NaCl: enable meta-based validation for shared libraries.

ppapi/native_client/src/trusted/plugin/plugin.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifdef _MSC_VER
 // Do not warn about use of std::copy with raw pointers.
 #pragma warning(disable : 4996)
 #endif
 
 #include "native_client/src/trusted/plugin/plugin.h"
@@ skipping 788 matching lines @@
   if (nexe_size_ > 0) {
     float size_in_MB = static_cast<float>(nexe_size_) / (1024.f * 1024.f);
     HistogramTimeMedium(name, static_cast<int64_t>(dt));
     HistogramTimeMedium(name + "PerMB", static_cast<int64_t>(dt / size_in_MB));
   }
 }
 
 void Plugin::NexeFileDidOpen(int32_t pp_error) {
   PLUGIN_PRINTF(("Plugin::NexeFileDidOpen (pp_error=%"NACL_PRId32")\n",
                  pp_error));
-  int32_t file_desc = nexe_downloader_.GetPOSIXFileDescriptor();
+  struct NaClFileInfo info = nexe_downloader_.GetFileInfo();
   PLUGIN_PRINTF(("Plugin::NexeFileDidOpen (file_desc=%"NACL_PRId32")\n",
-                 file_desc));
+                 info.desc));
   HistogramHTTPStatusCode(
       is_installed_ ?
           "NaCl.HttpStatusCodeClass.Nexe.InstalledApp" :
           "NaCl.HttpStatusCodeClass.Nexe.NotInstalledApp",
       nexe_downloader_.status_code());
   ErrorInfo error_info;
-  if (pp_error != PP_OK || file_desc == NACL_NO_FILE_DESC) {
+  if (pp_error != PP_OK || info.desc == NACL_NO_FILE_DESC) {
     if (pp_error == PP_ERROR_ABORTED) {
       ReportLoadAbort();
     } else if (pp_error == PP_ERROR_NOACCESS) {
       error_info.SetReport(ERROR_NEXE_NOACCESS_URL,
                            "access to nexe url was denied.");
       ReportLoadError(error_info);
     } else {
       error_info.SetReport(ERROR_NEXE_LOAD_URL, "could not load nexe url.");
       ReportLoadError(error_info);
     }
     return;
   }
-  int32_t file_desc_ok_to_close = DUP(file_desc);
+  int32_t file_desc_ok_to_close = DUP(info.desc);
   if (file_desc_ok_to_close == NACL_NO_FILE_DESC) {
     error_info.SetReport(ERROR_NEXE_FH_DUP,
                          "could not duplicate loaded file handle.");
     ReportLoadError(error_info);
     return;
   }
   struct stat stat_buf;
   if (0 != fstat(file_desc_ok_to_close, &stat_buf)) {
     CLOSE(file_desc_ok_to_close);
     error_info.SetReport(ERROR_NEXE_STAT, "could not stat nexe file.");
@@ skipping 238 matching lines @@
                      nexe_downloader_.TimeSinceOpenMilliseconds());
   HistogramHTTPStatusCode(
       is_installed_ ?
           "NaCl.HttpStatusCodeClass.Manifest.InstalledApp" :
           "NaCl.HttpStatusCodeClass.Manifest.NotInstalledApp",
       nexe_downloader_.status_code());
   ErrorInfo error_info;
   // The manifest file was successfully opened.  Set the src property on the
   // plugin now, so that the full url is available to error handlers.
   set_manifest_url(nexe_downloader_.url());
-  int32_t file_desc = nexe_downloader_.GetPOSIXFileDescriptor();
+  struct NaClFileInfo info = nexe_downloader_.GetFileInfo();
   PLUGIN_PRINTF(("Plugin::NaClManifestFileDidOpen (file_desc=%"
-                 NACL_PRId32")\n", file_desc));
-  if (pp_error != PP_OK || file_desc == NACL_NO_FILE_DESC) {
+                 NACL_PRId32")\n", info.desc));
+  if (pp_error != PP_OK || info.desc == NACL_NO_FILE_DESC) {
     if (pp_error == PP_ERROR_ABORTED) {
       ReportLoadAbort();
     } else if (pp_error == PP_ERROR_NOACCESS) {
       error_info.SetReport(ERROR_MANIFEST_NOACCESS_URL,
                            "access to manifest url was denied.");
       ReportLoadError(error_info);
     } else {
       error_info.SetReport(ERROR_MANIFEST_LOAD_URL,
                            "could not load manifest url.");
       ReportLoadError(error_info);
     }
     return;
   }
   // Duplicate the file descriptor in order to create a FILE stream with it
   // that can later be closed without closing the original descriptor.  The
   // browser will take care of the original descriptor.
-  int dup_file_desc = DUP(file_desc);
+  int dup_file_desc = DUP(info.desc);
   struct stat stat_buf;
   if (0 != fstat(dup_file_desc, &stat_buf)) {
     CLOSE(dup_file_desc);
     error_info.SetReport(ERROR_MANIFEST_STAT,
                          "could not stat manifest file.");
     ReportLoadError(error_info);
     return;
   }
   size_t bytes_to_read = static_cast<size_t>(stat_buf.st_size);
   if (bytes_to_read > kNaClManifestMaxFileBytes) {
@@ skipping 181 matching lines @@
 }
 
