Add an IPC channel between the NaCl loader process and the renderer.

chrome/renderer/pepper/ppb_nacl_private_impl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/renderer/pepper/ppb_nacl_private_impl.h"
 
 #ifndef DISABLE_NACL
 
 #include "base/command_line.h"
 #include "base/lazy_instance.h"
 #include "base/logging.h"
+#include "base/message_loop.h"
 #include "base/rand_util.h"
+#include "chrome/common/chrome_switches.h"
 #include "chrome/common/render_messages.h"
+#include "content/public/common/content_client.h"
 #include "content/public/common/content_switches.h"
+#include "content/public/common/sandbox_init.h"
 #include "content/public/renderer/render_thread.h"
+#include "content/public/renderer/render_view.h"
 #include "ipc/ipc_sync_message_filter.h"
 #include "ppapi/c/private/ppb_nacl_private.h"
 #include "ppapi/native_client/src/trusted/plugin/nacl_entry_points.h"
+#include "ppapi/proxy/host_dispatcher.h"
+#include "ppapi/proxy/proxy_channel.h"
+#include "ppapi/shared_impl/ppapi_preferences.h"
+#include "third_party/WebKit/Source/WebKit/chromium/public/WebDocument.h"
+#include "third_party/WebKit/Source/WebKit/chromium/public/WebElement.h"
+#include "third_party/WebKit/Source/WebKit/chromium/public/WebFrame.h"
+#include "third_party/WebKit/Source/WebKit/chromium/public/WebPluginContainer.h"
+#include "third_party/WebKit/Source/WebKit/chromium/public/WebView.h"
+#include "webkit/plugins/ppapi/host_globals.h"
+#include "webkit/plugins/ppapi/plugin_module.h"
+#include "webkit/plugins/ppapi/ppapi_plugin_instance.h"
 
-#if defined(OS_WIN)
-#include "content/public/common/sandbox_init.h"
-#endif
+using content::RenderThread;
+using content::RenderView;
+using webkit::ppapi::HostGlobals;
+using webkit::ppapi::PluginInstance;
+using WebKit::WebView;
 
 namespace {
 
 base::LazyInstance<scoped_refptr<IPC::SyncMessageFilter> >
     g_background_thread_sender = LAZY_INSTANCE_INITIALIZER;
 
+base::LazyInstance<IPC::ChannelHandle> g_ipc_channel_handle =

[Mark Seaborn, 2012/06/20 19:24:40]

Why is this a global variable?  A global is very likely to go wrong here.  What
needs to be changed so that this is not a global?

[bbudge, 2012/06/21 00:00:46]

Changed to a global map that associates ChannelHandles with PP_Instances.

[Mark Seaborn, 2012/06/21 15:30:03]

OK, but using a global still isn't very good.  If there's an error between
adding the channel to the global map and using it, you'll leak the channel.  Can
you change LaunchSelLdr() to return the ChannelHandle as well?  You already have
it returning the PP_Instance.

[bbudge, 2012/06/21 18:16:53]

An IPC::ChannelHandle is a small struct that contains a std::string. The channel
handle has to be used here. The plugin has no knowledge of the IPC channel.

+    LAZY_INSTANCE_INITIALIZER;
+base::ProcessId g_plugin_process_id;

[Mark Seaborn, 2012/06/20 19:24:40]

This variable is assigned to but never read.

[bbudge, 2012/06/21 00:00:46]

Done.

+
 // Launch NaCl's sel_ldr process.
 PP_Bool LaunchSelLdr(PP_Instance instance,
                      const char* alleged_url, int socket_count,
                      void* imc_handles) {
   std::vector<nacl::FileDescriptor> sockets;
   IPC::Sender* sender = content::RenderThread::Get();
   if (sender == NULL)
     sender = g_background_thread_sender.Pointer()->get();
 
   if (!sender->Send(new ChromeViewHostMsg_LaunchNaCl(
-          GURL(alleged_url), socket_count, &sockets)))
+          GURL(alleged_url), socket_count, &sockets,
+          g_ipc_channel_handle.Pointer(),
+          &g_plugin_process_id)))
     return PP_FALSE;
 
   CHECK(static_cast<int>(sockets.size()) == socket_count);
   for (int i = 0; i < socket_count; i++) {
     static_cast<nacl::Handle*>(imc_handles)[i] =
         nacl::ToNativeHandle(sockets[i]);
   }
 
   return PP_TRUE;
 }
 
+class ProxyChannelDelegate
+    : public ppapi::proxy::ProxyChannel::Delegate {
+ public:
+  ProxyChannelDelegate();
+  virtual ~ProxyChannelDelegate();
+
+  // ProxyChannel::Delegate implementation.
+  virtual base::MessageLoopProxy* GetIPCMessageLoop() OVERRIDE;
+  virtual base::WaitableEvent* GetShutdownEvent() OVERRIDE;
+  virtual IPC::PlatformFileForTransit ShareHandleWithRemote(
+      base::PlatformFile handle,
+      const IPC::SyncChannel& channel,
+      bool should_close_source) OVERRIDE;
+ private:
+  base::WaitableEvent shutdown_event_;
+};
+
+ProxyChannelDelegate::ProxyChannelDelegate()
+    : shutdown_event_(true, false) {}

[dmichael (off chromium), 2012/06/20 22:34:32]

style nit: I'd put } on the next line to be consistent.

[bbudge, 2012/06/21 00:00:46]

Done.

