SandboxedProcessService.java revision 5821806d5e7f356e8fa4b058a389a808ea183019 
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5package org.chromium.content.app;
6
7import android.app.Service;
8import android.content.Context;
9import android.content.Intent;
10import android.graphics.SurfaceTexture;
11import android.os.Bundle;
12import android.os.IBinder;
13import android.os.ParcelFileDescriptor;
14import android.os.Process;
15import android.os.RemoteException;
16import android.util.Log;
17import android.view.Surface;
18
19import java.util.ArrayList;
20
21import org.chromium.base.CalledByNative;
22import org.chromium.base.JNINamespace;
23import org.chromium.content.app.ContentMain;
24import org.chromium.content.browser.SandboxedProcessConnection;
25import org.chromium.content.common.ISandboxedProcessCallback;
26import org.chromium.content.common.ISandboxedProcessService;
27import org.chromium.content.common.SurfaceCallback;
28
29/**
30 * This is the base class for sandboxed services; the SandboxedProcessService0, 1.. etc
31 * subclasses provide the concrete service entry points, to enable the browser to connect
32 * to more than one distinct process (i.e. one process per service number, up to limit of N).
33 * The embedding application must declare these service instances in the application section
34 * of its AndroidManifest.xml, for example with N entries of the form:-
35 *     <service android:name="org.chromium.content.app.SandboxedProcessServiceX"
36 *              android:process=":sandboxed_processX" />
37 * for X in 0...N-1 (where N is {@link SandboxedProcessLauncher#MAX_REGISTERED_SERVICES})
38 */
39@JNINamespace("content")
40public class SandboxedProcessService extends Service {
41    private static final String MAIN_THREAD_NAME = "SandboxedProcessMain";
42    private static final String TAG = "SandboxedProcessService";
43    private ISandboxedProcessCallback mCallback;
44
45    // This is the native "Main" thread for the renderer / utility process.
46    private Thread mSandboxMainThread;
47    // Parameters received via IPC, only accessed while holding the mSandboxMainThread monitor.
48    private String mNativeLibraryName;  // Must be passed in via the bind command.
49    private String[] mCommandLineParams;
50    // Pairs IDs and file descriptors that should be registered natively.
51    private ArrayList<Integer> mFileIds;
52    private ArrayList<ParcelFileDescriptor> mFileFds;
53
54    private static Context sContext = null;
55    private boolean mLibraryInitialized = false;
56
57    // Binder object used by clients for this service.
58    private final ISandboxedProcessService.Stub mBinder = new ISandboxedProcessService.Stub() {
59        // NOTE: Implement any ISandboxedProcessService methods here.
60        @Override
61        public int setupConnection(Bundle args, ISandboxedProcessCallback callback) {
62            mCallback = callback;
63            synchronized (mSandboxMainThread) {
64                // Allow the command line to be set via bind() intent or setupConnection, but
65                // the FD can only be transferred here.
66                if (mCommandLineParams == null) {
67                    mCommandLineParams = args.getStringArray(
68                            SandboxedProcessConnection.EXTRA_COMMAND_LINE);
69                }
70                // We must have received the command line by now
71                assert mCommandLineParams != null;
72                mFileIds = new ArrayList<Integer>();
73                mFileFds = new ArrayList<ParcelFileDescriptor>();
74                for (int i = 0;; i++) {
75                    String fdName = SandboxedProcessConnection.EXTRA_FILES_PREFIX + i
76                            + SandboxedProcessConnection.EXTRA_FILES_FD_SUFFIX;
77                    ParcelFileDescriptor parcel = args.getParcelable(fdName);
78                    if (parcel == null) {
79                        // End of the file list.
80                        break;
81                    }
82                    mFileFds.add(parcel);
83                    String idName = SandboxedProcessConnection.EXTRA_FILES_PREFIX + i
84                            + SandboxedProcessConnection.EXTRA_FILES_ID_SUFFIX;
85                    mFileIds.add(args.getInt(idName));
86                }
87                mSandboxMainThread.notifyAll();
88            }
89            return Process.myPid();
90        }
91
92        @Override
93        public void setSurface(int type, Surface surface, int primaryID, int secondaryID) {
94            // This gives up ownership of the Surface.
