content/browser/browser_io_surface_manager_mac.cc - Issue 1351753002: Mac: Ensure that Mach messages always get a reply

Side by Side Diff: content/browser/browser_io_surface_manager_mac.cc

Issue 1351753002: Mac: Ensure that Mach messages always get a reply (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Incorporate review feedback Created 5 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « content/browser/browser_io_surface_manager_mac.h ('k') | content/browser/browser_io_surface_manager_mac_unittest.cc » ('j') | content/child/child_io_surface_manager_mac.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/browser_io_surface_manager_mac.h"	5 #include "content/browser/browser_io_surface_manager_mac.h"

6	6

7 #include <servers/bootstrap.h>	7 #include <servers/bootstrap.h>

8	8

9 #include <string>	9 #include <string>

10	10

(...skipping 181 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
192 }	192 }

193	193

194 union {	194 union {

195 mach_msg_header_t header;	195 mach_msg_header_t header;

196 IOSurfaceManagerMsg_RegisterIOSurfaceReply register_io_surface;	196 IOSurfaceManagerMsg_RegisterIOSurfaceReply register_io_surface;

197 IOSurfaceManagerMsg_AcquireIOSurfaceReply acquire_io_surface;	197 IOSurfaceManagerMsg_AcquireIOSurfaceReply acquire_io_surface;

198 } reply = {{0}};	198 } reply = {{0}};

199	199

200 switch (request.msg.header.msgh_id) {	200 switch (request.msg.header.msgh_id) {

201 case IOSurfaceManagerHostMsg_RegisterIOSurface::ID:	201 case IOSurfaceManagerHostMsg_RegisterIOSurface::ID:

202 if (!HandleRegisterIOSurfaceRequest(request.msg.register_io_surface,	202 HandleRegisterIOSurfaceRequest(request.msg.register_io_surface,

203 &reply.register_io_surface)) {	203 &reply.register_io_surface);

204 return;

205 }

206 break;	204 break;

207 case IOSurfaceManagerHostMsg_UnregisterIOSurface::ID:	205 case IOSurfaceManagerHostMsg_UnregisterIOSurface::ID:

208 HandleUnregisterIOSurfaceRequest(request.msg.unregister_io_surface);	206 HandleUnregisterIOSurfaceRequest(request.msg.unregister_io_surface);

209 // Unregister requests are asynchronous and do not require a reply as	207 // Unregister requests are asynchronous and do not require a reply as

210 // there is no guarantee for how quickly an IO surface is removed from	208 // there is no guarantee for how quickly an IO surface is removed from

211 // the IOSurfaceManager instance after it has been deleted by a child	209 // the IOSurfaceManager instance after it has been deleted by a child

212 // process.	210 // process.

213 return;	211 return;

214 case IOSurfaceManagerHostMsg_AcquireIOSurface::ID:	212 case IOSurfaceManagerHostMsg_AcquireIOSurface::ID:

215 if (!HandleAcquireIOSurfaceRequest(request.msg.acquire_io_surface,	213 HandleAcquireIOSurfaceRequest(request.msg.acquire_io_surface,

216 &reply.acquire_io_surface)) {	214 &reply.acquire_io_surface);

217 return;

218 }

219 break;	215 break;

220 default:	216 default:

221 LOG(ERROR) << "Unknown message received!";	217 LOG(ERROR) << "Unknown message received!";

222 return;	218 return;

223 }	219 }

224	220

225 kr = mach_msg(&reply.header, MACH_SEND_MSG \| MACH_SEND_TIMEOUT,	221 kr = mach_msg(&reply.header, MACH_SEND_MSG \| MACH_SEND_TIMEOUT,

226 reply.header.msgh_size, 0, MACH_PORT_NULL, kSendReplyTimeoutMs,	222 reply.header.msgh_size, 0, MACH_PORT_NULL, kSendReplyTimeoutMs,

227 MACH_PORT_NULL);	223 MACH_PORT_NULL);

228 if (kr != KERN_SUCCESS) {	224 if (kr != KERN_SUCCESS) {

229 MACH_LOG(ERROR, kr) << "mach_msg";	225 MACH_LOG(ERROR, kr) << "mach_msg";

230 }	226 }

231 }	227 }

232	228

233 bool BrowserIOSurfaceManager::HandleRegisterIOSurfaceRequest(	229 void BrowserIOSurfaceManager::HandleRegisterIOSurfaceRequest(

234 const IOSurfaceManagerHostMsg_RegisterIOSurface& request,	230 const IOSurfaceManagerHostMsg_RegisterIOSurface& request,

