electron/patches/chromium/process_singleton.patch
electron-roller[bot] cc01272a8d
chore: bump chromium to 96.0.4647.0 (main) (#30814)
* chore: bump chromium in DEPS to 95.0.4630.0

* 3133701: Fix chrome root store codegen for cross-compile builds.

https://chromium-review.googlesource.com/c/chromium/src/+/3133701

* 49125: Include SHA512-256 in EVP_get_digestbyname and EVP_MD_do_all.

https://boringssl-review.googlesource.com/c/boringssl/+/49125

* chore: fixup patch indices

* 3131662: [Code Health] Remove ListValue::Append(Integer|Boolean)

https://chromium-review.googlesource.com/c/chromium/src/+/3131662

* chore: bump chromium in DEPS to 95.0.4631.0

* chore: update patches

* chore: bump chromium in DEPS to 95.0.4635.0

* chore: update patches

* chore: bump chromium in DEPS to 95.0.4636.0

* chore: bump chromium in DEPS to 95.0.4637.0

* chore: update patches

* refactor: move PlatformNotificationService into BrowserContext

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/3137256

* refactor: ListValue::GetSize and ListValue::AppendString were removed

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/3144540

* chore: bump chromium in DEPS to 95.0.4638.0

* chore: bump chromium in DEPS to 95.0.4638.4

* chore: bump chromium in DEPS to 96.0.4640.0

* chore: bump chromium in DEPS to 96.0.4641.0

* chore: bump chromium in DEPS to 96.0.4642.0

* chore: update patches

Co-authored-by: Michaela Laurencin <mlaurencin@electronjs.org>

* 3134756: Move extensions/browser/value_store to components/value_store.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3134756

* 3150092: [Autofill] Allow aligning Autofill suggestions to the field's center

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3150092

* chore: bump chromium in DEPS to 96.0.4643.0

* chore: update patches

* chore: bump chromium in DEPS to 96.0.4644.0

* chore: update patches

* chore: bump chromium in DEPS to 96.0.4645.0

* chore: update patches

* chore: bump chromium in DEPS to 96.0.4646.0

* chore: bump chromium in DEPS to 96.0.4647.0

* chore: update patches

Ref (for chromium): https://chromium-review.googlesource.com/c/chromium/src/+/3165772

* 3162087: Reland "Ensure Branch Target Identification is enabled for executable pages."

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/3162087

* chore: update evert_add_inline_and_inline_origin_records_to_symbol_file.patch

Xref: https://chromium-review.googlesource.com/c/breakpad/breakpad/+/3166678

Xref: https://chromium-review.googlesource.com/c/breakpad/breakpad/+/3166674

* chore: update Allocator construction

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/3135195

Change RefCount::kAllowed/Disallowed semantics into BackupRefPtr::kEnabled/Disabled

* chore: add UseConfigurablePool to v8::ArrayBuffer::Allocator invocation

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/3090845

* chore: do not set network_context_params.context_name

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/3155743

Remove name field from mojom::NetworkContext

* fix: use ForEachRenderFrameHost to iterate frames.

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/3163336

New implementation partially cribbed from
https://source.chromium.org/chromium/chromium/src/+/main:extensions/browser/script_executor.cc;drc=f894f106c6d5fac8e0b75158f622256e0f34f593;l=109

* [Blink Cleanup] Remove WebLocalFrame::RequestExecuteScriptAndReturnValue()

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/3149699

ExecuteJavaScript's RequestExecuteScript() new params are cribbed from
https://chromium-review.googlesource.com/c/chromium/src/+/3149699/4/third_party/blink/renderer/core/frame/web_local_frame_impl.cc

* Remove IsDescendantOf API on RenderFrameHost.

