OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/ppapi_plugin_process_host.h" | 5 #include "content/browser/ppapi_plugin_process_host.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
11 | 11 |
12 #include "base/base_switches.h" | 12 #include "base/base_switches.h" |
13 #include "base/command_line.h" | 13 #include "base/command_line.h" |
14 #include "base/files/file_path.h" | 14 #include "base/files/file_path.h" |
15 #include "base/macros.h" | 15 #include "base/macros.h" |
16 #include "base/metrics/field_trial.h" | 16 #include "base/metrics/field_trial.h" |
17 #include "base/strings/string_number_conversions.h" | 17 #include "base/strings/string_number_conversions.h" |
18 #include "base/strings/utf_string_conversions.h" | 18 #include "base/strings/utf_string_conversions.h" |
19 #include "build/build_config.h" | 19 #include "build/build_config.h" |
20 #include "content/browser/browser_child_process_host_impl.h" | 20 #include "content/browser/browser_child_process_host_impl.h" |
21 #include "content/browser/plugin_service_impl.h" | 21 #include "content/browser/plugin_service_impl.h" |
22 #include "content/browser/renderer_host/render_message_filter.h" | 22 #include "content/browser/renderer_host/render_message_filter.h" |
23 #include "content/common/child_process_host_impl.h" | 23 #include "content/common/child_process_host_impl.h" |
24 #include "content/common/child_process_messages.h" | 24 #include "content/common/child_process_messages.h" |
25 #include "content/common/content_switches_internal.h" | 25 #include "content/common/content_switches_internal.h" |
26 #include "content/public/browser/content_browser_client.h" | 26 #include "content/public/browser/content_browser_client.h" |
27 #include "content/public/common/content_constants.h" | 27 #include "content/public/common/content_constants.h" |
28 #include "content/public/common/content_switches.h" | 28 #include "content/public/common/content_switches.h" |
| 29 #include "content/public/common/mojo_channel_switches.h" |
29 #include "content/public/common/pepper_plugin_info.h" | 30 #include "content/public/common/pepper_plugin_info.h" |
30 #include "content/public/common/process_type.h" | 31 #include "content/public/common/process_type.h" |
31 #include "content/public/common/sandbox_type.h" | 32 #include "content/public/common/sandbox_type.h" |
32 #include "content/public/common/sandboxed_process_launcher_delegate.h" | 33 #include "content/public/common/sandboxed_process_launcher_delegate.h" |
33 #include "ipc/ipc_switches.h" | 34 #include "ipc/ipc_switches.h" |
34 #include "mojo/edk/embedder/embedder.h" | 35 #include "mojo/edk/embedder/embedder.h" |
35 #include "net/base/network_change_notifier.h" | 36 #include "net/base/network_change_notifier.h" |
36 #include "ppapi/proxy/ppapi_messages.h" | 37 #include "ppapi/proxy/ppapi_messages.h" |
37 #include "ui/base/ui_base_switches.h" | 38 #include "ui/base/ui_base_switches.h" |
38 | 39 |
(...skipping 17 matching lines...) Expand all Loading... |
56 | 57 |
57 // NOTE: changes to this class need to be reviewed by the security team. | 58 // NOTE: changes to this class need to be reviewed by the security team. |
58 class PpapiPluginSandboxedProcessLauncherDelegate | 59 class PpapiPluginSandboxedProcessLauncherDelegate |
59 : public content::SandboxedProcessLauncherDelegate { | 60 : public content::SandboxedProcessLauncherDelegate { |
60 public: | 61 public: |
61 PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker, | 62 PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker, |
62 const PepperPluginInfo& info, | 63 const PepperPluginInfo& info, |
63 ChildProcessHost* host) | 64 ChildProcessHost* host) |
64 #if defined(OS_WIN) | 65 #if defined(OS_WIN) |
65 : info_(info), is_broker_(is_broker) { | 66 : info_(info), is_broker_(is_broker) { |
66 #elif defined(OS_MACOSX) || defined(OS_ANDROID) | 67 #elif defined(OS_POSIX) && !defined(OS_MACOSX) && !defined(OS_ANDROID) |
67 : ipc_fd_(host->TakeClientFileDescriptor()) { | 68 : is_broker_(is_broker) { |
