| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/nacl_host/nacl_process_host.h" | 5 #include "chrome/browser/nacl_host/nacl_process_host.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 #include "chrome/common/url_constants.h" | 36 #include "chrome/common/url_constants.h" |
| 37 #include "content/public/browser/browser_child_process_host.h" | 37 #include "content/public/browser/browser_child_process_host.h" |
| 38 #include "content/public/browser/browser_ppapi_host.h" | 38 #include "content/public/browser/browser_ppapi_host.h" |
| 39 #include "content/public/browser/child_process_data.h" | 39 #include "content/public/browser/child_process_data.h" |
| 40 #include "content/public/common/child_process_host.h" | 40 #include "content/public/common/child_process_host.h" |
| 41 #include "content/public/common/process_type.h" | 41 #include "content/public/common/process_type.h" |
| 42 #include "extensions/common/constants.h" | 42 #include "extensions/common/constants.h" |
| 43 #include "extensions/common/url_pattern.h" | 43 #include "extensions/common/url_pattern.h" |
| 44 #include "ipc/ipc_channel.h" | 44 #include "ipc/ipc_channel.h" |
| 45 #include "ipc/ipc_switches.h" | 45 #include "ipc/ipc_switches.h" |
| 46 #include "native_client/src/shared/imc/nacl_imc.h" | 46 #include "native_client/src/shared/imc/nacl_imc_c.h" |
| 47 #include "net/base/net_util.h" | 47 #include "net/base/net_util.h" |
| 48 #include "net/base/tcp_listen_socket.h" | 48 #include "net/base/tcp_listen_socket.h" |
| 49 #include "ppapi/proxy/ppapi_messages.h" | 49 #include "ppapi/proxy/ppapi_messages.h" |
| 50 | 50 |
| 51 #if defined(OS_POSIX) | 51 #if defined(OS_POSIX) |
| 52 #include <fcntl.h> | 52 #include <fcntl.h> |
| 53 | 53 |
| 54 #include "ipc/ipc_channel_posix.h" | 54 #include "ipc/ipc_channel_posix.h" |
| 55 #elif defined(OS_WIN) | 55 #elif defined(OS_WIN) |
| 56 #include <windows.h> | 56 #include <windows.h> |
| (...skipping 13 matching lines...) Expand all Loading... |
| 70 | 70 |
| 71 namespace { | 71 namespace { |
| 72 | 72 |
| 73 #if defined(OS_WIN) | 73 #if defined(OS_WIN) |
| 74 bool RunningOnWOW64() { | 74 bool RunningOnWOW64() { |
| 75 return (base::win::OSInfo::GetInstance()->wow64_status() == | 75 return (base::win::OSInfo::GetInstance()->wow64_status() == |
| 76 base::win::OSInfo::WOW64_ENABLED); | 76 base::win::OSInfo::WOW64_ENABLED); |
| 77 } | 77 } |
| 78 #endif | 78 #endif |
| 79 | 79 |
| 80 void SetCloseOnExec(nacl::Handle fd) { | 80 void SetCloseOnExec(NaClHandle fd) { |
| 81 #if defined(OS_POSIX) | 81 #if defined(OS_POSIX) |
| 82 int flags = fcntl(fd, F_GETFD); | 82 int flags = fcntl(fd, F_GETFD); |
| 83 CHECK_NE(flags, -1); | 83 CHECK_NE(flags, -1); |
| 84 int rc = fcntl(fd, F_SETFD, flags | FD_CLOEXEC); | 84 int rc = fcntl(fd, F_SETFD, flags | FD_CLOEXEC); |
| 85 CHECK_EQ(rc, 0); | 85 CHECK_EQ(rc, 0); |
| 86 #endif | 86 #endif |
| 87 } | 87 } |
| 88 | 88 |
| 89 bool ShareHandleToSelLdr( | 89 bool ShareHandleToSelLdr( |
| 90 base::ProcessHandle processh, | 90 base::ProcessHandle processh, |
| 91 nacl::Handle sourceh, | 91 NaClHandle sourceh, |
| 92 bool close_source, | 92 bool close_source, |
| 93 std::vector<nacl::FileDescriptor> *handles_for_sel_ldr) { | 93 std::vector<nacl::FileDescriptor> *handles_for_sel_ldr) { |
| 94 #if defined(OS_WIN) | 94 #if defined(OS_WIN) |
