Chromium Code Reviews Chromium Code Reviews
Issue 1010183002:
SFI NaCl: Batch-open resource files (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/nacl/loader/nacl_ipc_adapter.h" | 5 #include "components/nacl/loader/nacl_ipc_adapter.h" |
| 6 | 6 |
| 7 #include <limits.h> | 7 #include <limits.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| 11 #include "base/bind.h" | 11 #include "base/bind.h" |
| 12 #include "base/location.h" | 12 #include "base/location.h" |
| 13 #include "base/memory/scoped_ptr.h" | 13 #include "base/memory/scoped_ptr.h" |
| 14 #include "base/memory/shared_memory.h" | 14 #include "base/memory/shared_memory.h" |
| 15 #include "base/task_runner_util.h" | 15 #include "base/task_runner_util.h" |
| 16 #include "base/tuple.h" | |
| 16 #include "build/build_config.h" | 17 #include "build/build_config.h" |
| 17 #include "ipc/ipc_channel.h" | 18 #include "ipc/ipc_channel.h" |
| 18 #include "ipc/ipc_platform_file.h" | 19 #include "ipc/ipc_platform_file.h" |
| 19 #include "native_client/src/public/nacl_desc.h" | 20 #include "native_client/src/public/nacl_desc.h" |
| 20 #include "native_client/src/trusted/desc/nacl_desc_base.h" | 21 #include "native_client/src/trusted/desc/nacl_desc_base.h" |
| 21 #include "native_client/src/trusted/desc/nacl_desc_custom.h" | 22 #include "native_client/src/trusted/desc/nacl_desc_custom.h" |
| 22 #include "native_client/src/trusted/desc/nacl_desc_imc_shm.h" | 23 #include "native_client/src/trusted/desc/nacl_desc_imc_shm.h" |
| 23 #include "native_client/src/trusted/desc/nacl_desc_io.h" | 24 #include "native_client/src/trusted/desc/nacl_desc_io.h" |
| 24 #include "native_client/src/trusted/desc/nacl_desc_quota.h" | 25 #include "native_client/src/trusted/desc/nacl_desc_quota.h" |
| 25 #include "native_client/src/trusted/desc/nacl_desc_quota_interface.h" | 26 #include "native_client/src/trusted/desc/nacl_desc_quota_interface.h" |
| (...skipping 594 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 620 | 621 |
| 621 // Write empty file tokens. | 622 // Write empty file tokens. |
| 622 new_msg->WriteUInt64(0); // token_lo | 623 new_msg->WriteUInt64(0); // token_lo |
| 623 new_msg->WriteUInt64(0); // token_hi | 624 new_msg->WriteUInt64(0); // token_hi |
| 624 return new_msg.Pass(); | 625 return new_msg.Pass(); |
| 625 } | 626 } |
| 626 | 627 |
| 627 void NaClIPCAdapter::OnFileTokenResolved(const IPC::Message& orig_msg, | 628 void NaClIPCAdapter::OnFileTokenResolved(const IPC::Message& orig_msg, |
| 628 IPC::PlatformFileForTransit ipc_fd, | 629 IPC::PlatformFileForTransit ipc_fd, |
| 629 base::FilePath file_path) { | 630 base::FilePath file_path) { |
| 631 base::AutoLock lock(lock_); | |
| 632 OnFileTokenResolvedLocked(orig_msg, ipc_fd, file_path); | |
| 633 } | |
| 634 | |
| 635 void NaClIPCAdapter::OnFileTokenResolvedLocked( | |
|
Mark Seaborn
2015/03/20 00:40:52
Since this is reused for the new open_resource cas
Yusuke Sato
2015/04/16 02:38:44
Done.