68 #elif defined(OS_POSIX) | |
69 : ipc_fd_(host->TakeClientFileDescriptor()), is_broker_(is_broker) { | |
70 #else | 69 #else |
71 { | 70 { |
72 #endif | 71 #endif |
73 } | 72 } |
74 | 73 |
75 ~PpapiPluginSandboxedProcessLauncherDelegate() override {} | 74 ~PpapiPluginSandboxedProcessLauncherDelegate() override {} |
76 | 75 |
77 #if defined(OS_WIN) | 76 #if defined(OS_WIN) |
78 bool ShouldSandbox() override { | 77 bool ShouldSandbox() override { |
79 return !is_broker_; | 78 return !is_broker_; |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
122 const base::CommandLine& browser_command_line = | 121 const base::CommandLine& browser_command_line = |
123 *base::CommandLine::ForCurrentProcess(); | 122 *base::CommandLine::ForCurrentProcess(); |
124 base::CommandLine::StringType plugin_launcher = browser_command_line | 123 base::CommandLine::StringType plugin_launcher = browser_command_line |
125 .GetSwitchValueNative(switches::kPpapiPluginLauncher); | 124 .GetSwitchValueNative(switches::kPpapiPluginLauncher); |
126 if (is_broker_ || !plugin_launcher.empty()) | 125 if (is_broker_ || !plugin_launcher.empty()) |
127 return nullptr; | 126 return nullptr; |
128 return GetGenericZygote(); | 127 return GetGenericZygote(); |
129 } | 128 } |
130 #endif // !defined(OS_MACOSX) && !defined(OS_ANDROID) | 129 #endif // !defined(OS_MACOSX) && !defined(OS_ANDROID) |
131 | 130 |
132 base::ScopedFD TakeIpcFd() override { return std::move(ipc_fd_); } | 131 base::ScopedFD TakeIpcFd() override { return base::ScopedFD(-1); } |
133 #endif // OS_WIN | 132 #endif // OS_WIN |
134 | 133 |
135 SandboxType GetSandboxType() override { | 134 SandboxType GetSandboxType() override { |
136 return SANDBOX_TYPE_PPAPI; | 135 return SANDBOX_TYPE_PPAPI; |
137 } | 136 } |
138 | 137 |
139 private: | 138 private: |
140 #if defined(OS_WIN) | 139 #if defined(OS_WIN) |
141 const PepperPluginInfo& info_; | 140 const PepperPluginInfo& info_; |
142 #endif // OS_WIN | 141 #endif // OS_WIN |
143 #if defined(OS_POSIX) | |
144 base::ScopedFD ipc_fd_; | |
145 #endif // OS_POSIX | |
146 #if (defined(OS_POSIX) && !defined(OS_MACOSX) && !defined(OS_ANDROID)) || \ | 142 #if (defined(OS_POSIX) && !defined(OS_MACOSX) && !defined(OS_ANDROID)) || \ |
147 defined(OS_WIN) | 143 defined(OS_WIN) |
148 bool is_broker_; | 144 bool is_broker_; |
149 #endif | 145 #endif |
150 | 146 |
151 DISALLOW_COPY_AND_ASSIGN(PpapiPluginSandboxedProcessLauncherDelegate); | 147 DISALLOW_COPY_AND_ASSIGN(PpapiPluginSandboxedProcessLauncherDelegate); |
152 }; | 148 }; |
153 | 149 |
154 class PpapiPluginProcessHost::PluginNetworkObserver | 150 class PpapiPluginProcessHost::PluginNetworkObserver |
155 : public net::NetworkChangeNotifier::IPAddressObserver, | 151 : public net::NetworkChangeNotifier::IPAddressObserver, |
(...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
310 } | 306 } |
311 | 307 |
312 // We already have an open channel, send a request right away to plugin. | 308 // We already have an open channel, send a request right away to plugin. |
313 RequestPluginChannel(client); | 309 RequestPluginChannel(client); |
314 } | 310 } |
315 | 311 |
316 PpapiPluginProcessHost::PpapiPluginProcessHost( | 312 PpapiPluginProcessHost::PpapiPluginProcessHost( |
317 const PepperPluginInfo& info, | 313 const PepperPluginInfo& info, |
318 const base::FilePath& profile_data_directory) | 314 const base::FilePath& profile_data_directory) |
319 : profile_data_directory_(profile_data_directory), | 315 : profile_data_directory_(profile_data_directory), |
320 is_broker_(false) { | 316 is_broker_(false), |
| 317 mojo_child_token_(mojo::edk::GenerateRandomToken()) { |
321 uint32_t base_permissions = info.permissions; | 318 uint32_t base_permissions = info.permissions; |
322 | 319 |
323 // We don't have to do any whitelisting for APIs in this process host, so | 320 // We don't have to do any whitelisting for APIs in this process host, so |
324 // don't bother passing a browser context or document url here. | 321 // don't bother passing a browser context or document url here. |
