content/ppapi_plugin/ppapi_thread.cc - Issue 2582463003: media: Verify CDM Host files

Side by Side Diff: content/ppapi_plugin/ppapi_thread.cc

Issue 2582463003: media: Verify CDM Host files (Closed)

Patch Set: Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/ppapi_plugin/ppapi_thread.h"	5 #include "content/ppapi_plugin/ppapi_thread.h"

6	6

7 #include <stddef.h>	7 #include <stddef.h>

8	8

9 #include <limits>	9 #include <limits>

10	10

(...skipping 11 matching lines...) Expand all Loading...
22 #include "base/strings/stringprintf.h"	22 #include "base/strings/stringprintf.h"

23 #include "base/strings/utf_string_conversions.h"	23 #include "base/strings/utf_string_conversions.h"

24 #include "base/threading/platform_thread.h"	24 #include "base/threading/platform_thread.h"

25 #include "base/time/time.h"	25 #include "base/time/time.h"

26 #include "base/trace_event/trace_event.h"	26 #include "base/trace_event/trace_event.h"

27 #include "build/build_config.h"	27 #include "build/build_config.h"

28 #include "components/discardable_memory/client/client_discardable_shared_memory_ manager.h"	28 #include "components/discardable_memory/client/client_discardable_shared_memory_ manager.h"

29 #include "content/child/browser_font_resource_trusted.h"	29 #include "content/child/browser_font_resource_trusted.h"

30 #include "content/child/child_process.h"	30 #include "content/child/child_process.h"

31 #include "content/common/child_process_messages.h"	31 #include "content/common/child_process_messages.h"

	32 #include "content/common/media/cdm_host_files.h"

32 #include "content/ppapi_plugin/broker_process_dispatcher.h"	33 #include "content/ppapi_plugin/broker_process_dispatcher.h"

33 #include "content/ppapi_plugin/plugin_process_dispatcher.h"	34 #include "content/ppapi_plugin/plugin_process_dispatcher.h"

34 #include "content/ppapi_plugin/ppapi_blink_platform_impl.h"	35 #include "content/ppapi_plugin/ppapi_blink_platform_impl.h"

35 #include "content/public/common/content_client.h"	36 #include "content/public/common/content_client.h"

36 #include "content/public/common/content_switches.h"	37 #include "content/public/common/content_switches.h"

37 #include "content/public/common/pepper_plugin_info.h"	38 #include "content/public/common/pepper_plugin_info.h"

38 #include "content/public/common/sandbox_init.h"	39 #include "content/public/common/sandbox_init.h"

39 #include "ipc/ipc_channel_handle.h"	40 #include "ipc/ipc_channel_handle.h"

40 #include "ipc/ipc_platform_file.h"	41 #include "ipc/ipc_platform_file.h"

41 #include "ipc/ipc_sync_channel.h"	42 #include "ipc/ipc_sync_channel.h"

(...skipping 305 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
347 reinterpret_cast<PP_InitializeModule_Func>(	348 reinterpret_cast<PP_InitializeModule_Func>(

348 library.GetFunctionPointer("PPP_InitializeModule"));	349 library.GetFunctionPointer("PPP_InitializeModule"));

349 if (!plugin_entry_points_.initialize_module) {	350 if (!plugin_entry_points_.initialize_module) {

350 LOG(WARNING) << "No PPP_InitializeModule in plugin library";	351 LOG(WARNING) << "No PPP_InitializeModule in plugin library";

351 ReportLoadResult(path, ENTRY_POINT_MISSING);	352 ReportLoadResult(path, ENTRY_POINT_MISSING);

352 return;	353 return;

353 }	354 }

354 }	355 }

355 }	356 }

356	357

	358 std::unique_ptr<CdmHostFiles> cdm_host_files;
	xhwang 2016/12/16 01:23:03 Use a local instance such that if we return early Use a local instance such that if we return early for any error, all files will be closed automatically.
	359 // Open CDM host files before the process is sandboxed.

	360 #if defined(OS_WIN) \|\| defined(OS_MACOSX)

	361 if (!is_broker_ && IsCdm(path))

	362 cdm_host_files = OpenCdmHostFiles(path);
	Greg K 2016/12/16 22:10:41 Am I missing something? Where is this defined? Am I missing something? Where is this defined? xhwang 2016/12/16 22:30:15 oops, this is some old code that I didn't update. Show quoted text On 2016/12/16 22:10:41, Greg K wrote: > Am I missing something? Where is this defined? oops, this is some old code that I didn't update. This should be cdm_host_files = CdmHostFiles::Create(path); Greg K 2016/12/16 22:34:41 Thanks, I'll take a look now. Show quoted text On 2016/12/16 22:30:15, xhwang wrote: > On 2016/12/16 22:10:41, Greg K wrote: > > Am I missing something? Where is this defined? > > oops, this is some old code that I didn't update. This should be > > cdm_host_files = CdmHostFiles::Create(path); Thanks, I'll take a look now. xhwang 2017/01/18 06:03:59 Done. Show quoted text On 2016/12/16 22:34:41, Greg K wrote: > On 2016/12/16 22:30:15, xhwang wrote: > > On 2016/12/16 22:10:41, Greg K wrote: > > > Am I missing something? Where is this defined? > > > > oops, this is some old code that I didn't update. This should be > > > > cdm_host_files = CdmHostFiles::Create(path); > > Thanks, I'll take a look now. Done.
	363 #elif defined(OS_LINUX)

	364 cdm_host_files = CdmHostFiles::TakeGlobalInstance();

	365 if (is_broker_ \|\| !IsCdm(path))

	366 cdm_host_files.reset(); // Close all opened files.

