1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 // On Linux, when the user tries to launch a second copy of chrome, we check 6 // for a socket in the user's profile directory. If the socket file is open we 7 // send a message to the first chrome browser process with the current 8 // directory and second process command line flags. The second process then 9 // exits. 10 // 11 // Because many networked filesystem implementations do not support unix domain 12 // sockets, we create the socket in a temporary directory and create a symlink 13 // in the profile. This temporary directory is no longer bound to the profile, 14 // and may disappear across a reboot or login to a separate session. To bind 15 // them, we store a unique cookie in the profile directory, which must also be 16 // present in the remote directory to connect. The cookie is checked both before 17 // and after the connection. /tmp is sticky, and different Chrome sessions use 18 // different cookies. Thus, a matching cookie before and after means the 19 // connection was to a directory with a valid cookie. 20 // 21 // We also have a lock file, which is a symlink to a non-existent destination. 22 // The destination is a string containing the hostname and process id of 23 // chrome's browser process, eg. "SingletonLock -> example.com-9156". When the 24 // first copy of chrome exits it will delete the lock file on shutdown, so that 25 // a different instance on a different host may then use the profile directory. 26 // 27 // If writing to the socket fails, the hostname in the lock is checked to see if 28 // another instance is running a different host using a shared filesystem (nfs, 29 // etc.) If the hostname differs an error is displayed and the second process 30 // exits. Otherwise the first process (if any) is killed and the second process 31 // starts as normal. 32 // 33 // When the second process sends the current directory and command line flags to 34 // the first process, it waits for an ACK message back from the first process 35 // for a certain time. If there is no ACK message back in time, then the first 36 // process will be considered as hung for some reason. The second process then 37 // retrieves the process id from the symbol link and kills it by sending 38 // SIGKILL. Then the second process starts as normal. 39 // 40 // TODO(james.su (at) gmail.com): Add unittest for this class. 41 42 #include "chrome/browser/process_singleton.h" 43 44 #include <errno.h> 45 #include <fcntl.h> 46 #include <gdk/gdk.h> 47 #include <signal.h> 48 #include <sys/socket.h> 49 #include <sys/stat.h> 50 #include <sys/types.h> 51 #include <sys/un.h> 52 #include <unistd.h> 53 54 #include <cstring> 55 #include <set> 56 #include <string> 57 58 #include "base/base_paths.h" 59 #include "base/basictypes.h" 60 #include "base/command_line.h" 61 #include "base/eintr_wrapper.h" 62 #include "base/file_path.h" 63 #include "base/file_util.h" 64 #include "base/logging.h" 65 #include "base/message_loop.h" 66 #include "base/path_service.h" 67 #include "base/process_util.h" 68 #include "base/rand_util.h" 69 #include "base/safe_strerror_posix.h" 70 #include "base/stl_util-inl.h" 71 #include "base/string_number_conversions.h" 72 #include "base/string_split.h" 73 #include "base/sys_string_conversions.h" 74 #include "base/threading/platform_thread.h" 75 #include "base/time.h" 76 #include "base/timer.h" 77 #include "base/utf_string_conversions.h" 78 #include "chrome/browser/browser_process.h" 79 #if defined(TOOLKIT_GTK) 80 #include "chrome/browser/ui/gtk/process_singleton_dialog.h" 81 #endif 82 #include "chrome/browser/io_thread.h" 83 #include "chrome/browser/profiles/profile.h" 84 #include "chrome/browser/profiles/profile_manager.h" 85 #include "chrome/browser/ui/browser_init.h" 86 #include "chrome/common/chrome_constants.h" 87 #include "chrome/common/chrome_paths.h" 88 #include "chrome/common/chrome_switches.h" 89 #include "content/browser/browser_thread.h" 90 #include "grit/chromium_strings.h" 91 #include "grit/generated_resources.h" 92 #include "net/base/net_util.h" 93 #include "ui/base/l10n/l10n_util.h" 94 95 const int ProcessSingleton::kTimeoutInSeconds; 96 97 namespace { 98 99 const char kStartToken[] = "START"; 100 const char kACKToken[] = "ACK"; 101 const char kShutdownToken[] = "SHUTDOWN"; 102 const char kTokenDelimiter = '\0'; 103 const int kMaxMessageLength = 32 * 1024; 104 const int kMaxACKMessageLength = arraysize(kShutdownToken) - 1; 105 106 const char kLockDelimiter = '-'; 107 108 // Set a file descriptor to be non-blocking. 