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/3165357

function is trivial to implement, so make a local copy in anon namespace

* Rewrite IsDescendantOf check to check GetParentOrOuterDocument.

https://chromium-review.googlesource.com/c/chromium/src/+/3160061

* Remove GetFramesInSubtree from RenderFrameHost

https://chromium-review.googlesource.com/c/chromium/src/+/3163336

* fix: dump_syms for macOS

* chore: update patches

* [Code Health] Remove ListValue::AppendString and ListValue::GetSize

https://chromium-review.googlesource.com/c/chromium/src/+/3144540

* fix: gn check

https://chromium-review.googlesource.com/c/chromium/src/+/3163890

* fix: crash with Isolate::GetHeapCodeAndMetadataStatistics

https://chromium-review.googlesource.com/c/v8/v8/+/3175820

* chore: update patches

* chore: fix windows build

* Add kPrintWithPostScriptType42Fonts feature.

https://chromium-review.googlesource.com/c/chromium/src/+/3150776

* chore: update patches

* chore: fix tests

* ozone/x11: fix VA-API.

https://chromium-review.googlesource.com/c/chromium/src/+/3141878

* Revert "ozone/x11: fix VA-API."

This reverts commit 23e742acb1032bf4afc1a45e4bed38e42184fd01.

* Reland "Make Ozone/X11 default."

https://chromium-review.googlesource.com/c/chromium/src/+/3114071

* fixup Reland "Make Ozone/X11 default."

* fixup Reland "Make Ozone/X11 default." for clipboard

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
Co-authored-by: Samuel Attard <samuel.r.attard@gmail.com>
Co-authored-by: VerteDinde <khammond@slack-corp.com>
Co-authored-by: Michaela Laurencin <mlaurencin@electronjs.org>
Co-authored-by: VerteDinde <keeleymhammond@gmail.com>
Co-authored-by: Charles Kerr <charles@charleskerr.com>
Co-authored-by: deepak1556 <hop2deep@gmail.com>
Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
Co-authored-by: John Kleinschmidt <jkleinsc@github.com>
2021-10-05 19:21:00 -07:00

