| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/nacl/nacl_listener.h" | 5 #include "chrome/nacl/nacl_listener.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <stdlib.h> | 8 #include <stdlib.h> |
| 9 | 9 |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "base/message_loop.h" | 13 #include "base/message_loop.h" |
| 14 #include "base/rand_util.h" | 14 #include "base/rand_util.h" |
| 15 #include "chrome/common/nacl_messages.h" | 15 #include "chrome/common/nacl_messages.h" |
| 16 #include "chrome/nacl/nacl_ipc_adapter.h" | 16 #include "chrome/nacl/nacl_ipc_adapter.h" |
| 17 #include "chrome/nacl/nacl_validation_db.h" | 17 #include "chrome/nacl/nacl_validation_db.h" |
| 18 #include "chrome/nacl/nacl_validation_query.h" | 18 #include "chrome/nacl/nacl_validation_query.h" |
| 19 #include "ipc/ipc_channel_handle.h" | 19 #include "ipc/ipc_channel_handle.h" |
| 20 #include "ipc/ipc_switches.h" | 20 #include "ipc/ipc_switches.h" |
| 21 #include "ipc/ipc_sync_channel.h" | 21 #include "ipc/ipc_sync_channel.h" |
| 22 #include "ipc/ipc_sync_message_filter.h" | 22 #include "ipc/ipc_sync_message_filter.h" |
| 23 #include "native_client/src/trusted/service_runtime/sel_main_chrome.h" | 23 #include "native_client/src/trusted/service_runtime/sel_main_chrome.h" |
| 24 #include "native_client/src/trusted/validator/nacl_file_info.h" |
| 24 | 25 |
| 25 #if defined(OS_POSIX) | 26 #if defined(OS_POSIX) |
| 26 #include "base/file_descriptor_posix.h" | 27 #include "base/file_descriptor_posix.h" |
| 27 #endif | 28 #endif |
| 28 | 29 |
| 29 #if defined(OS_LINUX) | 30 #if defined(OS_LINUX) |
| 30 #include "content/public/common/child_process_sandbox_support_linux.h" | 31 #include "content/public/common/child_process_sandbox_support_linux.h" |
| 31 #endif | 32 #endif |
| 32 | 33 |
| 33 #if defined(OS_WIN) | 34 #if defined(OS_WIN) |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 123 return result; | 124 return result; |
| 124 } | 125 } |
| 125 | 126 |
| 126 virtual void SetKnownToValidate(const std::string& signature) OVERRIDE { | 127 virtual void SetKnownToValidate(const std::string& signature) OVERRIDE { |
| 127 // Caching is optional: NaCl will still work correctly if the IPC fails. | 128 // Caching is optional: NaCl will still work correctly if the IPC fails. |
| 128 if (!listener_->Send(new NaClProcessMsg_SetKnownToValidate(signature))) { | 129 if (!listener_->Send(new NaClProcessMsg_SetKnownToValidate(signature))) { |
| 129 LOG(ERROR) << "Failed to update NaCl validation cache."; | 130 LOG(ERROR) << "Failed to update NaCl validation cache."; |
| 130 } | 131 } |
| 131 } | 132 } |
| 132 | 133 |
| 134 virtual bool ResolveFileToken(struct NaClFileToken* file_token, |
| 135 int32* fd, std::string* path) OVERRIDE { |
| 136 *fd = -1; |
| 137 *path = ""; |
| 138 if (file_token->lo == 0 && file_token->hi == 0) { |
| 139 return false; |
| 140 } |
| 141 IPC::PlatformFileForTransit ipc_fd; |
| 142 base::FilePath ipc_path; |
| 143 if (!listener_->Send(new NaClProcessMsg_ResolveFileToken(file_token->lo, |
| 144 file_token->hi, |
| 145 &ipc_fd, |
| 146 &ipc_path))) { |
| 147 return false; |
| 148 } |
| 149 if (ipc_fd == IPC::InvalidPlatformFileForTransit()) { |
| 150 return false; |
| 151 } |
| 152 base::PlatformFile handle = |
| 153 IPC::PlatformFileForTransitToPlatformFile(ipc_fd); |
| 154 #if defined(OS_WIN) |
| 155 // On Windows, valid handles are 32 bit unsigned integers so this is safe. |
| 156 *fd = reinterpret_cast<uintptr_t>(handle); |
| 157 #else |
| 158 *fd = handle; |
| 159 #endif |
| 160 // It doesn't matter if the path is invalid UTF8 as long as it's consistent |
| 161 // and unforgeable. |
| 162 *path = ipc_path.AsUTF8Unsafe(); |
| 163 return true; |
| 164 } |
| 165 |
| 133 private: | 166 private: |
| 134 // The listener never dies, otherwise this might be a dangling reference. | 167 // The listener never dies, otherwise this might be a dangling reference. |
| 135 NaClListener* listener_; | 168 NaClListener* listener_; |
| 136 }; | 169 }; |
| 137 | 170 |
| 138 | 171 |
| 139 NaClListener::NaClListener() : shutdown_event_(true, false), | 172 NaClListener::NaClListener() : shutdown_event_(true, false), |
| 140 io_thread_("NaCl_IOThread"), | 173 io_thread_("NaCl_IOThread"), |
| 141 #if defined(OS_LINUX) | 174 #if defined(OS_LINUX) |
| 142 prereserved_sandbox_size_(0), | 175 prereserved_sandbox_size_(0), |
| (...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 276 #if defined(OS_WIN) | 309 #if defined(OS_WIN) |
| 277 args->broker_duplicate_handle_func = BrokerDuplicateHandle; | 310 args->broker_duplicate_handle_func = BrokerDuplicateHandle; |
| 278 args->attach_debug_exception_handler_func = AttachDebugExceptionHandler; | 311 args->attach_debug_exception_handler_func = AttachDebugExceptionHandler; |
| 279 #endif | 312 #endif |
| 280 #if defined(OS_LINUX) | 313 #if defined(OS_LINUX) |
| 281 args->prereserved_sandbox_size = prereserved_sandbox_size_; | 314 args->prereserved_sandbox_size = prereserved_sandbox_size_; |
| 282 #endif | 315 #endif |
| 283 NaClChromeMainStart(args); | 316 NaClChromeMainStart(args); |
| 284 NOTREACHED(); | 317 NOTREACHED(); |
| 285 } | 318 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 14750007:
NaCl: enable meta-based validation for shared libraries. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src