This reverts commit c09e57c352.
Reason for revert: test failures on mac bots (https://g-issues.chromium.org/issues/40283474#comment13)
Original change's description:
> Fix truncated NetLogs by introducing the --net-log-duration
> flag.
>
> Net logs generated via the command line were often
> truncated due to insufficient mechanisms to catch
> close event.This change introduces the --net-log-duration
> flag,which specifies the duration (in seconds)
> for network logging. When provided with a positive
> integer X, Browser will automatically stop logging
> after X seconds and flush the complete NetLogs to disk.
>
> Bug: 40283474
> Change-Id: Ia958aae8caae4ffcfcfc78ce0e19516fcbaf4006
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6293542
> Reviewed-by: Andrew Williams <awillia@chromium.org>
> Commit-Queue: krishna dheeraj Pannala <kpannala@microsoft.com>
> Reviewed-by: Adam Rice <ricea@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1431364}
Bug: 40283474
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Change-Id: Ie4390e81e77f05ecd96b164481f50b7a3df4db30
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6347498
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Alexander Hendrich <hendrich@chromium.org>
Auto-Submit: Alexander Hendrich <hendrich@chromium.org>
Commit-Queue: Alexander Hendrich <hendrich@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1431406}
flag.
Net logs generated via the command line were often
truncated due to insufficient mechanisms to catch
close event.This change introduces the --net-log-duration
flag,which specifies the duration (in seconds)
for network logging. When provided with a positive
integer X, Browser will automatically stop logging
after X seconds and flush the complete NetLogs to disk.
Bug: 40283474
Change-Id: Ia958aae8caae4ffcfcfc78ce0e19516fcbaf4006
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6293542
Reviewed-by: Andrew Williams <awillia@chromium.org>
Commit-Queue: krishna dheeraj Pannala <kpannala@microsoft.com>
Reviewed-by: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1431364}
Records a subsampled metric for the time taken from when the sender
calls a mojo interface function to when the receiver's implementation
is called.
Metric is split by receiving thread for some important threads.
Bug: 356125152
Change-Id: I92154779b075d7815403a91919c2cee31ee67aae
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5784162
Reviewed-by: Jonathan Ross <jonross@chromium.org>
Reviewed-by: Ken Rockot <rockot@google.com>
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Commit-Queue: Michael Thiessen <mthiesse@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1343233}
This CL makes the following changes:
* Renames GetNetMaximumFileSizeFromCommandLine() to
GetNetLogMaximumFileSizeFromCommandLine().
* Changes its return type from int64_t to uint64_t, because it may
return the maximum uint64_t value.
* Adds an explicit cast to uint64_t before shifting. This fixes parsing
for values >= 2**12.
* Adds test coverage, including a regression test for the linked bug.
Bug: 352496169
Change-Id: Ifd44fe4a1b58f83ba806753899e2e55ad02b37b8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5695988
Reviewed-by: Adam Rice <ricea@chromium.org>
Commit-Queue: Dan McArdle <dmcardle@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1326747}
The canonical bug format is TODO(crbug.com/<id>). TODOs of the
following forms will all be migrated to the new format:
- TODO(crbug.com/<old id>)
- TODO(https://crbug.com/<old id>)
- TODO(crbug/<old id>)
- TODO(crbug/monorail/<old id>)
- TODO(<old id>)
- TODO(issues.chromium.org/<old id>)
- TODO(https://issues.chromium.org/<old id>)
- TODO(https://issues.chromium.org/u/1/issues/<old id>)
- TODO(bugs.chromium.org/<old id>)
Bug id mapping is sourced from go/chrome-on-buganizer-prod-issues.
See go/crbug-todo-migration for details.
#crbug-todo-migration
Bug: b/321899722
Change-Id: Iee14d10d544e9f0ec046117cc4ec8a55c427adc0
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5469947
Reviewed-by: Darryl James <dljames@chromium.org>
Owners-Override: Alison Gale <agale@chromium.org>
Commit-Queue: Alison Gale <agale@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1290838}
The changes of this CL are made using the following script.
