygote to be recreated when a plugin is updated.
> This CL allows Chrome to maintain a zygote for each process type by having
> each SandboxedProcessLauncherDelegate maintain a class which can communicate
> with its respective zygote. This CL will be followed up with work to allow
> customization of zygotes, which will give Chrome the improve component update
> experience.
>
> BUG=569191
>
> Committed: https://crrev.com/3c1e16b490255119b6f70f94d1716645e897b185
> Cr-Commit-Position: refs/heads/master@{#370488}
TBR=mdempsky@chromium.org,thestig@chromium.org,avi@chromium.org,mseaborn@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=569191
Review URL: https://codereview.chromium.org/1617213002
Cr-Commit-Position: refs/heads/master@{#370771}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To improve component updates of PPAPI plugins, Chrome needs multiple zygotes.
This will allow the PPAPI zygote to be recreated when a plugin is updated.
This CL allows Chrome to maintain a zygote for each process type by having
each SandboxedProcessLauncherDelegate maintain a class which can communicate
with its respective zygote. This CL will be followed up with work to allow
customization of zygotes, which will give Chrome the improve component update
experience.
BUG=569191
Review URL: https://codereview.chromium.org/1532423003
Cr-Commit-Position: refs/heads/master@{#370488}
|
| |
|
|
|
|
|
|
|
|
| |
BUG=557422
R=avi@chromium.org
TBR=jam@chromium.org
Review URL: https://codereview.chromium.org/1579863003
Cr-Commit-Position: refs/heads/master@{#369135}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Chrome IPC.
IOSurfaceManager was created as a mechanism to exchange IOSurfaces using Mach
ports, at a time when Chrome IPC was unable to broker Mach port attachments. As
part of fixing https://crbug.com/466437, Chrome IPC grew the capability to also
also send Mach ports as part of a message.
With this new capability, the custom Mach IPC channel used by IOSurfaceManager
is no longer necessary, and its complexity can be removed.
BUG=569226,323304
Review URL: https://codereview.chromium.org/1532813002
Cr-Commit-Position: refs/heads/master@{#367474}
|
| |
|
|
|
|
|
|
|
| |
BUG=138542
TBR=jam@chromium.org
Review URL: https://codereview.chromium.org/1549113002
Cr-Commit-Position: refs/heads/master@{#366868}
|
| |
|
|
|
|
|
|
|
| |
R=Nico
BUG=557422
Review URL: https://codereview.chromium.org/1467413007
Cr-Commit-Position: refs/heads/master@{#362853}
|
| |
|
|
|
|
|
|
|
|
| |
Profiling is not being followed up on, so should be removed.
BUG=465841
Review URL: https://codereview.chromium.org/1459263003
Cr-Commit-Position: refs/heads/master@{#360899}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This involved changing how we get the client handle to the renderer. In the first iteration I was passing this on the command line but that turns out not to work with the sandbox. So instead I an approach used by the Mojo-in-Chrome MojoApplication class and pass the primordial handle via Chrome IPC.
I had to twiddle a bunch of BUILD.gn files in content to get this to work without crashing due to inconsistencies in how MOJO_SHELL_CLIENT was defined.
R=jam@chromium.org,tsepez@chromium.org
http://crbug.com/551253
Committed: https://crrev.com/3edb97198bc5fbc22c5cf13286e8af80449ddfb9
Cr-Commit-Position: refs/heads/master@{#360293}
Committed: https://crrev.com/2c716f9d5ebff610641f4506c17ec81d4b89b7bb
Cr-Commit-Position: refs/heads/master@{#360396}
Review URL: https://codereview.chromium.org/1452823003
Cr-Commit-Position: refs/heads/master@{#360550}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://codereview.chromium.org/1452823003/ )
Reason for revert:
This change is making hundreds of webkit_tests crash on linux_chromium_rel_ng with:
[1:1:1118/141621:108326049405:FATAL:lock.cc(32)] Check failed: owning_thread_ref_.is_null().
