1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "content/common/child_process_host_impl.h" 6 7 #include <limits> 8 9 #include "base/atomicops.h" 10 #include "base/command_line.h" 11 #include "base/files/file_path.h" 12 #include "base/logging.h" 13 #include "base/metrics/histogram.h" 14 #include "base/path_service.h" 15 #include "base/process/process_metrics.h" 16 #include "base/rand_util.h" 17 #include "base/strings/stringprintf.h" 18 #include "base/third_party/dynamic_annotations/dynamic_annotations.h" 19 #include "content/common/child_process_messages.h" 20 #include "content/public/common/child_process_host_delegate.h" 21 #include "content/public/common/content_paths.h" 22 #include "content/public/common/content_switches.h" 23 #include "ipc/ipc_channel.h" 24 #include "ipc/ipc_logging.h" 25 26 #if defined(OS_LINUX) 27 #include "base/linux_util.h" 28 #elif defined(OS_WIN) 29 #include "content/common/font_cache_dispatcher_win.h" 30 #endif // OS_LINUX 31 32 #if defined(OS_MACOSX) 33 namespace { 34 35 // Given |path| identifying a Mac-style child process executable path, adjusts 36 // it to correspond to |feature|. For a child process path such as 37 // ".../Chromium Helper.app/Contents/MacOS/Chromium Helper", the transformed 38 // path for feature "NP" would be 39 // ".../Chromium Helper NP.app/Contents/MacOS/Chromium Helper NP". The new 40 // path is returned. 41 base::FilePath TransformPathForFeature(const base::FilePath& path, 42 const std::string& feature) { 43 std::string basename = path.BaseName().value(); 44 45 base::FilePath macos_path = path.DirName(); 46 const char kMacOSName[] = "MacOS"; 47 DCHECK_EQ(kMacOSName, macos_path.BaseName().value()); 48 49 base::FilePath contents_path = macos_path.DirName(); 50 const char kContentsName[] = "Contents"; 51 DCHECK_EQ(kContentsName, contents_path.BaseName().value()); 52 53 base::FilePath helper_app_path = contents_path.DirName(); 54 const char kAppExtension[] = ".app"; 55 std::string basename_app = basename; 56 basename_app.append(kAppExtension); 57 DCHECK_EQ(basename_app, helper_app_path.BaseName().value()); 58 59 base::FilePath root_path = helper_app_path.DirName(); 60 61 std::string new_basename = basename; 62 new_basename.append(1, ' '); 63 new_basename.append(feature); 64 std::string new_basename_app = new_basename; 65 new_basename_app.append(kAppExtension); 66 67 base::FilePath new_path = root_path.Append(new_basename_app) 68 .Append(kContentsName) 69 .Append(kMacOSName) 70 .Append(new_basename); 71 72 return new_path; 73 } 74 75 } // namespace 76 #endif // OS_MACOSX 77 78 namespace content { 79 80 int ChildProcessHostImpl::kInvalidChildProcessId = -1; 81 82 // static 83 ChildProcessHost* ChildProcessHost::Create(ChildProcessHostDelegate* delegate) { 84 return new ChildProcessHostImpl(delegate); 85 } 86 87 // static 88 base::FilePath ChildProcessHost::GetChildPath(int flags) { 89 base::FilePath child_path; 90 91 child_path = CommandLine::ForCurrentProcess()->GetSwitchValuePath( 92 switches::kBrowserSubprocessPath); 93 94 #if defined(OS_LINUX) 95 // Use /proc/self/exe rather than our known binary path so updates 96 // can't swap out the binary from underneath us. 97 // When running under Valgrind, forking /proc/self/exe ends up forking the 98 // Valgrind executable, which then crashes. However, it's almost safe to 99 // assume that the updates won't happen while testing with Valgrind tools. 