```
target_directory="content/browser"
replace_string_in_files() {
old_string="$1"
new_string="$2"
find "$target_directory" -type f \( -name "*.cc" -o -name "*.h" \) \
-exec sed -i '' "s/$old_string/$new_string/g" {} +
}
delete_include() {
find "$target_directory" \( -name "*.h" -o -name "*.cc" \) -print0 | while IFS= read -r -d '' file; do
grep -v '#include "base/strings/string_piece.h"' "$file" > "$file.tmp" && mv "$file.tmp" "$file"
done
}
add_include() {
find "$target_directory" \( -name "*.h" -o -name "*.cc" \) -print0 | while IFS= read -r -d '' file; do
local include_added=false
local tempfile=$(mktemp)
if grep -qE 'std::(string|u16string)_view' "$file"; then
while IFS= read -r line; do
echo "$line" >> "$tempfile"
if [[ $line =~ ^\s*#include ]]; then
if ! $include_added; then
echo "#include <string_view>" >> "$tempfile"
include_added=true
fi
fi
done < "$file"
mv "$tempfile" "$file"
if $include_added; then
echo "Added #include <string_view> after the first include line in $file"
else
echo "No include line found in $file"
fi
else
echo "std::string_view not found in $file"
fi
done
}
replace_string_in_files "base::StringPiece16" "std::u16string_view"
replace_string_in_files "base::StringPiece" "std::string_view"
delete_include
add_include
```
Replaced base::StringPiece16 with std::u16string_view
Replaced base::StringPiece with std::string_view
Removed header "base/strings/string_piece.h"
Added header "<string_view>" where applicable
Bug: 40506050
Change-Id: I2bc22c79dd9a0c839745afe065123f7a53c4a5ca
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5401117
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Commit-Queue: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1281746}
Includes fix for fuchsia build failure in original CL.
This reverts commit 913f4f5eb6 and is a
reland of commit 9778c34a8f.
Original commit message:
Removes the CertAndCTVerifier wrapper and moves the CTVerifier log list
updates to happen through the CertVerifierServiceFactory mojom interface
instead of the network service. (CT log lists are also still sent to the
network service as CT policy enforcement is not refactored in this CL.)
Only CertVerifyProcBuiltin implements CT verification, as CT is not
enabled on iOS or on Android Webview.
Bug: 848277, 1211074
Change-Id: I053b36bb779e1ae46ffb9e87f4a4c311f435cf96
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5113240
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Reviewed-by: Mustafa Emre Acer <meacer@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Commit-Queue: Matt Mueller <mattm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1236095}
Removes the CertAndCTVerifier wrapper and moves the CTVerifier log list
updates to happen through the CertVerifierServiceFactory mojom interface
instead of the network service. (CT log lists are also still sent to the
network service as CT policy enforcement is not refactored in this CL.)
Only CertVerifyProcBuiltin implements CT verification, as CT is not enabled on iOS or on Android Webview.
Bug: 848277, 1211074
Change-Id: I654f9ae9b5795728199e44c0737b061d08b50cf7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5068490
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Reviewed-by: Carlos IL <carlosil@chromium.org>
Commit-Queue: Matt Mueller <mattm@chromium.org>
Reviewed-by: Mustafa Emre Acer <meacer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1235934}
Currently, Chrome specific logic for bypassing IP Protection
exists in the underlying networking layers. The network stack
considers that first-party requests to top level frame will
not be IP Protected. While this is true for Chrome, this is
not in line with WebView's policy. Architecturally, network
stack (or other underlying layers) should be agnostic to
embedder specific logic.
This CL refactors the network stack in such a way that the
network stack support multiple bypass policies and allows
the embedder to set the policy it requires using the general
interfaces provided to plumb data between the layers
in Chromium.