#0 0x00000067e2de base::debug::StackTrace::StackTrace()
#1 0x00000057a71f logging::LogMessage::~LogMessage()
#2 0x0000005eb69b base::Lock::CheckUnheldAndMark()
#3 0x000000518e1c base::Lock::Acquire()
#4 0x000000518b43 base::AutoLock::AutoLock()
#5 0x0000005b4014 base::SequenceCheckerImpl::CalledOnValidSequencedThread()
#6 0x000006f074ae IDMap<>::Lookup()
#7 0x000006f0598c content::RendererBlinkPlatformImpl::SetPlatformEventObserverForTesting()
#8 0x000008459264 content::SetMockGamepadProvider()
Original issue's description:
> Bind Application in renderer.
>
> This involved changing how we get the client handle to the renderer. In the first iteration I was passing this on the command line but that turns out not to work with the sandbox. So instead I an approach used by the Mojo-in-Chrome MojoApplication class and pass the primordial handle via Chrome IPC.
>
> I had to twiddle a bunch of BUILD.gn files in content to get this to work without crashing due to inconsistencies in how MOJO_SHELL_CLIENT was defined.
>
> R=jam@chromium.org,tsepez@chromium.org
> http://crbug.com/551253
>
> Committed: https://crrev.com/3edb97198bc5fbc22c5cf13286e8af80449ddfb9
> Cr-Commit-Position: refs/heads/master@{#360293}
>
> Committed: https://crrev.com/2c716f9d5ebff610641f4506c17ec81d4b89b7bb
> Cr-Commit-Position: refs/heads/master@{#360396}
TBR=jam@chromium.org,tsepez@chromium.org,ben@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/1457173002
Cr-Commit-Position: refs/heads/master@{#360446}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This involved changing how we get the client handle to the renderer. In the first iteration I was passing this on the command line but that turns out not to work with the sandbox. So instead I an approach used by the Mojo-in-Chrome MojoApplication class and pass the primordial handle via Chrome IPC.
I had to twiddle a bunch of BUILD.gn files in content to get this to work without crashing due to inconsistencies in how MOJO_SHELL_CLIENT was defined.
R=jam@chromium.org,tsepez@chromium.org
http://crbug.com/551253
Committed: https://crrev.com/3edb97198bc5fbc22c5cf13286e8af80449ddfb9
Cr-Commit-Position: refs/heads/master@{#360293}
Review URL: https://codereview.chromium.org/1452823003
Cr-Commit-Position: refs/heads/master@{#360396}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://codereview.chromium.org/1452823003/ )
Reason for revert:
Speculatively reverting this, as this CL landed exactly at the time when renderer started crashing on linux_chromium_rel_ng.
Original issue's description:
> Bind Application in renderer.
>
> This involved changing how we get the client handle to the renderer. In the first iteration I was passing this on the command line but that turns out not to work with the sandbox. So instead I an approach used by the Mojo-in-Chrome MojoApplication class and pass the primordial handle via Chrome IPC.
>
> I had to twiddle a bunch of BUILD.gn files in content to get this to work without crashing due to inconsistencies in how MOJO_SHELL_CLIENT was defined.
>
> R=jam@chromium.org,tsepez@chromium.org
> http://crbug.com/551253
>
> Committed: https://crrev.com/3edb97198bc5fbc22c5cf13286e8af80449ddfb9
> Cr-Commit-Position: refs/heads/master@{#360293}
TBR=jam@chromium.org,tsepez@chromium.org,ben@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=557732
Review URL: https://codereview.chromium.org/1460713002
Cr-Commit-Position: refs/heads/master@{#360331}
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This involved changing how we get the client handle to the renderer. In the first iteration I was passing this on the command line but that turns out not to work with the sandbox. So instead I an approach used by the Mojo-in-Chrome MojoApplication class and pass the primordial handle via Chrome IPC.
I had to twiddle a bunch of BUILD.gn files in content to get this to work without crashing due to inconsistencies in how MOJO_SHELL_CLIENT was defined.
