| Index: components/nacl/broker/nacl_broker_listener.cc
|
| diff --git a/components/nacl/broker/nacl_broker_listener.cc b/components/nacl/broker/nacl_broker_listener.cc
|
| index f21e32f48db331f1539954d9c83e5185bb1ca1c5..35a43ef3558dfe68eb6bc0d564d9b5a799da09f3 100644
|
| --- a/components/nacl/broker/nacl_broker_listener.cc
|
| +++ b/components/nacl/broker/nacl_broker_listener.cc
|
| @@ -12,16 +12,23 @@
|
| #include "base/process/launch.h"
|
| #include "base/process/process.h"
|
| #include "base/process/process_handle.h"
|
| +#include "base/strings/string_number_conversions.h"
|
| #include "base/threading/thread_task_runner_handle.h"
|
| +#include "base/win/win_util.h"
|
| #include "components/nacl/common/nacl_cmd_line.h"
|
| #include "components/nacl/common/nacl_debug_exception_handler_win.h"
|
| #include "components/nacl/common/nacl_messages.h"
|
| #include "components/nacl/common/nacl_switches.h"
|
| #include "content/public/common/content_switches.h"
|
| +#include "content/public/common/mojo_channel_switches.h"
|
| #include "content/public/common/sandbox_init.h"
|
| #include "ipc/attachment_broker_unprivileged.h"
|
| #include "ipc/ipc_channel.h"
|
| #include "ipc/ipc_switches.h"
|
| +#include "mojo/edk/embedder/embedder.h"
|
| +#include "mojo/edk/embedder/platform_channel_pair.h"
|
| +#include "mojo/edk/embedder/scoped_ipc_support.h"
|
| +#include "mojo/public/cpp/system/message_pipe.h"
|
| #include "sandbox/win/src/sandbox_policy.h"
|
|
|
| namespace {
|
| @@ -34,6 +41,14 @@ void SendReply(IPC::Channel* channel, int32_t pid, bool result) {
|
|
|
| NaClBrokerListener::NaClBrokerListener() {
|
| IPC::AttachmentBrokerUnprivileged::CreateBrokerIfNeeded();
|
| + mojo::edk::Init();
|
| + mojo_ipc_support_.reset(new mojo::edk::ScopedIPCSupport(
|
| + base::MessageLoop::current()->task_runner()));
|
| + mojo::edk::ScopedPlatformHandle platform_channel(
|
| + mojo::edk::PlatformChannelPair::PassClientHandleFromParentProcess(
|
| + *base::CommandLine::ForCurrentProcess()));
|
| + DCHECK(platform_channel.is_valid());
|
| + mojo::edk::SetParentPipeHandle(std::move(platform_channel));
|
| }
|
|
|
| NaClBrokerListener::~NaClBrokerListener() {
|
| @@ -43,10 +58,14 @@ NaClBrokerListener::~NaClBrokerListener() {
|
| }
|
|
|
| void NaClBrokerListener::Listen() {
|
| - std::string channel_name =
|
| - base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
|
| - switches::kProcessChannelID);
|
| - channel_ = IPC::Channel::CreateClient(channel_name, this);
|
| + mojo::ScopedMessagePipeHandle handle(
|
| + mojo::edk::CreateChildMessagePipe(
|
| + base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
|
| + switches::kMojoChannelToken)));
|
| + DCHECK(handle.is_valid());
|
| + IPC::ChannelHandle channel_handle(handle.release());
|
| +
|
| + channel_ = IPC::Channel::CreateClient(channel_handle, this);
|
| IPC::AttachmentBroker* broker = IPC::AttachmentBroker::GetGlobal();
|
| if (broker && !broker->IsPrivilegedBroker())
|
| broker->RegisterBrokerCommunicationChannel(channel_.get());
|
| @@ -95,6 +114,22 @@ void NaClBrokerListener::OnLaunchLoaderThroughBroker(
|
| const std::string& loader_channel_id) {
|
| base::ProcessHandle loader_handle_in_browser = 0;
|
|
|
| + // Mojo channel setup is a little bit convoluted, so let me explain. The
|
| + // normal way an initial Mojo message pipe is setup is that a token (string)
|
| + // is passed from the parent to the child on the command line. That token is
|
| + // then used by the child to create the message pipe. However, the token isn't
|
| + // meant for us, but rather the NaCl loader which is the grandchild of the
|
| + // browser, and tokens can only be used by a direct child.
