| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (c) 2013 The Native Client Authors. All rights reserved. | 2 * Copyright (c) 2013 The Native Client Authors. All rights reserved. |
| 3 * Use of this source code is governed by a BSD-style license that can be | 3 * Use of this source code is governed by a BSD-style license that can be |
| 4 * found in the LICENSE file. | 4 * found in the LICENSE file. |
| 5 */ | 5 */ |
| 6 | 6 |
| 7 #include "native_client/src/trusted/validator/validation_cache.h" | 7 #include "native_client/src/trusted/validator/validation_cache.h" |
| 8 | 8 |
| 9 #include <string.h> | 9 #include <string.h> |
| 10 #include <sys/stat.h> | 10 #include <sys/stat.h> |
| 11 | 11 |
| 12 #include "native_client/src/shared/platform/nacl_check.h" | 12 #include "native_client/src/shared/platform/nacl_check.h" |
| 13 #include "native_client/src/shared/platform/nacl_host_desc.h" | 13 #include "native_client/src/shared/platform/nacl_host_desc.h" |
| 14 #include "native_client/src/trusted/desc/nacl_desc_base.h" | 14 #include "native_client/src/trusted/desc/nacl_desc_base.h" |
| 15 #include "native_client/src/trusted/desc/nacl_desc_io.h" | 15 #include "native_client/src/trusted/desc/nacl_desc_io.h" |
| 16 #include "native_client/src/trusted/validator/rich_file_info.h" |
| 16 #include "native_client/src/trusted/validator/validation_metadata.h" | 17 #include "native_client/src/trusted/validator/validation_metadata.h" |
| 17 | 18 |
| 18 #if NACL_WINDOWS | 19 #if NACL_WINDOWS |
| 19 #include <Windows.h> | 20 #include <Windows.h> |
| 20 #include <io.h> | 21 #include <io.h> |
| 21 #endif | 22 #endif |
| 22 | 23 |
| 23 #define ADD_LITERAL(cache, query, data) \ | 24 #define ADD_LITERAL(cache, query, data) \ |
| 24 ((cache)->AddData((query), (uint8_t*)&(data), sizeof(data))) | 25 ((cache)->AddData((query), (uint8_t*)&(data), sizeof(data))) |
| 25 | 26 |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 94 } | 95 } |
| 95 | 96 |
| 96 static void Serialize(uint8_t *buffer, const void *value, size_t size, | 97 static void Serialize(uint8_t *buffer, const void *value, size_t size, |
| 97 uint32_t *offset) { | 98 uint32_t *offset) { |
| 98 if (buffer != NULL) | 99 if (buffer != NULL) |
| 99 memcpy(&buffer[*offset], value, size); | 100 memcpy(&buffer[*offset], value, size); |
| 100 *offset += (uint32_t) size; | 101 *offset += (uint32_t) size; |
| 101 } | 102 } |
| 102 | 103 |
| 103 static void SerializeNaClDescMetadataInternal( | 104 static void SerializeNaClDescMetadataInternal( |
| 104 uint8_t known_file, | 105 const struct RichFileInfo *info, |
| 105 const char *file_name, | |
| 106 uint32_t file_name_length, | |
| 107 uint8_t *buffer, | 106 uint8_t *buffer, |
| 108 uint32_t *offset) { | 107 uint32_t *offset) { |
| 109 *offset = 0; | 108 *offset = 0; |
| 110 Serialize(buffer, &known_file, sizeof(known_file), offset); | 109 Serialize(buffer, &info->known_file, sizeof(info->known_file), offset); |
| 111 if (known_file) { | 110 if (info->known_file) { |
| 112 Serialize(buffer, &file_name_length, sizeof(file_name_length), offset); | 111 Serialize(buffer, &info->file_path_length, sizeof(info->file_path_length), |
| 113 Serialize(buffer, file_name, file_name_length, offset); | 112 offset); |
| 113 Serialize(buffer, info->file_path, info->file_path_length, offset); |
