Make service manager's process launching as capable as content/ process launching. |
||||||||||
Issue descriptionOnce there was a project to extract the process launching, sandboxing, and IPC components from the content/ layer so they could be used for other applications. The project's name was "mojo", and after re-inventing IPC, developers took a look a content/ process launching and sandboxing, and ran away screaming in terror, instead implementing their own toy process launcher which chrome can't use because of no sandboxing or zygote support. Thus, mojo itself was insufficient, so there was a new project to address the issue of connection establishment, process launching, and sandboxing in a new component. It was called service manager. After inventing connection management, developers took a look a content/ process launching and sandboxing, and ran away screaming in terror, instead implementing their own toy process launcher which chrome can't use because of no sandboxing or zygote support. Consider fixing this ... with an eye towards maybe someday getting content out of the process launching business. In particular, having a GPU process running without bringing up all of chrome opens some possibilities for ChromeOS.
,
Nov 13 2017
,
Nov 14 2017
,
Dec 5 2017
,
Dec 6 2017
,
Jan 8 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/935db64de2dcca6cad1278cea0608439ce9eeafb commit 935db64de2dcca6cad1278cea0608439ce9eeafb Author: Tom Sepez <tsepez@chromium.org> Date: Mon Jan 08 21:24:31 2018 Break dependence of zygote_communication_linux.cc on ContentClient Tiny step towards breaking zygote out of content for future use by other components (e.g. service_manager). BUG=781334 Change-Id: Idf273ff3ad3b5692bc00dff9fb058aeda24cd084 Reviewed-on: https://chromium-review.googlesource.com/853123 Reviewed-by: John Abd-El-Malek <jam@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org> Cr-Commit-Position: refs/heads/master@{#527757} [modify] https://crrev.com/935db64de2dcca6cad1278cea0608439ce9eeafb/content/browser/browser_main_loop.cc [modify] https://crrev.com/935db64de2dcca6cad1278cea0608439ce9eeafb/content/browser/zygote_host/zygote_communication_linux.cc [modify] https://crrev.com/935db64de2dcca6cad1278cea0608439ce9eeafb/content/browser/zygote_host/zygote_communication_linux.h [modify] https://crrev.com/935db64de2dcca6cad1278cea0608439ce9eeafb/content/browser/zygote_host/zygote_handle_linux.cc [modify] https://crrev.com/935db64de2dcca6cad1278cea0608439ce9eeafb/content/public/browser/zygote_handle_linux.h
,
Jan 9 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f60832d98f9a72a50949d4df450871b9d2165f7c commit f60832d98f9a72a50949d4df450871b9d2165f7c Author: Tom Sepez <tsepez@chromium.org> Date: Tue Jan 09 19:48:33 2018 Break dependence of zygote_communication_linux.h on content::PosixFileDescriptorInfo Small step towards moving zygote out of content. The zygote_communications_linux.cc only needs the base:: class embedded in the content:: class, with the exception of an early cleanup that will now be performed automatically by the caller when the unique_ptr goes out of scope. This cleanup may close some "owned" fds, but there shouldn't be an issue in letting them stay open just a little longer. Bug: 781334 Change-Id: Iabb8d22f7e07f68aaf04ef714ff2e05a3ed93065 Reviewed-on: https://chromium-review.googlesource.com/854789 Reviewed-by: John Abd-El-Malek <jam@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org> Cr-Commit-Position: refs/heads/master@{#528076} [modify] https://crrev.com/f60832d98f9a72a50949d4df450871b9d2165f7c/content/browser/child_process_launcher_helper_linux.cc [modify] https://crrev.com/f60832d98f9a72a50949d4df450871b9d2165f7c/content/browser/zygote_host/zygote_communication_linux.cc [modify] https://crrev.com/f60832d98f9a72a50949d4df450871b9d2165f7c/content/browser/zygote_host/zygote_communication_linux.h
,
