Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/nacl_host/nacl_browser.h" | 5 #include "chrome/browser/nacl_host/nacl_browser.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/file_util.h" | 8 #include "base/file_util.h" |
| 9 #include "base/message_loop.h" | 9 #include "base/message_loop.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| 11 #include "base/path_service.h" | 11 #include "base/path_service.h" |
| 12 #include "base/pickle.h" | 12 #include "base/pickle.h" |
| 13 #include "base/rand_util.h" | |
| 13 #include "base/strings/string_split.h" | 14 #include "base/strings/string_split.h" |
| 14 #include "base/win/windows_version.h" | 15 #include "base/win/windows_version.h" |
| 15 #include "build/build_config.h" | 16 #include "build/build_config.h" |
| 16 #include "chrome/common/chrome_paths.h" | 17 #include "chrome/common/chrome_paths.h" |
| 17 #include "chrome/common/chrome_paths_internal.h" | 18 #include "chrome/common/chrome_paths_internal.h" |
| 18 #include "chrome/common/chrome_switches.h" | 19 #include "chrome/common/chrome_switches.h" |
| 19 #include "content/public/browser/browser_thread.h" | 20 #include "content/public/browser/browser_thread.h" |
| 20 #include "extensions/common/url_pattern.h" | 21 #include "extensions/common/url_pattern.h" |
| 21 #include "googleurl/src/gurl.h" | 22 #include "googleurl/src/gurl.h" |
| 22 | 23 |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 99 UMA_HISTOGRAM_ENUMERATION("NaCl.ValidationCache.Query", status, CACHE_MAX); | 100 UMA_HISTOGRAM_ENUMERATION("NaCl.ValidationCache.Query", status, CACHE_MAX); |
| 100 } | 101 } |
| 101 | 102 |
| 102 void LogCacheSet(ValidationCacheStatus status) { | 103 void LogCacheSet(ValidationCacheStatus status) { |
| 103 // Bucket zero is reserved for future use. | 104 // Bucket zero is reserved for future use. |
| 104 UMA_HISTOGRAM_ENUMERATION("NaCl.ValidationCache.Set", status, CACHE_MAX); | 105 UMA_HISTOGRAM_ENUMERATION("NaCl.ValidationCache.Set", status, CACHE_MAX); |
| 105 } | 106 } |
| 106 | 107 |
| 107 } // namespace | 108 } // namespace |
| 108 | 109 |
| 110 namespace nacl { | |
| 111 | |
| 112 void OpenNaClExecutableImpl(const base::FilePath& file_path, | |
| 113 base::PlatformFile* file) { | |
| 114 // Get a file descriptor. On Windows, we need 'GENERIC_EXECUTE' in order to | |
| 115 // memory map the executable. | |
| 116 // IMPORTANT: This file descriptor must not have write access - that could | |
| 117 // allow a sandbox escape. | |
|
Mark Seaborn
2013/05/16 23:01:47
"NaCl inner sandbox escape"?
Nick Bray (chromium)
2013/05/21 20:09:06
Done.
| |
| 118 base::PlatformFileError error_code; | |
| 119 *file = base::CreatePlatformFile( | |
| 120 file_path, | |
| 121 base::PLATFORM_FILE_OPEN | | |
| 122 base::PLATFORM_FILE_READ | | |
|
Mark Seaborn
2013/05/16 23:01:47
Maybe format as:
(FLAG |
FLAG |
FLAG)
Nick Bray (chromium)
2013/05/21 20:09:06
Done.
| |
| 123 base::PLATFORM_FILE_EXECUTE, // Windows only flag. | |
| 124 NULL, | |
| 125 &error_code); | |
| 126 if (error_code != base::PLATFORM_FILE_OK) { | |
| 127 *file = base::kInvalidPlatformFileValue; | |
| 128 return; | |
| 129 } | |
| 130 // Check that the file does not reference a directory. Returning a descriptor | |
| 131 // to an extension directory could allow a sandbox escape. | |
|
Mark Seaborn
2013/05/16 23:01:47
Same here - which sandbox? Probably not the inner
Nick Bray (chromium)
2013/05/21 20:09:06
Done.