95            SurfaceCallback.setSurface(type, surface, primaryID, secondaryID);
96        }
97    };
98
99    /* package */ static Context getContext() {
100        return sContext;
101    }
102
103    @Override
104    public void onCreate() {
105        sContext = this;
106        super.onCreate();
107
108        mSandboxMainThread = new Thread(new Runnable() {
109            @Override
110            public void run()  {
111                try {
112                    synchronized (mSandboxMainThread) {
113                        while (mNativeLibraryName == null) {
114                            mSandboxMainThread.wait();
115                        }
116                    }
117                    LibraryLoader.setLibraryToLoad(mNativeLibraryName);
118                    LibraryLoader.loadNow();
119                    synchronized (mSandboxMainThread) {
120                        while (mCommandLineParams == null) {
121                            mSandboxMainThread.wait();
122                        }
123                    }
124                    LibraryLoader.initializeOnMainThread(mCommandLineParams);
125                    synchronized (mSandboxMainThread) {
126                        mLibraryInitialized = true;
127                        mSandboxMainThread.notifyAll();
128                        while (mFileIds == null) {
129                            mSandboxMainThread.wait();
130                        }
131                    }
132                    assert mFileIds.size() == mFileFds.size();
133                    int[] fileIds = new int[mFileIds.size()];
134                    int[] fileFds = new int[mFileFds.size()];
135                    for (int i = 0; i < mFileIds.size(); ++i) {
136                        fileIds[i] = mFileIds.get(i);
137                        fileFds[i] = mFileFds.get(i).detachFd();
138                    }
139                    ContentMain.initApplicationContext(sContext.getApplicationContext());
140                    nativeInitSandboxedProcess(sContext.getApplicationContext(),
141                            SandboxedProcessService.this, fileIds, fileFds);
142                    ContentMain.start();
143                    nativeExitSandboxedProcess();
144                } catch (InterruptedException e) {
145                    Log.w(TAG, MAIN_THREAD_NAME + " startup failed: " + e);
146                }
147            }
148        }, MAIN_THREAD_NAME);
149        mSandboxMainThread.start();
150    }
151
152    @Override
153    public void onDestroy() {
154        super.onDestroy();
155        if (mCommandLineParams == null) {
156            // This process was destroyed before it even started. Nothing more to do.
157            return;
158        }
159        synchronized (mSandboxMainThread) {
160            try {
161                while (!mLibraryInitialized) {
162                    // Avoid a potential race in calling through to native code before the library
163                    // has loaded.
164                    mSandboxMainThread.wait();
165                }
166            } catch (InterruptedException e) {
167            }
168        }
169
170        // This is not synchronized with the main thread in any way, but this is analogous
171        // to how desktop chrome terminates processes using SIGTERM. The mSandboxMainThread
172        // may run briefly before this is executed, but will eventually get a channel error
173        // and similarly commit suicide via SuicideOnChannelErrorFilter().
174        // TODO(tedbo): Why doesn't the activity manager SIGTERM/SIGKILL this service process?
175        nativeExitSandboxedProcess();
176    }
177
178    @Override
179    public IBinder onBind(Intent intent) {
180        // We call stopSelf() to request that this service be stopped as soon as the client
181        // unbinds. Otherwise the system may keep it around and available for a reconnect. The
182        // sandboxed processes do not currently support reconnect; they must be initialized from
183        // scratch every time.
184        stopSelf();
185
186        synchronized (mSandboxMainThread) {
187            mNativeLibraryName = intent.getStringExtra(
188                    SandboxedProcessConnection.EXTRA_NATIVE_LIBRARY_NAME);
189            mCommandLineParams = intent.getStringArrayExtra(
190                    SandboxedProcessConnection.EXTRA_COMMAND_LINE);
191            mSandboxMainThread.notifyAll();
192        }
193
194        return mBinder;
195    }
196
197    /**
198     * Called from native code to share a surface texture with another child process.
199     * Through using the callback object the browser is used as a proxy to route the
200     * call to the correct process.
201     *
202     * @param pid Process handle of the sandboxed process to share the SurfaceTexture with.
203     * @param type The type of process that the SurfaceTexture is for.
204     * @param surfaceObject The Surface or SurfaceTexture to share with the other sandboxed process.
205     * @param primaryID Used to route the call to the correct client instance.
206     * @param secondaryID Used to route the call to the correct client instance.
207     */
208    @SuppressWarnings("unused")
209    @CalledByNative
210    private void establishSurfaceTexturePeer(
211            int pid, int type, Object surfaceObject, int primaryID, int secondaryID) {
212        if (mCallback == null) {
213            Log.e(TAG, "No callback interface has been provided.");
214            return;
215        }
216
217        Surface surface = null;
218        boolean needRelease = false;
219        if (surfaceObject instanceof Surface) {
220            surface = (Surface)surfaceObject;
221        } else if (surfaceObject instanceof SurfaceTexture) {
222            surface = new Surface((SurfaceTexture)surfaceObject);
223            needRelease = true;
224        } else {
225            Log.e(TAG, "Not a valid surfaceObject: " + surfaceObject);
226            return;
227        }
228        try {
229            mCallback.establishSurfacePeer(pid, type, surface, primaryID, secondaryID);
230        } catch (RemoteException e) {
231            Log.e(TAG, "Unable to call establishSurfaceTexturePeer: " + e);
232            return;
233        } finally {
234            if (needRelease) {
235                surface.release();
236            }
237        }
238    }
239
240    /**
241     * The main entry point for a sandboxed process. This should be called from a new thread since
242     * it will not return until the sandboxed process exits. See sandboxed_process_service.{h,cc}
243     *
244     * @param applicationContext The Application Context of the current process.
245     * @param service The current SandboxedProcessService object.
246     * @param fileIds A list of file IDs that should be registered for access by the renderer.
247     * @param fileFds A list of file descriptors that should be registered for access by the
248     * renderer.
249     */
250    private static native void nativeInitSandboxedProcess(Context applicationContext,
251            SandboxedProcessService service, int[] extraFileIds, int[] extraFileFds);
252
253    /**
254     * Force the sandboxed process to exit.
255     */
256    private static native void nativeExitSandboxedProcess();
257}
258