From 7b3ba739bf4b9452051369b431980f016f5967ec Mon Sep 17 00:00:00 2001 From: Cheng Zhao Date: Wed, 1 Jun 2016 16:26:08 +0900 Subject: [PATCH] Import chrome/browser/mac/relauncher.{cc,h} --- chromium_src/chrome/browser/mac/relauncher.cc | 381 ++++++++++++++++++ chromium_src/chrome/browser/mac/relauncher.h | 77 ++++ filenames.gypi | 2 + 3 files changed, 460 insertions(+) create mode 100644 chromium_src/chrome/browser/mac/relauncher.cc create mode 100644 chromium_src/chrome/browser/mac/relauncher.h diff --git a/chromium_src/chrome/browser/mac/relauncher.cc b/chromium_src/chrome/browser/mac/relauncher.cc new file mode 100644 index 000000000000..40ea5371bf90 --- /dev/null +++ b/chromium_src/chrome/browser/mac/relauncher.cc @@ -0,0 +1,381 @@ +// Copyright 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/browser/mac/relauncher.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "base/files/file_util.h" +#include "base/files/scoped_file.h" +#include "base/logging.h" +#include "base/mac/mac_logging.h" +#include "base/mac/mac_util.h" +#include "base/mac/scoped_cftyperef.h" +#include "base/path_service.h" +#include "base/posix/eintr_wrapper.h" +#include "base/process/launch.h" +#include "base/strings/stringprintf.h" +#include "base/strings/sys_string_conversions.h" +#include "chrome/browser/mac/install_from_dmg.h" +#include "chrome/common/chrome_switches.h" +#include "content/public/common/content_paths.h" +#include "content/public/common/content_switches.h" +#include "content/public/common/main_function_params.h" + +namespace mac_relauncher { + +namespace { + +// The "magic" file descriptor that the relauncher process' write side of the +// pipe shows up on. Chosen to avoid conflicting with stdin, stdout, and +// stderr. +const int kRelauncherSyncFD = STDERR_FILENO + 1; + +// The argument separating arguments intended for the relauncher process from +// those intended for the relaunched process. "---" is chosen instead of "--" +// because CommandLine interprets "--" as meaning "end of switches", but +// for many purposes, the relauncher process' CommandLine ought to interpret +// arguments intended for the relaunched process, to get the correct settings +// for such things as logging and the user-data-dir in case it affects crash +// reporting. +const char kRelauncherArgSeparator[] = "---"; + +// When this argument is supplied to the relauncher process, it will launch +// the relaunched process without bringing it to the foreground. +const char kRelauncherBackgroundArg[] = "--background"; + +// The beginning of the "process serial number" argument that Launch Services +// sometimes inserts into command lines. A process serial number is only valid +// for a single process, so any PSN arguments will be stripped from command +// lines during relaunch to avoid confusion. +const char kPSNArg[] = "-psn_"; + +// Returns the "type" argument identifying a relauncher process +// ("--type=relauncher"). +std::string RelauncherTypeArg() { + return base::StringPrintf("--%s=%s", + switches::kProcessType, + switches::kRelauncherProcess); +} + +} // namespace + +bool RelaunchApp(const std::vector& args) { + // Use the currently-running application's helper process. The automatic + // update feature is careful to leave the currently-running version alone, + // so this is safe even if the relaunch is the result of an update having + // been applied. In fact, it's safer than using the updated version of the + // helper process, because there's no guarantee that the updated version's + // relauncher implementation will be compatible with the running version's. + base::FilePath child_path; + if (!PathService::Get(content::CHILD_PROCESS_EXE, &child_path)) { + LOG(ERROR) << "No CHILD_PROCESS_EXE"; + return false; + } + + std::vector relauncher_args; + return RelaunchAppWithHelper(child_path.value(), relauncher_args, args); +} + +bool RelaunchAppWithHelper(const std::string& helper, + const std::vector& relauncher_args, + const std::vector& args) { + std::vector relaunch_args; + relaunch_args.push_back(helper); + relaunch_args.push_back(RelauncherTypeArg()); + + // If this application isn't in the foreground, the relaunched one shouldn't + // be either. + if (!base::mac::AmIForeground()) { + relaunch_args.push_back(kRelauncherBackgroundArg); + } + + relaunch_args.insert(relaunch_args.end(), + relauncher_args.begin(), relauncher_args.end()); + + relaunch_args.push_back(kRelauncherArgSeparator); + + // When using the CommandLine interface, -psn_ may have been rewritten as + // --psn_. Look for both. + const char alt_psn_arg[] = "--psn_"; + for (size_t index = 0; index < args.size(); ++index) { + // Strip any -psn_ arguments, as they apply to a specific process. + if (args[index].compare(0, strlen(kPSNArg), kPSNArg) != 0 && + args[index].compare(0, strlen(alt_psn_arg), alt_psn_arg) != 0) { + relaunch_args.push_back(args[index]); + } + } + + int pipe_fds[2]; + if (HANDLE_EINTR(pipe(pipe_fds)) != 0) { + PLOG(ERROR) << "pipe"; + return false; + } + + // The parent process will only use pipe_read_fd as the read side of the + // pipe. It can close the write side as soon as the relauncher process has + // forked off. The relauncher process will only use pipe_write_fd as the + // write side of the pipe. In that process, the read side will be closed by + // base::LaunchApp because it won't be present in fd_map, and the write side + // will be remapped to kRelauncherSyncFD by fd_map. + base::ScopedFD pipe_read_fd(pipe_fds[0]); + base::ScopedFD pipe_write_fd(pipe_fds[1]); + + // Make sure kRelauncherSyncFD is a safe value. base::LaunchProcess will + // preserve these three FDs in forked processes, so kRelauncherSyncFD should + // not conflict with them. + static_assert(kRelauncherSyncFD != STDIN_FILENO && + kRelauncherSyncFD != STDOUT_FILENO && + kRelauncherSyncFD != STDERR_FILENO, + "kRelauncherSyncFD must not conflict with stdio fds"); + + base::FileHandleMappingVector fd_map; + fd_map.push_back(std::make_pair(pipe_write_fd.get(), kRelauncherSyncFD)); + + base::LaunchOptions options; + options.fds_to_remap = &fd_map; + if (!base::LaunchProcess(relaunch_args, options).IsValid()) { + LOG(ERROR) << "base::LaunchProcess failed"; + return false; + } + + // The relauncher process is now starting up, or has started up. The + // original parent process continues. + + pipe_write_fd.reset(); // close(pipe_fds[1]); + + // Synchronize with the relauncher process. + char read_char; + int read_result = HANDLE_EINTR(read(pipe_read_fd.get(), &read_char, 1)); + if (read_result != 1) { + if (read_result < 0) { + PLOG(ERROR) << "read"; + } else { + LOG(ERROR) << "read: unexpected result " << read_result; + } + return false; + } + + // Since a byte has been successfully read from the relauncher process, it's + // guaranteed to have set up its kqueue monitoring this process for exit. + // It's safe to exit now. + return true; +} + +namespace { + +// In the relauncher process, performs the necessary synchronization steps +// with the parent by setting up a kqueue to watch for it to exit, writing a +// byte to the pipe, and then waiting for the exit notification on the kqueue. +// If anything fails, this logs a message and returns immediately. In those +// situations, it can be assumed that something went wrong with the parent +// process and the best recovery approach is to attempt relaunch anyway. +void RelauncherSynchronizeWithParent() { + base::ScopedFD relauncher_sync_fd(kRelauncherSyncFD); + + int parent_pid = getppid(); + + // PID 1 identifies init. launchd, that is. launchd never starts the + // relauncher process directly, having this parent_pid means that the parent + // already exited and launchd "inherited" the relauncher as its child. + // There's no reason to synchronize with launchd. + if (parent_pid == 1) { + LOG(ERROR) << "unexpected parent_pid"; + return; + } + + // Set up a kqueue to monitor the parent process for exit. + base::ScopedFD kq(kqueue()); + if (!kq.is_valid()) { + PLOG(ERROR) << "kqueue"; + return; + } + + struct kevent change = { 0 }; + EV_SET(&change, parent_pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); + if (kevent(kq.get(), &change, 1, NULL, 0, NULL) == -1) { + PLOG(ERROR) << "kevent (add)"; + return; + } + + // Write a '\0' character to the pipe. + if (HANDLE_EINTR(write(relauncher_sync_fd.get(), "", 1)) != 1) { + PLOG(ERROR) << "write"; + return; + } + + // Up until now, the parent process was blocked in a read waiting for the + // write above to complete. The parent process is now free to exit. Wait for + // that to happen. + struct kevent event; + int events = kevent(kq.get(), NULL, 0, &event, 1, NULL); + if (events != 1) { + if (events < 0) { + PLOG(ERROR) << "kevent (monitor)"; + } else { + LOG(ERROR) << "kevent (monitor): unexpected result " << events; + } + return; + } + + if (event.filter != EVFILT_PROC || + event.fflags != NOTE_EXIT || + event.ident != static_cast(parent_pid)) { + LOG(ERROR) << "kevent (monitor): unexpected event, filter " << event.filter + << ", fflags " << event.fflags << ", ident " << event.ident; + return; + } +} + +} // namespace + +namespace internal { + +int RelauncherMain(const