100 if (child_path.empty() && flags & CHILD_ALLOW_SELF && !RunningOnValgrind()) 101 child_path = base::FilePath(base::kProcSelfExe); 102 #endif 103 104 // On most platforms, the child executable is the same as the current 105 // executable. 106 if (child_path.empty()) 107 PathService::Get(CHILD_PROCESS_EXE, &child_path); 108 109 #if defined(OS_MACOSX) 110 DCHECK(!(flags & CHILD_NO_PIE && flags & CHILD_ALLOW_HEAP_EXECUTION)); 111 112 // If needed, choose an executable with special flags set that inform the 113 // kernel to enable or disable specific optional process-wide features. 114 if (flags & CHILD_NO_PIE) { 115 // "NP" is "No PIE". This results in Chromium Helper NP.app or 116 // Google Chrome Helper NP.app. 117 child_path = TransformPathForFeature(child_path, "NP"); 118 } else if (flags & CHILD_ALLOW_HEAP_EXECUTION) { 119 // "EH" is "Executable Heap". A non-executable heap is only available to 120 // 32-bit processes on Mac OS X 10.7. Most code can and should run with a 121 // non-executable heap, but the "EH" feature is provided to allow code 122 // intolerant of a non-executable heap to work properly on 10.7. This 123 // results in Chromium Helper EH.app or Google Chrome Helper EH.app. 124 child_path = TransformPathForFeature(child_path, "EH"); 125 } 126 #endif 127 128 return child_path; 129 } 130 131 ChildProcessHostImpl::ChildProcessHostImpl(ChildProcessHostDelegate* delegate) 132 : delegate_(delegate), 133 peer_handle_(base::kNullProcessHandle), 134 opening_channel_(false) { 135 #if defined(OS_WIN) 136 AddFilter(new FontCacheDispatcher()); 137 #endif 138 } 139 140 ChildProcessHostImpl::~ChildProcessHostImpl() { 141 for (size_t i = 0; i < filters_.size(); ++i) { 142 filters_[i]->OnChannelClosing(); 143 filters_[i]->OnFilterRemoved(); 144 } 145 146 base::CloseProcessHandle(peer_handle_); 147 } 148 149 void ChildProcessHostImpl::AddFilter(IPC::ChannelProxy::MessageFilter* filter) { 150 filters_.push_back(filter); 151 152 if (channel_) 153 filter->OnFilterAdded(channel_.get()); 154 } 155 156 void ChildProcessHostImpl::ForceShutdown() { 157 Send(new ChildProcessMsg_Shutdown()); 158 } 159 160 std::string ChildProcessHostImpl::CreateChannel() { 161 channel_id_ = IPC::Channel::GenerateVerifiedChannelID(std::string()); 162 channel_.reset(new IPC::Channel( 163 channel_id_, IPC::Channel::MODE_SERVER, this)); 164 if (!channel_->Connect()) 165 return std::string(); 166 167 for (size_t i = 0; i < filters_.size(); ++i) 168 filters_[i]->OnFilterAdded(channel_.get()); 169 170 // Make sure these messages get sent first. 