Additionally, some minor clean up is also done along the way.
(e.g. making tests adhere to go/gunitfaq).
Bug: 1499905
Change-Id: I3230fd22ac34d8c82973d5f9a23a3d73e7fba1f7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5002096
Reviewed-by: Alex Kallam <aakallam@chromium.org>
Reviewed-by: Peter Beverloo <peter@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Commit-Queue: Abhijith Nair <abhijithnair@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1224325}
This change modifies CreateTCPServerSocket to use a socket broker
on Windows for creating server sockets. It is necessary for support
for direct sockets to create server sockets in the network process.
This change adds two helper methods for CreateTCPServerSocket to support
the new IPC, and also adds an extra mojo::Remote<SocketBroker> to the
NetworkContextParams. The original socket_broker param has been renamed
to client_socket_factory_socket_broker to reflect that it is used
for client sockets, and the new param is called
server_socket_factory_socket_broker to reflect that it is used for
server sockets.
Bug: 1364137
Change-Id: Idd7d2f71f91bdbeb3a73bb857a57b1b6eb385f06
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4985697
Reviewed-by: Adam Rice <ricea@chromium.org>
Commit-Queue: Liza Burakova <liza@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1221923}
OnRestartNetworkServiceForTesting() ran a callback when the network
service was deliberately restarted. RegisterNetworkServiceCrashHandler()
ran a stack of callback handlers whenever the network service crashed.
The crash handlers wouldn't run when the network service was
deliberately restarted, but they probably should. And
OnRestartNetworkServiceForTesting() didn't allow registering multiple
callbacks. This CL combines the two functions into one.
The resulting RegisterNetworkServiceProcessGoneHandler() will be
useful for components that want to configure the network service, and
need to resend the configuration every time the network service
restarts.
Change-Id: I26a5c5a2849d0eb8878864738005d2376f372d80
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4990533
Reviewed-by: Adam Rice <ricea@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1219135}
Centralize the logic that sets Kerberos environment variables on
ChromeOS. The variables are KRB5CCNAME and KRB5_CONFIG, and they
correspond to the file path of the Kerberos credentials cache and
configuration, respectively.
This CL removes the logic from KerberosFileHandler that used to update
these variables inside the user session. Now, the variables are only set
when the network service starts, or restarts. This prevents crashes that
can be caused by modifying environment variables in multi-threaded
processes. See crbug.com/1258587 and the bugs linked to this CL for more
details.
Additionally, the environment variables on ChromeOS are now using
`/home/chronos/user`, which is the bind mount of the active user. The
`/home/chronos/u-<hash>` format can't always be used because the network
service often starts before a user signs in to the device.
Bug: 1259918, b:260520562
Change-Id: I5a29f9fb3d46cf2bccbb7d5eee20891f61205bfb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4975125
Reviewed-by: Clark DuVall <cduvall@chromium.org>
Commit-Queue: Felipe Andrade <fsandrade@chromium.org>
Reviewed-by: Pavol Marko <pmarko@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1215715}
In Ash, the kerberos environment variables (KRB5CCNAME and KRB5_CONFIG)
were only sent to the network service (which runs gssapi libraries) the
first time it starts. If the network service crashes or restarts, the
env vars would not be sent to the new network service.
Lacros correctly sends the env vars as initialization params to each new
network service, and uses the same values as Ash. Reuse the Lacros code
for Ash.
Change-Id: Ib26f3ae29360361f661de65ec7101b947b98a26b
Bug: 1494567
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4960622
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Auto-Submit: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Clark DuVall <cduvall@chromium.org>
Reviewed-by: Felipe Andrade <fsandrade@chromium.org>
Commit-Queue: Clark DuVall <cduvall@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1213785}
The USE_SOCKET_BROKER flag was just "is_android || is_win" and since
the network service sandbox will not run on android this flag can be
replaced with just IS_WIN
Bug: 1485298
Change-Id: I8f153aa4ce3afc6442f47ce62db675385e9ff7e5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4880087
Commit-Queue: Liza Burakova <liza@chromium.org>
Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1201616}
This reverts commit a922565736.
