| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (c) 2012 The Native Client Authors. All rights reserved. | 2 * Copyright (c) 2012 The Native Client Authors. All rights reserved. |
| 3 * Use of this source code is governed by a BSD-style license that can be | 3 * Use of this source code is governed by a BSD-style license that can be |
| 4 * found in the LICENSE file. | 4 * found in the LICENSE file. |
| 5 */ | 5 */ |
| 6 | 6 |
| 7 #include "native_client/src/trusted/nonnacl_util/sel_ldr_launcher.h" | 7 #include "native_client/src/trusted/nonnacl_util/sel_ldr_launcher.h" |
| 8 | 8 |
| 9 #include "native_client/src/include/nacl_macros.h" | 9 #include "native_client/src/include/nacl_macros.h" |
| 10 #include "native_client/src/shared/platform/nacl_check.h" | 10 #include "native_client/src/shared/platform/nacl_check.h" |
| 11 #include "native_client/src/shared/srpc/nacl_srpc.h" | 11 #include "native_client/src/shared/srpc/nacl_srpc.h" |
| 12 | 12 |
| 13 | 13 |
| 14 namespace nacl { | 14 namespace nacl { |
| 15 | 15 |
| 16 SelLdrLauncherBase::SelLdrLauncherBase() | 16 SelLdrLauncherBase::SelLdrLauncherBase() |
| 17 : channel_(kInvalidHandle), | 17 : channel_(kInvalidHandle), |
| 18 bootstrap_socket_(NULL), | 18 bootstrap_socket_(NULL), |
| 19 secure_socket_addr_(NULL), |
| 19 socket_addr_(NULL) { | 20 socket_addr_(NULL) { |
| 20 } | 21 } |
| 21 | 22 |
| 22 SelLdrLauncherBase::~SelLdrLauncherBase() { | 23 SelLdrLauncherBase::~SelLdrLauncherBase() { |
| 23 if (kInvalidHandle != channel_) { | 24 if (kInvalidHandle != channel_) { |
| 24 Close(channel_); | 25 Close(channel_); |
| 25 } | 26 } |
| 26 } | 27 } |
| 27 | 28 |
| 28 bool SelLdrLauncherBase::RetrieveSockAddr() { | 29 bool SelLdrLauncherBase::RetrieveSockAddr() { |
| (...skipping 11 matching lines...) Expand all Loading... |
| 40 iovec[0].length = NACL_ABI_IMC_USER_BYTES_MAX; | 41 iovec[0].length = NACL_ABI_IMC_USER_BYTES_MAX; |
| 41 header.iov = iovec; | 42 header.iov = iovec; |
| 42 header.iov_length = NACL_ARRAY_SIZE(iovec); | 43 header.iov_length = NACL_ARRAY_SIZE(iovec); |
| 43 header.ndescv = descs; | 44 header.ndescv = descs; |
| 44 header.ndescv_length = NACL_ARRAY_SIZE(descs); | 45 header.ndescv_length = NACL_ARRAY_SIZE(descs); |
| 45 header.flags = 0; | 46 header.flags = 0; |
| 46 // Receive the message. | 47 // Receive the message. |
| 47 if (0 != bootstrap_socket_->RecvMsg(&header, 0, NULL)) { | 48 if (0 != bootstrap_socket_->RecvMsg(&header, 0, NULL)) { |
| 48 return false; | 49 return false; |
| 49 } | 50 } |
| 50 // Check that there was exactly one descriptor passed. | 51 // Check that there were exactly two descriptors passed. |
| 51 if (1 != header.ndescv_length) { | 52 if (2 != header.ndescv_length) { |
| 52 return false; | 53 return false; |
| 53 } | 54 } |
| 54 socket_addr_.reset(descs[0]); | 55 secure_socket_addr_.reset(descs[0]); |
| 56 socket_addr_.reset(descs[1]); |
| 55 | 57 |
| 56 return true; | 58 return true; |
| 57 } | 59 } |
| 58 | 60 |
| 59 bool SelLdrLauncherBase::SetupCommand(NaClSrpcChannel* command) { | 61 bool SelLdrLauncherBase::SetupCommand(NaClSrpcChannel* command) { |
| 60 // Get the bootstrap socket. | 62 // Get the bootstrap socket. |
| 61 CHECK(factory_ == NULL); | 63 CHECK(factory_ == NULL); |
| 62 factory_.reset(new DescWrapperFactory); | 64 factory_.reset(new DescWrapperFactory); |
| 63 CHECK(channel_ != kInvalidHandle); | 65 CHECK(channel_ != kInvalidHandle); |
| 64 bootstrap_socket_.reset(factory_->MakeImcSock(channel_)); | 66 bootstrap_socket_.reset(factory_->MakeImcSock(channel_)); |
| 65 if (bootstrap_socket_ == NULL) { | 67 if (bootstrap_socket_ == NULL) { |
| 66 NaClLog(4, ("SelLdrLauncher::SetupCommand: " | 68 NaClLog(4, ("SelLdrLauncher::SetupCommand: " |
| 67 "getting bootstrap socket failed\n")); | 69 "getting bootstrap socket failed\n")); |
| 68 return false; | 70 return false; |
| 69 } | 71 } |
| 70 // bootstrap_socket_ now has ownership of channel_, so we get rid of | 72 // bootstrap_socket_ now has ownership of channel_, so we get rid of |
| 71 // our "reference" to it. | 73 // our "reference" to it. |
| 72 channel_ = kInvalidHandle; | 74 channel_ = kInvalidHandle; |
| 73 // Get the socket address from the descriptor. | 75 // Get the socket address from the descriptor. |