109 // Return 0 on success, -1 on failure. 110 int SetNonBlocking(int fd) { 111 int flags = fcntl(fd, F_GETFL, 0); 112 if (-1 == flags) 113 return flags; 114 if (flags & O_NONBLOCK) 115 return 0; 116 return fcntl(fd, F_SETFL, flags | O_NONBLOCK); 117 } 118 119 // Set the close-on-exec bit on a file descriptor. 120 // Returns 0 on success, -1 on failure. 121 int SetCloseOnExec(int fd) { 122 int flags = fcntl(fd, F_GETFD, 0); 123 if (-1 == flags) 124 return flags; 125 if (flags & FD_CLOEXEC) 126 return 0; 127 return fcntl(fd, F_SETFD, flags | FD_CLOEXEC); 128 } 129 130 // Close a socket and check return value. 131 void CloseSocket(int fd) { 132 int rv = HANDLE_EINTR(close(fd)); 133 DCHECK_EQ(0, rv) << "Error closing socket: " << safe_strerror(errno); 134 } 135 136 // Write a message to a socket fd. 137 bool WriteToSocket(int fd, const char *message, size_t length) { 138 DCHECK(message); 139 DCHECK(length); 140 size_t bytes_written = 0; 141 do { 142 ssize_t rv = HANDLE_EINTR( 143 write(fd, message + bytes_written, length - bytes_written)); 144 if (rv < 0) { 145 if (errno == EAGAIN || errno == EWOULDBLOCK) { 146 // The socket shouldn't block, we're sending so little data. Just give 147 // up here, since NotifyOtherProcess() doesn't have an asynchronous api. 148 LOG(ERROR) << "ProcessSingleton would block on write(), so it gave up."; 149 return false; 150 } 151 PLOG(ERROR) << "write() failed"; 152 return false; 153 } 154 bytes_written += rv; 155 } while (bytes_written < length); 156 157 return true; 158 } 159 160 // Wait a socket for read for a certain timeout in seconds. 161 // Returns -1 if error occurred, 0 if timeout reached, > 0 if the socket is 162 // ready for read. 163 int WaitSocketForRead(int fd, int timeout) { 164 fd_set read_fds; 165 struct timeval tv; 166 167 FD_ZERO(&read_fds); 168 FD_SET(fd, &read_fds); 169 tv.tv_sec = timeout; 170 tv.tv_usec = 0; 171 172 return HANDLE_EINTR(select(fd + 1, &read_fds, NULL, NULL, &tv)); 173 } 174 175 // Read a message from a socket fd, with an optional timeout in seconds. 176 // If |timeout| <= 0 then read immediately. 177 // Return number of bytes actually read, or -1 on error. 178 ssize_t ReadFromSocket(int fd, char *buf, size_t bufsize, int timeout) { 179 if (timeout > 0) { 180 int rv = WaitSocketForRead(fd, timeout); 181 if (rv <= 0) 182 return rv; 183 } 184 185 size_t bytes_read = 0; 186 do { 187 ssize_t rv = HANDLE_EINTR(read(fd, buf + bytes_read, bufsize - bytes_read)); 188 if (rv < 0) { 189 if (errno != EAGAIN && errno != EWOULDBLOCK) { 190 PLOG(ERROR) << "read() failed"; 191 return rv; 192 } else { 193 // It would block, so we just return what has been read. 194 return bytes_read; 195 } 196 } else if (!rv) { 197 // No more data to read. 198 return bytes_read; 199 } else { 200 bytes_read += rv; 201 } 202 } while (bytes_read < bufsize); 203 204 return bytes_read; 205 } 206 207 // Set up a sockaddr appropriate for messaging. 208 void SetupSockAddr(const std::string& path, struct sockaddr_un* addr) { 209 addr->sun_family = AF_UNIX; 210 CHECK(path.length() < arraysize(addr->sun_path)) 211 << "Socket path too long: " << path; 212 base::strlcpy(addr->sun_path, path.c_str(), arraysize(addr->sun_path)); 213 } 214 215 // Set up a socket appropriate for messaging. 216 int SetupSocketOnly() { 217 int sock = socket(PF_UNIX, SOCK_STREAM, 0); 218 PCHECK(sock >= 0) << "socket() failed"; 219 220 int rv = SetNonBlocking(sock); 221 DCHECK_EQ(0, rv) << "Failed to make non-blocking socket."; 222 rv = SetCloseOnExec(sock); 223 DCHECK_EQ(0, rv) << "Failed to set CLOEXEC on socket."; 224 225 return sock; 226 } 227 228 // Set up a socket and sockaddr appropriate for messaging. 229 void SetupSocket(const std::string& path, int* sock, struct sockaddr_un* addr) { 230 *sock = SetupSocketOnly(); 231 SetupSockAddr(path, addr); 232 } 233 234 // Read a symbolic link, return empty string if given path is not a symbol link. 235 FilePath ReadLink(const FilePath& path) { 236 FilePath target; 237 if (!file_util::ReadSymbolicLink(path, &target)) { 238 // The only errno that should occur is ENOENT. 