[ios] Pass channels over process boundaries

Reland 7484226 with a minor fix for cronet. Change IS_MAC to IS_APPLE to permit passing mach ports for channels across processes. Forward declare MachPortRendezvous in order to avoid the inclusion into launch.h which can cause issues build issues mixing ARC. Haul in MachPortRendezvous for the iOS build. Bug: 1411704, 1412835 Change-Id: I64f29635aa1132d0bbbe74f5ecb6734e5bb68646 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4307240 Reviewed-by: Rohit Rao <rohitrao@chromium.org> Commit-Queue: Dave Tapuska <dtapuska@chromium.org> Reviewed-by: Ken Rockot <rockot@google.com> Cr-Commit-Position: refs/heads/main@{#1113543}
Denger-Network · Mar 6, 2023 · 6cd5272 · 6cd5272
1 parent c857589
commit 6cd5272
Show file tree

Hide file tree

Showing 38 changed files with 226 additions and 92 deletions.
diff --git a/base/BUILD.gn b/base/BUILD.gn
@@ -1973,8 +1973,6 @@ component("base") {
       "mac/authorization_util.h",
       "mac/authorization_util.mm",
       "mac/close_nocancel.cc",
-      "mac/dispatch_source_mach.cc",
-      "mac/dispatch_source_mach.h",
       "mac/launch_application.h",
       "mac/launch_application.mm",
       "mac/launchd.cc",
@@ -2055,6 +2053,8 @@ component("base") {
       "mac/call_with_eh_frame.cc",
       "mac/call_with_eh_frame.h",
       "mac/call_with_eh_frame_asm.S",
+      "mac/dispatch_source_mach.cc",
+      "mac/dispatch_source_mach.h",
       "mac/foundation_util.h",
       "mac/foundation_util.mm",
       "mac/mac_logging.h",
@@ -2153,11 +2153,15 @@ component("base") {
         "files/file_path_watcher_kqueue.cc",
         "files/file_path_watcher_kqueue.h",
         "files/file_path_watcher_mac.cc",
+        "ios/sim_header_shims.h",
+        "mac/mach_port_rendezvous.cc",
+        "mac/mach_port_rendezvous.h",
         "process/memory_mac.mm",
         "process/process_iterator_ios.mm",
         "sync_socket_posix.cc",
         "synchronization/waitable_event_watcher_mac.cc",
       ]
+      libs += [ "bsm" ]
     } else {
       sources += [ "process/memory_stubs.cc" ]
     }

diff --git a/base/ios/sim_header_shims.h b/base/ios/sim_header_shims.h
@@ -0,0 +1,41 @@
+// Copyright 2023 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef BASE_IOS_SIM_HEADER_SHIMS_H_
+#define BASE_IOS_SIM_HEADER_SHIMS_H_
+
+#include "build/blink_buildflags.h"
+
+#if !BUILDFLAG(USE_BLINK)
+#error File can only be included when USE_BLINK is true
+#endif
+
+// This file includes the necessary headers that are not part of the
+// iOS public SDK in order to support multiprocess support on iOS.
+
+__BEGIN_DECLS
+
+#define BOOTSTRAP_MAX_NAME_LEN 128
+typedef char name_t[BOOTSTRAP_MAX_NAME_LEN];
+kern_return_t bootstrap_check_in(mach_port_t bp,
+                                 const name_t service_name,
+                                 mach_port_t* sp);
+kern_return_t bootstrap_look_up(mach_port_t bp,
+                                const name_t service_name,
+                                mach_port_t* sp);
+pid_t audit_token_to_pid(audit_token_t atoken);
+
+const char* bootstrap_strerror(kern_return_t r);
+#define BOOTSTRAP_SUCCESS 0
+#define BOOTSTRAP_NOT_PRIVILEGED 1100
+#define BOOTSTRAP_NAME_IN_USE 1101
+#define BOOTSTRAP_UNKNOWN_SERVICE 1102
+#define BOOTSTRAP_SERVICE_ACTIVE 1103
+#define BOOTSTRAP_BAD_COUNT 1104
+#define BOOTSTRAP_NO_MEMORY 1105
+#define BOOTSTRAP_NO_CHILDREN 1106
+
+__END_DECLS
+
+#endif  // BASE_IOS_SIM_HEADER_SHIMS_H_
diff --git a/base/mac/mach_logging.cc b/base/mac/mach_logging.cc
@@ -10,9 +10,13 @@
 #include "base/strings/stringprintf.h"
 #include "build/build_config.h"
 