| 74 if (!RetrieveSockAddr()) { | 76 if (!RetrieveSockAddr()) { |
| 75 NaClLog(0, "SelLdrLauncher::SetupCommand: " | 77 NaClLog(0, "SelLdrLauncher::SetupCommand: " |
| 76 "getting sel_ldr socket address failed\n"); | 78 "getting sel_ldr socket address failed\n"); |
| 77 return false; | 79 return false; |
| 78 } | 80 } |
| 79 // The first connection goes to the trusted command channel. | 81 // Connect to the trusted command channel. |
| 80 scoped_ptr<DescWrapper> command_desc(socket_addr_->Connect()); | 82 scoped_ptr<DescWrapper> command_desc(secure_socket_addr_->Connect()); |
| 81 if (command_desc == NULL) { | 83 if (command_desc == NULL) { |
| 82 NaClLog(0, "SelLdrLauncher::SetupCommand: Connect failed\n"); | 84 NaClLog(0, "SelLdrLauncher::SetupCommand: Connect failed\n"); |
| 83 return false; | 85 return false; |
| 84 } | 86 } |
| 85 // Start the SRPC client to communicate with the trusted command channel. | 87 // Start the SRPC client to communicate with the trusted command channel. |
| 86 // SRPC client takes an additional reference to command_desc. | 88 // SRPC client takes an additional reference to command_desc. |
| 87 if (!NaClSrpcClientCtor(command, command_desc->desc())) { | 89 if (!NaClSrpcClientCtor(command, command_desc->desc())) { |
| 88 NaClLog(0, "SelLdrLauncher::SetupCommand: " | 90 NaClLog(0, "SelLdrLauncher::SetupCommand: " |
| 89 "NaClSrpcClientCtor failed\n"); | 91 "NaClSrpcClientCtor failed\n"); |
| 90 return false; | 92 return false; |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 159 NaClLog(4, "SelLdrLauncher::StartModuleAndSetupAppChannel: " | 161 NaClLog(4, "SelLdrLauncher::StartModuleAndSetupAppChannel: " |
| 160 "start_module failed: rpc_result=%d, start_result=%d (%s)\n", | 162 "start_module failed: rpc_result=%d, start_result=%d (%s)\n", |
| 161 static_cast<int>(rpc_result), start_result, | 163 static_cast<int>(rpc_result), start_result, |
| 162 NaClErrorString(static_cast<NaClErrorCode>(start_result))); | 164 NaClErrorString(static_cast<NaClErrorCode>(start_result))); |
| 163 return false; | 165 return false; |
| 164 } | 166 } |
| 165 return true; | 167 return true; |
| 166 } | 168 } |
| 167 | 169 |
| 168 bool SelLdrLauncherBase::SetupAppChannel(NaClSrpcChannel* out_app_chan) { | 170 bool SelLdrLauncherBase::SetupAppChannel(NaClSrpcChannel* out_app_chan) { |
| 169 // The second connection goes to the untrusted service itself. | 171 // Connect to the untrusted service itself. |
| 170 scoped_ptr<DescWrapper> untrusted_desc(socket_addr_->Connect()); | 172 scoped_ptr<DescWrapper> untrusted_desc(socket_addr_->Connect()); |
| 171 if (untrusted_desc == NULL) { | 173 if (untrusted_desc == NULL) { |
| 172 NaClLog(4, "SelLdrLauncher::StartModuleAndSetupAppChannel: " | 174 NaClLog(4, "SelLdrLauncher::StartModuleAndSetupAppChannel: " |
| 173 "Connect failed\n"); | 175 "Connect failed\n"); |
| 174 return false; | 176 return false; |
| 175 } | 177 } |
| 176 // Start the SRPC client to communicate with the untrusted service | 178 // Start the SRPC client to communicate with the untrusted service |
| 177 // SRPC client takes an additional reference to untrusted_desc. | 179 // SRPC client takes an additional reference to untrusted_desc. |
| 178 if (!NaClSrpcClientCtor(out_app_chan, untrusted_desc->desc())) { | 180 if (!NaClSrpcClientCtor(out_app_chan, untrusted_desc->desc())) { |
| 179 NaClLog(4, "SelLdrLauncher::StartModuleAndSetupAppChannel: " | 181 NaClLog(4, "SelLdrLauncher::StartModuleAndSetupAppChannel: " |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 223 if (NULL != bootstrap_socket_.get()) { | 225 if (NULL != bootstrap_socket_.get()) { |
| 224 nbytes = bootstrap_socket_->RecvMsg(&hdr, 0, NULL); | 226 nbytes = bootstrap_socket_->RecvMsg(&hdr, 0, NULL); |
| 225 } | 227 } |
| 226 if (nbytes > 0) { | 228 if (nbytes > 0) { |
| 227 return nacl::string(msg_buf, nbytes); | 229 return nacl::string(msg_buf, nbytes); |
| 228 } | 230 } |
| 229 return ""; | 231 return ""; |
| 230 } | 232 } |
| 231 | 233 |
| 232 } // namespace nacl | 234 } // namespace nacl |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10914138:
Split secure command channel and untrusted application channel (Closed)
Base URL: svn://svn.chromium.org/native_client/trunk/src/native_client