| |
| 132 base::PlatformFileInfo file_info; | |
| 133 if (!base::GetPlatformFileInfo(*file, &file_info) || file_info.is_directory) | |
| 134 { | |
|
Mark Seaborn
2013/05/16 23:01:47
Put on previous line
Nick Bray (chromium)
2013/05/21 20:09:06
Done.
| |
| 135 base::ClosePlatformFile(*file); | |
| 136 *file = base::kInvalidPlatformFileValue; | |
| 137 return; | |
| 138 } | |
| 139 } | |
| 140 | |
| 141 } | |
| 142 | |
| 109 NaClBrowser::NaClBrowser() | 143 NaClBrowser::NaClBrowser() |
| 110 : weak_factory_(this), | 144 : weak_factory_(this), |
| 111 irt_platform_file_(base::kInvalidPlatformFileValue), | 145 irt_platform_file_(base::kInvalidPlatformFileValue), |
| 112 irt_filepath_(), | 146 irt_filepath_(), |
| 113 irt_state_(NaClResourceUninitialized), | 147 irt_state_(NaClResourceUninitialized), |
| 114 debug_patterns_(), | 148 debug_patterns_(), |
| 115 inverse_debug_patterns_(false), | 149 inverse_debug_patterns_(false), |
| 116 validation_cache_file_path_(), | 150 validation_cache_file_path_(), |
| 117 validation_cache_is_enabled_( | 151 validation_cache_is_enabled_( |
| 118 CheckEnvVar("NACL_VALIDATION_CACHE", | 152 CheckEnvVar("NACL_VALIDATION_CACHE", |
| 119 kValidationCacheEnabledByDefault)), | 153 kValidationCacheEnabledByDefault)), |
| 120 validation_cache_is_modified_(false), | 154 validation_cache_is_modified_(false), |
| 121 validation_cache_state_(NaClResourceUninitialized), | 155 validation_cache_state_(NaClResourceUninitialized), |
| 156 path_cache_(10), | |
|
Mark Seaborn
2013/05/16 23:01:47
From discussion in person: 10 is the number of re
Nick Bray (chromium)
2013/05/21 20:09:06
Done, modulo being able to think of a better name.
| |
| 122 ok_(true) { | 157 ok_(true) { |
| 123 InitIrtFilePath(); | 158 InitIrtFilePath(); |
| 124 InitValidationCacheFilePath(); | 159 InitValidationCacheFilePath(); |
| 125 } | 160 } |
| 126 | 161 |
| 127 NaClBrowser::~NaClBrowser() { | 162 NaClBrowser::~NaClBrowser() { |
| 128 if (irt_platform_file_ != base::kInvalidPlatformFileValue) | 163 if (irt_platform_file_ != base::kInvalidPlatformFileValue) |
| 129 base::ClosePlatformFile(irt_platform_file_); | 164 base::ClosePlatformFile(irt_platform_file_); |
| 130 } | 165 } |
| 131 | 166 |
| (...skipping 233 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 365 void NaClBrowser::WaitForResources(const base::Closure& reply) { | 400 void NaClBrowser::WaitForResources(const base::Closure& reply) { |
| 366 waiting_.push_back(reply); | 401 waiting_.push_back(reply); |
| 367 EnsureAllResourcesAvailable(); | 402 EnsureAllResourcesAvailable(); |
| 368 CheckWaiting(); | 403 CheckWaiting(); |
| 369 } | 404 } |
| 370 | 405 |
| 371 const base::FilePath& NaClBrowser::GetIrtFilePath() { | 406 const base::FilePath& NaClBrowser::GetIrtFilePath() { |
| 372 return irt_filepath_; | 407 return irt_filepath_; |
| 373 } | 408 } |
| 374 | 409 |
| 410 uint64 NaClBrowser::PutFilePath(const base::FilePath& path) { | |
| 411 uint64 nonce; | |
| 412 while (true) { | |
| 413 nonce = base::RandUint64(); | |
|
Mark Seaborn
2013/05/16 23:01:47
I'm not sure 'nonce' is the appropriate term here,