| 114 } | 114 } |
| 115 } | 115 } |
| 116 | 116 |
| 117 int SerializeNaClDescMetadata( | 117 int SerializeNaClDescMetadata( |
| 118 uint8_t known_file, | 118 const struct RichFileInfo *info, |
| 119 const char *file_name, | |
| 120 uint32_t file_name_length, | |
| 121 uint8_t **buffer, | 119 uint8_t **buffer, |
| 122 uint32_t *buffer_length) { | 120 uint32_t *buffer_length) { |
| 123 | 121 |
| 124 *buffer = NULL; | 122 *buffer = NULL; |
| 125 | 123 |
| 126 /* Calculate the buffer size. */ | 124 /* Calculate the buffer size. */ |
| 127 SerializeNaClDescMetadataInternal(known_file, file_name, file_name_length, | 125 SerializeNaClDescMetadataInternal(info, NULL, buffer_length); |
| 128 NULL, buffer_length); | |
| 129 | 126 |
| 130 /* Allocate the buffer. */ | 127 /* Allocate the buffer. */ |
| 131 *buffer = malloc(*buffer_length); | 128 *buffer = malloc(*buffer_length); |
| 132 if (NULL == buffer) | 129 if (NULL == buffer) |
| 133 return 1; | 130 return 1; |
| 134 | 131 |
| 135 /* Fill the buffer. */ | 132 /* Fill the buffer. */ |
| 136 SerializeNaClDescMetadataInternal(known_file, file_name, file_name_length, | 133 SerializeNaClDescMetadataInternal(info, *buffer, buffer_length); |
| 137 *buffer, buffer_length); | |
| 138 return 0; | 134 return 0; |
| 139 } | 135 } |
| 140 | 136 |
| 141 int SetFileOriginInfo(struct NaClDesc *desc, uint8_t known_file, | 137 int SetFileOriginInfo(struct NaClDesc *desc, struct RichFileInfo *info) { |
| 142 const char *file_name, uint32_t file_name_length) { | |
| 143 uint8_t *buffer = NULL; | 138 uint8_t *buffer = NULL; |
| 144 uint32_t buffer_length = 0; | 139 uint32_t buffer_length = 0; |
| 145 int status; | 140 int status; |
| 146 if (SerializeNaClDescMetadata(known_file, file_name, file_name_length, | 141 if (SerializeNaClDescMetadata(info, &buffer, &buffer_length)) { |
| 147 &buffer, &buffer_length)) { | |
| 148 return 1; | 142 return 1; |
| 149 } | 143 } |
| 150 status = NACL_VTBL(NaClDesc, desc)->SetMetadata( | 144 status = NACL_VTBL(NaClDesc, desc)->SetMetadata( |
| 151 desc, | 145 desc, |
| 152 FILE_ORIGIN_INFO_TYPE, | 146 FILE_ORIGIN_INFO_TYPE, |
| 153 buffer_length, | 147 buffer_length, |
| 154 (uint8_t *) buffer); | 148 (uint8_t *) buffer); |
| 155 free(buffer); | 149 free(buffer); |
| 156 return status; | 150 return status; |
| 157 } | 151 } |
| 158 | 152 |
| 159 static int Deserialize(uint8_t *buffer, uint32_t buffer_length, void *value, | 153 static int Deserialize(const uint8_t *buffer, uint32_t buffer_length, |
| 160 size_t size, uint32_t *offset) { | 154 void *value, size_t size, uint32_t *offset) { |
| 161 if (*offset + size > buffer_length) | 155 if (*offset + size > buffer_length) |
| 162 return 1; | 156 return 1; |
| 163 memcpy(value, &buffer[*offset], size); | 157 memcpy(value, &buffer[*offset], size); |
| 164 *offset += (uint32_t) size; | 158 *offset += (uint32_t) size; |
| 165 return 0; | 159 return 0; |
| 166 } | 160 } |
| 167 | 161 |
| 168 int DeserializeNaClDescMetadata( | 162 int DeserializeNaClDescMetadata( |
| 169 uint8_t *buffer, | 163 const uint8_t *buffer, |
| 170 uint32_t buffer_length, | 164 uint32_t buffer_length, |
| 171 uint8_t *known_file, | 165 struct RichFileInfo *info) { |
| 172 char **file_name, | 166 /* Work around const issues. */ |