Reason for revert: This did not show any improvement.
Original change's description:
> Add a high priority queue for sync cookie calls in the network service
>
> This change adds a minimal scheduler for the network service thread
> which has a default task queue and high priority task queue. The
> RestrictedCookieManager interface will be bound using the high priority
> task queue, which should make the sync cookie accesses/writes from the
> renderer faster if there are other tasks that need to be run in the
> network service.
>
> The hope is that re-ordering these tasks with other network tasks will
> not be a problem since they are generally called as sync calls from the
> renderer. If there turns out to be problems with this later we can
> revisit how tasks are prioritized.
>
> Bug: 1448685
> Change-Id: I42f7f4e895a0b7d8708c49db707aab6286ef18bf
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4561626
> Commit-Queue: Clark DuVall <cduvall@chromium.org>
> Reviewed-by: Scott Haseley <shaseley@chromium.org>
> Reviewed-by: John Abd-El-Malek <jam@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1149519}
Bug: 1448685
Change-Id: I23d627113a8697bc14521d4673588c226b97c573
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4880044
Reviewed-by: Scott Haseley <shaseley@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Commit-Queue: Clark DuVall <cduvall@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1199314}
This is a reland of commit 5dfa5d11f4
The new sandbox tests should be skipped if the sandbox is disabled
on the command line.
Original change's description:
> Cros network service sandbox: Unsandboxed if kerberos is enabled
>
> The Linux/cros network service sandbox is incompatible with kerberos.
> So, the network service will start unsandboxed if kerberos is
> enabled, regardless of feature state or enterprise policy.
>
> The KerberosEnabled enterprise policy can change at runtime. If it
> flips to enabled, shut down the network service so it restarts
> unsandboxed. This is not a sandbox hole because only admins
> can enable kerberos.
>
> Change-Id: I4ae1356f31c3f9182a0db803a2ee22ec7bd1744e
> Bug: 1079808
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4753004
> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
> Reviewed-by: Matt Menke <mmenke@chromium.org>
> Commit-Queue: Matthew Denton <mpdenton@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1180982}
Bug: 1079808, 1473197
Change-Id: I877ff17df78e1d3d34f90ff95ebd0e8886b3cf2f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4777750
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Auto-Submit: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1185061}
This reverts commit 5dfa5d11f4.
Reason for revert:
SystemNetworkContextManagerNetworkServiceSandboxEnabledBrowsertest.NetworkServiceRestartsUnsandboxedOnKerberosEnabled
is failing on Linux Chromium OS ASan LSan
First failure: https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20Chromium%20OS%20ASan%20LSan%20Tests%20(1)/52807/overview
Original change's description:
> Cros network service sandbox: Unsandboxed if kerberos is enabled
>
> The Linux/cros network service sandbox is incompatible with kerberos.
> So, the network service will start unsandboxed if kerberos is
> enabled, regardless of feature state or enterprise policy.
>
> The KerberosEnabled enterprise policy can change at runtime. If it
> flips to enabled, shut down the network service so it restarts
> unsandboxed. This is not a sandbox hole because only admins
> can enable kerberos.
>
> Change-Id: I4ae1356f31c3f9182a0db803a2ee22ec7bd1744e
> Bug: 1079808
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4753004
> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
> Reviewed-by: Matt Menke <mmenke@chromium.org>
> Commit-Queue: Matthew Denton <mpdenton@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1180982}
Bug: 1079808
Change-Id: Ida288eec87d64b363f7c68ce327e2904f00769ad
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4763626
Auto-Submit: Christos Froussios <cfroussios@google.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Christos Froussios <cfroussios@google.com>
Owners-Override: Christos Froussios <cfroussios@google.com>
Cr-Commit-Position: refs/heads/main@{#1181303}
The Linux/cros network service sandbox is incompatible with kerberos.
