Supervised user whitelists: Cleanup
[chromium-blink-merge.git] / content / public / common / zygote_fork_delegate_linux.h
blob2f2f0b2a55c0defdfe72ce10a33eb85f240501d4
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CONTENT_PUBLIC_COMMON_ZYGOTE_FORK_DELEGATE_LINUX_H_
6 #define CONTENT_PUBLIC_COMMON_ZYGOTE_FORK_DELEGATE_LINUX_H_
8 #include <unistd.h>
10 #include <string>
11 #include <vector>
13 // TODO(jln) base::TerminationStatus should be forward declared when switching
14 // to C++11.
15 #include "base/process/kill.h"
17 namespace content {
19 // The ZygoteForkDelegate allows the Chrome Linux zygote to delegate
20 // fork operations to another class that knows how to do some
21 // specialized version of fork.
22 class ZygoteForkDelegate {
23 public:
24 // A ZygoteForkDelegate is created during Chrome linux zygote
25 // initialization, and provides "fork()" functionality as an
26 // alternative to forking the zygote. A new delegate is passed in
27 // as an argument to ZygoteMain().
28 virtual ~ZygoteForkDelegate() {}
30 // Initialization happens in the zygote after it has been
31 // started by ZygoteMain.
32 // If |enable_layer1_sandbox| is true, the delegate must enable a
33 // layer-1 sandbox such as the setuid sandbox.
34 virtual void Init(int sandboxdesc, bool enable_layer1_sandbox) = 0;
36 // After Init, supply a UMA_HISTOGRAM_ENUMERATION the delegate would like
37 // reported to the browser process. (Note: Because these reports are
38 // piggy-backed onto fork responses that don't otherwise contain UMA reports,
39 // this method may not be called until much later.)
40 virtual void InitialUMA(std::string* uma_name,
41 int* uma_sample,
42 int* uma_boundary_value) = 0;
44 // Returns 'true' if the delegate would like to handle a given fork
45 // request. Otherwise returns false. Optionally, fills in uma_name et al
46 // with a report the helper wants to make via UMA_HISTOGRAM_ENUMERATION.
47 virtual bool CanHelp(const std::string& process_type, std::string* uma_name,
48 int* uma_sample, int* uma_boundary_value) = 0;
50 // Indexes of FDs in the vector passed to Fork().
51 enum {
52 // Used to pass in the descriptor for talking to the Browser
53 kBrowserFDIndex,
54 // The PID oracle is used in the protocol for discovering the
55 // child process's real PID from within the SUID sandbox.
56 // The child process is required to write to the socket after
57 // successfully forking.
58 kPIDOracleFDIndex,
59 kNumPassedFDs // Number of FDs in the vector passed to Fork().
62 // Delegate forks, returning a -1 on failure. Outside the
63 // suid sandbox, Fork() returns the Linux process ID.
64 // This method is not aware of any potential pid namespaces, so it'll
65 // return a raw pid just like fork() would.
66 // Delegate is responsible for communicating the channel ID to the
67 // newly created child process.
68 virtual pid_t Fork(const std::string& process_type,
69 const std::vector<int>& fds,
70 const std::string& channel_id) = 0;
72 // The fork delegate must also assume the role of waiting for its children
73 // since the caller will not be their parents and cannot do it. |pid| here
74 // should be a pid that has been returned by the Fork() method. i.e. This
75 // method is completely unaware of eventual PID namespaces due to sandboxing.
76 // |known_dead| indicates that the process is already dead and that a
77 // blocking wait() should be performed. In this case, GetTerminationStatus()
78 // will send a SIGKILL to the target process first.
79 virtual bool GetTerminationStatus(pid_t pid, bool known_dead,
80 base::TerminationStatus* status,
81 int* exit_code) = 0;
84 } // namespace content
86 #endif // CONTENT_PUBLIC_COMMON_ZYGOTE_FORK_DELEGATE_LINUX_H_