| 173 uint32_t *file_name_length) { | 167 char *file_path = NULL; |
| 168 uint32_t offset = 0; |
| 169 RichFileInfoCtor(info); |
| 174 | 170 |
| 175 uint32_t offset = 0; | 171 if (Deserialize(buffer, buffer_length, &info->known_file, |
| 176 *file_name = NULL; | 172 sizeof(info->known_file), &offset)) |
| 177 | |
| 178 if (Deserialize(buffer, buffer_length, known_file, sizeof(*known_file), | |
| 179 &offset)) | |
| 180 goto on_error; | 173 goto on_error; |
| 181 | 174 |
| 182 if (*known_file) { | 175 if (info->known_file) { |
| 183 if (Deserialize(buffer, buffer_length, file_name_length, | 176 if (Deserialize(buffer, buffer_length, &info->file_path_length, |
| 184 sizeof(*file_name_length), &offset)) | 177 sizeof(info->file_path_length), &offset)) |
| 185 goto on_error; | 178 goto on_error; |
| 186 *file_name = malloc(*file_name_length); | 179 file_path = malloc(info->file_path_length); |
| 187 if (NULL == *file_name) | 180 if (NULL == file_path) |
| 188 goto on_error; | 181 goto on_error; |
| 189 if (Deserialize(buffer, buffer_length, *file_name, *file_name_length, | 182 if (Deserialize(buffer, buffer_length, file_path, info->file_path_length, |
| 190 &offset)) | 183 &offset)) |
| 191 goto on_error; | 184 goto on_error; |
| 185 info->file_path = file_path; |
| 186 file_path = NULL; |
| 192 } | 187 } |
| 193 | 188 |
| 194 /* Entire buffer consumed? */ | 189 /* Entire buffer consumed? */ |
| 195 if (offset != buffer_length) | 190 if (offset != buffer_length) |
| 196 goto on_error; | 191 goto on_error; |
| 197 return 0; | 192 return 0; |
| 198 | 193 |
| 199 on_error: | 194 on_error: |
| 200 *known_file = 0; | 195 free(file_path); |
| 201 free(*file_name); | 196 RichFileInfoDtor(info); |
| 202 *file_name = NULL; | |
| 203 *file_name_length = 0; | |
| 204 return 1; | 197 return 1; |
| 205 } | 198 } |
| 206 | 199 |
| 207 int GetFileOriginInfo(struct NaClDesc *desc, uint8_t *known_file, | 200 void RichFileInfoCtor(struct RichFileInfo *info) { |
| 208 char **file_name, uint32_t *file_name_length) { | 201 memset(info, 0, sizeof(*info)); |
| 202 } |
| 203 |
| 204 void RichFileInfoDtor(struct RichFileInfo *info) { |
| 205 /* |
| 206 * file_path is "const" to express intent, we need to cast away the const to |
| 207 * dallocate it. |
| 208 */ |
| 209 free((void *) info->file_path); |
| 210 /* Prevent use after Dtor. */ |
| 211 memset(info, 0, sizeof(*info)); |
| 212 } |
| 213 |
| 214 int GetFileOriginInfo(struct NaClDesc *desc, struct RichFileInfo *info) { |
| 209 int32_t metadata_type; | 215 int32_t metadata_type; |
| 210 uint8_t *buffer = NULL; | 216 uint8_t *buffer = NULL; |
| 211 uint32_t buffer_length = 0; | 217 uint32_t buffer_length = 0; |
| 212 int status; | 218 int status; |
| 213 | 219 |
| 214 /* Get the buffer length. */ | 220 /* Get the buffer length. */ |
| 215 metadata_type = NACL_VTBL(NaClDesc, desc)->GetMetadata( | 221 metadata_type = NACL_VTBL(NaClDesc, desc)->GetMetadata( |
| 216 desc, | 222 desc, |
| 217 &buffer_length, | 223 &buffer_length, |
| 218 NULL); | 224 NULL); |
| 219 if (metadata_type != FILE_ORIGIN_INFO_TYPE) | 225 if (metadata_type != FILE_ORIGIN_INFO_TYPE) |
| 220 return 1; | 226 return 1; |
| 221 | 227 |
| 222 buffer = (uint8_t *) malloc(buffer_length); | 228 buffer = (uint8_t *) malloc(buffer_length); |
