Add an interface for nacl to create delete-on-close temp files,

ppapi/native_client/src/trusted/plugin/service_runtime.cc

 /*
  * Copyright (c) 2012 The Chromium Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  */
 
 #define NACL_LOG_MODULE_NAME "Plugin::ServiceRuntime"
 
 #include "native_client/src/trusted/plugin/service_runtime.h"
 
@@ skipping 41 matching lines @@
 
 #include "native_client/src/trusted/service_runtime/nacl_error_code.h"
 #include "native_client/src/trusted/service_runtime/include/sys/nacl_imc_api.h"
 
 #include "ppapi/c/pp_errors.h"
 #include "ppapi/c/trusted/ppb_file_io_trusted.h"
 #include "ppapi/cpp/core.h"
 #include "ppapi/cpp/completion_callback.h"
 #include "ppapi/cpp/file_io.h"
 
+namespace {
+
+// For doing crude quota enforcement on writes to temp files.
+// We do not allow a temp file bigger than 512 MB for now.
+const uint64_t kMaxTempQuota = 0x20000000;
+
+}  // namespace
+
 namespace plugin {
 
 PluginReverseInterface::PluginReverseInterface(
     nacl::WeakRefAnchor* anchor,
     Plugin* plugin,
     const Manifest* manifest,
     ServiceRuntime* service_runtime,
     pp::CompletionCallback init_done_cb,
     pp::CompletionCallback crash_cb)
       : anchor_(anchor),
@@ skipping 354 matching lines @@
 void PluginReverseInterface::ReportExitStatus(int exit_status) {
   service_runtime_->set_exit_status(exit_status);
 }
 
 void PluginReverseInterface::QuotaRequest_MainThreadContinuation(
     QuotaRequest* request,
     int32_t err) {
   if (err != PP_OK) {
     return;
   }
-  const PPB_FileIOTrusted* file_io_trusted =
-      static_cast<const PPB_FileIOTrusted*>(
-          pp::Module::Get()->GetBrowserInterface(PPB_FILEIOTRUSTED_INTERFACE));
-  // Copy the request object because this one will be deleted on return.
-  QuotaRequest* cont_for_response = new QuotaRequest(*request);  // copy ctor!
-  pp::CompletionCallback quota_cc = WeakRefNewCallback(
-      anchor_,
-      this,
-      &PluginReverseInterface::QuotaRequest_MainThreadResponse,
-      cont_for_response);
-  file_io_trusted->WillWrite(request->resource,
-                             request->offset,
-                             // TODO(sehr): remove need for cast.
-                             // Unify WillWrite interface vs Quota request.
-                             nacl::assert_cast<int32_t>(
-                                 request->bytes_requested),
-                             quota_cc.pp_completion_callback());
+
+  switch (request->data.type) {
+    case plugin::PepperQuotaType: {
+      const PPB_FileIOTrusted* file_io_trusted =
+          static_cast<const PPB_FileIOTrusted*>(
+              pp::Module::Get()->GetBrowserInterface(
+                  PPB_FILEIOTRUSTED_INTERFACE));
+      // Copy the request object because this one will be deleted on return.
+      // copy ctor!
+      QuotaRequest* cont_for_response = new QuotaRequest(*request);
+      pp::CompletionCallback quota_cc = WeakRefNewCallback(
+          anchor_,
+          this,
+          &PluginReverseInterface::QuotaRequest_MainThreadResponse,
+          cont_for_response);
+      file_io_trusted->WillWrite(request->data.resource,
+                                 request->offset,
+                                 // TODO(sehr): remove need for cast.
+                                 // Unify WillWrite interface vs Quota request.
+                                 nacl::assert_cast<int32_t>(
+                                     request->bytes_requested),
+                                 quota_cc.pp_completion_callback());
+      break;
+    }
+    case plugin::TempQuotaType: {
+      uint64_t len = request->offset + request->bytes_requested;
+      nacl::MutexLocker take(&mu_);
+      // Do some crude quota enforcement.
+      if (len > kMaxTempQuota) {
+        *request->bytes_granted = 0;
+      } else {
+        *request->bytes_granted = request->bytes_requested;
+      }
+      *request->op_complete_ptr = true;
+      NaClXCondVarBroadcast(&cv_);
+      break;
+    }
+  }
   // request automatically deleted
 }
 