| 95 HANDLE channel; | 95 HANDLE channel; |
| 96 int flags = DUPLICATE_SAME_ACCESS; | 96 int flags = DUPLICATE_SAME_ACCESS; |
| 97 if (close_source) | 97 if (close_source) |
| 98 flags |= DUPLICATE_CLOSE_SOURCE; | 98 flags |= DUPLICATE_CLOSE_SOURCE; |
| 99 if (!DuplicateHandle(GetCurrentProcess(), | 99 if (!DuplicateHandle(GetCurrentProcess(), |
| 100 reinterpret_cast<HANDLE>(sourceh), | 100 reinterpret_cast<HANDLE>(sourceh), |
| 101 processh, | 101 processh, |
| (...skipping 19 matching lines...) Expand all Loading... |
| 121 // Only allow NaCl plugins to request certain permissions. We don't want | 121 // Only allow NaCl plugins to request certain permissions. We don't want |
| 122 // a compromised renderer to be able to start a nacl plugin with e.g. Flash | 122 // a compromised renderer to be able to start a nacl plugin with e.g. Flash |
| 123 // permissions which may expand the surface area of the sandbox. | 123 // permissions which may expand the surface area of the sandbox. |
| 124 uint32 masked_bits = permission_bits & ppapi::PERMISSION_DEV; | 124 uint32 masked_bits = permission_bits & ppapi::PERMISSION_DEV; |
| 125 return ppapi::PpapiPermissions::GetForCommandLine(masked_bits); | 125 return ppapi::PpapiPermissions::GetForCommandLine(masked_bits); |
| 126 } | 126 } |
| 127 | 127 |
| 128 } // namespace | 128 } // namespace |
| 129 | 129 |
| 130 struct NaClProcessHost::NaClInternal { | 130 struct NaClProcessHost::NaClInternal { |
| 131 nacl::Handle socket_for_renderer; | 131 NaClHandle socket_for_renderer; |
| 132 nacl::Handle socket_for_sel_ldr; | 132 NaClHandle socket_for_sel_ldr; |
| 133 | 133 |
| 134 NaClInternal() | 134 NaClInternal() |
| 135 : socket_for_renderer(nacl::kInvalidHandle), | 135 : socket_for_renderer(NACL_INVALID_HANDLE), |
| 136 socket_for_sel_ldr(nacl::kInvalidHandle) { } | 136 socket_for_sel_ldr(NACL_INVALID_HANDLE) { } |
| 137 }; | 137 }; |
| 138 | 138 |
| 139 // ----------------------------------------------------------------------------- | 139 // ----------------------------------------------------------------------------- |
| 140 | 140 |
| 141 NaClProcessHost::PluginListener::PluginListener(NaClProcessHost* host) | 141 NaClProcessHost::PluginListener::PluginListener(NaClProcessHost* host) |
| 142 : host_(host) { | 142 : host_(host) { |
| 143 } | 143 } |
| 144 | 144 |
| 145 bool NaClProcessHost::PluginListener::OnMessageReceived( | 145 bool NaClProcessHost::PluginListener::OnMessageReceived( |
| 146 const IPC::Message& msg) { | 146 const IPC::Message& msg) { |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 196 process_->GetTerminationStatus(&exit_code); | 196 process_->GetTerminationStatus(&exit_code); |
| 197 std::string message = | 197 std::string message = |
| 198 base::StringPrintf("NaCl process exited with status %i (0x%x)", | 198 base::StringPrintf("NaCl process exited with status %i (0x%x)", |
| 199 exit_code, exit_code); | 199 exit_code, exit_code); |
| 200 if (exit_code == 0) { | 200 if (exit_code == 0) { |
| 201 LOG(INFO) << message; | 201 LOG(INFO) << message; |
| 202 } else { | 202 } else { |
| 203 LOG(ERROR) << message; | 203 LOG(ERROR) << message; |
| 204 } | 204 } |
| 205 | 205 |
| 206 if (internal_->socket_for_renderer != nacl::kInvalidHandle) { | 206 if (internal_->socket_for_renderer != NACL_INVALID_HANDLE) { |