239 if (errno != 0 && errno != ENOENT) 240 PLOG(ERROR) << "readlink(" << path.value() << ") failed"; 241 } 242 return target; 243 } 244 245 // Unlink a path. Return true on success. 246 bool UnlinkPath(const FilePath& path) { 247 int rv = unlink(path.value().c_str()); 248 if (rv < 0 && errno != ENOENT) 249 PLOG(ERROR) << "Failed to unlink " << path.value(); 250 251 return rv == 0; 252 } 253 254 // Create a symlink. Returns true on success. 255 bool SymlinkPath(const FilePath& target, const FilePath& path) { 256 if (!file_util::CreateSymbolicLink(target, path)) { 257 // Double check the value in case symlink suceeded but we got an incorrect 258 // failure due to NFS packet loss & retry. 259 int saved_errno = errno; 260 if (ReadLink(path) != target) { 261 // If we failed to create the lock, most likely another instance won the 262 // startup race. 263 errno = saved_errno; 264 PLOG(ERROR) << "Failed to create " << path.value(); 265 return false; 266 } 267 } 268 return true; 269 } 270 271 // Extract the hostname and pid from the lock symlink. 272 // Returns true if the lock existed. 273 bool ParseLockPath(const FilePath& path, 274 std::string* hostname, 275 int* pid) { 276 std::string real_path = ReadLink(path).value(); 277 if (real_path.empty()) 278 return false; 279 280 std::string::size_type pos = real_path.rfind(kLockDelimiter); 281 282 // If the path is not a symbolic link, or doesn't contain what we expect, 283 // bail. 284 if (pos == std::string::npos) { 285 *hostname = ""; 286 *pid = -1; 287 return true; 288 } 289 290 *hostname = real_path.substr(0, pos); 291 292 const std::string& pid_str = real_path.substr(pos + 1); 293 if (!base::StringToInt(pid_str, pid)) 294 *pid = -1; 295 296 return true; 297 } 298 299 void DisplayProfileInUseError(const std::string& lock_path, 300 const std::string& hostname, 301 int pid) { 302 string16 error = l10n_util::GetStringFUTF16( 303 IDS_PROFILE_IN_USE_LINUX, 304 base::IntToString16(pid), 305 ASCIIToUTF16(hostname), 306 WideToUTF16(base::SysNativeMBToWide(lock_path)), 307 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME)); 308 LOG(ERROR) << base::SysWideToNativeMB(UTF16ToWide(error)).c_str(); 309 #if defined(TOOLKIT_GTK) 310 if (!CommandLine::ForCurrentProcess()->HasSwitch( 311 switches::kNoProcessSingletonDialog)) 312 ProcessSingletonDialog::ShowAndRun(UTF16ToUTF8(error)); 313 #endif 314 } 315 316 bool IsChromeProcess(pid_t pid) { 317 FilePath other_chrome_path(base::GetProcessExecutablePath(pid)); 318 return (!other_chrome_path.empty() && 319 other_chrome_path.BaseName() == 320 FilePath(chrome::kBrowserProcessExecutableName)); 321 } 322 323 // Return true if the given pid is one of our child processes. 324 // Assumes that the current pid is the root of all pids of the current instance. 325 bool IsSameChromeInstance(pid_t pid) { 326 pid_t cur_pid = base::GetCurrentProcId(); 327 while (pid != cur_pid) { 328 pid = base::GetParentProcessId(pid); 329 if (pid < 0) 330 return false; 331 if (!IsChromeProcess(pid)) 332 return false; 333 } 334 return true; 335 } 336 337 // Extract the process's pid from a symbol link path and if it is on 338 // the same host, kill the process, unlink the lock file and return true. 339 // If the process is part of the same chrome instance, unlink the lock file and 340 // return true without killing it. 341 // If the process is on a different host, return false. 342 bool KillProcessByLockPath(const FilePath& path) { 343 std::string hostname; 344 int pid; 345 ParseLockPath(path, &hostname, &pid); 346 347 if (!hostname.empty() && hostname != net::GetHostName()) { 348 DisplayProfileInUseError(path.value(), hostname, pid); 349 return false; 350 } 351 UnlinkPath(path); 352 353 if (IsSameChromeInstance(pid)) 354 return true; 355 356 if (pid > 0) { 357 // TODO(james.su (at) gmail.com): Is SIGKILL ok? 358 int rv = kill(static_cast<base::ProcessHandle>(pid), SIGKILL); 359 // ESRCH = No Such Process (can happen if the other process is already in 360 // progress of shutting down and finishes before we try to kill it). 361 DCHECK(rv == 0 || errno == ESRCH) << "Error killing process: " 362 << safe_strerror(errno); 363 return true; 364 } 365 366 LOG(ERROR) << "Failed to extract pid from path: " << path.value(); 367 return true; 368 } 369 370 // A helper class to hold onto a socket. 