From googleclient/chrome/chromium_gwsq/ipc/config.gwsq:
IPC: d...@chromium.org
📎 It looks like you’re making a possibly security-sensitive change! 📎 IPC security review isn’t a rubberstamp, so your friendly security reviewer will need a fair amount of context to review your CL effectively. Please review your CL description and code comments to make sure they provide context for someone unfamiliar with your project/area. Pay special attention to where data comes from and which processes it flows between (and their privilege levels). Feel free to point your security reviewer at design docs, bugs, or other links if you can’t reasonably make a self-contained CL description. (Also see https://cbea.ms/git-commit/).
IPC reviewer(s): d...@chromium.org
Reviewer source(s):
d...@chromium.org is from context(googleclient/chrome/chromium_gwsq/ipc/config.gwsq)
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Sorry, I still have some red bots, but they are some minor things due to IWYU that I'll address tomorrow, but I don't think this should affect the core change.
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Auto-Submit | +1 |
| Commit-Queue | +1 |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Auto-Submit | +1 |
| Commit-Queue | +1 |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
+arthursonzogni to cover more files
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Auto-Submit | +1 |
+khorimoto for chromeos/
+blundell for chrome/ and ui/ and ash/
+etiennep for services/tracing/
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Moving dom@ to cc since arthursonzogni@ owns a superset of files
| Code-Review | +1 |
services/tracing LGTM, thanks for the improvement!
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Code-Review | +1 |
| Commit-Queue | +2 |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Code-Review | +1 |
Thanks!
This is a nice refactoring.
LGTM % minor suggestions.
std::string_view switch_name;Opinion about `std::string` vs `std::string_view`?
I see you replaced the function argument by this class to store the argument, but maybe you should have used `std::string`, because there is a risk for the string_view to be dangling?
I understand this is only going to store a view to static string in theory. Maybe this class should be `STACK_ALLOCATED()`, to enforce it is only going to be used to pass as an argument, but never stored?
Using `std::string`, `std::string_view`, `STACK_ALLOCATED()` decision is up to you.
base::shared_memory::SharedMemorySwitch& shared_memory_switch,`shared_memory_switch` is modified. Maybe this should be a pointer instead of a reference?
According to the Google C++ Style Guide, input/output parameters should usually be pointers to indicate that the object may be modified.
(Unsure how well this is enforced in chrome)
#include "base/memory/raw_ref.h"Is this used?
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Code-Review | +1 |
| Auto-Submit | +1 |
-etieenep since Colin is an owner for services/ already
Opinion about `std::string` vs `std::string_view`?
I see you replaced the function argument by this class to store the argument, but maybe you should have used `std::string`, because there is a risk for the string_view to be dangling?
I understand this is only going to store a view to static string in theory. Maybe this class should be `STACK_ALLOCATED()`, to enforce it is only going to be used to pass as an argument, but never stored?
Using `std::string`, `std::string_view`, `STACK_ALLOCATED()` decision is up to you.
Went with STACK_ALLOCATED() plus a comment, thanks!
base::shared_memory::SharedMemorySwitch& shared_memory_switch,`shared_memory_switch` is modified. Maybe this should be a pointer instead of a reference?
According to the Google C++ Style Guide, input/output parameters should usually be pointers to indicate that the object may be modified.
(Unsure how well this is enforced in chrome)
The guidance has actually changed and non-null params are preferred to be passed by ref.
https://google.github.io/styleguide/cppguide.html#Inputs_and_Outputs
"non-optional output and input/output parameters should usually be references (which cannot be null)."
Also some internal links:
go/c-readability-advice#prefer-references
go/cstyle#Inputs_and_Outputs
In terms of Chromium, there's definitely a mix and I think pointer params are still more common, but for new code I've been following the new guidance.
#include "base/memory/raw_ref.h"Alexei SvitkineIs this used?
Removed, thanks!
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Refactor shared memory switch handling.
This change introduces a `base::shared_memory::SharedMemorySwitch`
struct to encapsulate the platform-specific details required to pass
shared memory handles to child processes.
The `AddToLaunchParameters` functions are now methods of this struct,
simplifying the interface by removing platform-specific arguments from
the function signatures. Call sites are updated to create and use a
`SharedMemorySwitch` object.
On POSIX platforms, the `out_descriptor_to_share` is now a member of
`SharedMemorySwitch`, and a helper function
`TransferSharedMemorySwitchDescriptor` is added to manage the transfer
of the descriptor to `FileMappedForLaunch`.
This refactoring reduces code duplication and makes the shared memory
passing mechanism more consistent across different platforms.
Also includes some IWYU fixes resulting from removing some header
imports.
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |