| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (c) 2013 The Native Client Authors. All rights reserved. | 2 * Copyright (c) 2013 The Native Client Authors. All rights reserved. |
| 3 * Use of this source code is governed by a BSD-style license that can be | 3 * Use of this source code is governed by a BSD-style license that can be |
| 4 * found in the LICENSE file. | 4 * found in the LICENSE file. |
| 5 */ | 5 */ |
| 6 | 6 |
| 7 #include "native_client/src/trusted/validator/validation_cache.h" | 7 #include "native_client/src/trusted/validator/validation_cache.h" |
| 8 | 8 |
| 9 #include <string.h> | 9 #include <string.h> |
| 10 #include <sys/stat.h> | 10 #include <sys/stat.h> |
| 11 | 11 |
| 12 #include "native_client/src/shared/platform/nacl_check.h" | 12 #include "native_client/src/shared/platform/nacl_check.h" |
| 13 #include "native_client/src/shared/platform/nacl_host_desc.h" | 13 #include "native_client/src/shared/platform/nacl_host_desc.h" |
| 14 #include "native_client/src/trusted/desc/nacl_desc_base.h" | 14 #include "native_client/src/trusted/desc/nacl_desc_base.h" |
| 15 #include "native_client/src/trusted/desc/nacl_desc_io.h" | 15 #include "native_client/src/trusted/desc/nacl_desc_io.h" |
| 16 #include "native_client/src/trusted/validator/rich_file_info.h" |
| 16 #include "native_client/src/trusted/validator/validation_metadata.h" | 17 #include "native_client/src/trusted/validator/validation_metadata.h" |
| 17 | 18 |
| 18 #if NACL_WINDOWS | 19 #if NACL_WINDOWS |
| 19 #include <Windows.h> | 20 #include <Windows.h> |
| 20 #include <io.h> | 21 #include <io.h> |
| 21 #endif | 22 #endif |
| 22 | 23 |
| 23 #define ADD_LITERAL(cache, query, data) \ | 24 #define ADD_LITERAL(cache, query, data) \ |
| 24 ((cache)->AddData((query), (uint8_t*)&(data), sizeof(data))) | 25 ((cache)->AddData((query), (uint8_t*)&(data), sizeof(data))) |
| 25 | 26 |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 94 } | 95 } |
| 95 | 96 |
| 96 static void Serialize(uint8_t *buffer, const void *value, size_t size, | 97 static void Serialize(uint8_t *buffer, const void *value, size_t size, |
| 97 uint32_t *offset) { | 98 uint32_t *offset) { |
| 98 if (buffer != NULL) | 99 if (buffer != NULL) |
| 99 memcpy(&buffer[*offset], value, size); | 100 memcpy(&buffer[*offset], value, size); |
| 100 *offset += (uint32_t) size; | 101 *offset += (uint32_t) size; |
| 101 } | 102 } |
| 102 | 103 |
| 103 static void SerializeNaClDescMetadataInternal( | 104 static void SerializeNaClDescMetadataInternal( |
| 104 uint8_t known_file, | 105 const struct RichFileInfo *info, |
| 105 const char *file_name, | |
| 106 uint32_t file_name_length, | |
| 107 uint8_t *buffer, | 106 uint8_t *buffer, |
| 108 uint32_t *offset) { | 107 uint32_t *offset) { |
| 109 *offset = 0; | 108 *offset = 0; |
| 110 Serialize(buffer, &known_file, sizeof(known_file), offset); | 109 Serialize(buffer, &info->known_file, sizeof(info->known_file), offset); |
| 111 if (known_file) { | 110 if (info->known_file) { |
| 112 Serialize(buffer, &file_name_length, sizeof(file_name_length), offset); | 111 Serialize(buffer, &info->file_path_length, sizeof(info->file_path_length), |
| 113 Serialize(buffer, file_name, file_name_length, offset); | 112 offset); |
| 113 Serialize(buffer, info->file_path, info->file_path_length, offset); |
| 114 } | 114 } |
| 115 } | 115 } |
| 116 | 116 |
| 117 int SerializeNaClDescMetadata( | 117 int SerializeNaClDescMetadata( |
| 118 uint8_t known_file, | 118 const struct RichFileInfo *info, |
| 119 const char *file_name, | |
| 120 uint32_t file_name_length, | |
| 121 uint8_t **buffer, | 119 uint8_t **buffer, |
| 122 uint32_t *buffer_length) { | 120 uint32_t *buffer_length) { |
| 123 | 121 |
| 124 *buffer = NULL; | 122 *buffer = NULL; |
| 125 | 123 |
| 126 /* Calculate the buffer size. */ | 124 /* Calculate the buffer size. */ |
| 127 SerializeNaClDescMetadataInternal(known_file, file_name, file_name_length, | 125 SerializeNaClDescMetadataInternal(info, NULL, buffer_length); |
| 128 NULL, buffer_length); | |
| 129 | 126 |
| 130 /* Allocate the buffer. */ | 127 /* Allocate the buffer. */ |
| 131 *buffer = malloc(*buffer_length); | 128 *buffer = malloc(*buffer_length); |
| 132 if (NULL == buffer) | 129 if (NULL == buffer) |
| 133 return 1; | 130 return 1; |
| 134 | 131 |
| 135 /* Fill the buffer. */ | 132 /* Fill the buffer. */ |
| 136 SerializeNaClDescMetadataInternal(known_file, file_name, file_name_length, | 133 SerializeNaClDescMetadataInternal(info, *buffer, buffer_length); |
| 137 *buffer, buffer_length); | |
| 138 return 0; | 134 return 0; |
| 139 } | 135 } |
| 140 | 136 |
| 141 int SetFileOriginInfo(struct NaClDesc *desc, uint8_t known_file, | 137 int SetFileOriginInfo(struct NaClDesc *desc, struct RichFileInfo *info) { |
| 142 const char *file_name, uint32_t file_name_length) { | |
| 143 uint8_t *buffer = NULL; | 138 uint8_t *buffer = NULL; |
| 144 uint32_t buffer_length = 0; | 139 uint32_t buffer_length = 0; |
| 145 int status; | 140 int status; |
| 146 if (SerializeNaClDescMetadata(known_file, file_name, file_name_length, | 141 if (SerializeNaClDescMetadata(info, &buffer, &buffer_length)) { |
| 147 &buffer, &buffer_length)) { | |
| 148 return 1; | 142 return 1; |
| 149 } | 143 } |
| 150 status = NACL_VTBL(NaClDesc, desc)->SetMetadata( | 144 status = NACL_VTBL(NaClDesc, desc)->SetMetadata( |
| 151 desc, | 145 desc, |
| 152 FILE_ORIGIN_INFO_TYPE, | 146 FILE_ORIGIN_INFO_TYPE, |
| 153 buffer_length, | 147 buffer_length, |
| 154 (uint8_t *) buffer); | 148 (uint8_t *) buffer); |
| 155 free(buffer); | 149 free(buffer); |
| 156 return status; | 150 return status; |
| 157 } | 151 } |
| 158 | 152 |
| 159 static int Deserialize(uint8_t *buffer, uint32_t buffer_length, void *value, | 153 static int Deserialize(const uint8_t *buffer, uint32_t buffer_length, |
| 160 size_t size, uint32_t *offset) { | 154 void *value, size_t size, uint32_t *offset) { |
| 161 if (*offset + size > buffer_length) | 155 if (*offset + size > buffer_length) |
| 162 return 1; | 156 return 1; |
| 163 memcpy(value, &buffer[*offset], size); | 157 memcpy(value, &buffer[*offset], size); |
| 164 *offset += (uint32_t) size; | 158 *offset += (uint32_t) size; |
| 165 return 0; | 159 return 0; |
| 166 } | 160 } |
| 167 | 161 |
| 168 int DeserializeNaClDescMetadata( | 162 int DeserializeNaClDescMetadata( |
| 169 uint8_t *buffer, | 163 const uint8_t *buffer, |
| 170 uint32_t buffer_length, | 164 uint32_t buffer_length, |
| 171 uint8_t *known_file, | 165 struct RichFileInfo *info) { |
| 172 char **file_name, | |