-#if !BUILDFLAG(IS_IOS)
+#if BUILDFLAG(USE_BLINK)
+#if BUILDFLAG(IS_IOS)
+#include "base/ios/sim_header_shims.h"
+#else
 #include <servers/bootstrap.h>
-#endif  // !BUILDFLAG(IS_IOS)
+#endif  // BUILDFLAG(IS_IOS)
+#endif  // BUILDFLAG(USE_BLINK)
 
 namespace {
 
@@ -44,7 +48,7 @@ MachLogMessage::~MachLogMessage() {
            << FormatMachErrorNumber(mach_err_);
 }
 
-#if !BUILDFLAG(IS_IOS)
+#if BUILDFLAG(USE_BLINK)
 
 BootstrapLogMessage::BootstrapLogMessage(const char* file_path,
                                          int line,
@@ -83,6 +87,6 @@ BootstrapLogMessage::~BootstrapLogMessage() {
   }
 }
 
-#endif  // !BUILDFLAG(IS_IOS)
+#endif  // BUILDFLAG(USE_BLINK)
 
 }  // namespace logging
diff --git a/base/mac/mach_logging.h b/base/mac/mach_logging.h
@@ -9,6 +9,7 @@
 
 #include "base/base_export.h"
 #include "base/logging.h"
+#include "build/blink_buildflags.h"
 #include "build/build_config.h"
 
 // Use the MACH_LOG family of macros along with a mach_error_t (kern_return_t)
@@ -97,7 +98,7 @@ class BASE_EXPORT MachLogMessage : public logging::LogMessage {
               DCHECK_IS_ON() && !(condition))   \
       << "Check failed: " #condition << ". "
 
-#if !BUILDFLAG(IS_IOS)
+#if BUILDFLAG(USE_BLINK)
 
 namespace logging {
 
@@ -165,6 +166,6 @@ class BASE_EXPORT BootstrapLogMessage : public logging::LogMessage {
               DCHECK_IS_ON() && !(condition))             \
       << "Check failed: " #condition << ". "
 
-#endif  // !BUILDFLAG(IS_IOS)
+#endif  //  BUILDFLAG(USE_BLINK)
 
 #endif  // BASE_MAC_MACH_LOGGING_H_
diff --git a/base/mac/mach_port_rendezvous.cc b/base/mac/mach_port_rendezvous.cc
@@ -4,9 +4,7 @@
 
 #include "base/mac/mach_port_rendezvous.h"
 
-#include <bsm/libbsm.h>
 #include <mach/mig.h>
-#include <servers/bootstrap.h>
 #include <unistd.h>
 
 #include <utility>
@@ -19,6 +17,13 @@
 #include "base/notreached.h"
 #include "base/strings/stringprintf.h"
 
+#if BUILDFLAG(IS_IOS)
+#include "base/ios/sim_header_shims.h"
+#else
+#include <bsm/libbsm.h>
+#include <servers/bootstrap.h>
+#endif
+
 namespace base {
 
 namespace {

diff --git a/base/metrics/field_trial.cc b/base/metrics/field_trial.cc
@@ -34,6 +34,10 @@
 #include "base/process/launch.h"
 #endif
 
+#if BUILDFLAG(IS_MAC)
+#include "base/mac/mach_port_rendezvous.h"
+#endif
+
 // On POSIX, the fd is shared using the mapping in GlobalDescriptors.
 #if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_NACL)
 #include "base/posix/global_descriptors.h"

diff --git a/base/process/launch.cc b/base/process/launch.cc
@@ -5,6 +5,10 @@
 #include "base/process/launch.h"
 #include "build/build_config.h"
 
+#if BUILDFLAG(IS_MAC) || (BUILDFLAG(IS_IOS) && BUILDFLAG(USE_BLINK))
+#include "base/mac/mach_port_rendezvous.h"
+#endif
+
 namespace base {
 
 LaunchOptions::LaunchOptions() = default;

diff --git a/base/process/launch.h b/base/process/launch.h
@@ -22,6 +22,7 @@
 #include "base/process/process_handle.h"
 #include "base/strings/string_piece.h"
 #include "base/threading/thread_restrictions.h"
+#include "build/blink_buildflags.h"
 #include "build/build_config.h"
 
 #if BUILDFLAG(IS_WIN)
@@ -35,12 +36,13 @@
 #include "base/posix/file_descriptor_shuffle.h"
 #endif
 