325 if (GetContentClient()->browser()->IsPluginAllowedToUseDevChannelAPIs( | 322 if (GetContentClient()->browser()->IsPluginAllowedToUseDevChannelAPIs( |
326 NULL, GURL())) | 323 NULL, GURL())) |
327 base_permissions |= ppapi::PERMISSION_DEV_CHANNEL; | 324 base_permissions |= ppapi::PERMISSION_DEV_CHANNEL; |
328 permissions_ = ppapi::PpapiPermissions::GetForCommandLine(base_permissions); | 325 permissions_ = ppapi::PpapiPermissions::GetForCommandLine(base_permissions); |
329 | 326 |
330 process_.reset(new BrowserChildProcessHostImpl( | 327 process_.reset(new BrowserChildProcessHostImpl( |
331 PROCESS_TYPE_PPAPI_PLUGIN, this, mojo::edk::GenerateRandomToken())); | 328 PROCESS_TYPE_PPAPI_PLUGIN, this, mojo_child_token_)); |
332 | 329 |
333 host_impl_.reset(new BrowserPpapiHostImpl(this, permissions_, info.name, | 330 host_impl_.reset(new BrowserPpapiHostImpl(this, permissions_, info.name, |
334 info.path, profile_data_directory, | 331 info.path, profile_data_directory, |
335 false /* in_process */, | 332 false /* in_process */, |
336 false /* external_plugin */)); | 333 false /* external_plugin */)); |
337 | 334 |
338 filter_ = new PepperMessageFilter(); | 335 filter_ = new PepperMessageFilter(); |
339 process_->AddFilter(filter_.get()); | 336 process_->AddFilter(filter_.get()); |
340 process_->GetHost()->AddFilter(host_impl_->message_filter().get()); | 337 process_->GetHost()->AddFilter(host_impl_->message_filter().get()); |
341 #if defined(OS_WIN) | 338 #if defined(OS_WIN) |
342 process_->AddFilter(new DWriteFontProxyMessageFilter()); | 339 process_->AddFilter(new DWriteFontProxyMessageFilter()); |
343 #endif | 340 #endif |
344 | 341 |
345 GetContentClient()->browser()->DidCreatePpapiPlugin(host_impl_.get()); | 342 GetContentClient()->browser()->DidCreatePpapiPlugin(host_impl_.get()); |
346 | 343 |
347 // Only request network status updates if the plugin has dev permissions. | 344 // Only request network status updates if the plugin has dev permissions. |
348 if (permissions_.HasPermission(ppapi::PERMISSION_DEV)) | 345 if (permissions_.HasPermission(ppapi::PERMISSION_DEV)) |
349 network_observer_.reset(new PluginNetworkObserver(this)); | 346 network_observer_.reset(new PluginNetworkObserver(this)); |
350 } | 347 } |
351 | 348 |
352 PpapiPluginProcessHost::PpapiPluginProcessHost() | 349 PpapiPluginProcessHost::PpapiPluginProcessHost() |
353 : is_broker_(true) { | 350 : is_broker_(true), mojo_child_token_(mojo::edk::GenerateRandomToken()) { |
354 process_.reset(new BrowserChildProcessHostImpl( | 351 process_.reset(new BrowserChildProcessHostImpl( |
355 PROCESS_TYPE_PPAPI_BROKER, this, mojo::edk::GenerateRandomToken())); | 352 PROCESS_TYPE_PPAPI_BROKER, this, mojo_child_token_)); |
356 | 353 |
357 ppapi::PpapiPermissions permissions; // No permissions. | 354 ppapi::PpapiPermissions permissions; // No permissions. |
358 // The plugin name, path and profile data directory shouldn't be needed for | 355 // The plugin name, path and profile data directory shouldn't be needed for |
359 // the broker. | 356 // the broker. |
360 host_impl_.reset(new BrowserPpapiHostImpl(this, permissions, | 357 host_impl_.reset(new BrowserPpapiHostImpl(this, permissions, |
361 std::string(), base::FilePath(), | 358 std::string(), base::FilePath(), |
362 base::FilePath(), | 359 base::FilePath(), |
363 false /* in_process */, | 360 false /* in_process */, |
364 false /* external_plugin */)); | 361 false /* external_plugin */)); |
365 } | 362 } |
366 | 363 |
367 bool PpapiPluginProcessHost::Init(const PepperPluginInfo& info) { | 364 bool PpapiPluginProcessHost::Init(const PepperPluginInfo& info) { |
368 plugin_path_ = info.path; | 365 plugin_path_ = info.path; |
369 if (info.name.empty()) { | 366 if (info.name.empty()) { |
370 process_->SetName(plugin_path_.BaseName().LossyDisplayName()); | 367 process_->SetName(plugin_path_.BaseName().LossyDisplayName()); |
371 } else { | 368 } else { |