311 lines
12 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Raymond Zhao <raymondzhao@microsoft.com>
Date: Wed, 18 Aug 2021 08:24:10 -0700
Subject: Convert Electron ProcessSingleton changes to patch
This patch applies Electron ProcessSingleton changes
onto the Chromium files, so that Electron doesn't need to maintain
separate copies of those files.
This patch adds a few changes to the Chromium code:
1. It adds a parameter `program_name` to the Windows constructor, making
the generated mutex name on the Windows-side program-dependent,
rather than shared between all Electron applications.
2. It adds an `IsAppSandboxed` check for macOS so that
sandboxed applications generate shorter temp paths.
3. It adds a `ChangeWindowMessageFilterEx` call to the Windows
implementation, along with a parameter `is_app_sandboxed` in the
constructor, to handle the case when the primary app is run with
admin permissions.
4. It adds an `OnBrowserReady` function to allow
`requestSingleInstanceLock` to start listening to the socket later
in the posix implementation. This function is necessary, because
otherwise, users calling `requestSingleInstanceLock` create a
`ProcessSingleton` instance that tries to connect to the socket
before the browser thread is ready.
diff --git a/chrome/browser/process_singleton.h b/chrome/browser/process_singleton.h
index 0d7c1db6489d95a40c66808c3f838b0740e46ff6..eec994c4252f17d9c9c41e66d5dae6509ed98a18 100644
--- a/chrome/browser/process_singleton.h
+++ b/chrome/browser/process_singleton.h
@@ -103,12 +103,19 @@ class ProcessSingleton {
base::RepeatingCallback<bool(const base::CommandLine& command_line,
const base::FilePath& current_directory)>;
+#if defined(OS_WIN)
+ ProcessSingleton(const std::string& program_name,
+ const base::FilePath& user_data_dir,
+ bool is_sandboxed,
+ const NotificationCallback& notification_callback);
+#else
ProcessSingleton(const base::FilePath& user_data_dir,
const NotificationCallback& notification_callback);
ProcessSingleton(const ProcessSingleton&) = delete;
ProcessSingleton& operator=(const ProcessSingleton&) = delete;
+#endif
~ProcessSingleton();
// Notify another process, if available. Otherwise sets ourselves as the
@@ -119,6 +126,8 @@ class ProcessSingleton {
// TODO(brettw): Make the implementation of this method non-platform-specific
// by making Linux re-use the Windows implementation.
NotifyResult NotifyOtherProcessOrCreate();
+ void StartListeningOnSocket();
+ void OnBrowserReady();
// Sets ourself up as the singleton instance. Returns true on success. If
// false is returned, we are not the singleton instance and the caller must
@@ -174,6 +183,8 @@ class ProcessSingleton {
#if defined(OS_WIN)
bool EscapeVirtualization(const base::FilePath& user_data_dir);
+ std::string program_name_; // Used for mutexName.
+ bool is_app_sandboxed_; // Whether the Electron app is sandboxed.
HWND remote_window_; // The HWND_MESSAGE of another browser.
base::win::MessageWindow window_; // The message-only window.
bool is_virtualized_; // Stuck inside Microsoft Softricity VM environment.
@@ -223,6 +234,8 @@ class ProcessSingleton {
// because it posts messages between threads.
class LinuxWatcher;
scoped_refptr<LinuxWatcher> watcher_;
+ int sock_ = -1;
+ bool listen_on_ready_ = false;
#endif
#if defined(OS_MAC)
diff --git a/chrome/browser/process_singleton_posix.cc b/chrome/browser/process_singleton_posix.cc
index 6ae3d8b4a2aef0852fa5cec5a8800aa534da06a1..05c86df6c871ca7d0926836edc2f6137fcf229cb 100644
--- a/chrome/browser/process_singleton_posix.cc
+++ b/chrome/browser/process_singleton_posix.cc
@@ -80,6 +80,7 @@
#include "base/strings/stringprintf.h"
#include "base/strings/sys_string_conversions.h"
#include "base/strings/utf_string_conversions.h"
+#include "base/task/post_task.h"
#include "base/threading/platform_thread.h"