371 class ScopedSocket { 372 public: 373 ScopedSocket() : fd_(-1) { Reset(); } 374 ~ScopedSocket() { Close(); } 375 int fd() { return fd_; } 376 void Reset() { 377 Close(); 378 fd_ = SetupSocketOnly(); 379 } 380 void Close() { 381 if (fd_ >= 0) 382 CloseSocket(fd_); 383 fd_ = -1; 384 } 385 private: 386 int fd_; 387 }; 388 389 // Returns a random string for uniquifying profile connections. 390 std::string GenerateCookie() { 391 return base::Uint64ToString(base::RandUint64()); 392 } 393 394 bool CheckCookie(const FilePath& path, const FilePath& cookie) { 395 return (cookie == ReadLink(path)); 396 } 397 398 bool ConnectSocket(ScopedSocket* socket, 399 const FilePath& socket_path, 400 const FilePath& cookie_path) { 401 FilePath socket_target; 402 if (file_util::ReadSymbolicLink(socket_path, &socket_target)) { 403 // It's a symlink. Read the cookie. 404 FilePath cookie = ReadLink(cookie_path); 405 if (cookie.empty()) 406 return false; 407 FilePath remote_cookie = socket_target.DirName(). 408 Append(chrome::kSingletonCookieFilename); 409 // Verify the cookie before connecting. 410 if (!CheckCookie(remote_cookie, cookie)) 411 return false; 412 // Now we know the directory was (at that point) created by the profile 413 // owner. Try to connect. 414 sockaddr_un addr; 415 SetupSockAddr(socket_path.value(), &addr); 416 int ret = HANDLE_EINTR(connect(socket->fd(), 417 reinterpret_cast<sockaddr*>(&addr), 418 sizeof(addr))); 419 if (ret != 0) 420 return false; 421 // Check the cookie again. We only link in /tmp, which is sticky, so, if the 422 // directory is still correct, it must have been correct in-between when we 423 // connected. POSIX, sadly, lacks a connectat(). 424 if (!CheckCookie(remote_cookie, cookie)) { 425 socket->Reset(); 426 return false; 427 } 428 // Success! 429 return true; 430 } else if (errno == EINVAL) { 431 // It exists, but is not a symlink (or some other error we detect 432 // later). Just connect to it directly; this is an older version of Chrome. 433 sockaddr_un addr; 434 SetupSockAddr(socket_path.value(), &addr); 435 int ret = HANDLE_EINTR(connect(socket->fd(), 436 reinterpret_cast<sockaddr*>(&addr), 437 sizeof(addr))); 438 return (ret == 0); 439 } else { 440 // File is missing, or other error. 441 if (errno != ENOENT) 442 PLOG(ERROR) << "readlink failed"; 443 return false; 444 } 445 } 446 447 } // namespace 448 449 /////////////////////////////////////////////////////////////////////////////// 450 // ProcessSingleton::LinuxWatcher 451 // A helper class for a Linux specific implementation of the process singleton. 452 // This class sets up a listener on the singleton socket and handles parsing 453 // messages that come in on the singleton socket. 454 class ProcessSingleton::LinuxWatcher 455 : public MessageLoopForIO::Watcher, 456 public MessageLoop::DestructionObserver, 457 public base::RefCountedThreadSafe<ProcessSingleton::LinuxWatcher> { 458 public: 459 // A helper class to read message from an established socket. 460 class SocketReader : public MessageLoopForIO::Watcher { 461 public: 462 SocketReader(ProcessSingleton::LinuxWatcher* parent, 463 MessageLoop* ui_message_loop, 464 int fd) 465 : parent_(parent), 466 ui_message_loop_(ui_message_loop), 467 fd_(fd), 468 bytes_read_(0) { 469 // Wait for reads. 470 MessageLoopForIO::current()->WatchFileDescriptor( 471 fd, true, MessageLoopForIO::WATCH_READ, &fd_reader_, this); 472 timer_.Start(base::TimeDelta::FromSeconds(kTimeoutInSeconds), 473 this, &SocketReader::OnTimerExpiry); 474 } 475 476 virtual ~SocketReader() { 477 CloseSocket(fd_); 478 } 479 480 // MessageLoopForIO::Watcher impl. 481 virtual void OnFileCanReadWithoutBlocking(int fd); 482 virtual void OnFileCanWriteWithoutBlocking(int fd) { 483 // SocketReader only watches for accept (read) events. 484 NOTREACHED(); 485 } 486 487 // Finish handling the incoming message by optionally sending back an ACK 488 // message and removing this SocketReader. 489 void FinishWithACK(const char *message, size_t length); 490 491 private: 492 // If we haven't completed in a reasonable amount of time, give up. 493 void OnTimerExpiry() { 494 parent_->RemoveSocketReader(this); 495 // We're deleted beyond this point. 