Make sure SetIsLockedToSite is called for respawned renderers.

Bug: 807651, 848909 Change-Id: If109b4fed7cdbfcf3774335bdebc1db4b9182b4c Reviewed-on: https://chromium-review.googlesource.com/1083494 Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org> Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Cr-Commit-Position: refs/heads/master@{#565017}

Make sure SetIsLockedToSite is called for respawned renderers.
Bug: 807651, 848909 Change-Id: If109b4fed7cdbfcf3774335bdebc1db4b9182b4c Reviewed-on: https://chromium-review.googlesource.com/1083494 Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org> Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Cr-Commit-Position: refs/heads/master@{#565017}
5f7e34af · Lukasz Anforowicz · Commit Bot · 98095c71 · 5f7e34af · 5f7e34af
Commit 5f7e34af authored Jun 06, 2018 by Lukasz Anforowicz Committed by Commit Bot Jun 06, 2018
4 changed files
--- a/content/browser/child_process_security_policy_impl.cc
+++ b/content/browser/child_process_security_policy_impl.cc
@@ -1064,6 +1064,10 @@ bool ChildProcessSecurityPolicyImpl::HasSpecificPermissionForOrigin(
 void ChildProcessSecurityPolicyImpl::LockToOrigin(int child_id,
                                                  const GURL& gurl) {
+  // LockToOrigin should only be called on the UI thread (OTOH, it is okay to
+  // call GetOriginLock or CheckOriginLock from any thread).
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
  // "gurl" can be currently empty in some cases, such as file://blah.
  DCHECK(SiteInstanceImpl::GetSiteForURL(nullptr, gurl) == gurl);
  base::AutoLock lock(lock_);

--- a/content/browser/dom_storage/session_storage_namespace_impl_mojo_unittest.cc
+++ b/content/browser/dom_storage/session_storage_namespace_impl_mojo_unittest.cc
@@ -7,11 +7,11 @@
 #include "base/guid.h"
 #include "base/memory/ptr_util.h"
 #include "base/run_loop.h"
-#include "base/test/scoped_task_environment.h"
 #include "components/services/leveldb/public/cpp/util.h"
 #include "content/browser/child_process_security_policy_impl.h"
 #include "content/browser/dom_storage/session_storage_data_map.h"
 #include "content/browser/dom_storage/session_storage_metadata.h"
+#include "content/public/test/test_browser_thread_bundle.h"
 #include "content/test/fake_leveldb_database.h"
 #include "content/test/leveldb_wrapper_test_util.h"
 #include "mojo/edk/embedder/embedder.h"
@@ -150,7 +150,7 @@ class SessionStorageNamespaceImplMojoTest : public testing::Test {
  }
 protected:
-  base::test::ScopedTaskEnvironment task_environment_;
+  TestBrowserThreadBundle test_browser_thread_bundle_;
  const std::string test_namespace_id1_;
  const std::string test_namespace_id2_;
  const url::Origin test_origin1_;

--- a/content/browser/renderer_host/render_process_host_impl.cc
+++ b/content/browser/renderer_host/render_process_host_impl.cc
@@ -1660,13 +1660,6 @@ bool RenderProcessHostImpl::Init() {
    ui::GpuSwitchingManager::GetInstance()->AddObserver(this);
  }
-  GetRendererInterface()->SetUserAgent(GetContentClient()->GetUserAgent());
-  if (SiteIsolationPolicy::UseDedicatedProcessesForAllSites() &&
-      base::FeatureList::IsEnabled(features::kV8LowMemoryModeForSubframes)) {
-    GetRendererInterface()->EnableV8LowMemoryMode();
-  }
  is_initialized_ = true;
  init_time_ = base::TimeTicks::Now();
  return true;
@@ -2549,10 +2542,25 @@ bool RenderProcessHostImpl::HostHasNotBeenUsed() {
 void RenderProcessHostImpl::LockToOrigin(const GURL& lock_url) {
  ChildProcessSecurityPolicyImpl::GetInstance()->LockToOrigin(GetID(),
                                                              lock_url);
-  // Notify renderer that it has been locked to a site, if |lock_url| has
-  // scheme and host.
+  // Note that LockToOrigin is only called once per RenderProcessHostImpl (when
-  if (SiteInstanceImpl::IsOriginLockASite(lock_url))
+  // committing a navigation into an empty renderer).  Therefore, the call to
-    GetRendererInterface()->SetIsLockedToSite();
+  // NotifyRendererIfLockedToSite below is insufficient for setting up renderers
+  // respawned after crashing - this is handled by another call to
+  // NotifyRendererIfLockedToSite from OnProcessLaunched.
+  NotifyRendererIfLockedToSite();
+}
+void RenderProcessHostImpl::NotifyRendererIfLockedToSite() {
+  GURL lock_url =
+      ChildProcessSecurityPolicyImpl::GetInstance()->GetOriginLock(GetID());
+  if (!lock_url.is_valid())
+    return;
+  if (!SiteInstanceImpl::IsOriginLockASite(lock_url))
+    return;
+  GetRendererInterface()->SetIsLockedToSite();
 }
 bool RenderProcessHostImpl::IsForGuestsOnly() const {
@@ -4123,6 +4131,14 @@ void RenderProcessHostImpl::OnProcessLaunched() {
    CreateSharedRendererHistogramAllocator();
  }
+  // Pass bits of global renderer state to the renderer.
+  GetRendererInterface()->SetUserAgent(GetContentClient()->GetUserAgent());
+  NotifyRendererIfLockedToSite();
+  if (SiteIsolationPolicy::UseDedicatedProcessesForAllSites() &&
+      base::FeatureList::IsEnabled(features::kV8LowMemoryModeForSubframes)) {
+    GetRendererInterface()->EnableV8LowMemoryMode();
+  }
  // NOTE: This needs to be before flushing queued messages, because
  // ExtensionService uses this notification to initialize the renderer process
  // with state that must be there before any JavaScript executes.

--- a/content/browser/renderer_host/render_process_host_impl.h
+++ b/content/browser/renderer_host/render_process_host_impl.h
@@ -573,6 +573,7 @@ class CONTENT_EXPORT RenderProcessHostImpl
  base::FilePath GetAecDumpFilePathWithExtensions(const base::FilePath& file);
  base::SequencedTaskRunner& GetAecDumpFileTaskRunner();
  void OnAec3Enabled();
+  void NotifyRendererIfLockedToSite();
  static void OnMojoError(int render_process_id, const std::string& error);