So, the network service will start unsandboxed if kerberos is
enabled, regardless of feature state or enterprise policy.
The KerberosEnabled enterprise policy can change at runtime. If it
flips to enabled, shut down the network service so it restarts
unsandboxed. This is not a sandbox hole because only admins
can enable kerberos.
Change-Id: I4ae1356f31c3f9182a0db803a2ee22ec7bd1744e
Bug: 1079808
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4753004
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1180982}
Rather than calling directly to the network service remote, network
contexts should be created using the
CreateNetworkContextInNetworkService to ensure that appropriate
initialization such as socket broker connection occurs.
On Android, since CreateNetworkContextInNetworkService is called early
during init from DownloadManagerService, the thread checks in the
function are made consistent with other functions in
network_service_instance_impl.cc.
This is covered by existing tests, namely
SystemNetworkContext/NetworkContextConfigurationBrowserTest* when
run with network sandbox enabled.
BUG=1469732
Change-Id: Ia67d2ec63fb86893d24cbfb875aaed3423f8fb3b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4744763
Commit-Queue: Will Harris <wfh@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Kenichi Ishibashi <bashi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1179327}
The reland fixes previous breakage by disabling the file size checks
for Fuchsia builds in NetworkServiceBoundedNetLogBrowserTest.
This CL adds support for a maximum file size flag when invoking
net-log export from the command line. The flag allows a user to specify the max size in MB for a net-log file.
Bug: 1463983, 1466701
Change-Id: I529d3efed9fa9cf312a0d091421becc8b2f89dd4
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4706170
Reviewed-by: Bo Liu <boliu@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Commit-Queue: Steven Bingler <bingler@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1175655}
This CL moves http_cache_directory and shared_dictionary_directory
to the NetworkContextFilePath struct. This is to keep all filepaths
consistently within the NetworkContextFilePaths.
For the most part there are no functional changes as these parameters already exist, the majority of the changes modify callers to make sure they set parameters correctly.
The only slight change is that MaybeGrantSandboxAccessToNetworkContextData() now checks if any file_paths exist in the beginning, and does a follow up check to see if data_directory is empty as there is now a possibility that the file_paths exist but the data_directory has not been set. The end result is the same, however, as the method still returns kDidNotAttemptToGrantSandboxAccess in these cases.
Bug: 1333558
Change-Id: I15cd6994b2a6c97305560d68c99eaa4f11b10a26
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4615930
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Liza Burakova <liza@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Reviewed-by: Andrey Kosyakov <caseq@chromium.org>
Reviewed-by: Kenichi Ishibashi <bashi@chromium.org>
Reviewed-by: Bo Liu <boliu@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1161873}
System DNS resolution was being run at USER_VISIBLE task priority.
The definition of USER_BLOCKING includes the loading path, and
system DNS resolution is on the loading path, so it shouldn't
run at a lower priority.
Also, the browser's UI thread was handling requests from the network
service for out-of-process system DNS resolution and then farming
those requests out to the thread pool. There's no reason to deal
with the UI thread contention and so the dispatcher for system DNS
resolution requests will now run on a thread pool sequence at
USER_BLOCKING priority.
Bug: 1312224, 1320192
Change-Id: I1bcc7277fd22cd9deaf0dcdd1bb9c1e326d849b1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4617671
Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1159880}
This CL reenables empty network service with
- introducing strict conditions to avoid the found crashes ([1]).
- add kRegisterEmptyNetworkService command line switch to launch the
service in the utility process correctly.
[1] https://crbug.com/1446571: Chrome_Android: Crash Report
ChromeContentBrowserClient::GetApplicationLocale
Bug: 1448414
Change-Id: If1b340de582c189cad11192d827e1923692e7001
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4569853
Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
Commit-Queue: Yoichi Osato <yoichio@chromium.org>
Reviewed-by: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1157972}
Since kNetworkServiceInProcess flag doesn't imply
IsInProcessNetworkService directly due to some environment
restriction, add new function to force that.
