Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
2201183005:
Eliminate kMojoChannelToken usage for render processes (Closed)
|
Created:
4 years, 4 months ago by Ken Rockot(use gerrit already) Modified:
4 years, 4 months ago CC:
Aaron Boodman, abarth-chromium, ben+mojo_chromium.org, chromium-reviews, creis+watch_chromium.org, darin (slow to review), darin-cc_chromium.org, jam, nasko+codewatch_chromium.org, qsr+mojo_chromium.org, viettrungluu+watch_chromium.org, yzshen+watch_chromium.org Base URL:
https://chromium.googlesource.com/chromium/src.git@master Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionEliminate kMojoChannelToken usage for render processes
Changes RenderProcessHostImpl to connect its IPC Channel
by requesting a nominal IPC::mojom::ChannelBootstrap
interface from its shell::Connection to the render process.
Changes ChildThreadImpl to support binding such requests
by fusing them to its local IPC Channel if the (now deprecated)
kMojoChannelToken was not provided.
BUG=623396
[email protected]
Committed: https://crrev.com/7a7f8f7e6977500d09270ff9d9b3817dda5e5b8a
Committed: https://crrev.com/ff1b853cb6bfc3d5402fc970b2d856cbe73418cc
Cr-Original-Commit-Position: refs/heads/master@{#410656}
Cr-Commit-Position: refs/heads/master@{#410699}
Patch Set 1 #Patch Set 2 : . #Patch Set 3 : Move embedded ServiceManager to the IO thread #Patch Set 4 : misc cleanup #Patch Set 5 : rebase #Patch Set 6 : rebase #
Messages
Total messages: 50 (28 generated)
The CQ bit was checked by [email protected] to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was checked by [email protected] to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
[email protected] changed reviewers: + [email protected]
Also +tsepez@ for trivial mojom change
Description was changed from ========== Eliminate kMojoChannelToken usage for render processes Changes RenderProcessHostImpl to connect its IPC Channel by requesting a nominal IPC::mojom::ChannelBootstrap interface from its shell::Connection to the render process. Changes ChildThreadImpl to support binding such requests by fusing them to its local IPC Channel if the (now deprecated) kMojoChannelToken was not provided. BUG=623396 [email protected] ========== to ========== Eliminate kMojoChannelToken usage for render processes Changes RenderProcessHostImpl to connect its IPC Channel by requesting a nominal IPC::mojom::ChannelBootstrap interface from its shell::Connection to the render process. Changes ChildThreadImpl to support binding such requests by fusing them to its local IPC Channel if the (now deprecated) kMojoChannelToken was not provided. BUG=623396 [email protected] ==========
[email protected] changed reviewers: + [email protected]
lgtm !!
On 2016/08/03 21:04:30, Ken Rockot wrote: > Also +tsepez@ for trivial mojom change My hazy memory is that this token was important on windows to prevent evil processes from stealing each other's pipes during startup. Adding jschuh who may have more windows context.
On 2016/08/03 21:11:21, Tom Sepez wrote: > On 2016/08/03 21:04:30, Ken Rockot wrote: > > Also +tsepez@ for trivial mojom change > > My hazy memory is that this token was important on windows to prevent evil > processes from stealing each other's pipes during startup. Adding jschuh who > may have more windows context. There's still a token for the service request channel though...
On 2016/08/03 21:12:21, Ben Goodger (Google) wrote: > On 2016/08/03 21:11:21, Tom Sepez wrote: > > On 2016/08/03 21:04:30, Ken Rockot wrote: > > > Also +tsepez@ for trivial mojom change > > > > My hazy memory is that this token was important on windows to prevent evil > > processes from stealing each other's pipes during startup. Adding jschuh who > > may have more windows context. > > There's still a token for the service request channel though... Ok, that's good. So why did we need the random token here?
On 2016/08/03 at 21:11:21, tsepez wrote: > On 2016/08/03 21:04:30, Ken Rockot wrote: > > Also +tsepez@ for trivial mojom change > > My hazy memory is that this token was important on windows to prevent evil processes from stealing each other's pipes during startup. Adding jschuh who may have more windows context. Different kind of token I think - you're probably thinking of the token used by legacy Channel implementations to achieve that purpose. These tokens are just a way of connecting message pipes across processes using the mojo::edk::Create[Parent/Child]MessagePipe API, and there's really no security motivation to use them. They're large random numbers to make them easier to use, but the parent process already knows which children have which tokens.