+
+ProxyChannelDelegate::~ProxyChannelDelegate() {
+}
+
+base::MessageLoopProxy* ProxyChannelDelegate::GetIPCMessageLoop() {
+  return RenderThread::Get()->GetIOMessageLoopProxy().get();
+}
+
+base::WaitableEvent* ProxyChannelDelegate::GetShutdownEvent() {
+  return &shutdown_event_;
+}
+
+IPC::PlatformFileForTransit ProxyChannelDelegate::ShareHandleWithRemote(
+    base::PlatformFile handle,
+    const IPC::SyncChannel& channel,
+    bool should_close_source) {
+  return content::BrokerGetFileHandleForProcess(handle, channel.peer_pid(),
+                                                should_close_source);
+}
+
+// Stubbed out SyncMessageStatusReceiver, required by HostDispatcher.

[dmichael (off chromium), 2012/06/20 22:34:32]

Should we add a TODO?

[bbudge, 2012/06/21 00:00:46]

Done.

+class SyncMessageStatusReceiver
+    : public ppapi::proxy::HostDispatcher::SyncMessageStatusReceiver {
+ public:
+  SyncMessageStatusReceiver() {}
+
+  // SyncMessageStatusReceiver implementation.
+  virtual void BeginBlockOnSyncMessage() OVERRIDE {}
+  virtual void EndBlockOnSyncMessage() OVERRIDE {}
+
+ private:
+  virtual ~SyncMessageStatusReceiver() {}
+};
+
+class OutOfProcessProxy
+    : public webkit::ppapi::PluginDelegate::OutOfProcessProxy {
+ public:
+  OutOfProcessProxy() {}
+  virtual ~OutOfProcessProxy() {}
+
+  bool Init(const IPC::ChannelHandle& channel_handle,
+            PP_Module pp_module,
+            PP_GetInterface_Func local_get_interface,
+            const ppapi::Preferences& preferences,
+            SyncMessageStatusReceiver* status_receiver) {
+    if (channel_handle.name.empty())
+      return false;
+
+#if defined(OS_POSIX)
+    DCHECK_NE(-1, channel_handle.socket.fd);
+    if (channel_handle.socket.fd == -1)
+      return false;
+#endif
+
+    dispatcher_delegate_.reset(new ProxyChannelDelegate);
+    dispatcher_.reset(new ppapi::proxy::HostDispatcher(
+        pp_module, local_get_interface, status_receiver));
+
+    if (!dispatcher_->InitHostWithChannel(dispatcher_delegate_.get(),
+                                          channel_handle,
+                                          true,  // Client.
+                                          preferences)) {
+      dispatcher_.reset();
+      dispatcher_delegate_.reset();
+      return false;
+    }
+
+    return true;
+  }
+
+  // OutOfProcessProxy implementation.
+  virtual const void* GetProxiedInterface(const char* name) OVERRIDE {
+    return dispatcher_->GetProxiedInterface(name);
+  }
+  virtual void AddInstance(PP_Instance instance) OVERRIDE {
+    ppapi::proxy::HostDispatcher::SetForInstance(instance, dispatcher_.get());
+  }
+  virtual void RemoveInstance(PP_Instance instance) OVERRIDE {
+    ppapi::proxy::HostDispatcher::RemoveForInstance(instance);
+  }
+
+ private:
+  scoped_ptr<ppapi::proxy::HostDispatcher> dispatcher_;
+  scoped_ptr<ppapi::proxy::ProxyChannel::Delegate> dispatcher_delegate_;
+};
+
 PP_Bool StartPpapiProxy(PP_Instance instance) {
+  if (CommandLine::ForCurrentProcess()->HasSwitch(
+          switches::kEnableNaClIPCProxy)) {
+    IPC::ChannelHandle& channel_handle = g_ipc_channel_handle.Get();
+    if (channel_handle.name.empty())
+      return PP_FALSE;
+
+    webkit::ppapi::PluginInstance* plugin_instance =
+        content::GetHostGlobals()->GetInstance(instance);
+    if (!plugin_instance)
+      return PP_FALSE;
+
+    WebView* web_view =
+        plugin_instance->container()->element().document().frame()->view();
+    RenderView* render_view = content::RenderView::FromWebView(web_view);
+
+    webkit::ppapi::PluginModule* plugin_module = plugin_instance->module();
+
+    scoped_refptr<SyncMessageStatusReceiver>
+        status_receiver(new SyncMessageStatusReceiver());
+    scoped_ptr<OutOfProcessProxy> out_of_process_proxy(new OutOfProcessProxy);
+    if (out_of_process_proxy->Init(
+            channel_handle,
+            plugin_module->pp_module(),
+            webkit::ppapi::PluginModule::GetLocalGetInterfaceFunc(),
+            ppapi::Preferences(render_view->GetWebkitPreferences()),
+            status_receiver.get())) {
+      out_of_process_proxy->AddInstance(instance);
+      plugin_module->InitAsProxiedNaCl(out_of_process_proxy.release(),

[dmichael (off chromium), 2012/06/20 22:34:32]

nit: We should probably use Pass() here and take scoped_ptr in InitAsProxiedNaCl
to clarify that it's transfer of ownership.

[bbudge, 2012/06/21 00:00:46]

Done.

+                                       instance);
+      return PP_TRUE;
+    }
+  }
+
   return PP_FALSE;
 }
 
 int UrandomFD(void) {
 #if defined(OS_POSIX)
   return base::GetUrandomFD();
 #else
   return -1;
 #endif
 }
@@ skipping 30 matching lines @@
   &BrokerDuplicateHandle,
 };
 
 }  // namespace
 
 const PPB_NaCl_Private* PPB_NaCl_Private_Impl::GetInterface() {
   return &nacl_interface;
 }
 
 #endif  // DISABLE_NACL