R=jam@chromium.org,tsepez@chromium.org
http://crbug.com/551253
Review URL: https://codereview.chromium.org/1452823003
Cr-Commit-Position: refs/heads/master@{#360293}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I want to be able to use Mojo in content, so I think it makes sense that the shell bind step lives in content too.
1. Moves MojoRunnerState to content/common and renames it to MojoShellConnection. This class will be available in any process that creates an impl prior to running the main message loop.
2. Modifies ChildProcessLauncher to create a platform channel pair and put the client handle on the command line of the child process, and registers the server handle with the external shell. This will allow the child process to bind an Application request if it wants.
TODO: What if the child process doesn't bind it? What happens to the instance created in the external shell?
TODO: ChildProcessLauncher is a convenient chokepoint. It means the shell handle is passed to all child processes created by content. Do we want to do this? I think it's OK for now since this code is only triggered if Chrome itself is run from within the external shell. Before we can move this to production I think CreateInstanceForHandle is going to have to take a CapabilityFilter.
R=jam@chromium.org
http://crbug.com/551253
Review URL: https://codereview.chromium.org/1442893002
Cr-Commit-Position: refs/heads/master@{#359770}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Process::SetProcessBackgrounded() is not implemented on certain
platforms (e.g. OS X). Calling Process::SetProcessBackgrounded() on
these systems results in a warning to the console. Callers should
first check result of Process::CanBackgroundProcesses() before calling
SetProcessBackgrounded().
This cl also fixes a small error in the documentation for
SetProcessBackgrounded().
BUG=537301
Review URL: https://codereview.chromium.org/1378753002
Cr-Commit-Position: refs/heads/master@{#351943}
|
| |
|
|
|
|
|
|
|
|
|
| |
Backgrouning hidden renderers on the Mac has had unexpected performance
regressions. This cl removes the code that enables backgrounding.
BUG=534908
Review URL: https://codereview.chromium.org/1358173002
Cr-Commit-Position: refs/heads/master@{#350611}
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This also refactors the //content-level integration. Note that the sandbox is
not yet enabled.
BUG=367863,501128
R=avi@chromium.org
Review URL: https://codereview.chromium.org/1351893003
Cr-Commit-Position: refs/heads/master@{#349735}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are three changes:
- A LaunchOptions::PreExecDelegate is now used to perform the bootstrap port
replacement in the new child. This removes sandbox-specific knowledge from
//base.
- The replacement bootstrap port is no longer registered with launchd.
Instead, a new sandbox manager port is registered. Clients communicate with
this server to get the replacement bootstrap port.
- Using the above port, clients now perform a post-fork-pre-exec handshake
to check in with the sandbox server. This removes the complicated
PrepareToFork/FinishedFork interface.
BUG=367863,388214
R=mark@chromium.org
Review URL: https://codereview.chromium.org/1346923006
Cr-Commit-Position: refs/heads/master@{#349571}
|
| |
|
|
|
|
|
|
|
|
| |
CQ_INCLUDE_TRYBOTS=tryserver.blink:linux_blink_rel
TBR=tsepez@chromium.org
Review URL: https://codereview.chromium.org/1341153003
Cr-Commit-Position: refs/heads/master@{#348961}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Treat renderer startup failure as a renderer crash for metrics.
This makes situations where sandbox failures are happening en-masse
without crash reports being produced easier to spot on the stability
dashboard.
BUG=526198,467920
Review URL: https://codereview.chromium.org/1320153002
Cr-Commit-Position: refs/heads/master@{#347060}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We should rely on GYP_DEFINE "enable_plugins" in gyp files and C++ macro
"ENABLE_PLUGINS" in source code to indicate plugins support. This removes
hard-coded assumptions that certain OS does (or does not) support plugins.
Also add GYP_DEFINE "enable_pdf" and macro "ENABLE_PDF" to indicate
built-in PDF viewer plugin support.
BUG=490433
TEST=trybot
TBR=sievers@chromium.org
Review URL: https://codereview.chromium.org/1318143002
Cr-Commit-Position: refs/heads/master@{#346284}
|
| |
|
|
|
|
|
|
|
|
| |
extracting on start-up).
