Android: Support GPU process

content/public/android/java/src/org/chromium/content/browser/SandboxedProcessLauncher.java

Index: content/public/android/java/src/org/chromium/content/browser/SandboxedProcessLauncher.java
diff --git a/content/public/android/java/src/org/chromium/content/browser/SandboxedProcessLauncher.java b/content/public/android/java/src/org/chromium/content/browser/SandboxedProcessLauncher.java
index cc84195289695e6e500d00e141ecc1ecf0e333a9..6754948e029bd66b59262edf9f2c7a8373de6871 100644
--- a/content/public/android/java/src/org/chromium/content/browser/SandboxedProcessLauncher.java
+++ b/content/public/android/java/src/org/chromium/content/browser/SandboxedProcessLauncher.java
@@ -9,6 +9,7 @@ import android.os.RemoteException;
 import android.util.Log;
 import android.view.Surface;
 
+import java.util.Arrays;
 import java.util.ArrayList;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
@@ -29,6 +30,12 @@ import org.chromium.content.common.ISandboxedProcessService;
 public class SandboxedProcessLauncher {
     private static String TAG = "SandboxedProcessLauncher";
 
+    private static enum CallbackType {
+        FOR_GPU_PROCESS,
+        FOR_RENDERER_PROCESS,
+        FOR_UNKNOWN_PROCESS,
+    }

[bulach, 2013/03/05 14:23:58]

enums in java are normally frowned upon (one of those long, lengthy
discussions)... since this is private anyways, probably best to stay away and
just use static final ints..

[no sievers, 2013/03/07 00:51:06]

Done.

+
     // The upper limit on the number of simultaneous service process instances supported.
     // This must not exceed total number of SandboxedProcessServiceX classes declared in
     // this package, and defined as services in the embedding application's manifest file.
@@ -206,7 +213,15 @@ public class SandboxedProcessLauncher {
                 nativeOnSandboxedProcessStarted(clientContext, pid);
             }
         };
-        connection.setupConnection(commandLine, filesToBeMapped, createCallback(), onConnect);
+        CallbackType type = CallbackType.FOR_UNKNOWN_PROCESS;
+        if (Arrays.asList(commandLine).contains("--type=renderer")) {

[bulach, 2013/03/05 14:23:58]

unroll this:

List<String> commandLineList = Arrays.asList(commandLine);

[no sievers, 2013/03/07 00:51:06]

Done.

+            type = CallbackType.FOR_RENDERER_PROCESS;
+        } else if (Arrays.asList(commandLine).contains("--type=gpu-process")) {
+            type = CallbackType.FOR_GPU_PROCESS;
+        }
+        assert type != CallbackType.FOR_UNKNOWN_PROCESS;
+
+        connection.setupConnection(commandLine, filesToBeMapped, createCallback(type), onConnect);
     }
 
     /**
@@ -278,7 +293,7 @@ public class SandboxedProcessLauncher {
     /**
      * This implementation is used to receive callbacks from the remote service.
      */
-    private static ISandboxedProcessCallback createCallback() {
+    private static ISandboxedProcessCallback createCallback(final CallbackType callbackType) {
         return new ISandboxedProcessCallback.Stub() {
             /**
              * This is called by the remote service regularly to tell us about
@@ -287,19 +302,34 @@ public class SandboxedProcessLauncher {
              * NOT be running in our main thread -- so, to update the UI, we need
              * to use a Handler.
              */
+            @Override
             public void establishSurfacePeer(
-                    int pid, int type, Surface surface, int primaryID, int secondaryID) {
-                SandboxedProcessLauncher.establishSurfacePeer(pid, type, surface,
-                        primaryID, secondaryID);
-                // The SandboxProcessService now holds a reference to the
-                // Surface's resources, so we release our reference to it now to
-                // avoid waiting for the finalizer to get around to it.
-                if (surface != null) {
-                    surface.release();
+                    int pid, Surface surface, int primaryID, int secondaryID) {
+                // Do not allow a malicious renderer to connect to a producer. This is only
+                // used from stream textures managed by the GPU process.
+                if (callbackType != CallbackType.FOR_GPU_PROCESS) {
+                    Log.e(TAG, "Illegal callback for non-GPU process.");
+                    return;
                 }
+
+                nativeEstablishSurfacePeer(pid, surface, primaryID, secondaryID);
+            }
+
+            @Override
+            public Surface getViewSurface(int surfaceId) {
+                // Do not allow a malicious renderer to get to our view surface.
+                if (callbackType != CallbackType.FOR_GPU_PROCESS) {
+                    Log.e(TAG, "Illegal callback for non-GPU process.");
+                    return null;
+                }
+
+                return nativeGetViewSurface(surfaceId);
             }
         };
     };
 
     private static native void nativeOnSandboxedProcessStarted(int clientContext, int pid);
+    private static native Surface nativeGetViewSurface(int surfaceId);
+    private static native void nativeEstablishSurfacePeer(
+            int pid, Surface surface, int primaryID, int secondaryID);
 }