#include "base/threading/thread_task_runner_handle.h"
#include "base/time/time.h"
@@ -95,9 +96,11 @@
#include "net/base/network_interfaces.h"
#include "ui/base/l10n/l10n_util.h"
+#if 0
#if defined(OS_LINUX) || defined(OS_CHROMEOS)
#include "chrome/browser/ui/process_singleton_dialog_linux.h"
#endif
+#endif
#if defined(TOOLKIT_VIEWS) && \
(defined(OS_LINUX) || BUILDFLAG(IS_CHROMEOS_LACROS))
@@ -289,6 +292,9 @@ bool SymlinkPath(const base::FilePath& target, const base::FilePath& path) {
bool DisplayProfileInUseError(const base::FilePath& lock_path,
const std::string& hostname,
int pid) {
+ return true;
+
+#if 0
std::u16string error = l10n_util::GetStringFUTF16(
IDS_PROFILE_IN_USE_POSIX, base::NumberToString16(pid),
base::ASCIIToUTF16(hostname));
@@ -308,6 +314,7 @@ bool DisplayProfileInUseError(const base::FilePath& lock_path,
NOTREACHED();
return false;
+#endif
}
bool IsChromeProcess(pid_t pid) {
@@ -348,6 +355,21 @@ bool CheckCookie(const base::FilePath& path, const base::FilePath& cookie) {
return (cookie == ReadLink(path));
}
+bool IsAppSandboxed() {
+#if defined(OS_MAC)
+ // NB: There is no sane API for this, we have to just guess by
+ // reading tea leaves
+ base::FilePath home_dir;
+ if (!base::PathService::Get(base::DIR_HOME, &home_dir)) {
+ return false;
+ }
+
+ return home_dir.value().find("Library/Containers") != std::string::npos;
+#else
+ return false;
+#endif // defined(OS_MAC)
+}
+
bool ConnectSocket(ScopedSocket* socket,
const base::FilePath& socket_path,
const base::FilePath& cookie_path) {
@@ -728,6 +750,10 @@ ProcessSingleton::ProcessSingleton(
ProcessSingleton::~ProcessSingleton() {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
+ // Manually free resources with IO explicitly allowed.
+ base::ThreadRestrictions::ScopedAllowIO allow_io;
+ watcher_ = nullptr;
+ ignore_result(socket_dir_.Delete());
}
ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcess() {
@@ -896,6 +922,20 @@ ProcessSingleton::NotifyResult ProcessSingleton::NotifyOtherProcessOrCreate() {
base::TimeDelta::FromSeconds(kTimeoutInSeconds));
}
+void ProcessSingleton::StartListeningOnSocket() {
+ watcher_ = base::MakeRefCounted<LinuxWatcher>(this);
+ base::PostTask(FROM_HERE, {BrowserThread::IO},
+ base::BindOnce(&ProcessSingleton::LinuxWatcher::StartListening,
+ watcher_, sock_));
+}
+
+void ProcessSingleton::OnBrowserReady() {
+ if (listen_on_ready_) {
+ StartListeningOnSocket();
+ listen_on_ready_ = false;
+ }
+}
+
ProcessSingleton::NotifyResult
ProcessSingleton::NotifyOtherProcessWithTimeoutOrCreate(
const base::CommandLine& command_line,
@@ -998,12 +1038,26 @@ bool ProcessSingleton::Create() {
#endif
}
- // Create the socket file somewhere in /tmp which is usually mounted as a
- // normal filesystem. Some network filesystems (notably AFS) are screwy and
- // do not support Unix domain sockets.
- if (!socket_dir_.CreateUniqueTempDir()) {
- LOG(ERROR) << "Failed to create socket directory.";
- return false;
+ if (IsAppSandboxed()) {
+ // For sandboxed applications, the tmp dir could be too long to fit
+ // addr->sun_path, so we need to make it as short as possible.
+ base::FilePath tmp_dir;
+ if (!base::GetTempDir(&tmp_dir)) {
+ LOG(ERROR) << "Failed to get temporary directory.";
+ return false;
+ }
+ if (!socket_dir_.Set(tmp_dir.Append("S"))) {
+ LOG(ERROR) << "Failed to set socket directory.";
+ return false;
+ }
+ } else {
+ // Create the socket file somewhere in /tmp which is usually mounted as a
+ // normal filesystem. Some network filesystems (notably AFS) are screwy and
+ // do not support Unix domain sockets.
+ if (!socket_dir_.CreateUniqueTempDir()) {
+ LOG(ERROR) << "Failed to create socket directory.";
+ return false;
+ }
}
// Check that the directory was created with the correct permissions.
@@ -1045,10 +1099,13 @@ bool ProcessSingleton::Create() {
if (listen(sock, 5) < 0)
