1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SERVICES_SERVICE_MANAGER_ZYGOTE_COMMON_ZYGOTE_FORK_DELEGATE_LINUX_H_ 6 #define SERVICES_SERVICE_MANAGER_ZYGOTE_COMMON_ZYGOTE_FORK_DELEGATE_LINUX_H_ 7 8 #include <unistd.h> 9 10 #include <string> 11 #include <vector> 12 13 // TODO(jln) base::TerminationStatus should be forward declared when switching 14 // to C++11. 15 #include "base/process/kill.h" 16 17 namespace service_manager { 18 19 // The ZygoteForkDelegate allows the Chrome Linux zygote to delegate 20 // fork operations to another class that knows how to do some 21 // specialized version of fork. 22 class ZygoteForkDelegate { 23 public: 24 // A ZygoteForkDelegate is created during Chrome linux zygote 25 // initialization, and provides "fork()" functionality as an 26 // alternative to forking the zygote. A new delegate is passed in 27 // as an argument to ZygoteMain(). ~ZygoteForkDelegate()28 virtual ~ZygoteForkDelegate() {} 29 30 // Initialization happens in the zygote after it has been 31 // started by ZygoteMain. 32 // If |enable_layer1_sandbox| is true, the delegate must enable a 33 // layer-1 sandbox such as the setuid sandbox. 34 virtual void Init(int sandboxdesc, bool enable_layer1_sandbox) = 0; 35 36 // After Init, supply a UMA_HISTOGRAM_ENUMERATION the delegate would like 37 // reported to the browser process. (Note: Because these reports are 38 // piggy-backed onto fork responses that don't otherwise contain UMA reports, 39 // this method may not be called until much later.) 40 virtual void InitialUMA(std::string* uma_name, 41 int* uma_sample, 42 int* uma_boundary_value) = 0; 43 44 // Returns 'true' if the delegate would like to handle a given fork 45 // request. Otherwise returns false. Optionally, fills in uma_name et al 46 // with a report the helper wants to make via UMA_HISTOGRAM_ENUMERATION. 47 virtual bool CanHelp(const std::string& process_type, 48 std::string* uma_name, 49 int* uma_sample, 50 int* uma_boundary_value) = 0; 51 52 // Indexes of FDs in the vector passed to Fork(). 53 enum { 54 // Used to pass in the descriptor for talking to the Browser. 55 // Because the children use ChannelMojo, this is actually the Mojo fd. 56 kBrowserFDIndex, 57 // The PID oracle is used in the protocol for discovering the 58 // child process's real PID from within the SUID sandbox. 59 // The child process is required to write to the socket after 60 // successfully forking. 61 kPIDOracleFDIndex, 62 kNumPassedFDs // Number of FDs in the vector passed to Fork(). 63 }; 64 65 // Delegate forks, returning a -1 on failure. Outside the 66 // suid sandbox, Fork() returns the Linux process ID. 67 // This method is not aware of any potential pid namespaces, so it'll 68 // return a raw pid just like fork() would. 69 // Delegate is responsible for communicating the channel ID to the 70 // newly created child process. 71 virtual pid_t Fork(const std::string& process_type, 72 const std::vector<int>& fds, 73 const std::string& channel_id) = 0; 74 75 // The fork delegate must also assume the role of waiting for its children 76 // since the caller will not be their parents and cannot do it. |pid| here 77 // should be a pid that has been returned by the Fork() method. i.e. This 78 // method is completely unaware of eventual PID namespaces due to sandboxing. 79 // |known_dead| indicates that the process is already dead and that a 80 // blocking wait() should be performed. In this case, GetTerminationStatus() 81 // will send a SIGKILL to the target process first. 82 virtual bool GetTerminationStatus(pid_t pid, 83 bool known_dead, 84 base::TerminationStatus* status, 85 int* exit_code) = 0; 86 }; 87 88 } // namespace service_manager 89 90 #endif // SERVICES_SERVICE_MANAGER_ZYGOTE_COMMON_ZYGOTE_FORK_DELEGATE_LINUX_H_ 91