372 process_->SetName(base::UTF8ToUTF16(info.name)); | 369 process_->SetName(base::UTF8ToUTF16(info.name)); |
373 } | 370 } |
374 | 371 |
375 std::string channel_id = process_->GetHost()->CreateChannel(); | 372 std::string mojo_channel_token = |
376 if (channel_id.empty()) { | 373 process_->GetHost()->CreateChannelMojo(mojo_child_token_); |
| 374 if (mojo_channel_token.empty()) { |
377 VLOG(1) << "Could not create pepper host channel."; | 375 VLOG(1) << "Could not create pepper host channel."; |
378 return false; | 376 return false; |
379 } | 377 } |
380 | 378 |
381 const base::CommandLine& browser_command_line = | 379 const base::CommandLine& browser_command_line = |
382 *base::CommandLine::ForCurrentProcess(); | 380 *base::CommandLine::ForCurrentProcess(); |
383 base::CommandLine::StringType plugin_launcher = | 381 base::CommandLine::StringType plugin_launcher = |
384 browser_command_line.GetSwitchValueNative(switches::kPpapiPluginLauncher); | 382 browser_command_line.GetSwitchValueNative(switches::kPpapiPluginLauncher); |
385 | 383 |
386 #if defined(OS_LINUX) | 384 #if defined(OS_LINUX) |
387 int flags = plugin_launcher.empty() ? ChildProcessHost::CHILD_ALLOW_SELF : | 385 int flags = plugin_launcher.empty() ? ChildProcessHost::CHILD_ALLOW_SELF : |
388 ChildProcessHost::CHILD_NORMAL; | 386 ChildProcessHost::CHILD_NORMAL; |
389 #else | 387 #else |
390 int flags = ChildProcessHost::CHILD_NORMAL; | 388 int flags = ChildProcessHost::CHILD_NORMAL; |
391 #endif | 389 #endif |
392 base::FilePath exe_path = ChildProcessHost::GetChildPath(flags); | 390 base::FilePath exe_path = ChildProcessHost::GetChildPath(flags); |
393 if (exe_path.empty()) { | 391 if (exe_path.empty()) { |
394 VLOG(1) << "Pepper plugin exe path is empty."; | 392 VLOG(1) << "Pepper plugin exe path is empty."; |
395 return false; | 393 return false; |
396 } | 394 } |
397 | 395 |
398 base::CommandLine* cmd_line = new base::CommandLine(exe_path); | 396 base::CommandLine* cmd_line = new base::CommandLine(exe_path); |
399 cmd_line->AppendSwitchASCII(switches::kProcessType, | 397 cmd_line->AppendSwitchASCII(switches::kProcessType, |
400 is_broker_ ? switches::kPpapiBrokerProcess | 398 is_broker_ ? switches::kPpapiBrokerProcess |
401 : switches::kPpapiPluginProcess); | 399 : switches::kPpapiPluginProcess); |
402 cmd_line->AppendSwitchASCII(switches::kProcessChannelID, channel_id); | 400 cmd_line->AppendSwitchASCII(switches::kMojoChannelToken, mojo_channel_token); |
403 | 401 |
404 #if defined(OS_WIN) | 402 #if defined(OS_WIN) |
405 if (GetContentClient()->browser()->ShouldUseWindowsPrefetchArgument()) { | 403 if (GetContentClient()->browser()->ShouldUseWindowsPrefetchArgument()) { |
406 cmd_line->AppendArg(is_broker_ ? switches::kPrefetchArgumentPpapiBroker | 404 cmd_line->AppendArg(is_broker_ ? switches::kPrefetchArgumentPpapiBroker |
407 : switches::kPrefetchArgumentPpapi); | 405 : switches::kPrefetchArgumentPpapi); |
408 } | 406 } |
409 #endif // defined(OS_WIN) | 407 #endif // defined(OS_WIN) |
410 | 408 |
411 // These switches are forwarded to both plugin and broker pocesses. | 409 // These switches are forwarded to both plugin and broker pocesses. |
412 static const char* const kCommonForwardSwitches[] = { | 410 static const char* const kCommonForwardSwitches[] = { |
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
554 // sent_requests_ queue should be the one that the plugin just created. | 552 // sent_requests_ queue should be the one that the plugin just created. |
555 Client* client = sent_requests_.front(); | 553 Client* client = sent_requests_.front(); |
556 sent_requests_.pop(); | 554 sent_requests_.pop(); |
557 | 555 |
558 const ChildProcessData& data = process_->GetData(); | 556 const ChildProcessData& data = process_->GetData(); |
559 client->OnPpapiChannelOpened(channel_handle, base::GetProcId(data.handle), | 557 client->OnPpapiChannelOpened(channel_handle, base::GetProcId(data.handle), |
560 data.id); | 558 data.id); |
561 } | 559 } |
562 | 560 |
563 } // namespace content | 561 } // namespace content |
OLD | NEW |