| |
| 636 const IPC::Message& orig_msg, | |
| 637 IPC::PlatformFileForTransit ipc_fd, | |
| 638 base::FilePath file_path) { | |
| 639 lock_.AssertAcquired(); | |
| 630 // The path where an invalid ipc_fd is returned isn't currently | 640 // The path where an invalid ipc_fd is returned isn't currently |
| 631 // covered by any tests. | 641 // covered by any tests. |
| 632 if (ipc_fd == IPC::InvalidPlatformFileForTransit()) { | 642 if (ipc_fd == IPC::InvalidPlatformFileForTransit()) { |
| 633 // The file token didn't resolve successfully, so we give the | 643 // The file token didn't resolve successfully, so we give the |
| 634 // original FD to the client without making a validated NaClDesc. | 644 // original FD to the client without making a validated NaClDesc. |
| 635 // However, we must rewrite the message to clear the file tokens. | 645 // However, we must rewrite the message to clear the file tokens. |
| 636 PickleIterator iter = IPC::SyncMessage::GetDataIterator(&orig_msg); | 646 PickleIterator iter = IPC::SyncMessage::GetDataIterator(&orig_msg); |
| 637 ppapi::proxy::SerializedHandle sh; | 647 ppapi::proxy::SerializedHandle sh; |
| 638 | 648 |
| 639 // We know that this can be read safely; see the original read in | 649 // We know that this can be read safely; see the original read in |
| 640 // OnMessageReceived(). | 650 // OnMessageReceived(). |
| 641 CHECK(IPC::ReadParam(&orig_msg, &iter, &sh)); | 651 CHECK(IPC::ReadParam(&orig_msg, &iter, &sh)); |
| 642 scoped_ptr<IPC::Message> new_msg = CreateOpenResourceReply(orig_msg, sh); | 652 scoped_ptr<IPC::Message> new_msg = CreateOpenResourceReply(orig_msg, sh); |
| 643 | 653 |
| 644 scoped_ptr<NaClDescWrapper> desc_wrapper(new NaClDescWrapper( | 654 scoped_ptr<NaClDescWrapper> desc_wrapper(new NaClDescWrapper( |
| 645 NaClDescIoDescFromHandleAllocCtor( | 655 NaClDescIoDescFromHandleAllocCtor( |
| 646 #if defined(OS_WIN) | 656 #if defined(OS_WIN) |
| 647 sh.descriptor(), | 657 sh.descriptor(), |
| 648 #else | 658 #else |
| 649 sh.descriptor().fd, | 659 sh.descriptor().fd, |
| 650 #endif | 660 #endif |
| 651 NACL_ABI_O_RDONLY))); | 661 NACL_ABI_O_RDONLY))); |
| 652 | 662 |
| 653 scoped_refptr<RewrittenMessage> rewritten_msg(new RewrittenMessage); | 663 scoped_refptr<RewrittenMessage> rewritten_msg(new RewrittenMessage); |
| 654 rewritten_msg->AddDescriptor(desc_wrapper.release()); | 664 rewritten_msg->AddDescriptor(desc_wrapper.release()); |
| 655 { | 665 SaveMessage(*new_msg, rewritten_msg.get()); |
|
Yusuke Sato
2015/04/16 02:38:44
Reverted this change.
| |
| 656 base::AutoLock lock(lock_); | 666 cond_var_.Signal(); |
| 657 SaveMessage(*new_msg, rewritten_msg.get()); | |
| 658 cond_var_.Signal(); | |
| 659 } | |
| 660 return; | 667 return; |
| 661 } | 668 } |
| 662 | 669 |
| 663 // The file token was sucessfully resolved. | 670 // The file token was sucessfully resolved. |
| 664 std::string file_path_str = file_path.AsUTF8Unsafe(); | 671 std::string file_path_str = file_path.AsUTF8Unsafe(); |
| 665 base::PlatformFile handle = | 672 base::PlatformFile handle = |
| 666 IPC::PlatformFileForTransitToPlatformFile(ipc_fd); | 673 IPC::PlatformFileForTransitToPlatformFile(ipc_fd); |
| 667 | 674 |
| 668 ppapi::proxy::SerializedHandle sh; | 675 ppapi::proxy::SerializedHandle sh; |
| 669 sh.set_file_handle(ipc_fd, PP_FILEOPENFLAG_READ, 0); | 676 sh.set_file_handle(ipc_fd, PP_FILEOPENFLAG_READ, 0); |
| 670 scoped_ptr<IPC::Message> new_msg = CreateOpenResourceReply(orig_msg, sh); | 677 scoped_ptr<IPC::Message> new_msg = CreateOpenResourceReply(orig_msg, sh); |
| 671 scoped_refptr<RewrittenMessage> rewritten_msg(new RewrittenMessage); | 678 scoped_refptr<RewrittenMessage> rewritten_msg(new RewrittenMessage); |
| 672 | 679 |
| 673 struct NaClDesc* desc = | 680 struct NaClDesc* desc = |
| 674 NaClDescCreateWithFilePathMetadata(handle, file_path_str.c_str()); | 681 NaClDescCreateWithFilePathMetadata(handle, file_path_str.c_str()); |
| 675 rewritten_msg->AddDescriptor(new NaClDescWrapper(desc)); | 682 rewritten_msg->AddDescriptor(new NaClDescWrapper(desc)); |
| 676 { | 683 SaveMessage(*new_msg, rewritten_msg.get()); |
|
Yusuke Sato
2015/04/16 02:38:44
same. reverted.