| 223 if (NULL == buffer) | 229 if (NULL == buffer) |
| 224 return 1; | 230 return 1; |
| 225 | 231 |
| 226 metadata_type = NACL_VTBL(NaClDesc, desc)->GetMetadata( | 232 metadata_type = NACL_VTBL(NaClDesc, desc)->GetMetadata( |
| 227 desc, | 233 desc, |
| 228 &buffer_length, | 234 &buffer_length, |
| 229 buffer); | 235 buffer); |
| 230 if (metadata_type != FILE_ORIGIN_INFO_TYPE) | 236 if (metadata_type != FILE_ORIGIN_INFO_TYPE) |
| 231 return 1; | 237 return 1; |
| 232 | 238 |
| 233 status = DeserializeNaClDescMetadata(buffer, buffer_length, known_file, | 239 status = DeserializeNaClDescMetadata(buffer, buffer_length, info); |
| 234 file_name, file_name_length); | |
| 235 free(buffer); | 240 free(buffer); |
| 236 return status; | 241 return status; |
| 237 } | 242 } |
| 238 | 243 |
| 244 void MetadataFromNaClDescCtor(struct NaClValidationMetadata *metadata, |
| 245 struct NaClDesc *desc) { |
| 246 struct RichFileInfo info; |
| 247 int32_t fd = -1; |
| 248 |
| 249 RichFileInfoCtor(&info); |
| 250 memset(metadata, 0, sizeof(*metadata)); |
| 251 |
| 252 if (NACL_VTBL(NaClDesc, desc)->typeTag != NACL_DESC_HOST_IO) |
| 253 goto done; |
| 254 fd = ((struct NaClDescIoDesc *) desc)->hd->d; |
| 255 if (GetFileOriginInfo(desc, &info)) |
| 256 goto done; |
| 257 if (!info.known_file || info.file_path == NULL || info.file_path_length <= 0) |
| 258 goto done; |
| 259 MetadataFromFDCtor(metadata, fd, info.file_path, info.file_path_length); |
| 260 done: |
| 261 RichFileInfoDtor(&info); |
| 262 } |
| 263 |
| 239 void AddCodeIdentity(uint8_t *data, | 264 void AddCodeIdentity(uint8_t *data, |
| 240 size_t size, | 265 size_t size, |
| 241 const struct NaClValidationMetadata *metadata, | 266 const struct NaClValidationMetadata *metadata, |
| 242 struct NaClValidationCache *cache, | 267 struct NaClValidationCache *cache, |
| 243 void *query) { | 268 void *query) { |
| 244 NaClCodeIdentityType identity_type; | 269 NaClCodeIdentityType identity_type; |
| 245 if (NULL != metadata) { | 270 if (NULL != metadata) { |
| 246 identity_type = metadata->identity_type; | 271 identity_type = metadata->identity_type; |
| 247 } else { | 272 } else { |
| 248 /* Fallback: identity unknown, treat it as anonymous data. */ | 273 /* Fallback: identity unknown, treat it as anonymous data. */ |
| (...skipping 24 matching lines...) Expand all Loading... |
| 273 ADD_LITERAL(cache, query, metadata->device_id); | 298 ADD_LITERAL(cache, query, metadata->device_id); |
| 274 ADD_LITERAL(cache, query, metadata->file_id); | 299 ADD_LITERAL(cache, query, metadata->file_id); |
| 275 ADD_LITERAL(cache, query, metadata->file_size); | 300 ADD_LITERAL(cache, query, metadata->file_size); |
| 276 ADD_LITERAL(cache, query, metadata->mtime); | 301 ADD_LITERAL(cache, query, metadata->mtime); |
| 277 ADD_LITERAL(cache, query, metadata->ctime); | 302 ADD_LITERAL(cache, query, metadata->ctime); |
| 278 } else { | 303 } else { |
| 279 /* Hash all the code. */ | 304 /* Hash all the code. */ |
| 280 cache->AddData(query, data, size); | 305 cache->AddData(query, data, size); |
| 281 } | 306 } |
| 282 } | 307 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 15039022:
Enable meta-based validation for shared libraries. (Closed)
Base URL: svn://svn.chromium.org/native_client/trunk/src/native_client