| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/nacl/browser/nacl_process_host.h" | 5 #include "components/nacl/browser/nacl_process_host.h" |
| 6 | 6 |
| 7 #include <string.h> | 7 #include <string.h> |
| 8 #include <algorithm> | 8 #include <algorithm> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 157 namespace { | 157 namespace { |
| 158 | 158 |
| 159 #if defined(OS_POSIX) && !defined(OS_MACOSX) | 159 #if defined(OS_POSIX) && !defined(OS_MACOSX) |
| 160 content::ZygoteHandle g_nacl_zygote; | 160 content::ZygoteHandle g_nacl_zygote; |
| 161 #endif // defined(OS_POSIX) && !defined(OS_MACOSX) | 161 #endif // defined(OS_POSIX) && !defined(OS_MACOSX) |
| 162 | 162 |
| 163 // NOTE: changes to this class need to be reviewed by the security team. | 163 // NOTE: changes to this class need to be reviewed by the security team. |
| 164 class NaClSandboxedProcessLauncherDelegate | 164 class NaClSandboxedProcessLauncherDelegate |
| 165 : public content::SandboxedProcessLauncherDelegate { | 165 : public content::SandboxedProcessLauncherDelegate { |
| 166 public: | 166 public: |
| 167 NaClSandboxedProcessLauncherDelegate(ChildProcessHost* host) | 167 NaClSandboxedProcessLauncherDelegate() {} |
| 168 #if defined(OS_POSIX) | |
| 169 : ipc_fd_(host->TakeClientFileDescriptor()) | |
| 170 #endif | |
| 171 {} | |
| 172 | 168 |
| 173 ~NaClSandboxedProcessLauncherDelegate() override {} | 169 ~NaClSandboxedProcessLauncherDelegate() override {} |
| 174 | 170 |
| 175 #if defined(OS_WIN) | 171 #if defined(OS_WIN) |
| 176 void PostSpawnTarget(base::ProcessHandle process) override { | 172 void PostSpawnTarget(base::ProcessHandle process) override { |
| 177 // For Native Client sel_ldr processes on 32-bit Windows, reserve 1 GB of | 173 // For Native Client sel_ldr processes on 32-bit Windows, reserve 1 GB of |
| 178 // address space to prevent later failure due to address space fragmentation | 174 // address space to prevent later failure due to address space fragmentation |
| 179 // from .dll loading. The NaCl process will attempt to locate this space by | 175 // from .dll loading. The NaCl process will attempt to locate this space by |
| 180 // scanning the address space using VirtualQuery. | 176 // scanning the address space using VirtualQuery. |
| 181 // TODO(bbudge) Handle the --no-sandbox case. | 177 // TODO(bbudge) Handle the --no-sandbox case. |
| 182 // http://code.google.com/p/nativeclient/issues/detail?id=2131 | 178 // http://code.google.com/p/nativeclient/issues/detail?id=2131 |
| 183 const SIZE_T kNaClSandboxSize = 1 << 30; | 179 const SIZE_T kNaClSandboxSize = 1 << 30; |
| 184 if (!nacl::AllocateAddressSpaceASLR(process, kNaClSandboxSize)) { | 180 if (!nacl::AllocateAddressSpaceASLR(process, kNaClSandboxSize)) { |
| 185 DLOG(WARNING) << "Failed to reserve address space for Native Client"; | 181 DLOG(WARNING) << "Failed to reserve address space for Native Client"; |
| 186 } | 182 } |
| 187 } | 183 } |
| 188 #elif defined(OS_POSIX) | 184 #elif defined(OS_POSIX) && !defined(OS_MACOSX) |
| 189 #if !defined(OS_MACOSX) | |
| 190 content::ZygoteHandle* GetZygote() override { | 185 content::ZygoteHandle* GetZygote() override { |
| 191 return content::GetGenericZygote(); | 186 return content::GetGenericZygote(); |
| 192 } | 187 } |
| 193 #endif // !defined(OS_MACOSX) | |
| 194 | |
| 195 base::ScopedFD TakeIpcFd() override { return std::move(ipc_fd_); } | |
