From fa7d787e3988439013e750c7d303ec699d310c0d Mon Sep 17 00:00:00 2001
From: jiangyuwei <yuwei.jiang@samsung.com>
Date: Thu, 7 Mar 2024 07:46:57 +0800
Subject: [PATCH] [M120 Migration][VD] Add process pool feature

Adds process pool feature for web runtime.

Reference:
 - https://review.tizen.org/gerrit/290569/

Change-Id: I7723d74ff5080f478de2b12f0cbaa555fc01e437
Signed-off-by: jiangyuwei <yuwei.jiang@samsung.com>
---
 content/zygote/zygote_linux.cc | 74 ++++++++++++++++++++++++++++++++++++++++--
 content/zygote/zygote_linux.h  | 22 +++++++++++++
 2 files changed, 93 insertions(+), 3 deletions(-)

diff --git a/content/zygote/zygote_linux.cc b/content/zygote/zygote_linux.cc
index 544d4fa..32b1023 100644
--- a/content/zygote/zygote_linux.cc
+++ b/content/zygote/zygote_linux.cc
@@ -50,8 +50,9 @@
 #include "sandbox/policy/sandbox.h"
 #include "third_party/icu/source/i18n/unicode/timezone.h"
 
-#if BUILDFLAG(IS_TIZEN_TV)
-#include "third_party/icu/source/i18n/unicode/timezone.h"
+#if BUILDFLAG(IS_TIZEN)
+#include <dlfcn.h>
+#include <security-manager/security-manager.h>
 #endif
 
 // See
@@ -97,10 +98,18 @@ Zygote::Zygote(int sandbox_flags,
     : sandbox_flags_(sandbox_flags),
       helpers_(std::move(helpers)),
       initial_uma_index_(0),
+#if BUILDFLAG(IS_TIZEN)
+      injected_bundle_handle_(nullptr),
+#endif
       to_reap_(),
       ipc_backchannel_(ipc_backchannel) {}
 
-Zygote::~Zygote() {}
+Zygote::~Zygote() {
+#if BUILDFLAG(IS_TIZEN)
+  if (injected_bundle_handle_)
+    dlclose(injected_bundle_handle_);
+#endif
+}
 
 bool Zygote::ProcessRequests() {
   // A SOCK_SEQPACKET socket is installed in fd 3. We get commands from the
@@ -281,6 +290,14 @@ bool Zygote::HandleRequestFromBrowser(int fd) {
       case kZygoteCommandReinitializeLogging:
         HandleReinitializeLoggingRequest(iter, std::move(fds));
         return false;
+#if BUILDFLAG(IS_TIZEN)
+      case kZygoteCommandLoadInjectedBundle:
+        HandleLoadInjectedBundle(fd, iter);
+        return false;
+      case kZygoteCommandDropProcessPrivileges:
+        HandleDropProcessPrivileges(fd, iter);
+        return false;
+#endif
 #if BUILDFLAG(IS_TIZEN_TV)
       case kZygoteCommandSetTimeZoneOffset:
         HandleSetTimeZoneOffset(iter);
@@ -724,4 +741,55 @@ void Zygote::HandleSetTimeZoneOffset(base::PickleIterator iter) {
       icu::UnicodeString::fromUTF8(time_zone_offset)));
 }
 #endif
+
+#if BUILDFLAG(IS_TIZEN)
+typedef void (*DynamicPreloading)(void);
+void Zygote::HandleLoadInjectedBundle(int fd, base::PickleIterator iter) {
+  std::string injected_bundle_path;
+  if (!iter.ReadString(&injected_bundle_path))
+    return;
+
+  injected_bundle_handle_ = dlopen(injected_bundle_path.c_str(), RTLD_LAZY);
+  if (!injected_bundle_handle_) {
+    LOG(ERROR) << "No handle to " << injected_bundle_path.c_str() << " error "
+               << dlerror();
+    return;
+  }
+
+  DynamicPreloading dp = reinterpret_cast<DynamicPreloading>(
+      dlsym(injected_bundle_handle_, "DynamicPreloading"));
+  if (dp) {
+    dp();
+  } else {
+    LOG(ERROR) << "Fail to load symbol 'DynamicPreloading'"
+               << ", error " << dlerror();
+  }
+}
+
+void Zygote::HandleDropProcessPrivileges(int fd, base::PickleIterator iter) {
+  std::string app_id;
+  if (!iter.ReadString(&app_id))
+    return;
+
+#if BUILDFLAG(IS_TIZEN_TV)
+  std::string smack_label;
+  if (!base::ReadFileToString(base::FilePath("/proc/self/attr/current"),
+                              &smack_label)) {
+    LOG(ERROR) << "Fail to get smack label";
+  } else {
+    if (smack_label.compare("System::Privileged") != 0) {
+      LOG(INFO) << app_id << " is Already app process "
+                << ", smack_label " << smack_label;
+      return;
+    }
+  }
+#endif  // BUILDFLAG(IS_TIZEN_TV)
+
+  int error = security_manager_prepare_app(app_id.c_str());
+  if (error) {
+    LOG(ERROR) << "Fail on security_manager_prepare_app"
+               << ", error code " << error;
+  }
+}
+#endif  // BUILDFLAG(IS_TIZEN)
 }  // namespace content
diff --git a/content/zygote/zygote_linux.h b/content/zygote/zygote_linux.h
index 81286e6..072b56b 100644
--- a/content/zygote/zygote_linux.h
+++ b/content/zygote/zygote_linux.h
@@ -139,6 +139,22 @@ class Zygote {
   void HandleSetTimeZoneOffset(base::PickleIterator iter);
 #endif
 
+#if BUILDFLAG(IS_TIZEN)
+  // Get a library path from |iter|, and load it via dlopen().
+  // This step will reduce the launching time of
+  // actual web application launching.
+  // The loaded handle must be closed on termination.
+  void HandleLoadInjectedBundle(int fd, base::PickleIterator iter);
+
+  // Handle a 'drop privileges' request from the browser: this means
+  // that a new application will be launched and the browser
+  // will request a new renderer process. Thus before forking new process,
+  // zygote process should has restrict privileges.
+
+  // Get an actual application ID, and manipulate privileges of current process.
+  void HandleDropProcessPrivileges(int fd, base::PickleIterator iter);
+#endif
+
   // The Zygote needs to keep some information about each process. Most
   // notably what the PID of the process is inside the PID namespace of
   // the Zygote and whether or not a process was started by the
@@ -151,6 +167,12 @@ class Zygote {
   // Count of how many fork delegates for which we've invoked InitialUMA().
   size_t initial_uma_index_;
 
+#if BUILDFLAG(IS_TIZEN)
+  // This contains the FD that must be closed when current process is
+  // terminated.
+  void* injected_bundle_handle_;
+#endif
+
   // The vector contains the child processes that need to be reaped.
   std::vector<ZygoteProcessInfo> to_reap_;
 
-- 
2.7.4