171 #if defined(IPC_MESSAGE_LOG_ENABLED) 172 bool enabled = IPC::Logging::GetInstance()->Enabled(); 173 Send(new ChildProcessMsg_SetIPCLoggingEnabled(enabled)); 174 #endif 175 176 opening_channel_ = true; 177 178 return channel_id_; 179 } 180 181 bool ChildProcessHostImpl::IsChannelOpening() { 182 return opening_channel_; 183 } 184 185 #if defined(OS_POSIX) 186 int ChildProcessHostImpl::TakeClientFileDescriptor() { 187 return channel_->TakeClientFileDescriptor(); 188 } 189 #endif 190 191 bool ChildProcessHostImpl::Send(IPC::Message* message) { 192 if (!channel_) { 193 delete message; 194 return false; 195 } 196 return channel_->Send(message); 197 } 198 199 void ChildProcessHostImpl::AllocateSharedMemory( 200 size_t buffer_size, base::ProcessHandle child_process_handle, 201 base::SharedMemoryHandle* shared_memory_handle) { 202 base::SharedMemory shared_buf; 203 if (!shared_buf.CreateAndMapAnonymous(buffer_size)) { 204 *shared_memory_handle = base::SharedMemory::NULLHandle(); 205 NOTREACHED() << "Cannot map shared memory buffer"; 206 return; 207 } 208 shared_buf.GiveToProcess(child_process_handle, shared_memory_handle); 209 } 210 211 int ChildProcessHostImpl::GenerateChildProcessUniqueId() { 212 // This function must be threadsafe. 213 // 214 // TODO(ajwong): Why not StaticAtomicSequenceNumber? 215 static base::subtle::Atomic32 last_unique_child_id = 0; 216 int id = base::subtle::NoBarrier_AtomicIncrement(&last_unique_child_id, 1); 217 218 CHECK_NE(kInvalidChildProcessId, id); 219 220 return id; 221 } 222 223 bool ChildProcessHostImpl::OnMessageReceived(const IPC::Message& msg) { 224 #ifdef IPC_MESSAGE_LOG_ENABLED 225 IPC::Logging* logger = IPC::Logging::GetInstance(); 226 if (msg.type() == IPC_LOGGING_ID) { 227 logger->OnReceivedLoggingMessage(msg); 228 return true; 229 } 230 231 if (logger->Enabled()) 232 logger->OnPreDispatchMessage(msg); 233 #endif 234 235 bool handled = false; 236 for (size_t i = 0; i < filters_.size(); ++i) { 237 if (filters_[i]->OnMessageReceived(msg)) { 238 handled = true; 239 break; 240 } 241 } 242 243 if (!handled) { 244 handled = true; 245 IPC_BEGIN_MESSAGE_MAP(ChildProcessHostImpl, msg) 246 IPC_MESSAGE_HANDLER(ChildProcessHostMsg_ShutdownRequest, 247 OnShutdownRequest) 248 IPC_MESSAGE_HANDLER(ChildProcessHostMsg_SyncAllocateSharedMemory, 249 OnAllocateSharedMemory) 250 IPC_MESSAGE_UNHANDLED(handled = false) 251 IPC_END_MESSAGE_MAP() 252 253 if (!handled) 254 handled = delegate_->OnMessageReceived(msg); 255 } 256 257 #ifdef IPC_MESSAGE_LOG_ENABLED 258 if (logger->Enabled()) 259 logger->OnPostDispatchMessage(msg, channel_id_); 260 #endif 261 return handled; 262 } 263 264 void ChildProcessHostImpl::OnChannelConnected(int32 peer_pid) { 265 if (!base::OpenPrivilegedProcessHandle(peer_pid, &peer_handle_)) { 266 NOTREACHED(); 267 } 268 opening_channel_ = false; 269 delegate_->OnChannelConnected(peer_pid); 270 for (size_t i = 0; i < filters_.size(); ++i) 271 filters_[i]->OnChannelConnected(peer_pid); 272 } 273 274 void ChildProcessHostImpl::OnChannelError() { 275 opening_channel_ = false; 276 delegate_->OnChannelError(); 277 278 for (size_t i = 0; i < filters_.size(); ++i) 279 filters_[i]->OnChannelError(); 280 281 // This will delete host_, which will also destroy this! 282 delegate_->OnChildDisconnected(); 283 } 284 285 void ChildProcessHostImpl::OnAllocateSharedMemory( 286 uint32 buffer_size, 287 base::SharedMemoryHandle* handle) { 288 AllocateSharedMemory(buffer_size, peer_handle_, handle); 289 } 290 291 void ChildProcessHostImpl::OnShutdownRequest() { 292 if (delegate_->CanShutdown()) 293 Send(new ChildProcessMsg_Shutdown()); 294 } 295 296 } // namespace content 297