| 173 uint32_t *file_name_length) { | |
| 174 | 166 |
| 167 char *file_path; |
| 175 uint32_t offset = 0; | 168 uint32_t offset = 0; |
| 176 *file_name = NULL; | 169 RichFileInfoCtor(info); |
| 177 | 170 |
| 178 if (Deserialize(buffer, buffer_length, known_file, sizeof(*known_file), | 171 if (Deserialize(buffer, buffer_length, &info->known_file, |
| 179 &offset)) | 172 sizeof(info->known_file), &offset)) |
| 180 goto on_error; | 173 goto on_error; |
| 181 | 174 |
| 182 if (*known_file) { | 175 if (info->known_file) { |
| 183 if (Deserialize(buffer, buffer_length, file_name_length, | 176 if (Deserialize(buffer, buffer_length, &info->file_path_length, |
| 184 sizeof(*file_name_length), &offset)) | 177 sizeof(info->file_path_length), &offset)) |
| 185 goto on_error; | 178 goto on_error; |
| 186 *file_name = malloc(*file_name_length); | 179 file_path = malloc(info->file_path_length); |
| 187 if (NULL == *file_name) | 180 if (NULL == file_path) |
| 188 goto on_error; | 181 goto on_error; |
| 189 if (Deserialize(buffer, buffer_length, *file_name, *file_name_length, | 182 /* Work around const issues. */ |
| 183 info->file_path = file_path; |
| 184 if (Deserialize(buffer, buffer_length, file_path, info->file_path_length, |
| 190 &offset)) | 185 &offset)) |
| 191 goto on_error; | 186 goto on_error; |
| 192 } | 187 } |
| 193 | 188 |
| 194 /* Entire buffer consumed? */ | 189 /* Entire buffer consumed? */ |
| 195 if (offset != buffer_length) | 190 if (offset != buffer_length) |
| 196 goto on_error; | 191 goto on_error; |
| 197 return 0; | 192 return 0; |
| 198 | 193 |
| 199 on_error: | 194 on_error: |
| 200 *known_file = 0; | 195 RichFileInfoDtor(info); |
| 201 free(*file_name); | |
| 202 *file_name = NULL; | |
| 203 *file_name_length = 0; | |
| 204 return 1; | 196 return 1; |
| 205 } | 197 } |
| 206 | 198 |
| 207 int GetFileOriginInfo(struct NaClDesc *desc, uint8_t *known_file, | 199 void RichFileInfoCtor(struct RichFileInfo *info) { |
| 208 char **file_name, uint32_t *file_name_length) { | 200 memset(info, 0, sizeof(*info)); |
| 201 } |
| 202 |
| 203 void RichFileInfoDtor(struct RichFileInfo *info) { |
| 204 /* |
| 205 * file_path is "const" to express intent, we need to cast away the const to |
| 206 * dallocate it. |
| 207 */ |
| 208 free((void *) info->file_path); |
| 209 /* Prevent use after Dtor. */ |
| 210 RichFileInfoCtor(info); |
| 211 } |
| 212 |
| 213 int GetFileOriginInfo(struct NaClDesc *desc, struct RichFileInfo *info) { |
| 209 int32_t metadata_type; | 214 int32_t metadata_type; |
| 210 uint8_t *buffer = NULL; | 215 uint8_t *buffer = NULL; |
| 211 uint32_t buffer_length = 0; | 216 uint32_t buffer_length = 0; |
| 212 int status; | 217 int status; |
| 213 | 218 |
| 214 /* Get the buffer length. */ | 219 /* Get the buffer length. */ |
| 215 metadata_type = NACL_VTBL(NaClDesc, desc)->GetMetadata( | 220 metadata_type = NACL_VTBL(NaClDesc, desc)->GetMetadata( |
| 216 desc, | 221 desc, |
| 217 &buffer_length, | 222 &buffer_length, |
| 218 NULL); | 223 NULL); |
| 219 if (metadata_type != FILE_ORIGIN_INFO_TYPE) | 224 if (metadata_type != FILE_ORIGIN_INFO_TYPE) |
| 220 return 1; | 225 return 1; |
| 221 | 226 |
| 222 buffer = (uint8_t *) malloc(buffer_length); | 227 buffer = (uint8_t *) malloc(buffer_length); |