| 207 if (nacl::Close(internal_->socket_for_renderer) != 0) { | 207 if (NaClClose(internal_->socket_for_renderer) != 0) { |
| 208 NOTREACHED() << "nacl::Close() failed"; | 208 NOTREACHED() << "NaClClose() failed"; |
| 209 } | 209 } |
| 210 } | 210 } |
| 211 | 211 |
| 212 if (internal_->socket_for_sel_ldr != nacl::kInvalidHandle) { | 212 if (internal_->socket_for_sel_ldr != NACL_INVALID_HANDLE) { |
| 213 if (nacl::Close(internal_->socket_for_sel_ldr) != 0) { | 213 if (NaClClose(internal_->socket_for_sel_ldr) != 0) { |
| 214 NOTREACHED() << "nacl::Close() failed"; | 214 NOTREACHED() << "NaClClose() failed"; |
| 215 } | 215 } |
| 216 } | 216 } |
| 217 | 217 |
| 218 if (reply_msg_) { | 218 if (reply_msg_) { |
| 219 // The process failed to launch for some reason. | 219 // The process failed to launch for some reason. |
| 220 // Don't keep the renderer hanging. | 220 // Don't keep the renderer hanging. |
| 221 reply_msg_->set_reply_error(); | 221 reply_msg_->set_reply_error(); |
| 222 chrome_render_message_filter_->Send(reply_msg_); | 222 chrome_render_message_filter_->Send(reply_msg_); |
| 223 } | 223 } |
| 224 #if defined(OS_WIN) | 224 #if defined(OS_WIN) |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 271 | 271 |
| 272 // Rather than creating a socket pair in the renderer, and passing | 272 // Rather than creating a socket pair in the renderer, and passing |
| 273 // one side through the browser to sel_ldr, socket pairs are created | 273 // one side through the browser to sel_ldr, socket pairs are created |
| 274 // in the browser and then passed to the renderer and sel_ldr. | 274 // in the browser and then passed to the renderer and sel_ldr. |
| 275 // | 275 // |
| 276 // This is mainly for the benefit of Windows, where sockets cannot | 276 // This is mainly for the benefit of Windows, where sockets cannot |
| 277 // be passed in messages, but are copied via DuplicateHandle(). | 277 // be passed in messages, but are copied via DuplicateHandle(). |
| 278 // This means the sandboxed renderer cannot send handles to the | 278 // This means the sandboxed renderer cannot send handles to the |
| 279 // browser process. | 279 // browser process. |
| 280 | 280 |
| 281 nacl::Handle pair[2]; | 281 NaClHandle pair[2]; |
| 282 // Create a connected socket | 282 // Create a connected socket |
| 283 if (nacl::SocketPair(pair) == -1) { | 283 if (NaClSocketPair(pair) == -1) { |
| 284 LOG(ERROR) << "NaCl process launch failed: could not create a socket pair"; | 284 LOG(ERROR) << "NaCl process launch failed: could not create a socket pair"; |
| 285 delete this; | 285 delete this; |
| 286 return; | 286 return; |
| 287 } | 287 } |
| 288 internal_->socket_for_renderer = pair[0]; | 288 internal_->socket_for_renderer = pair[0]; |
| 289 internal_->socket_for_sel_ldr = pair[1]; | 289 internal_->socket_for_sel_ldr = pair[1]; |
| 290 SetCloseOnExec(pair[0]); | 290 SetCloseOnExec(pair[0]); |
| 291 SetCloseOnExec(pair[1]); | 291 SetCloseOnExec(pair[1]); |
| 292 | 292 |
| 293 // Launch the process | 293 // Launch the process |
| (...skipping 366 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 660 } | 660 } |
| 661 #endif | 661 #endif |
| 662 | 662 |
| 663 const ChildProcessData& data = process_->GetData(); | 663 const ChildProcessData& data = process_->GetData(); |
| 664 ChromeViewHostMsg_LaunchNaCl::WriteReplyParams( | 664 ChromeViewHostMsg_LaunchNaCl::WriteReplyParams( |