496 } 497 498 MessageLoopForIO::FileDescriptorWatcher fd_reader_; 499 500 // The ProcessSingleton::LinuxWatcher that owns us. 501 ProcessSingleton::LinuxWatcher* const parent_; 502 503 // A reference to the UI message loop. 504 MessageLoop* const ui_message_loop_; 505 506 // The file descriptor we're reading. 507 const int fd_; 508 509 // Store the message in this buffer. 510 char buf_[kMaxMessageLength]; 511 512 // Tracks the number of bytes we've read in case we're getting partial 513 // reads. 514 size_t bytes_read_; 515 516 base::OneShotTimer<SocketReader> timer_; 517 518 DISALLOW_COPY_AND_ASSIGN(SocketReader); 519 }; 520 521 // We expect to only be constructed on the UI thread. 522 explicit LinuxWatcher(ProcessSingleton* parent) 523 : ui_message_loop_(MessageLoop::current()), 524 parent_(parent) { 525 } 526 527 // Start listening for connections on the socket. This method should be 528 // called from the IO thread. 529 void StartListening(int socket); 530 531 // This method determines if we should use the same process and if we should, 532 // opens a new browser tab. This runs on the UI thread. 533 // |reader| is for sending back ACK message. 534 void HandleMessage(const std::string& current_dir, 535 const std::vector<std::string>& argv, 536 SocketReader *reader); 537 538 // MessageLoopForIO::Watcher impl. These run on the IO thread. 539 virtual void OnFileCanReadWithoutBlocking(int fd); 540 virtual void OnFileCanWriteWithoutBlocking(int fd) { 541 // ProcessSingleton only watches for accept (read) events. 542 NOTREACHED(); 543 } 544 545 // MessageLoop::DestructionObserver 546 virtual void WillDestroyCurrentMessageLoop() { 547 fd_watcher_.StopWatchingFileDescriptor(); 548 } 549 550 private: 551 friend class base::RefCountedThreadSafe<ProcessSingleton::LinuxWatcher>; 552 553 virtual ~LinuxWatcher() { 554 STLDeleteElements(&readers_); 555 } 556 557 // Removes and deletes the SocketReader. 558 void RemoveSocketReader(SocketReader* reader); 559 560 MessageLoopForIO::FileDescriptorWatcher fd_watcher_; 561 562 // A reference to the UI message loop (i.e., the message loop we were 563 // constructed on). 564 MessageLoop* ui_message_loop_; 565 566 // The ProcessSingleton that owns us. 567 ProcessSingleton* const parent_; 568 569 std::set<SocketReader*> readers_; 570 571 DISALLOW_COPY_AND_ASSIGN(LinuxWatcher); 572 }; 573 574 void ProcessSingleton::LinuxWatcher::OnFileCanReadWithoutBlocking(int fd) { 575 // Accepting incoming client. 576 sockaddr_un from; 577 socklen_t from_len = sizeof(from); 578 int connection_socket = HANDLE_EINTR(accept( 579 fd, reinterpret_cast<sockaddr*>(&from), &from_len)); 580 if (-1 == connection_socket) { 581 PLOG(ERROR) << "accept() failed"; 582 return; 583 } 584 int rv = SetNonBlocking(connection_socket); 585 DCHECK_EQ(0, rv) << "Failed to make non-blocking socket."; 586 SocketReader* reader = new SocketReader(this, 587 ui_message_loop_, 588 connection_socket); 589 readers_.insert(reader); 590 } 591 592 void ProcessSingleton::LinuxWatcher::StartListening(int socket) { 593 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); 594 // Watch for client connections on this socket. 595 MessageLoopForIO* ml = MessageLoopForIO::current(); 596 ml->AddDestructionObserver(this); 597 ml->WatchFileDescriptor(socket, true, MessageLoopForIO::WATCH_READ, 598 &fd_watcher_, this); 599 } 600 601 void ProcessSingleton::LinuxWatcher::HandleMessage( 602 const std::string& current_dir, const std::vector<std::string>& argv, 603 SocketReader* reader) { 604 DCHECK(ui_message_loop_ == MessageLoop::current()); 605 DCHECK(reader); 606 // If locked, it means we are not ready to process this message because 607 // we are probably in a first run critical phase. 608 if (parent_->locked()) { 609 DLOG(WARNING) << "Browser is locked"; 610 // Send back "ACK" message to prevent the client process from starting up. 611 reader->FinishWithACK(kACKToken, arraysize(kACKToken) - 1); 612 return; 613 } 614 615 // Ignore the request if the browser process is already in shutdown path. 616 if (!g_browser_process || g_browser_process->IsShuttingDown()) { 617 LOG(WARNING) << "Not handling interprocess notification as browser" 618 " is shutting down"; 619 // Send back "SHUTDOWN" message, so that the client process can start up 620 // without killing this process. 