-#if BUILDFLAG(IS_MAC)
-#include "base/mac/mach_port_rendezvous.h"
-#endif
-
 namespace base {
 
+#if BUILDFLAG(IS_APPLE)
+class MachRendezvousPort;
+using MachPortsForRendezvous = std::map<uint32_t, MachRendezvousPort>;
+#endif
+
 #if BUILDFLAG(IS_WIN)
 typedef std::vector<HANDLE> HandlesToInheritVector;
 #elif BUILDFLAG(IS_FUCHSIA)
@@ -213,7 +215,7 @@ struct BASE_EXPORT LaunchOptions {
   bool kill_on_parent_death = false;
 #endif  // BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
 
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || (BUILDFLAG(IS_IOS) && BUILDFLAG(USE_BLINK))
   // Mach ports that will be accessible to the child process. These are not
   // directly inherited across process creation, but they are stored by a Mach
   // IPC server that a child process can communicate with to retrieve them.
@@ -235,7 +237,7 @@ struct BASE_EXPORT LaunchOptions {
   // Apply a process scheduler policy to enable mitigations against CPU side-
   // channel attacks.
   bool enable_cpu_security_mitigations = false;
-#endif  // BUILDFLAG(IS_MAC)
+#endif  // BUILDFLAG(IS_MAC) || (BUILDFLAG(IS_IOS) && BUILDFLAG(USE_BLINK))
 
 #if BUILDFLAG(IS_FUCHSIA)
   // If valid, launches the application in that job object.

diff --git a/base/process/launch_mac.cc b/base/process/launch_mac.cc
@@ -14,6 +14,7 @@
 #include "base/command_line.h"
 #include "base/files/scoped_file.h"
 #include "base/logging.h"
+#include "base/mac/mach_port_rendezvous.h"
 #include "base/posix/eintr_wrapper.h"
 #include "base/process/environment_internal.h"
 #include "base/threading/scoped_blocking_call.h"

diff --git a/base/task/current_thread.cc b/base/task/current_thread.cc
@@ -238,7 +238,7 @@ bool CurrentIOThread::WatchFileDescriptor(
 }
 #endif  // BUILDFLAG(IS_WIN)
 
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || (BUILDFLAG(IS_IOS) && !BUILDFLAG(CRONET_BUILD))
 bool CurrentIOThread::WatchMachReceivePort(
     mach_port_t port,
     MessagePumpForIO::MachPortWatchController* controller,

diff --git a/base/task/current_thread.h b/base/task/current_thread.h
@@ -12,6 +12,7 @@
 #include "base/functional/callback_forward.h"
 #include "base/memory/raw_ptr.h"
 #include "base/memory/scoped_refptr.h"
+#include "base/message_loop/ios_cronet_buildflags.h"
 #include "base/message_loop/message_pump_for_io.h"
 #include "base/message_loop/message_pump_for_ui.h"
 #include "base/pending_task.h"
@@ -283,7 +284,7 @@ class BASE_EXPORT CurrentIOThread : public CurrentThread {
                            MessagePumpForIO::FdWatcher* delegate);
 #endif  // BUILDFLAG(IS_WIN)
 
-#if BUILDFLAG(IS_MAC)
+#if BUILDFLAG(IS_MAC) || (BUILDFLAG(IS_IOS) && !BUILDFLAG(CRONET_BUILD))
   bool WatchMachReceivePort(
       mach_port_t port,
       MessagePumpForIO::MachPortWatchController* controller,

diff --git a/content/app/initialize_mojo_core.cc b/content/app/initialize_mojo_core.cc
@@ -81,7 +81,7 @@ void InitializeMojoCore() {
   // Note #2: some platforms can directly allocated shared memory in a
   // sandboxed process. The defines below must be in sync with the
   // implementation of mojo::NodeController::CreateSharedBuffer().
-#if !BUILDFLAG(IS_MAC) && !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_FUCHSIA)
+#if !BUILDFLAG(IS_APPLE) && !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_FUCHSIA)
   if (sandbox::policy::IsUnsandboxedSandboxType(
           sandbox::policy::SandboxTypeFromCommandLine(
               *base::CommandLine::ForCurrentProcess()))) {
@@ -98,7 +98,7 @@ void InitializeMojoCore() {
     // allocate shared memory.
     mojo::SharedMemoryUtils::InstallBaseHooks();
   }
-#endif  // !BUILDFLAG(IS_MAC) && !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_FUCHSIA)
+#endif  // !BUILDFLAG(IS_APPLE) && !BUILDFLAG(IS_NACL) && !BUILDFLAG(IS_FUCHSIA)
 }
 
