From 4730db95815ec2cd4d12063a14cff7cbbeb5fe61 Mon Sep 17 00:00:00 2001 From: "piman@google.com" Date: Wed, 22 Jul 2009 00:40:48 +0000 Subject: linux: add command-line flag to allow debugging of sandboxed processes Review URL: http://codereview.chromium.org/159124 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@21248 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/browser/zygote_host_linux.cc | 3 +++ chrome/browser/zygote_main_linux.cc | 16 ++++++++++++---- chrome/common/chrome_switches.cc | 3 +++ chrome/common/chrome_switches.h | 2 ++ 4 files changed, 20 insertions(+), 4 deletions(-) (limited to 'chrome') diff --git a/chrome/browser/zygote_host_linux.cc b/chrome/browser/zygote_host_linux.cc index b055834..9f9e4aa 100644 --- a/chrome/browser/zygote_host_linux.cc +++ b/chrome/browser/zygote_host_linux.cc @@ -64,6 +64,9 @@ ZygoteHost::ZygoteHost() { browser_command_line.GetSwitchValue(switches::kZygoteCmdPrefix); cmd_line.PrependWrapper(prefix); } + if (browser_command_line.HasSwitch(switches::kAllowSandboxDebugging)) { + cmd_line.AppendSwitch(switches::kAllowSandboxDebugging); + } const char* sandbox_binary = NULL; struct stat st; diff --git a/chrome/browser/zygote_main_linux.cc b/chrome/browser/zygote_main_linux.cc index 2d410fb..3d3df87 100644 --- a/chrome/browser/zygote_main_linux.cc +++ b/chrome/browser/zygote_main_linux.cc @@ -19,6 +19,7 @@ #include "chrome/browser/zygote_host_linux.h" #include "chrome/common/chrome_descriptors.h" +#include "chrome/common/chrome_switches.h" #include "chrome/common/main_function_params.h" #include "chrome/common/process_watcher.h" #include "chrome/common/sandbox_methods_linux.h" @@ -337,10 +338,17 @@ static bool MaybeEnterChroot() { // However, now that we have a zygote model, only the (trusted) zygote // exists at this point and we can set the non-dumpable flag which is // inherited by all our renderer children. - prctl(PR_SET_DUMPABLE, 0, 0, 0, 0); - if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0)) { - LOG(ERROR) << "Failed to set non-dumpable flag"; - return false; + // + // Note: a non-dumpable process can't be debugged. To debug sandbox-related + // issues, one can specify --allow-sandbox-debugging to let the process be + // dumpable. + const CommandLine& command_line = *CommandLine::ForCurrentProcess(); + if (!command_line.HasSwitch(switches::kAllowSandboxDebugging)) { + prctl(PR_SET_DUMPABLE, 0, 0, 0, 0); + if (prctl(PR_GET_DUMPABLE, 0, 0, 0, 0)) { + LOG(ERROR) << "Failed to set non-dumpable flag"; + return false; + } } } else { SkiaFontConfigUseDirectImplementation(); diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc index 6528ae1..85b08a1 100644 --- a/chrome/common/chrome_switches.cc +++ b/chrome/common/chrome_switches.cc @@ -557,4 +557,7 @@ const wchar_t kEnableLocalStorage[] = L"enable-local-storage"; // Enable session storage. Still buggy. const wchar_t kEnableSessionStorage[] = L"enable-session-storage"; +// Allows debugging of sandboxed processes (see zygote_main_linux.cc). +const wchar_t kAllowSandboxDebugging[] = L"allow-sandbox-debugging"; + } // namespace switches diff --git a/chrome/common/chrome_switches.h b/chrome/common/chrome_switches.h index 3af9fb2..0727da2 100644 --- a/chrome/common/chrome_switches.h +++ b/chrome/common/chrome_switches.h @@ -215,6 +215,8 @@ extern const wchar_t kEnableLocalStorage[]; extern const wchar_t kEnableSessionStorage[]; +extern const wchar_t kAllowSandboxDebugging[]; + } // namespace switches #endif // CHROME_COMMON_CHROME_SWITCHES_H_ -- cgit v1.1