 void PluginReverseInterface::QuotaRequest_MainThreadResponse(
     QuotaRequest* request,
     int32_t err) {
   NaClLog(4,
           "PluginReverseInterface::QuotaRequest_MainThreadResponse:"
           " (resource=%"NACL_PRIx32", offset=%"NACL_PRId64", requested=%"
           NACL_PRId64", err=%"NACL_PRId32")\n",
-          request->resource, request->offset, request->bytes_requested, err);
+          request->data.resource,
+          request->offset, request->bytes_requested, err);
   nacl::MutexLocker take(&mu_);
   if (err >= PP_OK) {
     *request->bytes_granted = err;
   } else {
     *request->bytes_granted = 0;
   }
   *request->op_complete_ptr = true;
   NaClXCondVarBroadcast(&cv_);
   // request automatically deleted
 }
 
 int64_t PluginReverseInterface::RequestQuotaForWrite(
     nacl::string file_id, int64_t offset, int64_t bytes_to_write) {
   NaClLog(4,
           "PluginReverseInterface::RequestQuotaForWrite:"
           " (file_id='%s', offset=%"NACL_PRId64", bytes_to_write=%"
           NACL_PRId64")\n", file_id.c_str(), offset, bytes_to_write);
-  PP_Resource resource;
+  QuotaData quota_data;
   {
     nacl::MutexLocker take(&mu_);
     uint64_t file_key = STRTOULL(file_id.c_str(), NULL, 10);
     if (quota_map_.find(file_key) == quota_map_.end()) {
       // Look up failed to find the requested quota managed resource.
       NaClLog(4, "PluginReverseInterface::RequestQuotaForWrite: failed...\n");
       return 0;
     }
-    resource = quota_map_[file_key];
+    quota_data = quota_map_[file_key];
   }
   // Variables set by requesting quota.
   int64_t quota_granted = 0;
   bool op_complete = false;
   QuotaRequest* continuation =
-      new QuotaRequest(resource, offset, bytes_to_write, &quota_granted,
+      new QuotaRequest(quota_data, offset, bytes_to_write, &quota_granted,
                        &op_complete);
   // The reverse service is running on a background thread and the PPAPI quota
   // methods must be invoked only from the main thread.
   plugin::WeakRefCallOnMainThread(
       anchor_,
       0,  /* delay in ms */
       ALLOW_THIS_IN_INITIALIZER_LIST(this),
       &plugin::PluginReverseInterface::QuotaRequest_MainThreadContinuation,
       continuation);
   // Wait for the main thread to request quota and signal completion.
@@ skipping 15 matching lines @@
 
 void PluginReverseInterface::AddQuotaManagedFile(const nacl::string& file_id,
                                                  const pp::FileIO& file_io) {
   PP_Resource resource = file_io.pp_resource();
   NaClLog(4,
           "PluginReverseInterface::AddQuotaManagedFile: "
           "(file_id='%s', file_io_ref=%"NACL_PRIx32")\n",
           file_id.c_str(), resource);
   nacl::MutexLocker take(&mu_);
   uint64_t file_key = STRTOULL(file_id.c_str(), NULL, 10);
-  quota_map_[file_key] = resource;
+  QuotaData data(plugin::PepperQuotaType, resource);
+  quota_map_[file_key] = data;
+}
+
+void PluginReverseInterface::AddTempQuotaManagedFile(
+    const nacl::string& file_id) {
+  PLUGIN_PRINTF(("PluginReverseInterface::AddTempQuotaManagedFile: "
+                 "(file_id='%s')\n", file_id.c_str()));
+  nacl::MutexLocker take(&mu_);
+  uint64_t file_key = STRTOULL(file_id.c_str(), NULL, 10);
+  QuotaData data(plugin::TempQuotaType, 0);
+  quota_map_[file_key] = data;
 }
 
 ServiceRuntime::ServiceRuntime(Plugin* plugin,
                                const Manifest* manifest,
                                bool should_report_uma,
                                pp::CompletionCallback init_done_cb,
                                pp::CompletionCallback crash_cb)
     : plugin_(plugin),
       should_report_uma_(should_report_uma),
       reverse_service_(NULL),
@@ skipping 201 matching lines @@
 
 nacl::string ServiceRuntime::GetCrashLogOutput() {
   if (NULL != subprocess_.get()) {
     return subprocess_->GetCrashLogOutput();
   } else {
     return "";
   }
 }
 
 }  // namespace plugin