content/browser/utility_process_host_impl.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "content/browser/utility_process_host_impl.h"
   6
   7 #include "base/bind.h"
   8 #include "base/bind_helpers.h"
   9 #include "base/command_line.h"
  10 #include "base/sequenced_task_runner.h"
  11 #include "base/strings/utf_string_conversions.h"
  12 #include "content/browser/browser_child_process_host_impl.h"
  13 #include "content/common/child_process_host_impl.h"
  14 #include "content/common/utility_messages.h"
  15 #include "content/public/browser/browser_thread.h"
  16 #include "content/public/browser/content_browser_client.h"
  17 #include "content/public/browser/utility_process_host_client.h"
  18 #include "content/public/common/content_switches.h"
  19 #include "ipc/ipc_switches.h"
  20 #include "ui/base/ui_base_switches.h"
  21 #include "webkit/plugins/plugin_switches.h"
  22
  23 #if defined(OS_WIN)
  24 #include "content/public/common/sandboxed_process_launcher_delegate.h"
  25 #endif
  26
  27 namespace content {
  28
  29 #if defined(OS_WIN)
  30 // NOTE: changes to this class need to be reviewed by the security team.
  31 class UtilitySandboxedProcessLauncherDelegate
  32     : public SandboxedProcessLauncherDelegate {
  33  public:
  34   explicit UtilitySandboxedProcessLauncherDelegate(
  35     const base::FilePath& exposed_dir) : exposed_dir_(exposed_dir) {}
  36   virtual ~UtilitySandboxedProcessLauncherDelegate() {}
  37
  38   virtual void PreSandbox(bool* disable_default_policy,
  39                           base::FilePath* exposed_dir) OVERRIDE {
  40     *exposed_dir = exposed_dir_;
  41   }
  42
  43 private:
  44   base::FilePath exposed_dir_;
  45 };
  46 #endif
  47
  48 UtilityProcessHost* UtilityProcessHost::Create(
  49     UtilityProcessHostClient* client,
  50     base::SequencedTaskRunner* client_task_runner) {
  51   return new UtilityProcessHostImpl(client, client_task_runner);
  52 }
  53
  54 UtilityProcessHostImpl::UtilityProcessHostImpl(
  55     UtilityProcessHostClient* client,
  56     base::SequencedTaskRunner* client_task_runner)
  57     : client_(client),
  58       client_task_runner_(client_task_runner),
  59       is_batch_mode_(false),
  60       no_sandbox_(false),
  61 #if defined(OS_LINUX)
  62       child_flags_(ChildProcessHost::CHILD_ALLOW_SELF),
  63 #else
  64       child_flags_(ChildProcessHost::CHILD_NORMAL),
  65 #endif
  66       use_linux_zygote_(false),
  67       started_(false) {
  68   process_.reset(new BrowserChildProcessHostImpl(PROCESS_TYPE_UTILITY, this));
  69 }
  70
  71 UtilityProcessHostImpl::~UtilityProcessHostImpl() {
  72   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
  73   DCHECK(!is_batch_mode_);
  74 }
  75
  76 bool UtilityProcessHostImpl::Send(IPC::Message* message) {
  77   if (!StartProcess())
  78     return false;
  79
  80   return process_->Send(message);
  81 }
  82
  83 bool UtilityProcessHostImpl::StartBatchMode()  {
  84   CHECK(!is_batch_mode_);
  85   is_batch_mode_ = StartProcess();
  86   Send(new UtilityMsg_BatchMode_Started());
  87   return is_batch_mode_;
  88 }
  89
  90 void UtilityProcessHostImpl::EndBatchMode()  {
  91   CHECK(is_batch_mode_);
  92   is_batch_mode_ = false;
  93   Send(new UtilityMsg_BatchMode_Finished());
  94 }
  95
  96 void UtilityProcessHostImpl::SetExposedDir(const base::FilePath& dir) {
  97   exposed_dir_ = dir;
  98 }
  99
 100 void UtilityProcessHostImpl::DisableSandbox() {
 101   no_sandbox_ = true;
 102 }
 103
 104 void UtilityProcessHostImpl::EnableZygote() {
 105   use_linux_zygote_ = true;
 106 }
 107
 108 const ChildProcessData& UtilityProcessHostImpl::GetData() {
 109   return process_->GetData();
 110 }
 111
 112 #if defined(OS_POSIX)
 113
 114 void UtilityProcessHostImpl::SetEnv(const base::EnvironmentVector& env) {
 115   env_ = env;
 116 }
 117
 118 #endif  // OS_POSIX
 119
 120 bool UtilityProcessHostImpl::StartProcess() {
 121   if (started_)
 122     return true;
 123   started_ = true;
 124
 125   if (is_batch_mode_)
 126     return true;
 127   // Name must be set or metrics_service will crash in any test which
 128   // launches a UtilityProcessHost.
 129   process_->SetName(ASCIIToUTF16("utility process"));
 130
 131   std::string channel_id = process_->GetHost()->CreateChannel();
 132   if (channel_id.empty())
 133     return false;
 134
 135   const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess();
 136   int child_flags = child_flags_;
 137
 138 #if defined(OS_POSIX)
 139   bool has_cmd_prefix = browser_command_line.HasSwitch(
 140       switches::kUtilityCmdPrefix);
 141
 142   // When running under gdb, forking /proc/self/exe ends up forking the gdb
 143   // executable instead of Chromium. It is almost safe to assume that no
 144   // updates will happen while a developer is running with
 145   // |switches::kUtilityCmdPrefix|. See ChildProcessHost::GetChildPath() for
 146   // a similar case with Valgrind.
 147   if (has_cmd_prefix)
 148     child_flags = ChildProcessHost::CHILD_NORMAL;
 149 #endif
 150
 151   base::FilePath exe_path = ChildProcessHost::GetChildPath(child_flags);
 152   if (exe_path.empty()) {
 153     NOTREACHED() << "Unable to get utility process binary name.";
 154     return false;
 155   }
 156
 157   CommandLine* cmd_line = new CommandLine(exe_path);
 158   cmd_line->AppendSwitchASCII(switches::kProcessType,
 159                               switches::kUtilityProcess);
 160   cmd_line->AppendSwitchASCII(switches::kProcessChannelID, channel_id);
 161   std::string locale = GetContentClient()->browser()->GetApplicationLocale();
 162   cmd_line->AppendSwitchASCII(switches::kLang, locale);
 163
 164   if (no_sandbox_ || browser_command_line.HasSwitch(switches::kNoSandbox))
 165     cmd_line->AppendSwitch(switches::kNoSandbox);
 166 #if defined(OS_MACOSX)
 167   if (browser_command_line.HasSwitch(switches::kEnableSandboxLogging))
 168     cmd_line->AppendSwitch(switches::kEnableSandboxLogging);
 169 #endif
 170   if (browser_command_line.HasSwitch(switches::kDebugPluginLoading))
 171     cmd_line->AppendSwitch(switches::kDebugPluginLoading);
 172
 173 #if defined(OS_POSIX)
 174   // TODO(port): Sandbox this on Linux.  Also, zygote this to work with
 175   // Linux updating.
 176   if (has_cmd_prefix) {
 177     // launch the utility child process with some prefix (usually "xterm -e gdb
 178     // --args").
 179     cmd_line->PrependWrapper(browser_command_line.GetSwitchValueNative(
 180         switches::kUtilityCmdPrefix));
 181   }
 182
 183   cmd_line->AppendSwitchPath(switches::kUtilityProcessAllowedDir, exposed_dir_);
 184 #endif
 185
 186   bool use_zygote = false;
 187
 188 #if defined(OS_LINUX)
 189   use_zygote = !no_sandbox_ && use_linux_zygote_;
 190 #endif
 191
 192   process_->Launch(
 193 #if defined(OS_WIN)
 194       new UtilitySandboxedProcessLauncherDelegate(exposed_dir_),
 195 #elif defined(OS_POSIX)
 196       use_zygote,
 197       env_,
 198 #endif
 199       cmd_line);
 200
 201   return true;
 202 }
 203
 204 bool UtilityProcessHostImpl::OnMessageReceived(const IPC::Message& message) {
 205   client_task_runner_->PostTask(
 206       FROM_HERE,
 207       base::Bind(base::IgnoreResult(
 208           &UtilityProcessHostClient::OnMessageReceived), client_.get(),
 209           message));
 210   return true;
 211 }
 212
 213 void UtilityProcessHostImpl::OnProcessCrashed(int exit_code) {
 214   client_task_runner_->PostTask(
 215       FROM_HERE,
 216       base::Bind(&UtilityProcessHostClient::OnProcessCrashed, client_.get(),
 217             exit_code));
 218 }
 219
 220 }  // namespace content