content::MainFunctionParams& main_parameters) { + // CommandLine rearranges the order of the arguments returned by + // main_parameters.argv(), rendering it impossible to determine which + // arguments originally came before kRelauncherArgSeparator and which came + // after. It's crucial to distinguish between these because only those + // after the separator should be given to the relaunched process; it's also + // important to not treat the path to the relaunched process as a "loose" + // argument. NXArgc and NXArgv are pointers to the original argc and argv as + // passed to main(), so use those. Access them through _NSGetArgc and + // _NSGetArgv because NXArgc and NXArgv are normally only available to a + // main executable via crt1.o and this code will run from a dylib, and + // because of http://crbug.com/139902. + const int* argcp = _NSGetArgc(); + if (!argcp) { + NOTREACHED(); + return 1; + } + int argc = *argcp; + + const char* const* const* argvp = _NSGetArgv(); + if (!argvp) { + NOTREACHED(); + return 1; + } + const char* const* argv = *argvp; + + if (argc < 4 || RelauncherTypeArg() != argv[1]) { + LOG(ERROR) << "relauncher process invoked with unexpected arguments"; + return 1; + } + + RelauncherSynchronizeWithParent(); + + // The capacity for relaunch_args is 4 less than argc, because it + // won't contain the argv[0] of the relauncher process, the + // RelauncherTypeArg() at argv[1], kRelauncherArgSeparator, or the + // executable path of the process to be launched. + base::ScopedCFTypeRef relaunch_args( + CFArrayCreateMutable(NULL, argc - 4, &kCFTypeArrayCallBacks)); + if (!relaunch_args) { + LOG(ERROR) << "CFArrayCreateMutable"; + return 1; + } + + // Figure out what to execute, what arguments to pass it, and whether to + // start it in the background. + bool background = false; + bool in_relaunch_args = false; + std::string dmg_bsd_device_name; + bool seen_relaunch_executable = false; + std::string relaunch_executable; + const std::string relauncher_arg_separator(kRelauncherArgSeparator); + const std::string relauncher_dmg_device_arg = + base::StringPrintf("--%s=", switches::kRelauncherProcessDMGDevice); + for (int argv_index = 2; argv_index < argc; ++argv_index) { + const std::string arg(argv[argv_index]); + + // Strip any -psn_ arguments, as they apply to a specific process. + if (arg.compare(0, strlen(kPSNArg), kPSNArg) == 0) { + continue; + } + + if (!in_relaunch_args) { + if (arg == relauncher_arg_separator) { + in_relaunch_args = true; + } else if (arg == kRelauncherBackgroundArg) { + background = true; + } else if (arg.compare(0, + relauncher_dmg_device_arg.size(), + relauncher_dmg_device_arg) == 0) { + dmg_bsd_device_name.assign( + arg.substr(relauncher_dmg_device_arg.size())); + } + } else { + if (!seen_relaunch_executable) { + // The first argument after kRelauncherBackgroundArg is the path to + // the executable file or .app bundle directory. The Launch Services + // interface wants this separate from the rest of the arguments. In + // the relaunched process, this path will still be visible at argv[0]. + relaunch_executable.assign(arg); + seen_relaunch_executable = true; + } else { + base::ScopedCFTypeRef arg_cf( + base::SysUTF8ToCFStringRef(arg)); + if (!arg_cf) { + LOG(ERROR) << "base::SysUTF8ToCFStringRef failed for " << arg; + return 1; + } + CFArrayAppendValue(relaunch_args, arg_cf); + } + } + } + + if (!seen_relaunch_executable) { + LOG(ERROR) << "nothing to relaunch"; + return 1; + } + + FSRef app_fsref; + if (!base::mac::FSRefFromPath(relaunch_executable, &app_fsref)) { + LOG(ERROR) << "base::mac::FSRefFromPath failed for " << relaunch_executable; + return 1; + } + + LSApplicationParameters ls_parameters = { + 0, // version + kLSLaunchDefaults | kLSLaunchAndDisplayErrors | kLSLaunchNewInstance | + (background ? kLSLaunchDontSwitch : 0), + &app_fsref, + NULL, // asyncLaunchRefCon + NULL, // environment + relaunch_args, + NULL // initialEvent + }; + + OSStatus status = LSOpenApplication(&ls_parameters, NULL); + if (status != noErr) { + OSSTATUS_LOG(ERROR, status) << "LSOpenApplication"; + return 1; + } + + // The application should have relaunched (or is in the process of + // relaunching). From this point on, only clean-up tasks should occur, and + // failures are tolerable. + + if (!dmg_bsd_device_name.empty()) { + EjectAndTrashDiskImage(dmg_bsd_device_name); + } + + return 0; +} + +} // namespace internal + +} // namespace mac_relauncher diff --git a/chromium_src/chrome/browser/mac/relauncher.h b/chromium_src/chrome/browser/mac/relauncher.h new file mode 100644 index 000000000000..66391b423fe3 --- /dev/null +++ b/chromium_src/chrome/browser/mac/relauncher.h @@ -0,0 +1,77 @@ +// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CHROME_BROWSER_MAC_RELAUNCHER_H_ +#define CHROME_BROWSER_MAC_RELAUNCHER_H_ + +// mac_relauncher implements main browser application relaunches on the Mac. +// When a browser wants to relaunch itself, it can't simply fork off a new +// process and exec a new browser from within. That leaves open a window +// during which two browser applications might be running concurrently. If +// that happens, each will wind up with a distinct Dock icon, which is +// especially bad if the user expected the Dock icon to be persistent by +// choosing Keep in Dock from the icon's contextual menu. +// +// mac_relauncher approaches this problem by introducing an intermediate +// process (the "relauncher") in between the original browser ("parent") and +// replacement browser ("relaunched"). The helper executable is used for the +// relauncher process; because it's an LSUIElement, it doesn't get a Dock +// icon and isn't visible as a running application at all. The parent will +// start a relauncher process, giving it the "writer" side of a pipe that it +// retains the "reader" end of. When the relauncher starts up, it will +// establish a kqueue to wait for the parent to exit, and will then write to +// the pipe. The parent, upon reading from the pipe, is free to exit. When the +// relauncher is notified via its kqueue that the parent has exited, it +// proceeds, launching the relaunched process. The handshake to synchronize +// the parent with the relauncher is necessary to avoid races: the relauncher +// needs to be sure that it's monitoring the parent and not some other process +// in light of PID reuse, so the parent must remain alive long enough for the +// relauncher to set up its kqueue. + +#include +#include + +namespace content { +struct MainFunctionParams; +} + +namespace mac_relauncher { + +// Relaunches the application using the helper application associated with the +// currently running instance of Chrome in the parent browser process as the +// executable for the relauncher process. |args| is an argv-style vector of +// command line arguments of the form normally passed to execv. args[0] is +// also the path to the relaunched process. Because the relauncher process +// will ultimately launch the relaunched process via Launch Services, args[0] +// may be either a pathname to an executable file or a pathname to an .app +// bundle directory. The caller should exit soon after RelaunchApp returns +// successfully. Returns true on success, although some failures can occur +// after this function returns true if, for example, they occur within the +// relauncher process. Returns false when the relaunch definitely failed. +bool RelaunchApp(const std::vector& args); + +// Identical to RelaunchApp, but uses |helper| as the path to the relauncher +// process, and allows additional arguments to be supplied to the relauncher +// process in relauncher_args. Unlike args[0], |helper| must be a pathname to +// an executable file. The helper path given must be from the same version of +// Chrome as the running parent browser process, as there are no guarantees +// that the parent and relauncher processes from different versions will be +// able to communicate with one another. This variant can be useful to +// relaunch the same version of Chrome from another location, using that +// location's helper. +bool RelaunchAppWithHelper(const std::string& helper, + const std::vector& relauncher_args, + const std::vector& args); + +namespace internal { + +// The entry point from ChromeMain into the relauncher process. This is not a +// user API. Don't call it if your name isn't ChromeMain. +int RelauncherMain(const content::MainFunctionParams& main_parameters); + +} // namespace internal + +} // namespace mac_relauncher + +#endif // CHROME_BROWSER_MAC_RELAUNCHER_H_ diff --git a/filenames.gypi b/filenames.gypi index f66b98134c65..0d1d97711b43 100644 --- a/filenames.gypi +++ b/filenames.gypi @@ -420,6 +420,8 @@ 'chromium_src/chrome/browser/extensions/global_shortcut_listener_x11.h', 'chromium_src/chrome/browser/extensions/global_shortcut_listener_win.cc', 'chromium_src/chrome/browser/extensions/global_shortcut_listener_win.h', + 'chromium_src/chrome/browser/mac/relauncher.cc', + 'chromium_src/chrome/browser/mac/relauncher.h', 'chromium_src/chrome/browser/media/desktop_media_list.h', 'chromium_src/chrome/browser/media/desktop_media_list_observer.h', 'chromium_src/chrome/browser/media/native_desktop_media_list.cc',