235 IOSurfaceManagerMsg_RegisterIOSurfaceReply* reply) {	231 IOSurfaceManagerMsg_RegisterIOSurfaceReply* reply) {

236 base::AutoLock lock(lock_);	232 base::AutoLock lock(lock_);

237	233

	234 reply->header.msgh_bits = MACH_MSGH_BITS_REMOTE(request.header.msgh_bits);

	235 reply->header.msgh_remote_port = request.header.msgh_remote_port;

	236 reply->header.msgh_size = sizeof(*reply);

	237 reply->result = false;

	238

238 IOSurfaceManagerToken token;	239 IOSurfaceManagerToken token;

239 static_assert(sizeof(request.token_name) == sizeof(token.name),	240 static_assert(sizeof(request.token_name) == sizeof(token.name),

240 "Mach message token size doesn't match expectation.");	241 "Mach message token size doesn't match expectation.");

241 token.SetName(request.token_name);	242 token.SetName(request.token_name);

242 if (token.IsZero() \|\| token != gpu_process_token_) {	243 if (token.IsZero() \|\| token != gpu_process_token_) {

243 LOG(ERROR) << "Illegal message from non-GPU process!";	244 LOG(ERROR) << "Illegal message from non-GPU process!";

244 return false;	245 return;

245 }	246 }

246	247

247 IOSurfaceMapKey key(IOSurfaceId(request.io_surface_id), request.client_id);	248 IOSurfaceMapKey key(IOSurfaceId(request.io_surface_id), request.client_id);

248 io_surfaces_.add(key, make_scoped_ptr(new base::mac::ScopedMachSendRight(	249 io_surfaces_.add(key, make_scoped_ptr(new base::mac::ScopedMachSendRight(

249 request.io_surface_port.name)));	250 request.io_surface_port.name)));

250	251

251 reply->header.msgh_bits = MACH_MSGH_BITS_REMOTE(request.header.msgh_bits);

252 reply->header.msgh_remote_port = request.header.msgh_remote_port;

253 reply->header.msgh_size = sizeof(*reply);

254 reply->result = true;	252 reply->result = true;

255 return true;

256 }	253 }

257	254

258 bool BrowserIOSurfaceManager::HandleUnregisterIOSurfaceRequest(	255 bool BrowserIOSurfaceManager::HandleUnregisterIOSurfaceRequest(

259 const IOSurfaceManagerHostMsg_UnregisterIOSurface& request) {	256 const IOSurfaceManagerHostMsg_UnregisterIOSurface& request) {

260 base::AutoLock lock(lock_);	257 base::AutoLock lock(lock_);

261	258

262 IOSurfaceManagerToken token;	259 IOSurfaceManagerToken token;

263 static_assert(sizeof(request.token_name) == sizeof(token.name),	260 static_assert(sizeof(request.token_name) == sizeof(token.name),

264 "Mach message token size doesn't match expectation.");	261 "Mach message token size doesn't match expectation.");

265 token.SetName(request.token_name);	262 token.SetName(request.token_name);

266 if (token.IsZero() \|\| token != gpu_process_token_) {	263 if (token.IsZero() \|\| token != gpu_process_token_) {

267 LOG(ERROR) << "Illegal message from non-GPU process!";	264 LOG(ERROR) << "Illegal message from non-GPU process!";

268 return false;	265 return false;

269 }	266 }

270	267

271 IOSurfaceMapKey key(IOSurfaceId(request.io_surface_id), request.client_id);	268 IOSurfaceMapKey key(IOSurfaceId(request.io_surface_id), request.client_id);

272 io_surfaces_.erase(key);	269 io_surfaces_.erase(key);

273 return true;	270 return true;

274 }	271 }

275	272

276 bool BrowserIOSurfaceManager::HandleAcquireIOSurfaceRequest(	273 void BrowserIOSurfaceManager::HandleAcquireIOSurfaceRequest(

277 const IOSurfaceManagerHostMsg_AcquireIOSurface& request,	274 const IOSurfaceManagerHostMsg_AcquireIOSurface& request,

278 IOSurfaceManagerMsg_AcquireIOSurfaceReply* reply) {	275 IOSurfaceManagerMsg_AcquireIOSurfaceReply* reply) {

279 base::AutoLock lock(lock_);	276 base::AutoLock lock(lock_);

280	277

	278 reply->header.msgh_bits =

	279 MACH_MSGH_BITS_REMOTE(request.header.msgh_bits) \| MACH_MSGH_BITS_COMPLEX;

	280 reply->header.msgh_remote_port = request.header.msgh_remote_port;