Jan 18 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/d35805efa99cbfe108d514e9d8d31c038d9f1d3e commit d35805efa99cbfe108d514e9d8d31c038d9f1d3e Author: Tom Sepez <tsepez@chromium.org> Date: Thu Jan 18 23:41:55 2018 Move content-specific switches from zygote to browser_main_loop.cc General-purpose (e.g. server_manager) switches can remain in zygote. Bug: 781334 Change-Id: I9750fb85fd7a2368c2d66b109e3afd07807d2d61 Reviewed-on: https://chromium-review.googlesource.com/875126 Reviewed-by: Robert Sesek <rsesek@chromium.org> Reviewed-by: Nasko Oskov <nasko@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org> Cr-Commit-Position: refs/heads/master@{#530342} [modify] https://crrev.com/d35805efa99cbfe108d514e9d8d31c038d9f1d3e/content/browser/browser_main_loop.cc [modify] https://crrev.com/d35805efa99cbfe108d514e9d8d31c038d9f1d3e/content/browser/zygote_host/zygote_communication_linux.cc
,
Jan 22 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/17a06f6c014d4fd959139227d237925f1efa8d87 commit 17a06f6c014d4fd959139227d237925f1efa8d87 Author: Tom Sepez <tsepez@chromium.org> Date: Mon Jan 22 18:54:57 2018 Separate zygote host from content's common_sandbox_support_linux.h Bug: 781334 Change-Id: I85e3d7c439d877d62dcc4c862e0e3cebed96b0d6 Reviewed-on: https://chromium-review.googlesource.com/875231 Reviewed-by: Robert Sesek <rsesek@chromium.org> Reviewed-by: Nasko Oskov <nasko@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org> Cr-Commit-Position: refs/heads/master@{#530925} [modify] https://crrev.com/17a06f6c014d4fd959139227d237925f1efa8d87/content/browser/browser_main_loop.cc [modify] https://crrev.com/17a06f6c014d4fd959139227d237925f1efa8d87/content/browser/zygote_host/zygote_host_impl_linux.cc [modify] https://crrev.com/17a06f6c014d4fd959139227d237925f1efa8d87/content/browser/zygote_host/zygote_host_impl_linux.h
,
Jan 25 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b081ec35d6b2296cdb67546404d2565a26283e78 commit b081ec35d6b2296cdb67546404d2565a26283e78 Author: Tom Sepez <tsepez@chromium.org> Date: Thu Jan 25 03:18:22 2018 Move sandbox interception of libc calls out from content's zygote_main These are required when a namespace sandbox is engaged, so put this code adjacent to the namespace sandbox. Put both the client and server code for the interceptor into the same file. A few symbols have to move lower down to avoid a /sandbox -> /services/service_manager dependency. Pass the result of GetSandboxFD() at init time to avoid a /sandbox -> /content dependency. Duplicate a small bit of code to write a reply. Bug: 781334 Change-Id: I0ddaba96cc7feea3d78612219b24370e43dc90f7 Reviewed-on: https://chromium-review.googlesource.com/882281 Reviewed-by: Robert Sesek <rsesek@chromium.org> Reviewed-by: Antoine Labour <piman@chromium.org> Commit-Queue: Tom Sepez <tsepez@chromium.org> Cr-Commit-Position: refs/heads/master@{#531803} [modify] https://crrev.com/b081ec35d6b2296cdb67546404d2565a26283e78/content/app/content_main_runner.cc [modify] https://crrev.com/b081ec35d6b2296cdb67546404d2565a26283e78/content/browser/sandbox_ipc_linux.cc [modify] https://crrev.com/b081ec35d6b2296cdb67546404d2565a26283e78/content/zygote/zygote_main.h [modify] https://crrev.com/b081ec35d6b2296cdb67546404d2565a26283e78/content/zygote/zygote_main_linux.cc [modify] https://crrev.com/b081ec35d6b2296cdb67546404d2565a26283e78/sandbox/linux/BUILD.gn [add] https://crrev.com/b081ec35d6b2296cdb67546404d2565a26283e78/sandbox/linux/services/libc_interceptor.cc [add] https://crrev.com/b081ec35d6b2296cdb67546404d2565a26283e78/sandbox/linux/services/libc_interceptor.h [modify] https://crrev.com/b081ec35d6b2296cdb67546404d2565a26283e78/services/service_manager/sandbox/linux/sandbox_linux.h
,
Feb 6 2018
,
Feb 6 2018
,
Oct 15
Just going through and doing general SM bug triage now, with an eye toward prioritizing major cleanup of how it's integrated into Chrome. Any update on what's left here, apart from the shoveling more code out of content and into services/service_manager?
,
Oct 17
,
Jan 11
Setting defect without priority to Pri-2. |
||||||||||
►
Sign in to add a comment |
||||||||||
Comment 1 by tsepez@chromium.org
, Nov 3 2017