Google Git
Sign in
chromium / chromium / src.git / 35e50b5d8e2306fd1f2da6e80bcc4b0f60fa5ed4^! / . / base / process / launch.h
commit35e50b5d8e2306fd1f2da6e80bcc4b0f60fa5ed4[log] [tgz]
authorWez <[email protected]>Sat Dec 01 01:52:44 2018
committerCommit Bot <[email protected]>Sat Dec 01 01:52:44 2018
tree65f13837f53d76402dd87e86346eb4a84fdc2746
parent9e102a8d72060003bf757b0ad1ba8ad376dac858 [diff] [blame]
[Fuchsia] Move allocation of PA_HND identifiers into LaunchOptions.

Mojo's PlatformChannel implemented its own mechanism to allocate PA_HND
identifiers, and used the PA_USER0 namespace. Separately we had some
callers expecting to use statically-defined PA_USER0 identifiers to pass
application-specific handles, creating potential for clashes.

For features like base::FieldTrialList we also need a mechanism to pass
a handle to a child process at startup, for which we'd ideally have a
well-known path location in the FDIO namespace supplied to the child.
Since FDIO namespaces do not yet support non-file/directory handles, we
need a safe way to allocate an id that the FieldTrial implementation can
pass via the command-line, similarly to Mojo.

We add an AddHandleToTransfer() helper that appends a handle to a
handles-to-transfer vector with a unique id, and returns the id, and add
comments to clarify that PA_USER1 is used for these ids, leaving
PA_USER0 (and others) free for application use.

Bug: 909851
Change-Id: If9b8ffaf98155f72cc7a52e5ef0c51ef19048d66
Reviewed-on: https://chromium-review.googlesource.com/c/1354398
Reviewed-by: Kevin Marshall <[email protected]>
Reviewed-by: Sergey Ulanov <[email protected]>
Reviewed-by: Scott Violet <[email protected]>
Commit-Queue: Wez <[email protected]>
Cr-Commit-Position: refs/heads/master@{#612899}
diff --git a/base/process/launch.h b/base/process/launch.h
index 31c6ba6..61db1bcc 100644
--- a/base/process/launch.h
+++ b/base/process/launch.h

@@ -199,8 +199,17 @@
   // PA_HND() macro. The child retrieves the handle
   // |zx_take_startup_handle(id)|. The supplied handles are consumed by
   // LaunchProcess() even on failure.
+  // Note that PA_USER1 ids are reserved for use by AddHandleToTransfer(), below
+  // and by convention PA_USER0 is reserved for use by the embedding
+  // application.
   HandlesToTransferVector handles_to_transfer;
 
+  // Allocates a unique id for |handle| in |handles_to_transfer|, inserts it,
+  // and returns the generated id.
+  static uint32_t AddHandleToTransfer(
+      HandlesToTransferVector* handles_to_transfer,
+      zx_handle_t handle);
+
   // Specifies which basic capabilities to grant to the child process.
   // By default the child process will receive the caller's complete namespace,
   // access to the current base::fuchsia::DefaultJob(), handles for stdio and