	281 reply->header.msgh_size = sizeof(*reply);

	282 reply->result = false;
	reveman 2015/09/18 18:22:30 Request: This is not new to this patch but can you Request: This is not new to this patch but can you change "reply->result = false;" to the following instead of depending on the caller initializing \|reply\| to 0: reply->body.msgh_descriptor_count = 0; reply->result = false; reply->io_surface_port.name = MACH_PORT_NULL; reply->io_surface_port.disposition = 0; reply->io_surface_port.type = 0; ccameron 2015/09/18 18:36:00 Done. Also changed Register reply to set body.* to Show quoted text On 2015/09/18 18:22:30, reveman wrote: > Request: This is not new to this patch but can you change "reply->result = > false;" to the following instead of depending on the caller initializing \|reply\| > to 0: > > reply->body.msgh_descriptor_count = 0; > reply->result = false; > reply->io_surface_port.name = MACH_PORT_NULL; > reply->io_surface_port.disposition = 0; > reply->io_surface_port.type = 0; Done. Also changed Register reply to set body.* to 0 as well. reveman 2015/09/18 18:47:48 Ah, I guess we should really be doing a bzero(repl Show quoted text On 2015/09/18 at 18:36:00, ccameron wrote: > On 2015/09/18 18:22:30, reveman wrote: > > Request: This is not new to this patch but can you change "reply->result = > > false;" to the following instead of depending on the caller initializing \|reply\| > > to 0: > > > > reply->body.msgh_descriptor_count = 0; > > reply->result = false; > > reply->io_surface_port.name = MACH_PORT_NULL; > > reply->io_surface_port.disposition = 0; > > reply->io_surface_port.type = 0; > > Done. Also changed Register reply to set body.* to 0 as well. Ah, I guess we should really be doing a bzero(reply, sizeof(*reply)) to not depend on reply already being 0 initialized... current patch is fine though
	283

281 IOSurfaceManagerToken token;	284 IOSurfaceManagerToken token;

282 static_assert(sizeof(request.token_name) == sizeof(token.name),	285 static_assert(sizeof(request.token_name) == sizeof(token.name),

283 "Mach message token size doesn't match expectation.");	286 "Mach message token size doesn't match expectation.");

284 token.SetName(request.token_name);	287 token.SetName(request.token_name);

285 auto child_process_id_it = child_process_ids_.find(token);	288 auto child_process_id_it = child_process_ids_.find(token);

286 if (child_process_id_it == child_process_ids_.end()) {	289 if (child_process_id_it == child_process_ids_.end()) {

287 LOG(ERROR) << "Illegal message from non-child process!";	290 LOG(ERROR) << "Illegal message from non-child process!";

288 return false;	291 return;

289 }	292 }

290	293

291 reply->header.msgh_bits =	294 reply->result = true;

292 MACH_MSGH_BITS_REMOTE(request.header.msgh_bits) \| MACH_MSGH_BITS_COMPLEX;

293 reply->header.msgh_remote_port = request.header.msgh_remote_port;

294 reply->header.msgh_size = sizeof(*reply);

295

296 IOSurfaceMapKey key(IOSurfaceId(request.io_surface_id),	295 IOSurfaceMapKey key(IOSurfaceId(request.io_surface_id),

297 child_process_id_it->second);	296 child_process_id_it->second);

298 auto it = io_surfaces_.find(key);	297 auto it = io_surfaces_.find(key);

299 if (it == io_surfaces_.end()) {	298 if (it == io_surfaces_.end()) {

300 LOG(ERROR) << "Invalid Id for IOSurface " << request.io_surface_id;	299 LOG(ERROR) << "Invalid Id for IOSurface " << request.io_surface_id;

301 return true;	300 return;

302 }	301 }

303	302

304 reply->body.msgh_descriptor_count = 1;	303 reply->body.msgh_descriptor_count = 1;

305 reply->io_surface_port.name = it->second->get();	304 reply->io_surface_port.name = it->second->get();

306 reply->io_surface_port.disposition = MACH_MSG_TYPE_COPY_SEND;	305 reply->io_surface_port.disposition = MACH_MSG_TYPE_COPY_SEND;

307 reply->io_surface_port.type = MACH_MSG_PORT_DESCRIPTOR;	306 reply->io_surface_port.type = MACH_MSG_PORT_DESCRIPTOR;

308 return true;

309 }	307 }

310	308

311 } // namespace content	309 } // namespace content

OLD	NEW