621 reader->FinishWithACK(kShutdownToken, arraysize(kShutdownToken) - 1); 622 return; 623 } 624 625 CommandLine parsed_command_line(argv); 626 PrefService* prefs = g_browser_process->local_state(); 627 DCHECK(prefs); 628 629 Profile* profile = ProfileManager::GetDefaultProfile(); 630 631 if (!profile) { 632 // We should only be able to get here if the profile already exists and 633 // has been created. 634 NOTREACHED(); 635 return; 636 } 637 638 // Ignore the request if the process was passed the --product-version flag. 639 // Normally we wouldn't get here if that flag had been passed, but it can 640 // happen if it is passed to an older version of chrome. Since newer versions 641 // of chrome do this in the background, we want to avoid spawning extra 642 // windows. 643 if (parsed_command_line.HasSwitch(switches::kProductVersion)) { 644 DLOG(WARNING) << "Remote process was passed product version flag, " 645 << "but ignored it. Doing nothing."; 646 } else { 647 // Run the browser startup sequence again, with the command line of the 648 // signalling process. 649 FilePath current_dir_file_path(current_dir); 650 BrowserInit::ProcessCommandLine(parsed_command_line, current_dir_file_path, 651 false /* not process startup */, profile, 652 NULL); 653 } 654 655 // Send back "ACK" message to prevent the client process from starting up. 656 reader->FinishWithACK(kACKToken, arraysize(kACKToken) - 1); 657 } 658 659 void ProcessSingleton::LinuxWatcher::RemoveSocketReader(SocketReader* reader) { 660 DCHECK(reader); 661 readers_.erase(reader); 662 delete reader; 663 } 664 665 /////////////////////////////////////////////////////////////////////////////// 666 // ProcessSingleton::LinuxWatcher::SocketReader 667 // 668 669 void ProcessSingleton::LinuxWatcher::SocketReader::OnFileCanReadWithoutBlocking( 670 int fd) { 671 DCHECK_EQ(fd, fd_); 672 while (bytes_read_ < sizeof(buf_)) { 673 ssize_t rv = HANDLE_EINTR( 674 read(fd, buf_ + bytes_read_, sizeof(buf_) - bytes_read_)); 675 if (rv < 0) { 676 if (errno != EAGAIN && errno != EWOULDBLOCK) { 677 PLOG(ERROR) << "read() failed"; 678 CloseSocket(fd); 679 return; 680 } else { 681 // It would block, so we just return and continue to watch for the next 682 // opportunity to read. 683 return; 684 } 685 } else if (!rv) { 686 // No more data to read. It's time to process the message. 687 break; 688 } else { 689 bytes_read_ += rv; 690 } 691 } 692 693 // Validate the message. The shortest message is kStartToken\0x\0x 694 const size_t kMinMessageLength = arraysize(kStartToken) + 4; 695 if (bytes_read_ < kMinMessageLength) { 696 buf_[bytes_read_] = 0; 697 LOG(ERROR) << "Invalid socket message (wrong length):" << buf_; 698 return; 699 } 700 701 std::string str(buf_, bytes_read_); 702 std::vector<std::string> tokens; 703 base::SplitString(str, kTokenDelimiter, &tokens); 704 705 if (tokens.size() < 3 || tokens[0] != kStartToken) { 706 LOG(ERROR) << "Wrong message format: " << str; 707 return; 708 } 709 710 // Stop the expiration timer to prevent this SocketReader object from being 711 // terminated unexpectly. 712 timer_.Stop(); 713 714 std::string current_dir = tokens[1]; 715 // Remove the first two tokens. The remaining tokens should be the command 716 // line argv array. 717 tokens.erase(tokens.begin()); 718 tokens.erase(tokens.begin()); 719 720 // Return to the UI thread to handle opening a new browser tab. 721 ui_message_loop_->PostTask(FROM_HERE, NewRunnableMethod( 722 parent_, 723 &ProcessSingleton::LinuxWatcher::HandleMessage, 724 current_dir, 725 tokens, 726 this)); 727 fd_reader_.StopWatchingFileDescriptor(); 728 729 // LinuxWatcher::HandleMessage() is in charge of destroying this SocketReader 730 // object by invoking SocketReader::FinishWithACK(). 731 } 732 733 void ProcessSingleton::LinuxWatcher::SocketReader::FinishWithACK( 734 const char *message, size_t length) { 735 if (message && length) { 736 // Not necessary to care about the return value. 737 WriteToSocket(fd_, message, length); 738 } 739 740 if (shutdown(fd_, SHUT_WR) < 0) 741 PLOG(ERROR) << "shutdown() failed"; 742 743 parent_->RemoveSocketReader(this); 744 // We are deleted beyond this point. 