| 223 if (NULL == buffer) | 228 if (NULL == buffer) |
| 224 return 1; | 229 return 1; |
| 225 | 230 |
| 226 metadata_type = NACL_VTBL(NaClDesc, desc)->GetMetadata( | 231 metadata_type = NACL_VTBL(NaClDesc, desc)->GetMetadata( |
| 227 desc, | 232 desc, |
| 228 &buffer_length, | 233 &buffer_length, |
| 229 buffer); | 234 buffer); |
| 230 if (metadata_type != FILE_ORIGIN_INFO_TYPE) | 235 if (metadata_type != FILE_ORIGIN_INFO_TYPE) |
| 231 return 1; | 236 return 1; |
| 232 | 237 |
| 233 status = DeserializeNaClDescMetadata(buffer, buffer_length, known_file, | 238 status = DeserializeNaClDescMetadata(buffer, buffer_length, info); |
| 234 file_name, file_name_length); | |
| 235 free(buffer); | 239 free(buffer); |
| 236 return status; | 240 return status; |
| 237 } | 241 } |
| 238 | 242 |
| 243 void MetadataFromNaClDescCtor(struct NaClValidationMetadata *metadata, |
| 244 struct NaClDesc *desc) { |
| 245 struct RichFileInfo info; |
| 246 int32_t fd = -1; |
| 247 |
| 248 RichFileInfoCtor(&info); |
| 249 memset(metadata, 0, sizeof(*metadata)); |
| 250 |
| 251 if (NACL_VTBL(NaClDesc, desc)->typeTag != NACL_DESC_HOST_IO) |
| 252 goto done; |
| 253 fd = ((struct NaClDescIoDesc *) desc)->hd->d; |
| 254 if (GetFileOriginInfo(desc, &info)) |
| 255 goto done; |
| 256 if (!info.known_file || info.file_path == NULL || info.file_path_length <= 0) |
| 257 goto done; |
| 258 MetadataFromFDCtor(metadata, fd, info.file_path, info.file_path_length); |
| 259 done: |
| 260 RichFileInfoDtor(&info); |
| 261 } |
| 262 |
| 239 void AddCodeIdentity(uint8_t *data, | 263 void AddCodeIdentity(uint8_t *data, |
| 240 size_t size, | 264 size_t size, |
| 241 const struct NaClValidationMetadata *metadata, | 265 const struct NaClValidationMetadata *metadata, |
| 242 struct NaClValidationCache *cache, | 266 struct NaClValidationCache *cache, |
| 243 void *query) { | 267 void *query) { |
| 244 NaClCodeIdentityType identity_type; | 268 NaClCodeIdentityType identity_type; |
| 245 if (NULL != metadata) { | 269 if (NULL != metadata) { |
| 246 identity_type = metadata->identity_type; | 270 identity_type = metadata->identity_type; |
| 247 } else { | 271 } else { |
| 248 /* Fallback: identity unknown, treat it as anonymous data. */ | 272 /* Fallback: identity unknown, treat it as anonymous data. */ |
| (...skipping 24 matching lines...) Expand all Loading... |
| 273 ADD_LITERAL(cache, query, metadata->device_id); | 297 ADD_LITERAL(cache, query, metadata->device_id); |
| 274 ADD_LITERAL(cache, query, metadata->file_id); | 298 ADD_LITERAL(cache, query, metadata->file_id); |
| 275 ADD_LITERAL(cache, query, metadata->file_size); | 299 ADD_LITERAL(cache, query, metadata->file_size); |
| 276 ADD_LITERAL(cache, query, metadata->mtime); | 300 ADD_LITERAL(cache, query, metadata->mtime); |
| 277 ADD_LITERAL(cache, query, metadata->ctime); | 301 ADD_LITERAL(cache, query, metadata->ctime); |
| 278 } else { | 302 } else { |
| 279 /* Hash all the code. */ | 303 /* Hash all the code. */ |
| 280 cache->AddData(query, data, size); | 304 cache->AddData(query, data, size); |
| 281 } | 305 } |
| 282 } | 306 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 15039022:
Enable meta-based validation for shared libraries. (Closed)
Base URL: svn://svn.chromium.org/native_client/trunk/src/native_client