Nick Bray (chromium)
2013/05/21 20:09:06
Moving to 128 bits and Justin's request, which imp
| |
| 414 // A zero nonce indicates there is no nonce, if we get zero, ask for another | |
| 415 // number. | |
| 416 if (nonce != 0) { | |
|
Mark Seaborn
2013/05/16 23:01:47
Has the nonce == 0 code path ever been executed? :
Nick Bray (chromium)
2013/05/21 20:09:06
It may be. Some day. We should add a prize. On
| |
| 417 // If the nonce is in use, ask for another number. | |
| 418 PathCacheType::iterator iter = path_cache_.Peek(nonce); | |
| 419 if (iter == path_cache_.end()) { | |
| 420 path_cache_.Put(nonce, path); | |
| 421 break; | |
| 422 } | |
| 423 } | |
| 424 } | |
| 425 return nonce; | |
| 426 } | |
| 427 | |
| 428 bool NaClBrowser::GetFilePath(uint64 nonce, base::FilePath* path) { | |
| 429 PathCacheType::iterator iter = path_cache_.Peek(nonce); | |
| 430 if (iter == path_cache_.end()) { | |
| 431 *path = base::FilePath(FILE_PATH_LITERAL("")); | |
| 432 return false; | |
| 433 } | |
| 434 *path = iter->second; | |
| 435 path_cache_.Erase(iter); | |
| 436 return true; | |
| 437 } | |
| 438 | |
| 439 | |
| 375 bool NaClBrowser::QueryKnownToValidate(const std::string& signature, | 440 bool NaClBrowser::QueryKnownToValidate(const std::string& signature, |
| 376 bool off_the_record) { | 441 bool off_the_record) { |
| 377 if (off_the_record) { | 442 if (off_the_record) { |
| 378 // If we're off the record, don't reorder the main cache. | 443 // If we're off the record, don't reorder the main cache. |
| 379 return validation_cache_.QueryKnownToValidate(signature, false) || | 444 return validation_cache_.QueryKnownToValidate(signature, false) || |
| 380 off_the_record_validation_cache_.QueryKnownToValidate(signature, true); | 445 off_the_record_validation_cache_.QueryKnownToValidate(signature, true); |
| 381 } else { | 446 } else { |
| 382 bool result = validation_cache_.QueryKnownToValidate(signature, true); | 447 bool result = validation_cache_.QueryKnownToValidate(signature, true); |
| 383 LogCacheQuery(result ? CACHE_HIT : CACHE_MISS); | 448 LogCacheQuery(result ? CACHE_HIT : CACHE_MISS); |
| 384 // Queries can modify the MRU order of the cache. | 449 // Queries can modify the MRU order of the cache. |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 465 // because it can degrade the responsiveness of the browser. | 530 // because it can degrade the responsiveness of the browser. |
| 466 // The task is sequenced so that multiple writes happen in order. | 531 // The task is sequenced so that multiple writes happen in order. |
| 467 content::BrowserThread::PostBlockingPoolSequencedTask( | 532 content::BrowserThread::PostBlockingPoolSequencedTask( |
| 468 kValidationCacheSequenceName, | 533 kValidationCacheSequenceName, |
| 469 FROM_HERE, | 534 FROM_HERE, |
| 470 base::Bind(WriteCache, validation_cache_file_path_, | 535 base::Bind(WriteCache, validation_cache_file_path_, |
| 471 base::Owned(pickle))); | 536 base::Owned(pickle))); |
| 472 } | 537 } |
| 473 validation_cache_is_modified_ = false; | 538 validation_cache_is_modified_ = false; |
| 474 } | 539 } |
| OLD | NEW |