745 } 746 747 /////////////////////////////////////////////////////////////////////////////// 748 // ProcessSingleton 749 // 750 ProcessSingleton::ProcessSingleton(const FilePath& user_data_dir) 751 : locked_(false), 752 foreground_window_(NULL), 753 ALLOW_THIS_IN_INITIALIZER_LIST(watcher_(new LinuxWatcher(this))) { 754 socket_path_ = user_data_dir.Append(chrome::kSingletonSocketFilename); 755 lock_path_ = user_data_dir.Append(chrome::kSingletonLockFilename); 756 cookie_path_ = user_data_dir.Append(chrome::kSingletonCookieFilename); 757 } 758 759 ProcessSingleton::~ProcessSingleton() { 760 } 761 762 ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcess() { 763 return NotifyOtherProcessWithTimeout(*CommandLine::ForCurrentProcess(), 764 kTimeoutInSeconds, 765 true); 766 } 767 768 ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessWithTimeout( 769 const CommandLine& cmd_line, 770 int timeout_seconds, 771 bool kill_unresponsive) { 772 DCHECK_GE(timeout_seconds, 0); 773 774 ScopedSocket socket; 775 for (int retries = 0; retries <= timeout_seconds; ++retries) { 776 // Try to connect to the socket. 777 if (ConnectSocket(&socket, socket_path_, cookie_path_)) 778 break; 779 780 // If we're in a race with another process, they may be in Create() and have 781 // created the lock but not attached to the socket. So we check if the 782 // process with the pid from the lockfile is currently running and is a 783 // chrome browser. If so, we loop and try again for |timeout_seconds|. 784 785 std::string hostname; 786 int pid; 787 if (!ParseLockPath(lock_path_, &hostname, &pid)) { 788 // No lockfile exists. 789 return PROCESS_NONE; 790 } 791 792 if (hostname.empty()) { 793 // Invalid lockfile. 794 UnlinkPath(lock_path_); 795 return PROCESS_NONE; 796 } 797 798 if (hostname != net::GetHostName()) { 799 // Locked by process on another host. 800 DisplayProfileInUseError(lock_path_.value(), hostname, pid); 801 return PROFILE_IN_USE; 802 } 803 804 if (!IsChromeProcess(pid)) { 805 // Orphaned lockfile (no process with pid, or non-chrome process.) 806 UnlinkPath(lock_path_); 807 return PROCESS_NONE; 808 } 809 810 if (IsSameChromeInstance(pid)) { 811 // Orphaned lockfile (pid is part of same chrome instance we are, even 812 // though we haven't tried to create a lockfile yet). 813 UnlinkPath(lock_path_); 814 return PROCESS_NONE; 815 } 816 817 if (retries == timeout_seconds) { 818 // Retries failed. Kill the unresponsive chrome process and continue. 819 if (!kill_unresponsive || !KillProcessByLockPath(lock_path_)) 820 return PROFILE_IN_USE; 821 return PROCESS_NONE; 822 } 823 824 base::PlatformThread::Sleep(1000 /* ms */); 825 } 826 827 timeval timeout = {timeout_seconds, 0}; 828 setsockopt(socket.fd(), SOL_SOCKET, SO_SNDTIMEO, &timeout, sizeof(timeout)); 829 830 // Found another process, prepare our command line 831 // format is "START\0<current dir>\0<argv[0]>\0...\0<argv[n]>". 832 std::string to_send(kStartToken); 833 to_send.push_back(kTokenDelimiter); 834 835 FilePath current_dir; 836 if (!PathService::Get(base::DIR_CURRENT, ¤t_dir)) 837 return PROCESS_NONE; 838 to_send.append(current_dir.value()); 839 840 const std::vector<std::string>& argv = cmd_line.argv(); 841 for (std::vector<std::string>::const_iterator it = argv.begin(); 842 it != argv.end(); ++it) { 843 to_send.push_back(kTokenDelimiter); 844 to_send.append(*it); 845 } 846 847 // Send the message 848 if (!WriteToSocket(socket.fd(), to_send.data(), to_send.length())) { 849 // Try to kill the other process, because it might have been dead. 850 if (!kill_unresponsive || !KillProcessByLockPath(lock_path_)) 851 return PROFILE_IN_USE; 852 return PROCESS_NONE; 853 } 854 855 if (shutdown(socket.fd(), SHUT_WR) < 0) 856 PLOG(ERROR) << "shutdown() failed"; 857 858 // Read ACK message from the other process. It might be blocked for a certain 859 // timeout, to make sure the other process has enough time to return ACK. 860 char buf[kMaxACKMessageLength + 1]; 861 ssize_t len = 862 ReadFromSocket(socket.fd(), buf, kMaxACKMessageLength, timeout_seconds); 863 864 // Failed to read ACK, the other process might have been frozen. 865 if (len <= 0) { 866 if (!kill_unresponsive || !KillProcessByLockPath(lock_path_)) 867 return PROFILE_IN_USE; 868 return PROCESS_NONE; 869 } 870 871 buf[len] = '\0'; 872 if (strncmp(buf, kShutdownToken, arraysize(kShutdownToken) - 1) == 0) { 873 // The other process is shutting down, it's safe to start a new process. 