On 2016/08/03 21:16:21, Ken Rockot wrote: > On 2016/08/03 at 21:11:21, tsepez wrote: > > On 2016/08/03 21:04:30, Ken Rockot wrote: > > > Also +tsepez@ for trivial mojom change > > > > My hazy memory is that this token was important on windows to prevent evil > processes from stealing each other's pipes during startup. Adding jschuh who > may have more windows context. > > Different kind of token I think - you're probably thinking of the token used by > legacy Channel implementations to achieve that purpose. > > These tokens are just a way of connecting message pipes across processes using > the mojo::edk::Create[Parent/Child]MessagePipe API, and there's really no > security motivation to use them. They're large random numbers to make them > easier to use, but the parent process already knows which children have which > tokens. Great, LGTM.
The CQ bit was unchecked by [email protected]
The CQ bit was checked by [email protected]
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by [email protected]
Try jobs failed on following builders: linux_android_rel_ng on master.tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/linux_androi...)
The CQ bit was checked by [email protected] to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was checked by [email protected] to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by [email protected]
Dry run: Try jobs failed on following builders: linux_chromium_rel_ng on master.tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)
The CQ bit was checked by [email protected] to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by [email protected]
Dry run: This issue passed the CQ dry run.
The CQ bit was checked by [email protected]
The patchset sent to the CQ was uploaded after l-g-t-m from [email protected], [email protected] Link to the patchset: https://codereview.chromium.org/2201183005/#ps80001 (title: "rebase")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Message was sent while issue was closed.
Description was changed from ========== Eliminate kMojoChannelToken usage for render processes Changes RenderProcessHostImpl to connect its IPC Channel by requesting a nominal IPC::mojom::ChannelBootstrap interface from its shell::Connection to the render process. Changes ChildThreadImpl to support binding such requests by fusing them to its local IPC Channel if the (now deprecated) kMojoChannelToken was not provided. BUG=623396 [email protected] ========== to ========== Eliminate kMojoChannelToken usage for render processes Changes RenderProcessHostImpl to connect its IPC Channel by requesting a nominal IPC::mojom::ChannelBootstrap interface from its shell::Connection to the render process. Changes ChildThreadImpl to support binding such requests by fusing them to its local IPC Channel if the (now deprecated) kMojoChannelToken was not provided. BUG=623396 [email protected] ==========
Message was sent while issue was closed.
Committed patchset #5 (id:80001)
Message was sent while issue was closed.
Description was changed from ========== Eliminate kMojoChannelToken usage for render processes Changes RenderProcessHostImpl to connect its IPC Channel by requesting a nominal IPC::mojom::ChannelBootstrap interface from its shell::Connection to the render process. Changes ChildThreadImpl to support binding such requests by fusing them to its local IPC Channel if the (now deprecated) kMojoChannelToken was not provided. BUG=623396 [email protected] ========== to ========== Eliminate kMojoChannelToken usage for render processes Changes RenderProcessHostImpl to connect its IPC Channel by requesting a nominal IPC::mojom::ChannelBootstrap interface from its shell::Connection to the render process. Changes ChildThreadImpl to support binding such requests by fusing them to its local IPC Channel if the (now deprecated) kMojoChannelToken was not provided. BUG=623396 [email protected] Committed: https://crrev.com/7a7f8f7e6977500d09270ff9d9b3817dda5e5b8a Cr-Commit-Position: refs/heads/master@{#410656} ==========
Message was sent while issue was closed.
Patchset 5 (id:??) landed as https://crrev.com/7a7f8f7e6977500d09270ff9d9b3817dda5e5b8a Cr-Commit-Position: refs/heads/master@{#410656}
Message was sent while issue was closed.
[email protected] changed reviewers: + [email protected]
Message was sent while issue was closed.
This is causing failure in Webkit Mac Builder. Rolling back.
Message was sent while issue was closed.
