src/trusted/manifest_name_service_proxy/manifest_proxy.c - Issue 15039022: Enable meta-based validation for shared libraries.

Unified Diff: src/trusted/manifest_name_service_proxy/manifest_proxy.c

Issue 15039022: Enable meta-based validation for shared libraries. (Closed) Base URL: svn://svn.chromium.org/native_client/trunk/src/native_client

Patch Set: Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: src/trusted/manifest_name_service_proxy/manifest_proxy.c

diff --git a/src/trusted/manifest_name_service_proxy/manifest_proxy.c b/src/trusted/manifest_name_service_proxy/manifest_proxy.c

index 78d60d7defecd00a42c461deca89147fc3499bb3..3cadf04a00824a3bb9735b694da2040e7b8f09ec 100644

--- a/src/trusted/manifest_name_service_proxy/manifest_proxy.c

+++ b/src/trusted/manifest_name_service_proxy/manifest_proxy.c

@@ -12,11 +12,15 @@

#include "native_client/src/shared/platform/nacl_sync.h"

#include "native_client/src/shared/platform/nacl_sync_checked.h"

#include "native_client/src/shared/srpc/nacl_srpc.h"

+#include "native_client/src/trusted/desc/nacl_desc_io.h"

#include "native_client/src/trusted/reverse_service/manifest_rpc.h"

#include "native_client/src/trusted/reverse_service/reverse_control_rpc.h"

#include "native_client/src/trusted/service_runtime/include/sys/errno.h"

+#include "native_client/src/trusted/service_runtime/include/sys/fcntl.h"

#include "native_client/src/trusted/service_runtime/include/sys/nacl_name_service.h"

#include "native_client/src/trusted/service_runtime/nacl_secure_service.h"

+#include "native_client/src/trusted/validator/rich_file_info.h"

+#include "native_client/src/trusted/validator/validation_cache.h"

static void NaClManifestWaitForChannel_yield_mu(

struct NaClManifestProxyConnection *self) {

@@ -108,6 +112,7 @@ static void NaClManifestNameServiceLookupRpc(

uint32_t cookie_size = sizeof cookie;

int status;

struct NaClDesc *desc;

+ uint64_t nonce;

NaClSrpcError srpc_error;

NaClLog(4, "NaClManifestNameServiceLookupRpc\n");

@@ -129,6 +134,7 @@ static void NaClManifestNameServiceLookupRpc(

flags,

&status,

&desc,

+ &nonce,

&cookie_size,

cookie))) {

NaClLog(LOG_ERROR,

@@ -138,9 +144,44 @@ static void NaClManifestNameServiceLookupRpc(

srpc_error);

rpc->result = srpc_error;

} else {

+ struct NaClManifestProxy *proxy =

+ (struct NaClManifestProxy *) proxy_conn->base.server;

+ struct NaClValidationCache *validation_cache = proxy->nap->validation_cache;

+ int32_t new_fd;

+ char *file_path;

+ uint32_t file_path_length;

NaClLog(4,

"NaClManifestNameServiceLookupRpc: got cookie %.*s\n",

cookie_size, cookie);

+ if (nonce != 0 && validation_cache->ResolveFileNonce != NULL &&

+ validation_cache->ResolveFileNonce(validation_cache->handle, nonce,

+ &new_fd, &file_path,

+ &file_path_length)) {

+ struct RichFileInfo info;

+ uint32_t flags;

+ /*

+ * We don't entirely trust the render process, so swap the handle with one

+ * from the browser process that should be equivalent.

+ */

+ NaClDescUnref(desc);

+ desc = NaClDescIoDescFromHandleAllocCtor((NaClHandle) new_fd,

Nick Bray (chromium) 2013/05/10 22:54:56 Question: is there a better cross-platform way to

bsy 2013/05/10 23:52:56 We can add a better interface to wrap up the compo

+ NACL_ABI_O_RDONLY);

+ /* Mark the desc as OK for mmaping. */

+ flags = NaClDescGetFlags(desc);

+ NaClDescSetFlags(desc, flags | NACL_DESC_FLAGS_MMAP_EXEC_OK);

+ /* Provide metadata for validation. */

+ RichFileInfoCtor(&info);

+ info.known_file = 1;

+ info.file_path = file_path; /* Takes ownership. */

+ info.file_path_length = file_path_length;

+ SetFileOriginInfo(desc, &info);

+ RichFileInfoDtor(&info);

+ }

out_args[0]->u.ival = status;

out_args[1]->u.hval = desc;

rpc->result = NACL_SRPC_RESULT_OK;

« no previous file with comments | « site_scons/site_tools/library_deps.py ('k') | src/trusted/reverse_service/manifest_rpc.h » ('j') | src/trusted/reverse_service/reverse_service.h » ('J')