874 return PROCESS_NONE; 875 } else if (strncmp(buf, kACKToken, arraysize(kACKToken) - 1) == 0) { 876 // Notify the window manager that we've started up; if we do not open a 877 // window, GTK will not automatically call this for us. 878 gdk_notify_startup_complete(); 879 // Assume the other process is handling the request. 880 return PROCESS_NOTIFIED; 881 } 882 883 NOTREACHED() << "The other process returned unknown message: " << buf; 884 return PROCESS_NOTIFIED; 885 } 886 887 ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessOrCreate() { 888 return NotifyOtherProcessWithTimeoutOrCreate( 889 *CommandLine::ForCurrentProcess(), 890 kTimeoutInSeconds); 891 } 892 893 ProcessSingleton::NotifyResult 894 ProcessSingleton::NotifyOtherProcessWithTimeoutOrCreate( 895 const CommandLine& command_line, 896 int timeout_seconds) { 897 NotifyResult result = NotifyOtherProcessWithTimeout(command_line, 898 timeout_seconds, true); 899 if (result != PROCESS_NONE) 900 return result; 901 if (Create()) 902 return PROCESS_NONE; 903 // If the Create() failed, try again to notify. (It could be that another 904 // instance was starting at the same time and managed to grab the lock before 905 // we did.) 906 // This time, we don't want to kill anything if we aren't successful, since we 907 // aren't going to try to take over the lock ourselves. 908 result = NotifyOtherProcessWithTimeout(command_line, timeout_seconds, false); 909 if (result != PROCESS_NONE) 910 return result; 911 912 return LOCK_ERROR; 913 } 914 915 bool ProcessSingleton::Create() { 916 int sock; 917 sockaddr_un addr; 918 919 // The symlink lock is pointed to the hostname and process id, so other 920 // processes can find it out. 921 FilePath symlink_content(StringPrintf( 922 "%s%c%u", 923 net::GetHostName().c_str(), 924 kLockDelimiter, 925 base::GetCurrentProcId())); 926 927 // Create symbol link before binding the socket, to ensure only one instance 928 // can have the socket open. 929 if (!SymlinkPath(symlink_content, lock_path_)) { 930 // If we failed to create the lock, most likely another instance won the 931 // startup race. 932 return false; 933 } 934 935 // Create the socket file somewhere in /tmp which is usually mounted as a 936 // normal filesystem. Some network filesystems (notably AFS) are screwy and 937 // do not support Unix domain sockets. 938 if (!socket_dir_.CreateUniqueTempDir()) { 939 LOG(ERROR) << "Failed to create socket directory."; 940 return false; 941 } 942 // Setup the socket symlink and the two cookies. 943 FilePath socket_target_path = 944 socket_dir_.path().Append(chrome::kSingletonSocketFilename); 945 FilePath cookie(GenerateCookie()); 946 FilePath remote_cookie_path = 947 socket_dir_.path().Append(chrome::kSingletonCookieFilename); 948 UnlinkPath(socket_path_); 949 UnlinkPath(cookie_path_); 950 if (!SymlinkPath(socket_target_path, socket_path_) || 951 !SymlinkPath(cookie, cookie_path_) || 952 !SymlinkPath(cookie, remote_cookie_path)) { 953 // We've already locked things, so we can't have lost the startup race, 954 // but something doesn't like us. 955 LOG(ERROR) << "Failed to create symlinks."; 956 if (!socket_dir_.Delete()) 957 LOG(ERROR) << "Encountered a problem when deleting socket directory."; 958 return false; 959 } 960 961 SetupSocket(socket_target_path.value(), &sock, &addr); 962 963 if (bind(sock, reinterpret_cast<sockaddr*>(&addr), sizeof(addr)) < 0) { 964 PLOG(ERROR) << "Failed to bind() " << socket_target_path.value(); 965 CloseSocket(sock); 966 return false; 967 } 968 969 if (listen(sock, 5) < 0) 970 NOTREACHED() << "listen failed: " << safe_strerror(errno); 971 972 // Normally we would use BrowserThread, but the IO thread hasn't started yet. 973 // Using g_browser_process, we start the thread so we can listen on the 974 // socket. 975 MessageLoop* ml = g_browser_process->io_thread()->message_loop(); 976 DCHECK(ml); 977 ml->PostTask(FROM_HERE, NewRunnableMethod( 978 watcher_.get(), 979 &ProcessSingleton::LinuxWatcher::StartListening, 980 sock)); 981 982 return true; 983 } 984 985 void ProcessSingleton::Cleanup() { 986 UnlinkPath(socket_path_); 987 UnlinkPath(cookie_path_); 988 UnlinkPath(lock_path_); 989 } 990