	367 #endif

	368

357 #if defined(OS_WIN)	369 #if defined(OS_WIN)

358 // If code subsequently tries to exit using abort(), force a crash (since	370 // If code subsequently tries to exit using abort(), force a crash (since

359 // otherwise these would be silent terminations and fly under the radar).	371 // otherwise these would be silent terminations and fly under the radar).

360 base::win::SetAbortBehaviorForCrashReporting();	372 base::win::SetAbortBehaviorForCrashReporting();

361	373

362 // Once we lower the token the sandbox is locked down and no new modules	374 // Once we lower the token the sandbox is locked down and no new modules

363 // can be loaded. TODO(cpu): consider changing to the loading style of	375 // can be loaded. TODO(cpu): consider changing to the loading style of

364 // regular plugins.	376 // regular plugins.

365 if (g_target_services) {	377 if (g_target_services) {

366 // Let Flash and Widevine CDM adapter load DXVA before lockdown on Vista+.	378 // Let Flash and Widevine CDM adapter load DXVA before lockdown on Vista+.

(...skipping 66 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
433 #endif	445 #endif

434	446

435 int32_t init_error = plugin_entry_points_.initialize_module(	447 int32_t init_error = plugin_entry_points_.initialize_module(

436 local_pp_module_,	448 local_pp_module_,

437 &ppapi::proxy::PluginDispatcher::GetBrowserInterface);	449 &ppapi::proxy::PluginDispatcher::GetBrowserInterface);

438 if (init_error != PP_OK) {	450 if (init_error != PP_OK) {

439 LOG(WARNING) << "InitModule failed with error " << init_error;	451 LOG(WARNING) << "InitModule failed with error " << init_error;

440 ReportLoadResult(path, INIT_FAILED);	452 ReportLoadResult(path, INIT_FAILED);

441 return;	453 return;

442 }	454 }

	455 // Now the process is sandboxed. Verify CDM host.

	456 if (cdm_host_files) {

	457 DCHECK(IsCdm(path));

	458 cdm_host_files->VerifyFiles(library.get(), path);
	xhwang 2016/12/16 01:08:27 tinskip / hmchen: This will be called right after tinskip / hmchen: This will be called right after INITIALIZE_CDM_MODULE() and before CreateCdmInstance(). Haoming Chen 2017/01/04 22:23:39 Acknowledged. Show quoted text On 2016/12/16 01:08:27, xhwang wrote: > tinskip / hmchen: This will be called right after INITIALIZE_CDM_MODULE() and > before CreateCdmInstance(). Acknowledged. Haoming Chen 2017/01/04 22:23:39 The interface name on the design doc (https://docs The interface name on the design doc (https://docs.google.com/document/d/1XXZzRqudB0fQC9q-ZKLUW7NksMMFV-CVzuwXjMhQb...) is "InitVmp", not "VerifyFiles". Which name should we use? xhwang 2017/01/12 20:15:02 Nobody would be able to understand what VMP is. So Show quoted text On 2017/01/04 22:23:39, hmchen1 wrote: > The interface name on the design doc > (https://docs.google.com/document/d/1XXZzRqudB0fQC9q-ZKLUW7NksMMFV-CVzuwXjMhQb...) > is "InitVmp", not "VerifyFiles". > > Which name should we use? Nobody would be able to understand what VMP is. So I'd like a simpler name to describe what we do here.
	459 }

443 }	460 }

444	461

445 // Initialization succeeded, so keep the plugin DLL loaded.	462 // Initialization succeeded, so keep the plugin DLL loaded.

446 library_.Reset(library.Release());	463 library_.Reset(library.Release());

447	464

448 ReportLoadResult(path, LOAD_SUCCESS);	465 ReportLoadResult(path, LOAD_SUCCESS);

449 }	466 }

450	467

451 void PpapiThread::OnCreateChannel(base::ProcessId renderer_pid,	468 void PpapiThread::OnCreateChannel(base::ProcessId renderer_pid,

452 int renderer_child_id,	469 int renderer_child_id,

(...skipping 134 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
587 GetHistogramName(is_broker_, "LoadTime", path),	604 GetHistogramName(is_broker_, "LoadTime", path),

588 base::TimeDelta::FromMilliseconds(1),	605 base::TimeDelta::FromMilliseconds(1),

589 base::TimeDelta::FromSeconds(10),	606 base::TimeDelta::FromSeconds(10),

590 50,	607 50,

591 base::HistogramBase::kUmaTargetedHistogramFlag);	608 base::HistogramBase::kUmaTargetedHistogramFlag);

592	609

593 histogram->AddTime(load_time);	610 histogram->AddTime(load_time);

594 }	611 }

595	612

596 } // namespace content	613 } // namespace content

OLD	NEW