BUG=394502
Review URL: https://codereview.chromium.org/1181953002
Cr-Commit-Position: refs/heads/master@{#335964}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
child_process_launcher.cc
Used to be defined in each app's ContentBrowserClient, but since
content/ is the one that receives the FDs, it makes sense that it should
be the one to send them.
This also removes ChildProcessLauncher::AppendMappedFileCommandLineSwitches
as it is no longer needed.
Changes MemoryMappedFile::Region to be a POD so that it doesn't create require static initializers.
BUG=394502
Review URL: https://codereview.chromium.org/1185973003
Cr-Commit-Position: refs/heads/master@{#335207}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
child_process_launcher.cc (patchset #20 id:380001 of https://codereview.chromium.org/1182443003/)
Reason for revert:
Adds new static initializers in http://build.chromium.org/p/chromium/buildstatus?builder=Linux%20x64&number=4979
# icu_util.cc cc::VertexShaderQuadAA::VertexShaderQuadAA()
# icu_util.cc base::MemoryMappedFile::MemoryMappedFile()
# icu_util.cc base::i18n::(anonymous namespace)::g_icudtl_region
# icu_util.cc base::i18n::(anonymous namespace)::g_icudtl_mapped_file
# icu_util.cc operator new(unsigned long)
Original issue's description:
> Moved logic for mapping child process FDs for ICU and V8 into child_process_launcher.cc
>
> Used to be defined in each app's ContentBrowserClient, but since
> content/ is the one that receives the FDs, it makes sense that it should
> be the one to send them.
>
> This also removes ChildProcessLauncher::AppendMappedFileCommandLineSwitches
> as it is no longer needed.
>
> BUG=394502
>
> Committed: https://crrev.com/228414fc8870f88f11ada7512e88ea6999890f56
> Cr-Commit-Position: refs/heads/master@{#334702}
TBR=jochen@chromium.org,jam@chromium.org,jungshik@google.com,michaelbai@chromium.org,rmcilroy@chromium.org,thestig@chromium.org,agrieve@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=394502
Review URL: https://codereview.chromium.org/1187213002
Cr-Commit-Position: refs/heads/master@{#334719}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
child_process_launcher.cc
Used to be defined in each app's ContentBrowserClient, but since
content/ is the one that receives the FDs, it makes sense that it should
be the one to send them.
This also removes ChildProcessLauncher::AppendMappedFileCommandLineSwitches
as it is no longer needed.
BUG=394502
Review URL: https://codereview.chromium.org/1182443003
Cr-Commit-Position: refs/heads/master@{#334702}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We want to stop shipping the snapshot file, and instead we want
to generate it on the client. This will reduce the download size.
But since snapshot generation will be asynchronous in a utility
process, it might not be present on the first few runs of the
browser. This means we have to be able to start up without the
snapshot file (just with the natives source file). This CL
fixes Blink to cope with a missing snapshot file (V8 could
already cope).
R=rmcilroy@chromium.org, sky@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1164483003
Cr-Commit-Position: refs/heads/master@{#333258}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes the use of global IOSurfaces and instead passes
ownership between processes using Mach IPC.
The IOSurface GpuMemoryBuffer factory instance in the GPU
process sends a synchronous Mach message to the browser
process to register each IOSurface it creates. IOSurface
registration messages are handled by the
BrowserIOSurfaceManager class and child processes can use
a Mach message to acquire a reference to an IOSurface that
has been registered with the manager.
The BrowserIOSurfaceManager class keeps track of the
ownership of each IOSurface and prevents a child process
from acquiring a reference to an IOSurface that it doesn't
own. A unique unguessable token is generated for each child
process that is allowed to use IOSurfaces. The token
restricts what IOSurfaces a child process has access to
and prevents a malicious process from gaining access to
IOSurfaces it doesn't own.
Security Considerations
-----------------------
In general, this is a major improvement to security as it
provides proper sand-boxing of IOSurfaces. Prior to this
change, IOSurfaces were global and any process on the
system (including all renderer processes) had access to
all IOSurfaces. The renderer who owns the IOSurface is
the only process (except for the browser and GPU) that
has access to the IOSurface as a result of this change.