A revert of this CL (patchset #5 id:80001) has been created in https://codereview.chromium.org/2222373002/ by [email protected]. The reason for reverting is: Compile error in Webkit Mac Builder. child_thread_impl.cc:272:47: error: non-virtual member function marked 'override' hides virtual member function shell::Connector* connector) override { .
Message was sent while issue was closed.
A revert of this CL (patchset #5 id:80001) has been created in https://codereview.chromium.org/2227053002/ by [email protected]. The reason for reverting is: Needs rebase.
Message was sent while issue was closed.
FYI: Findit try jobs (rerunning failed compile or tests) identified this CL at revision 410656 as the culprit for failures in the build cycles as shown on: https://findit-for-me.appspot.com/waterfall/culprit?key=ag9zfmZpbmRpdC1mb3Itb...
The CQ bit was checked by [email protected]
The patchset sent to the CQ was uploaded after l-g-t-m from [email protected], [email protected] Link to the patchset: https://codereview.chromium.org/2201183005/#ps100001 (title: "rebase")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Message was sent while issue was closed.
Committed patchset #6 (id:100001)
Message was sent while issue was closed.
Description was changed from ========== Eliminate kMojoChannelToken usage for render processes Changes RenderProcessHostImpl to connect its IPC Channel by requesting a nominal IPC::mojom::ChannelBootstrap interface from its shell::Connection to the render process. Changes ChildThreadImpl to support binding such requests by fusing them to its local IPC Channel if the (now deprecated) kMojoChannelToken was not provided. BUG=623396 [email protected] Committed: https://crrev.com/7a7f8f7e6977500d09270ff9d9b3817dda5e5b8a Cr-Commit-Position: refs/heads/master@{#410656} ========== to ========== Eliminate kMojoChannelToken usage for render processes Changes RenderProcessHostImpl to connect its IPC Channel by requesting a nominal IPC::mojom::ChannelBootstrap interface from its shell::Connection to the render process. Changes ChildThreadImpl to support binding such requests by fusing them to its local IPC Channel if the (now deprecated) kMojoChannelToken was not provided. BUG=623396 [email protected] Committed: https://crrev.com/7a7f8f7e6977500d09270ff9d9b3817dda5e5b8a Committed: https://crrev.com/ff1b853cb6bfc3d5402fc970b2d856cbe73418cc Cr-Original-Commit-Position: refs/heads/master@{#410656} Cr-Commit-Position: refs/heads/master@{#410699} ==========
Message was sent while issue was closed.
Patchset 6 (id:??) landed as https://crrev.com/ff1b853cb6bfc3d5402fc970b2d856cbe73418cc Cr-Commit-Position: refs/heads/master@{#410699}
Message was sent while issue was closed.
Looks like this fails mac now? https://build.chromium.org/p/chromium.win/builders/Win%20x64%20Builder/builds... FAILED: obj/content/child/child/child_thread_impl.obj ninja -t msvc -e environment.x64 -- C:\b\c\cipd\goma/gomacc.exe "C:\b\depot_tools\win_toolchain\vs_files\95ddda401ec5678f15eeed01d2bee08fcbc5ee97\VC\bin\amd64/cl.exe" /nologo /showIncludes /FC @obj/content/child/child/child_thread_impl.obj.rsp /c ../../content/child/child_thread_impl.cc /Foobj/content/child/child/child_thread_impl.obj /Fd"obj/content/child/child_cc.pdb" c:\b\c\b\win\src\content\child\child_thread_impl.cc(271): error C3668: 'content::`anonymous-namespace'::ChannelBootstrapFilter::OnConnect': method with override specifier 'override' did not override any base class methods c:\b\c\b\win\src\content\child\child_thread_impl.cc(276): error C2039: 'AddInterface': is not a member of 'shell::Connection'
Message was sent while issue was closed.
A revert of this CL (patchset #6 id:100001) has been created in https://codereview.chromium.org/2231133002/ by [email protected]. The reason for reverting is: Speculative revert for failures on https://build.chromium.org/p/chromium.win/builders/Win7%20Tests%20%281%29 - can't repro locally but wanna see if this greens the tests.. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