 }  // namespace content
diff --git a/content/browser/child_process_launcher_helper_mac.cc b/content/browser/child_process_launcher_helper_mac.cc
@@ -4,6 +4,7 @@
 
 #include "base/command_line.h"
 #include "base/containers/flat_map.h"
+#include "base/mac/mach_port_rendezvous.h"
 #include "base/no_destructor.h"
 #include "base/path_service.h"
 #include "base/posix/global_descriptors.h"

diff --git a/mojo/BUILD.gn b/mojo/BUILD.gn
@@ -2,7 +2,9 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
+import("//build/buildflag_header.gni")
 import("//build/config/ui.gni")
+import("//mojo/features.gni")
 import("//testing/test.gni")
 
 group("mojo") {
@@ -21,18 +23,25 @@ group("mojo") {
   deps += [ "//services/service_manager:all" ]
 }
 
+buildflag_header("buildflags") {
+  header = "buildflags.h"
+  flags = [ "MOJO_USE_APPLE_CHANNEL=$mojo_use_apple_channel" ]
+}
+
 group("tests") {
   testonly = true
   deps = [
     ":mojo_perftests",
     ":mojo_unittests",
     "//mojo/public/tools:mojo_python_unittests",
-    "//services/service_manager/tests",
     "//third_party/ipcz/src:ipcz_tests",
   ]
 
   if (!is_ios) {
-    deps += [ "//ipc:ipc_tests" ]
+    deps += [
+      "//ipc:ipc_tests",
+      "//services/service_manager/tests",
+    ]
   }
 }
 

diff --git a/mojo/core/BUILD.gn b/mojo/core/BUILD.gn
@@ -6,6 +6,7 @@ import("//build/config/chromeos/ui_mode.gni")
 import("//build/config/compiler/compiler.gni")
 import("//build/config/nacl/config.gni")
 import("//chrome/process_version_rc_template.gni")
+import("//mojo/features.gni")
 import("//testing/libfuzzer/fuzzer_test.gni")
 import("//testing/test.gni")
 
@@ -140,6 +141,7 @@ template("core_impl_source_set") {
 
     public_deps = [
       "//base",
+      "//mojo:buildflags",
       "//mojo/core/embedder:features",
       "//mojo/core/ports",
       "//mojo/public/c/system:headers",
@@ -155,7 +157,7 @@ template("core_impl_source_set") {
       public_deps += [ "//third_party/fuchsia-sdk/sdk/pkg/fdio" ]
     }
 
-    if (is_posix && !is_mac) {
+    if (is_posix && !mojo_use_apple_channel) {
       if (!is_nacl) {
         sources += [
           "broker_posix.cc",
@@ -174,7 +176,7 @@ template("core_impl_source_set") {
       }
     }
 
-    if (is_mac) {
+    if (mojo_use_apple_channel) {
       sources += [ "channel_mac.cc" ]
     }
 
@@ -364,6 +366,7 @@ source_set("test_sources") {
   deps = [
     "//base",
     "//base/test:test_support",
+    "//mojo:buildflags",
     "//mojo/core:embedder_internal",
     "//mojo/core/embedder",
     "//mojo/core/ports:tests",

diff --git a/mojo/core/broker_host.cc b/mojo/core/broker_host.cc
@@ -12,6 +12,7 @@
 #include "base/ranges/algorithm.h"
 #include "base/task/single_thread_task_runner.h"
 #include "build/build_config.h"
+#include "mojo/buildflags.h"
 #include "mojo/core/broker_messages.h"
 #include "mojo/core/platform_handle_utils.h"
 
@@ -125,7 +126,8 @@ void BrokerHost::OnBufferRequest(uint32_t num_bytes) {
     ExtractPlatformHandlesFromSharedMemoryRegionHandle(
         region.PassPlatformHandle(), &h[0], &h[1]);
     handles.emplace_back(std::move(h[0]));
-#if !BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_MAC)
+#if !BUILDFLAG(IS_POSIX) || BUILDFLAG(IS_ANDROID) || \
+    BUILDFLAG(MOJO_USE_APPLE_CHANNEL)
     // Non-POSIX systems, as well as Android and Mac, only use a single handle
     // to represent a writable region.
     DCHECK(!h[1].is_valid());