This CL also moves the flag check in the tests from SetUp() to
SetUpOnMainThread() because t/v/fieldtrial_testing_config.json applies
flags at content::ShellContentBrowserClient::SetUpFieldTrials(), which
is called after SetUp().
Bug: 1395707
Change-Id: Ice6205294e6633c03da927be5e15da2ca4216023
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4520651
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Auto-Submit: Yoichi Osato <yoichio@chromium.org>
Commit-Queue: John Abd-El-Malek <jam@chromium.org>
Owners-Override: John Abd-El-Malek <jam@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1152173}
That's because all functions are called from browser process.
For content/renderer/workers, IsOutOfProcessNetworkService() is
used ([1]) to terminate workers if the network service crashes.
However, if the crashed network service is in the browser process,
then the workers are going to get terminated anyway, so introducing
this condition doesn't actually help. Thus we can remove them.
[1] https://chromium-review.googlesource.com/c/chromium/src/+/1264139
Bug: 1329834
Change-Id: Iaf3c9847b2231aef9e413481d6bdf53f7e9065ba
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4547630
Auto-Submit: Yoichi Osato <yoichio@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Owners-Override: John Abd-El-Malek <jam@chromium.org>
Commit-Queue: John Abd-El-Malek <jam@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1150766}
This change adds a minimal scheduler for the network service thread
which has a default task queue and high priority task queue. The
RestrictedCookieManager interface will be bound using the high priority
task queue, which should make the sync cookie accesses/writes from the
renderer faster if there are other tasks that need to be run in the
network service.
The hope is that re-ordering these tasks with other network tasks will
not be a problem since they are generally called as sync calls from the
renderer. If there turns out to be problems with this later we can
revisit how tasks are prioritized.
Bug: 1448685
Change-Id: I42f7f4e895a0b7d8708c49db707aab6286ef18bf
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4561626
Commit-Queue: Clark DuVall <cduvall@chromium.org>
Reviewed-by: Scott Haseley <shaseley@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1149519}
After https://crrev.com/c/4535476, when
CompressionDictionaryTransportBackend feature is enabled,
StoragePartitionImpl sets shared_dictionary_enabled flag of
NetworkContextParams. And NetworkContext uses
SharedDictionaryManagerInMemory.
This CL introduces a new shared_dictionary_directory flag in
NetworkContextParams which is set when the StoragePartition is not in
memory (non-incognito). NetworkContext will
SharedDictionaryManagerOnDisk and the downloaded shared dictionary will
be persisted on disk.
This CL introduces Net.SharedDictionaryManagerOnDisk.DictionarySize
UMA which is recorded when SharedDictionaryManagerOnDisk succeeded to
store the dictionary on disk cache and database.
Binary-Size: Size increase is unavoidable
Fuchsia-Binary-Size: Size increase is unavoidable
Include-Ci-Only-Tests: true
Low-Coverage-Reason: Logging code for unexpected system failure.
Bug: 1413922
Change-Id: I4c159c91b9bcd9730921790d7557e9486caee8e1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4546508
Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Commit-Queue: Tsuyoshi Horo <horo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1148255}
This CL adds empty network service out of process for measuring memory
impact on Android.
The empty network service lives on new utility process and virtually does
nothing (implementation is ~20 lines of code in c/u/services.cc.)
The empty service is enabled only if the canonical network service
is in process to see additional process overhead on Android.