NOTREACHED() << "listen failed: " << base::safe_strerror(errno);
- DCHECK(BrowserThread::IsThreadInitialized(BrowserThread::IO));
- content::GetIOThreadTaskRunner({})->PostTask(
- FROM_HERE, base::BindOnce(&ProcessSingleton::LinuxWatcher::StartListening,
- watcher_, sock));
+ sock_ = sock;
+
+ if (BrowserThread::IsThreadInitialized(BrowserThread::IO)) {
+ StartListeningOnSocket();
+ } else {
+ listen_on_ready_ = true;
+ }
return true;
}
diff --git a/chrome/browser/process_singleton_win.cc b/chrome/browser/process_singleton_win.cc
index e7cc3c5bc7912b27f1f8ce0fb8f691e28284e238..19d5659d665321da54e05cee01be7da02e0c283b 100644
--- a/chrome/browser/process_singleton_win.cc
+++ b/chrome/browser/process_singleton_win.cc
@@ -28,7 +28,9 @@
#include "base/win/windows_version.h"
#include "base/win/wmi.h"
#include "chrome/browser/shell_integration.h"
+#if 0
#include "chrome/browser/ui/simple_message_box.h"
+#endif
#include "chrome/browser/win/chrome_process_finder.h"
#include "chrome/common/chrome_constants.h"
#include "chrome/common/chrome_paths.h"
@@ -180,10 +182,15 @@ bool ProcessLaunchNotification(
}
bool DisplayShouldKillMessageBox() {
+#if 0
return chrome::ShowQuestionMessageBoxSync(
NULL, l10n_util::GetStringUTF16(IDS_PRODUCT_NAME),
l10n_util::GetStringUTF16(IDS_BROWSER_HUNGBROWSER_MESSAGE)) !=
chrome::MESSAGE_BOX_RESULT_NO;
+#endif
+ // This is called when the secondary process can't ping the primary
+ // process.
+ return false;
}
void SendRemoteProcessInteractionResultHistogram(
@@ -265,9 +272,13 @@ bool ProcessSingleton::EscapeVirtualization(
}
ProcessSingleton::ProcessSingleton(
+ const std::string& program_name,
const base::FilePath& user_data_dir,
+ bool is_app_sandboxed,
const NotificationCallback& notification_callback)
: notification_callback_(notification_callback),
+ program_name_(program_name),
+ is_app_sandboxed_(is_app_sandboxed),
is_virtualized_(false),
lock_file_(INVALID_HANDLE_VALUE),
user_data_dir_(user_data_dir),
@@ -372,11 +383,14 @@ ProcessSingleton::NotifyOtherProcessOrCreate() {
return PROFILE_IN_USE;
}
+void ProcessSingleton::StartListeningOnSocket() {}
+void ProcessSingleton::OnBrowserReady() {}
+
// Look for a Chrome instance that uses the same profile directory. If there
// isn't one, create a message window with its title set to the profile
// directory path.
bool ProcessSingleton::Create() {
- static const wchar_t kMutexName[] = L"Local\\ChromeProcessSingletonStartup!";
+ std::wstring mutexName = base::UTF8ToWide("Local\\" + program_name_ + "ProcessSingletonStartup");
remote_window_ = chrome::FindRunningChromeWindow(user_data_dir_);
if (!remote_window_ && !EscapeVirtualization(user_data_dir_)) {
@@ -385,7 +399,7 @@ bool ProcessSingleton::Create() {
// access. As documented, it's clearer to NOT request ownership on creation
// since it isn't guaranteed we will get it. It is better to create it
// without ownership and explicitly get the ownership afterward.
- base::win::ScopedHandle only_me(::CreateMutex(NULL, FALSE, kMutexName));
+ base::win::ScopedHandle only_me(::CreateMutex(NULL, FALSE, mutexName.c_str()));
if (!only_me.IsValid()) {
DPLOG(FATAL) << "CreateMutex failed";
return false;
@@ -424,6 +438,17 @@ bool ProcessSingleton::Create() {
window_.CreateNamed(base::BindRepeating(&ProcessLaunchNotification,
notification_callback_),
user_data_dir_.value());
+
+ // When the app is sandboxed, firstly, the app should not be in
+ // admin mode, and even if it somehow is, messages from an unelevated
+ // instance should not be able to be sent to it.
+ if (!is_app_sandboxed_) {
+ // NB: Ensure that if the primary app gets started as elevated
+ // admin inadvertently, secondary windows running not as elevated
+ // will still be able to send messages.
+ ::ChangeWindowMessageFilterEx(window_.hwnd(), WM_COPYDATA, MSGFLT_ALLOW,
+ NULL);
+ }
CHECK(result && window_.hwnd());
}
}