| |
| 677 base::AutoLock lock(lock_); | 684 cond_var_.Signal(); |
| 678 SaveMessage(*new_msg, rewritten_msg.get()); | |
| 679 cond_var_.Signal(); | |
| 680 } | |
| 681 } | 685 } |
| 682 | 686 |
| 683 void NaClIPCAdapter::OnChannelConnected(int32 peer_pid) { | 687 void NaClIPCAdapter::OnChannelConnected(int32 peer_pid) { |
| 684 } | 688 } |
| 685 | 689 |
| 686 void NaClIPCAdapter::OnChannelError() { | 690 void NaClIPCAdapter::OnChannelError() { |
| 687 CloseChannel(); | 691 CloseChannel(); |
| 688 } | 692 } |
| 689 | 693 |
| 690 NaClIPCAdapter::~NaClIPCAdapter() { | 694 NaClIPCAdapter::~NaClIPCAdapter() { |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 751 // here before we drop the message. | 755 // here before we drop the message. |
| 752 return false; | 756 return false; |
| 753 } | 757 } |
| 754 | 758 |
| 755 // Scan all untrusted messages. | 759 // Scan all untrusted messages. |
| 756 scoped_ptr<IPC::Message> new_msg; | 760 scoped_ptr<IPC::Message> new_msg; |
| 757 locked_data_.nacl_msg_scanner_.ScanUntrustedMessage(*msg, &new_msg); | 761 locked_data_.nacl_msg_scanner_.ScanUntrustedMessage(*msg, &new_msg); |
| 758 if (new_msg) | 762 if (new_msg) |
| 759 msg.reset(new_msg.release()); | 763 msg.reset(new_msg.release()); |
| 760 | 764 |
| 765 // Handle PpapiHostMsg_OpenResource locally without sending an IPC to the | |
|
Yusuke Sato
2015/04/16 02:38:44
Moved this to SendMessageOnIOThread so that NaClIP
| |
| 766 // renderer when possible. | |
| 767 PpapiHostMsg_OpenResource::Schema::SendParam send_params; | |
| 768 if (!open_resource_cb_.is_null() && | |
| 769 (msg->type() == PpapiHostMsg_OpenResource::ID) && | |
|
Mark Seaborn
2015/03/20 00:40:52
Nit: ()s not needed around this
Yusuke Sato
2015/04/16 02:38:44
Done.
| |
| 770 PpapiHostMsg_OpenResource::ReadSendParam(msg.get(), &send_params)) { | |
| 771 const std::string key = get<0>(send_params); | |
| 772 if (open_resource_cb_.Run( | |
| 773 *msg.get(), key, | |
| 774 base::Bind(&NaClIPCAdapter::OnFileTokenResolvedLocked, this))) { | |
| 775 // The callback sent a reply to the untrusted side. | |
| 776 return true; | |
| 777 } | |
| 778 } | |
| 779 | |
| 761 // Actual send must be done on the I/O thread. | 780 // Actual send must be done on the I/O thread. |
| 762 task_runner_->PostTask(FROM_HERE, | 781 task_runner_->PostTask(FROM_HERE, |
| 763 base::Bind(&NaClIPCAdapter::SendMessageOnIOThread, this, | 782 base::Bind(&NaClIPCAdapter::SendMessageOnIOThread, this, |
| 764 base::Passed(&msg))); | 783 base::Passed(&msg))); |
| 765 return true; | 784 return true; |
| 766 } | 785 } |
| 767 | 786 |
| 768 void NaClIPCAdapter::ClearToBeSent() { | 787 void NaClIPCAdapter::ClearToBeSent() { |
| 769 lock_.AssertAcquired(); | 788 lock_.AssertAcquired(); |
| 770 | 789 |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 807 header.flags = msg.flags(); | 826 header.flags = msg.flags(); |
| 808 header.num_fds = static_cast<uint16>(rewritten_msg->desc_count()); | 827 header.num_fds = static_cast<uint16>(rewritten_msg->desc_count()); |
| 809 | 828 |
| 810 rewritten_msg->SetData(header, msg.payload(), msg.payload_size()); | 829 rewritten_msg->SetData(header, msg.payload(), msg.payload_size()); |
| 811 locked_data_.to_be_received_.push(rewritten_msg); | 830 locked_data_.to_be_received_.push(rewritten_msg); |
| 812 } | 831 } |
| 813 | 832 |
| 814 int TranslatePepperFileReadWriteOpenFlagsForTesting(int32_t pp_open_flags) { | 833 int TranslatePepperFileReadWriteOpenFlagsForTesting(int32_t pp_open_flags) { |
| 815 return TranslatePepperFileReadWriteOpenFlags(pp_open_flags); | 834 return TranslatePepperFileReadWriteOpenFlags(pp_open_flags); |
| 816 } | 835 } |
| OLD | NEW |