|
| + //
|
| + // To get around this limitation, we turn the token into a message pipe
|
| + // here. The same mechanism is used to create an initial message pipe between
|
| + // us and the NaCl loader process. Then, the mojo::FuseMessagePipes()
|
| + // functions is used to fuse the two pipes together creating a seamless
|
| + // connection from the browser to the NaCl loader.
|
| + mojo::ScopedMessagePipeHandle loader_handle(
|
| + mojo::edk::CreateChildMessagePipe(loader_channel_id));
|
| + DCHECK(loader_handle.is_valid());
|
| +
|
| // Create the path to the nacl broker/loader executable - it's the executable
|
| // this code is running in.
|
| base::FilePath exe_path;
|
| @@ -106,14 +141,35 @@ void NaClBrokerListener::OnLaunchLoaderThroughBroker(
|
| cmd_line->AppendSwitchASCII(switches::kProcessType,
|
| switches::kNaClLoaderProcess);
|
|
|
| - cmd_line->AppendSwitchASCII(switches::kProcessChannelID,
|
| - loader_channel_id);
|
| + // Mojo IPC setup.
|
| + mojo::edk::PlatformChannelPair channel_pair;
|
| + mojo::edk::ScopedPlatformHandle parent_handle =
|
| + channel_pair.PassServerHandle();
|
| + mojo::edk::ScopedPlatformHandle client_handle =
|
| + channel_pair.PassClientHandle();
|
| + base::HandlesToInheritVector handles;
|
| + handles.push_back(client_handle.get().handle);
|
| + cmd_line->AppendSwitchASCII(
|
| + mojo::edk::PlatformChannelPair::kMojoPlatformChannelHandleSwitch,
|
| + base::UintToString(base::win::HandleToUint32(handles[0])));
|
| + const std::string mojo_child_token = mojo::edk::GenerateRandomToken();
|
| + const std::string mojo_channel_token = mojo::edk::GenerateRandomToken();
|
| + mojo::ScopedMessagePipeHandle host_handle =
|
| + mojo::edk::CreateParentMessagePipe(mojo_channel_token,
|
| + mojo_child_token);
|
| + cmd_line->AppendSwitchASCII(switches::kMojoChannelToken,
|
| + mojo_channel_token);
|
| + CHECK_EQ(MOJO_RESULT_OK, mojo::FuseMessagePipes(std::move(loader_handle),
|
| + std::move(host_handle)));
|
|
|
| base::Process loader_process;
|
| sandbox::ResultCode result = content::StartSandboxedProcess(
|
| - this, cmd_line, base::HandlesToInheritVector(), &loader_process);
|
| + this, cmd_line, handles, &loader_process);
|
|
|
| if (result == sandbox::SBOX_ALL_OK) {
|
| + mojo::edk::ChildProcessLaunched(loader_process.Handle(),
|
| + std::move(parent_handle),
|
| + mojo_child_token);
|
| // Note: PROCESS_DUP_HANDLE is necessary here, because:
|
| // 1) The current process is the broker, which is the loader's parent.
|
| // 2) The browser is not the loader's parent, and so only gets the
|
| @@ -127,6 +183,8 @@ void NaClBrokerListener::OnLaunchLoaderThroughBroker(
|
| browser_process_.Handle(), &loader_handle_in_browser,
|
| PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION | PROCESS_TERMINATE,
|
| FALSE, 0);
|
| + } else {
|
| + mojo::edk::ChildProcessLaunchFailed(mojo_child_token);
|
| }
|
| }
|
| channel_->Send(new NaClProcessMsg_LoaderLaunched(loader_channel_id,
|
|
|
Chromium Code Reviews
Issue 2081183005:
Use ChannelMojo from the browser to NaCl loader process. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@mojo-ipc-channel-handle