| 665 reply_msg_, handle_for_renderer, | 665 reply_msg_, handle_for_renderer, |
| 666 channel_handle, base::GetProcId(data.handle), data.id); | 666 channel_handle, base::GetProcId(data.handle), data.id); |
| 667 chrome_render_message_filter_->Send(reply_msg_); | 667 chrome_render_message_filter_->Send(reply_msg_); |
| 668 chrome_render_message_filter_ = NULL; | 668 chrome_render_message_filter_ = NULL; |
| 669 reply_msg_ = NULL; | 669 reply_msg_ = NULL; |
| 670 internal_->socket_for_renderer = nacl::kInvalidHandle; | 670 internal_->socket_for_renderer = NACL_INVALID_HANDLE; |
| 671 return true; | 671 return true; |
| 672 } | 672 } |
| 673 | 673 |
| 674 // TCP port we chose for NaCl debug stub. It can be any other number. | 674 // TCP port we chose for NaCl debug stub. It can be any other number. |
| 675 static const int kDebugStubPort = 4014; | 675 static const int kDebugStubPort = 4014; |
| 676 | 676 |
| 677 #if defined(OS_POSIX) | 677 #if defined(OS_POSIX) |
| 678 SocketDescriptor NaClProcessHost::GetDebugStubSocketHandle() { | 678 SocketDescriptor NaClProcessHost::GetDebugStubSocketHandle() { |
| 679 NaClBrowser* nacl_browser = NaClBrowser::GetInstance(); | 679 NaClBrowser* nacl_browser = NaClBrowser::GetInstance(); |
| 680 SocketDescriptor s; | 680 SocketDescriptor s; |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 761 SocketDescriptor server_bound_socket = GetDebugStubSocketHandle(); | 761 SocketDescriptor server_bound_socket = GetDebugStubSocketHandle(); |
| 762 if (server_bound_socket != net::TCPListenSocket::kInvalidSocket) { | 762 if (server_bound_socket != net::TCPListenSocket::kInvalidSocket) { |
| 763 params.debug_stub_server_bound_socket = | 763 params.debug_stub_server_bound_socket = |
| 764 nacl::FileDescriptor(server_bound_socket, true); | 764 nacl::FileDescriptor(server_bound_socket, true); |
| 765 } | 765 } |
| 766 } | 766 } |
| 767 #endif | 767 #endif |
| 768 | 768 |
| 769 process_->Send(new NaClProcessMsg_Start(params)); | 769 process_->Send(new NaClProcessMsg_Start(params)); |
| 770 | 770 |
| 771 internal_->socket_for_sel_ldr = nacl::kInvalidHandle; | 771 internal_->socket_for_sel_ldr = NACL_INVALID_HANDLE; |
| 772 return true; | 772 return true; |
| 773 } | 773 } |
| 774 | 774 |
| 775 bool NaClProcessHost::SendStart() { | 775 bool NaClProcessHost::SendStart() { |
| 776 if (!enable_ppapi_proxy()) { | 776 if (!enable_ppapi_proxy()) { |
| 777 if (!ReplyToRenderer(IPC::ChannelHandle())) | 777 if (!ReplyToRenderer(IPC::ChannelHandle())) |
| 778 return false; | 778 return false; |
| 779 } | 779 } |
| 780 return StartNaClExecution(); | 780 return StartNaClExecution(); |
| 781 } | 781 } |
| (...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 939 } else { | 939 } else { |
| 940 NaClStartDebugExceptionHandlerThread( | 940 NaClStartDebugExceptionHandlerThread( |
| 941 process_handle.Take(), info, | 941 process_handle.Take(), info, |
| 942 base::MessageLoopProxy::current(), | 942 base::MessageLoopProxy::current(), |
| 943 base::Bind(&NaClProcessHost::OnDebugExceptionHandlerLaunchedByBroker, | 943 base::Bind(&NaClProcessHost::OnDebugExceptionHandlerLaunchedByBroker, |
| 944 weak_factory_.GetWeakPtr())); | 944 weak_factory_.GetWeakPtr())); |
| 945 return true; | 945 return true; |
| 946 } | 946 } |
| 947 } | 947 } |
| 948 #endif | 948 #endif |
| OLD | NEW |