Passing of IOSurface references to child processes require
a Mach port to be open in the child process sandbox for
sending messages to the browser. As a result, Mach message
handling in the browser process
(BrowserIOSurfaceManager::Handle*Request) requires
validation and proper error handling to prevent a
malicious renderer from exploiting this channel.
BUG=323304
TEST=content_unittests --gtest_filter=GpuMemoryBuffer*/1, content_unittests --gtest_filter=BrowserIOSurfaceManagerTest.*, content_shell --enable-native-gpu-memory-buffers
Review URL: https://codereview.chromium.org/1137453002
Cr-Commit-Position: refs/heads/master@{#332757}
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This is just sending kWholeFile for every FD atm, but will be used in
the future to load v8 snapshots, icu data, and .pak files from the APK
without needing to extract them first.
BUG=394502
Review URL: https://codereview.chromium.org/1156183003
Cr-Commit-Position: refs/heads/master@{#332608}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added process_mac.cc with implementations of IsProcessBackgrounded() and
SetProcessBackgrounded().
BUG=460102
Originally Committed: https://crrev.com/e3bb10f7860a1d553c85293bd7d7615c0e7f0fd9
Reverted: https://crrev.com/ce6226a7ffe2c1cb7ac5f6cf34b56b8d217686b9
Second commit: https://crrev.com/0160d130f8a4462fa7bfb8a9924e476d31ba9a48
Second revert: https://crrev.com/93ef7cd278d450b06f4a95fad6577d05b67624aa
Review URL: https://codereview.chromium.org/989703002
Cr-Commit-Position: refs/heads/master@{#332454}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
id:420001 of https://codereview.chromium.org/989703002/)
Reason for revert:
This CL seems to be the cause of ExtensionApiNewTabTest.Tabs failures on Mac.
Original issue's description:
> Add support for backgrounding processes on the Mac
>
> Added process_mac.cc with implementations of IsProcessBackgrounded() and
> SetProcessBackgrounded().
>
> BUG=460102
>
> Originally Committed: https://crrev.com/e3bb10f7860a1d553c85293bd7d7615c0e7f0fd9
> Reverted: https://crrev.com/ce6226a7ffe2c1cb7ac5f6cf34b56b8d217686b9
>
> Committed: https://crrev.com/0160d130f8a4462fa7bfb8a9924e476d31ba9a48
> Cr-Commit-Position: refs/heads/master@{#330464}
TBR=rsesek@chromium.org,gab@chromium.org,thakis@chromium.org,asvitkine@chromium.org,avi@chromium.org,kbr@chromium.org,shrike@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=460102
Review URL: https://codereview.chromium.org/1142913004
Cr-Commit-Position: refs/heads/master@{#330519}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added process_mac.cc with implementations of IsProcessBackgrounded() and
SetProcessBackgrounded().
BUG=460102
Originally Committed: https://crrev.com/e3bb10f7860a1d553c85293bd7d7615c0e7f0fd9
Reverted: https://crrev.com/ce6226a7ffe2c1cb7ac5f6cf34b56b8d217686b9
Review URL: https://codereview.chromium.org/989703002
Cr-Commit-Position: refs/heads/master@{#330464}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
id:400001 of https://codereview.chromium.org/989703002/)
Reason for revert:
Speculative; several browser_tests started failing on the Mac 10.9 bots, and this looks like the most likely culprit:
http://build.chromium.org/p/chromium.mac/builders/Mac10.9%20Tests/builds/1929
http://build.chromium.org/p/chromium.mac/builders/Mac10.9%20Tests%20%28dbg%29/builds/6014
Original issue's description:
> Add support for backgrounding processes on the Mac
>
> Added process_mac.cc with implementations of IsProcessBackgrounded() and
> SetProcessBackgrounded().