Bug: 1395707
Change-Id: Ieb0902a87134d1ae0af56f6b9d7940944863e450
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4374282
Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
Commit-Queue: Yoichi Osato <yoichio@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1143838}
This CL removes expired histograms:
- Navigation.CommitTimeout.NetworkServiceAvailability (expired as of M82)
- Navigation.CommitTimeout.NetworkServiceLastCrashTime (expired as of M82)
- Navigation.CommitTimeout.NetworkServicePingTime (expired as of M82)
- Navigation.CommitTimeout.Scheme (expired as of M82)
- Navigation.IsSameProcess.* (expired as of M85)
No behavior changes.
Bug: 1384581, 1088973
Change-Id: I1cac5483f960efcebc62f6839987c007bf987a5a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4442185
Reviewed-by: Luc Nguyen <lucnguyen@google.com>
Commit-Queue: Asami Doi <asamidoi@chromium.org>
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Auto-Submit: Asami Doi <asamidoi@chromium.org>
Code-Coverage: Findit <findit-for-me@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#1134475}
The Network service's cached AddressMap and set of online links
can be out of sync with the browser process because it doesn't
receive updates when the browser process's AddressTrackerLinux receives
updates from the kernel. This CL syncs the diffs to the network
service.
Bug: 1312226, 1383352
Change-Id: I8597dc1f03b6f82c06dd2f4afe9a0325b3b137a5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4062625
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Adam Rice <ricea@chromium.org>
Code-Coverage: Findit <findit-for-me@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#1133607}
The network service will use a cached AddressMap and set of online links
to avoid using AddressTrackerLinux in the network service. The first
step is to send an initial version of the AddressMap and set of online
links in the NetworkServiceParams.
This includes a browsertest to check that sending (fake) netlink
messages to the AddressTrackerLinux results in the expected cached
info in the network service.
Bug: 1312226, 1383352
Change-Id: I671f9b85c39a561a4534a57aa4665bb9024d4c95
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4432091
Code-Coverage: Findit <findit-for-me@appspot.gserviceaccount.com>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1132897}
(Reland of https://crrev.com/c/4390596 with fixes for a race in a test
and CT errors in tests that only showed up on official builders.)
Previously the choice to use CRS is locked in by
cert_verifier_configuration.cc on the first time it is initialized.
However this would be problematic for enterprise policies especially on
chromeos where the profile policies won't be loaded during the login
screen, so the wrong value could get locked in. Make the policy support
dynamic_refresh, so that it would be applied once the profile policy
loads. Making it support dynamic_refresh also makes the policy more
user-friendly in other scenarios too.
To do this the CRS boolean is added as another parameter to the
CertVerifierWithUpdatableProc factory, so that the factory can create a
new verifier with or without CRS when the parameter changes. The
parameter is saved by the CertVerifierServiceFactory so that all
verifiers created by the factory will use the same setting, and any
existing verifiers created by the factory will be updated to use the new
setting if it changes.
Bug: 1340420, 1352171, 1432297
Validate-Test-Flakiness: skip
Change-Id: I3c04b1c9daf12660894d37ac520528b98c0bc511
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4415805
Commit-Queue: Matt Mueller <mattm@chromium.org>
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Igor <igorcov@chromium.org>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Reviewed-by: Demetrios Papadopoulos <dpapad@chromium.org>
Reviewed-by: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1129536}
This reverts commit e1f06cd9b6.
Reason for revert: Suspect for crbug.com/1432297
Original change's description:
> Refactor how Chrome Root Store is enabled in builds where it is optional
>
> Previously the choice to use CRS is locked in by
> cert_verifier_configuration.cc on the first time it is initialized.
> However this would be problematic for enterprise policies especially on
> chromeos where the profile policies won't be loaded during the login
> screen, so the wrong value could get locked in. Make the policy support
> dynamic_refresh, so that it would be applied once the profile policy
> loads. Making it support dynamic_refresh also makes the policy more
> user-friendly in other scenarios too.
>
> To do this the CRS boolean is added as another parameter to the
> CertVerifierWithUpdatableProc factory, so that the factory can create a
> new verifier with or without CRS when the parameter changes. The
> parameter is saved by the CertVerifierServiceFactory so that all
> verifiers created by the factory will use the same setting, and any
> existing verifiers created by the factory will be updated to use the new
> setting if it changes.