| 196 #endif // OS_WIN | 188 #endif // OS_WIN |
| 197 | |
| 198 private: | |
| 199 #if defined(OS_POSIX) | |
| 200 base::ScopedFD ipc_fd_; | |
| 201 #endif // OS_POSIX | |
| 202 }; | 189 }; |
| 203 | 190 |
| 204 void CloseFile(base::File file) { | 191 void CloseFile(base::File file) { |
| 205 // The base::File destructor will close the file for us. | 192 // The base::File destructor will close the file for us. |
| 206 } | 193 } |
| 207 | 194 |
| 208 } // namespace | 195 } // namespace |
| 209 | 196 |
| 210 unsigned NaClProcessHost::keepalive_throttle_interval_milliseconds_ = | 197 unsigned NaClProcessHost::keepalive_throttle_interval_milliseconds_ = |
| 211 ppapi::kKeepaliveThrottleIntervalDefaultMilliseconds; | 198 ppapi::kKeepaliveThrottleIntervalDefaultMilliseconds; |
| (...skipping 379 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 591 #if defined(OS_WIN) | 578 #if defined(OS_WIN) |
| 592 if (RunningOnWOW64()) { | 579 if (RunningOnWOW64()) { |
| 593 if (!NaClBrokerService::GetInstance()->LaunchLoader( | 580 if (!NaClBrokerService::GetInstance()->LaunchLoader( |
| 594 weak_factory_.GetWeakPtr(), mojo_channel_token)) { | 581 weak_factory_.GetWeakPtr(), mojo_channel_token)) { |
| 595 SendErrorToRenderer("broker service did not launch process"); | 582 SendErrorToRenderer("broker service did not launch process"); |
| 596 return false; | 583 return false; |
| 597 } | 584 } |
| 598 return true; | 585 return true; |
| 599 } | 586 } |
| 600 #endif | 587 #endif |
| 601 process_->Launch( | 588 process_->Launch(new NaClSandboxedProcessLauncherDelegate(), |
| 602 new NaClSandboxedProcessLauncherDelegate(process_->GetHost()), | 589 cmd_line.release(), true); |
| 603 cmd_line.release(), true); | |
| 604 return true; | 590 return true; |
| 605 } | 591 } |
| 606 | 592 |
| 607 bool NaClProcessHost::OnMessageReceived(const IPC::Message& msg) { | 593 bool NaClProcessHost::OnMessageReceived(const IPC::Message& msg) { |
| 608 if (uses_nonsfi_mode_) { | 594 if (uses_nonsfi_mode_) { |
| 609 // IPC messages relating to NaCl's validation cache must not be exposed | 595 // IPC messages relating to NaCl's validation cache must not be exposed |
| 610 // in Non-SFI Mode, otherwise a Non-SFI nexe could use SetKnownToValidate | 596 // in Non-SFI Mode, otherwise a Non-SFI nexe could use SetKnownToValidate |
| 611 // to create a hole in the SFI sandbox. | 597 // to create a hole in the SFI sandbox. |
| 612 // In Non-SFI mode, no message is expected. | 598 // In Non-SFI mode, no message is expected. |
| 613 return false; | 599 return false; |
| (...skipping 572 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1186 NaClStartDebugExceptionHandlerThread( | 1172 NaClStartDebugExceptionHandlerThread( |
| 1187 std::move(process), info, base::ThreadTaskRunnerHandle::Get(), | 1173 std::move(process), info, base::ThreadTaskRunnerHandle::Get(), |
| 1188 base::Bind(&NaClProcessHost::OnDebugExceptionHandlerLaunchedByBroker, | 1174 base::Bind(&NaClProcessHost::OnDebugExceptionHandlerLaunchedByBroker, |
| 1189 weak_factory_.GetWeakPtr())); | 1175 weak_factory_.GetWeakPtr())); |
| 1190 return true; | 1176 return true; |
| 1191 } | 1177 } |
| 1192 } | 1178 } |
| 1193 #endif | 1179 #endif |
| 1194 | 1180 |
| 1195 } // namespace nacl | 1181 } // namespace nacl |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2476883002:
Remove obsolete methods from IPC::Channel and related classes. (Closed)