>
> BUG=460102
TBR=rsesek@chromium.org,gab@chromium.org,asvitkine@chromium.org,avi@chromium.org,kbr@chromium.org,shrike@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=460102
Review URL: https://codereview.chromium.org/1128183011
Cr-Commit-Position: refs/heads/master@{#330294}
|
| |
|
|
|
|
|
|
|
|
|
| |
Added process_mac.cc with implementations of IsProcessBackgrounded() and
SetProcessBackgrounded().
BUG=460102
Review URL: https://codereview.chromium.org/989703002
Cr-Commit-Position: refs/heads/master@{#330275}
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the refcounted internal state object (nested class 'Context').
This refactor makes it more obvious what happens on what thread,
and avoids the need to pass refptrs around.
TBR=bradnelson@chromium.org
BUG=469248
Review URL: https://codereview.chromium.org/1022703007
Cr-Commit-Position: refs/heads/master@{#322695}
|
| |
|
|
|
|
|
|
| |
BUG=464633
Review URL: https://codereview.chromium.org/1018043004
Cr-Commit-Position: refs/heads/master@{#321878}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
#4 id:60001 of https://codereview.chromium.org/1002853003/)
Reason for revert:
Broke linux_blink_rel try bots.
http://build.chromium.org/p/tryserver.blink/builders/linux_blink_rel/builds/53723/steps/webkit_tests%20%28with%20patch%29/logs/stdio
> [20222:20222:0322/165944:1212144529:FATAL:child_process_launcher.cc(508)] Check failed: ::content::BrowserThread::CurrentlyOn(client_thread_id_). Must be called on Chrome_UIThread; actually called on CrBrowserMain.
Original issue's description:
> Add DCHECKS() for current thread in ChildProcessLauncher
>
> And rename some functions to indicate when they don't run
> on the default (client) thread.
>
> This avoids misuse and makes it more obvious what threads we are on
> given that this involves multiple threads (launcher thread, and
> different client threads for renderers and other children - former
> calls from UI thread, the latter from IO thread -
> plus there are some Android quirks).
>
> BUG=469248
>
> Committed: https://crrev.com/8efc3b5a5e7b24ffeed0e5576a725b77868eb9ab
> Cr-Commit-Position: refs/heads/master@{#321648}
TBR=rvargas@chromium.org,sievers@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=469248
Review URL: https://codereview.chromium.org/1025923002
Cr-Commit-Position: refs/heads/master@{#321723}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
And rename some functions to indicate when they don't run
on the default (client) thread.
This avoids misuse and makes it more obvious what threads we are on
given that this involves multiple threads (launcher thread, and
different client threads for renderers and other children - former
calls from UI thread, the latter from IO thread -
plus there are some Android quirks).
BUG=469248
Review URL: https://codereview.chromium.org/1002853003
Cr-Commit-Position: refs/heads/master@{#321648}
|
| |
|
|
|
|
|
|
| |
BUG=465841
Review URL: https://codereview.chromium.org/995113002
Cr-Commit-Position: refs/heads/master@{#320034}
|
| |
|
|
|
|
|
|
| |
BUG=417532
Review URL: https://codereview.chromium.org/983963002
Cr-Commit-Position: refs/heads/master@{#319776}
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
this is all broken and has been for a while. Since then, 2012 to 2013
other, sytem-specific systems have been used.
Note that there is a v8 test that is using the stats table. Hoping to sort this now.
BUG=149742
Review URL: https://codereview.chromium.org/899753002
Cr-Commit-Position: refs/heads/master@{#315890}
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This was blocked on a WebRTC issue for a long time. However,
latest trybot runs appear green.
BUG=360622, 324216, 307043
TBR=jam@chromium.org
Review URL: https://codereview.chromium.org/227533008
Cr-Commit-Position: refs/heads/master@{#315350}
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The method is not a simple accessor.
BUG=417532
TBR=satorux@chromium.org (chromeos)
TBR=siggi@chromium.org (browser_watcher)
TBR=mseaborn@chromium.org (nacl)
TBR=davidben@chromium.org (content)
TBR=rsesek@chromium.org (sandbox)
TBR=sadrul@chromium.org (ui)
Review URL: https://codereview.chromium.org/864163003
Cr-Commit-Position: refs/heads/master@{#312978}
|