>
> Bug: 1340420, 1352171
> Change-Id: I4a6ad6abffb1036ab47db1795ed81c7adfaac7a5
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4390596
> Reviewed-by: Demetrios Papadopoulos <dpapad@chromium.org>
> Reviewed-by: Igor <igorcov@chromium.org>
> Reviewed-by: Matthew Denton <mpdenton@chromium.org>
> Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
> Reviewed-by: Sorin Jianu <sorin@chromium.org>
> Commit-Queue: Matt Mueller <mattm@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1128702}
Bug: 1340420, 1352171, 1432297
Change-Id: Ice5dcd0ab4f8c6dda49a07099268c9664dceed98
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4416236
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Francois Pierre Doray <fdoray@chromium.org>
Commit-Queue: Francois Pierre Doray <fdoray@chromium.org>
Auto-Submit: Francois Pierre Doray <fdoray@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1128848}
Previously the choice to use CRS is locked in by
cert_verifier_configuration.cc on the first time it is initialized.
However this would be problematic for enterprise policies especially on
chromeos where the profile policies won't be loaded during the login
screen, so the wrong value could get locked in. Make the policy support
dynamic_refresh, so that it would be applied once the profile policy
loads. Making it support dynamic_refresh also makes the policy more
user-friendly in other scenarios too.
To do this the CRS boolean is added as another parameter to the
CertVerifierWithUpdatableProc factory, so that the factory can create a
new verifier with or without CRS when the parameter changes. The
parameter is saved by the CertVerifierServiceFactory so that all
verifiers created by the factory will use the same setting, and any
existing verifiers created by the factory will be updated to use the new
setting if it changes.
Bug: 1340420, 1352171
Change-Id: I4a6ad6abffb1036ab47db1795ed81c7adfaac7a5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4390596
Reviewed-by: Demetrios Papadopoulos <dpapad@chromium.org>
Reviewed-by: Igor <igorcov@chromium.org>
Reviewed-by: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Commit-Queue: Matt Mueller <mattm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1128702}
Add CertVerifier::Observer::OnCertVerifierChanged interface that higher
levels can register for notifications with CertVerifier::AddObserver to
be notified when the CertVerifier configuration changes (currently, by
a Chrome Root Store update, or more things in the future).
This notification is then passed up the stack from the base
MultiThreadedCertVerifier until it reaches CertVerifierServiceImpl,
which sends the notification through the new CertVerifierServiceClient
mojo interface to the MojoCertVerifier, which then passes it back
through the CertVerifier::Observer machinery to invalidate the caches in
CoalescingCertVerifier and CachingCertVerifier which live in the network
service.
Bug: 1427208
Change-Id: I013085f9a3824cfa0240f175bd08b77468771cd9
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4368281
Reviewed-by: Adam Rice <ricea@chromium.org>
Reviewed-by: Lambros Lambrou <lambroslambrou@chromium.org>
Reviewed-by: Kunihiko Sakamoto <ksakamoto@chromium.org>
Reviewed-by: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Dmitry Titov <dimich@chromium.org>
Commit-Queue: Matt Mueller <mattm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1127782}
In some unit tests, ForceCreateNetworkServiceDirectlyForTesting() but
ForceInProcessNetworkService(true) was not. So
IsOutOfProcessNetworkService() returned true even though it wasn't.
So have the former call the latter.
The NetworkService() constructor was using the existing of `registry_`
as an indication that the network service was out of process. That
also wasn't true. So just don't create a BinderRegistry if it's
unused (in the in-process case).
Bug: 1312226
Change-Id: I7aa319b5baa6017b2adf2d634ad22260f762b493
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4371542
Auto-Submit: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Adam Rice <ricea@chromium.org>
Commit-Queue: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1122903}