 void Plugin::UrlDidOpenForStreamAsFile(int32_t pp_error,
                                        FileDownloader*& url_downloader,
                                        PP_CompletionCallback callback) {
   PLUGIN_PRINTF(("Plugin::UrlDidOpen (pp_error=%"NACL_PRId32
                  ", url_downloader=%p)\n", pp_error,
                  static_cast<void*>(url_downloader)));
   url_downloaders_.erase(url_downloader);
   nacl::scoped_ptr<FileDownloader> scoped_url_downloader(url_downloader);
-  int32_t file_desc = scoped_url_downloader->GetPOSIXFileDescriptor();
+  struct NaClFileInfo info = scoped_url_downloader->GetFileInfo();
 
   if (pp_error != PP_OK) {
     PP_RunCompletionCallback(&callback, pp_error);
-  } else if (file_desc > NACL_NO_FILE_DESC) {
-    url_fd_map_[url_downloader->url_to_open()] = file_desc;
+  } else if (info.desc > NACL_NO_FILE_DESC) {
+    url_file_info_map_[url_downloader->url_to_open()] = info;
     PP_RunCompletionCallback(&callback, PP_OK);
   } else {
     PP_RunCompletionCallback(&callback, PP_ERROR_FAILED);
   }
 }
 
-int32_t Plugin::GetPOSIXFileDesc(const nacl::string& url) {
-  PLUGIN_PRINTF(("Plugin::GetFileDesc (url=%s)\n", url.c_str()));
-  int32_t file_desc_ok_to_close = NACL_NO_FILE_DESC;
-  std::map<nacl::string, int32_t>::iterator it = url_fd_map_.find(url);
-  if (it != url_fd_map_.end())
-    file_desc_ok_to_close = DUP(it->second);
-  return file_desc_ok_to_close;
+struct NaClFileInfo Plugin::GetFileInfo(const nacl::string& url) {
+  struct NaClFileInfo info;
+  memset(&info, 0, sizeof(info));
+  std::map<nacl::string, struct NaClFileInfo>::iterator it =
+      url_file_info_map_.find(url);
+  if (it != url_file_info_map_.end()) {
+    info = it->second;
+    info.desc = DUP(info.desc);
+  } else {
+    info.desc = -1;
+  }
+  return info;
 }
 
-
 bool Plugin::StreamAsFile(const nacl::string& url,
                           PP_CompletionCallback callback) {
   PLUGIN_PRINTF(("Plugin::StreamAsFile (url='%s')\n", url.c_str()));
   FileDownloader* downloader = new FileDownloader();
   downloader->Initialize(this);
   url_downloaders_.insert(downloader);
   // Untrusted loads are always relative to the page's origin.
   CHECK(url_util_ != NULL);
   pp::Var resolved_url =
       url_util_->ResolveRelativeToURL(pp::Var(plugin_base_url()), url);
@@ skipping 258 matching lines @@
   // Fast path only works for installed file URLs.
   if (GetUrlScheme(url) != SCHEME_CHROME_EXTENSION)
     return false;
   // IMPORTANT: Make sure the document can request the given URL. If we don't
   // check, a malicious app could probe the extension system. This enforces a
   // same-origin policy which prevents the app from requesting resources from
   // another app.
   if (!DocumentCanRequest(url))
     return false;
 
-  PP_NaClExecutableMetadata file_metadata;
+  uint64_t nonce = 0;
   PP_FileHandle file_handle =
       nacl_interface()->OpenNaClExecutable(pp_instance(),
                                            url.c_str(),
-                                           &file_metadata);
+                                           &nonce);
   // We shouldn't hit this if the file URL is in an installed app.
   if (file_handle == PP_kInvalidFileHandle)
     return false;
 
-  // Release the PP_Var in the metadata struct.
-  pp::Module* module = pp::Module::Get();
-  const PPB_Var* var_interface =
-      static_cast<const PPB_Var*>(
-          module->GetBrowserInterface(PPB_VAR_INTERFACE));
-  var_interface->Release(file_metadata.file_path);
-
   // FileDownloader takes ownership of the file handle.
-  // TODO(bbudge) Consume metadata once we have the final format.
-  downloader->OpenFast(url, file_handle);
+  downloader->OpenFast(url, file_handle, nonce);
   return true;
 }
 
 UrlSchemeType Plugin::GetUrlScheme(const std::string& url) {
   CHECK(url_util_ != NULL);
   PP_URLComponents_Dev comps;
   pp::Var canonicalized =
       url_util_->Canonicalize(pp::Var(url), &comps);
 
   if (canonicalized.is_null() ||
@@ skipping 34 matching lines @@
                                           static_cast<uint32_t>(text.size()));
   const PPB_Console* console_interface =
       static_cast<const PPB_Console*>(
           module->GetBrowserInterface(PPB_CONSOLE_INTERFACE));
   console_interface->LogWithSource(pp_instance(), PP_LOGLEVEL_LOG, prefix, str);
   var_interface->Release(prefix);
   var_interface->Release(str);
 }
 
 }  // namespace plugin