Chromium Code Reviews Chromium Code Reviews
Issue 264923011:
Add a whitelist check for nacl-nonsfi mode (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/nacl_host/nacl_browser_delegate_impl.h" | 5 #include "chrome/browser/nacl_host/nacl_browser_delegate_impl.h" |
| 6 | 6 |
| 7 #include "base/path_service.h" | 7 #include "base/path_service.h" |
| 8 #include "base/strings/string_split.h" | 8 #include "base/strings/string_split.h" |
| 9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
| 10 #include "chrome/browser/browser_process.h" | 10 #include "chrome/browser/browser_process.h" |
| 11 #include "chrome/browser/component_updater/pnacl/pnacl_component_installer.h" | 11 #include "chrome/browser/component_updater/pnacl/pnacl_component_installer.h" |
| 12 #include "chrome/browser/extensions/extension_service.h" | 12 #include "chrome/browser/extensions/extension_service.h" |
| 13 #include "chrome/browser/nacl_host/nacl_infobar_delegate.h" | 13 #include "chrome/browser/nacl_host/nacl_infobar_delegate.h" |
| 14 #include "chrome/browser/profiles/profile.h" | 14 #include "chrome/browser/profiles/profile.h" |
| 15 #include "chrome/browser/renderer_host/pepper/chrome_browser_pepper_host_factory .h" | 15 #include "chrome/browser/renderer_host/pepper/chrome_browser_pepper_host_factory .h" |
| 16 #include "chrome/common/chrome_paths.h" | 16 #include "chrome/common/chrome_paths.h" |
| 17 #include "chrome/common/chrome_paths_internal.h" | 17 #include "chrome/common/chrome_paths_internal.h" |
| 18 #include "chrome/common/chrome_version_info.h" | 18 #include "chrome/common/chrome_version_info.h" |
| 19 #include "chrome/common/logging_chrome.h" | 19 #include "chrome/common/logging_chrome.h" |
| 20 #include "chrome/common/pepper_permission_util.h" | |
| 20 #include "content/public/browser/browser_thread.h" | 21 #include "content/public/browser/browser_thread.h" |
| 21 #include "content/public/browser/render_frame_host.h" | 22 #include "content/public/browser/render_frame_host.h" |
| 22 #include "content/public/browser/site_instance.h" | 23 #include "content/public/browser/site_instance.h" |
| 23 #include "extensions/browser/extension_system.h" | 24 #include "extensions/browser/extension_system.h" |
| 24 #include "extensions/browser/info_map.h" | 25 #include "extensions/browser/info_map.h" |
| 25 #include "extensions/browser/process_manager.h" | 26 #include "extensions/browser/process_manager.h" |
| 26 #include "extensions/common/constants.h" | 27 #include "extensions/common/constants.h" |
| 27 #include "extensions/common/extension.h" | 28 #include "extensions/common/extension.h" |
| 28 #include "extensions/common/manifest_handlers/shared_module_info.h" | 29 #include "extensions/common/manifest_handlers/shared_module_info.h" |
| 29 #include "extensions/common/url_pattern.h" | 30 #include "extensions/common/url_pattern.h" |
| 30 #include "ppapi/c/private/ppb_nacl_private.h" | 31 #include "ppapi/c/private/ppb_nacl_private.h" |
| 31 | 32 |
| 32 using extensions::SharedModuleInfo; | 33 using extensions::SharedModuleInfo; |
| 33 | 34 |
| 34 namespace { | 35 namespace { |
| 35 | 36 |
| 37 const char* kAllowedNonSfiOrigins[] = { | |
|
Mark Seaborn
2014/05/08 01:06:02
Nit: This array should be const (const char *const
elijahtaylor1
2014/05/08 20:00:24
Done.
| |
| 38 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/355141 | |
| 39 "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/355141 | |
| 40 }; | |
| 41 | |
| 36 // Handles an extension's NaCl process transitioning in or out of idle state by | 42 // Handles an extension's NaCl process transitioning in or out of idle state by |
| 37 // relaying the state to the extension's process manager. | 43 // relaying the state to the extension's process manager. |
| 38 // | 44 // |
| 39 // A NaCl instance, when active (making PPAPI calls or receiving callbacks), | 45 // A NaCl instance, when active (making PPAPI calls or receiving callbacks), |
| 40 // sends keepalive IPCs to the browser process BrowserPpapiHost at a throttled | 46 // sends keepalive IPCs to the browser process BrowserPpapiHost at a throttled |
| 41 // rate. The content::BrowserPpapiHost passes context information up to the | 47 // rate. The content::BrowserPpapiHost passes context information up to the |
| 42 // chrome level NaClProcessHost where we use the instance's context to find the | 48 // chrome level NaClProcessHost where we use the instance's context to find the |
| 43 // associated extension process manager. | 49 // associated extension process manager. |
| 44 // | 50 // |
| 45 // There is a 1:many relationship for extension:nacl-embeds, but only a | 51 // There is a 1:many relationship for extension:nacl-embeds, but only a |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 98 content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE, | 104 content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE, |
| 99 base::Bind(&OnKeepaliveOnUIThread, | 105 base::Bind(&OnKeepaliveOnUIThread, |
| 100 instance_data, | 106 instance_data, |
| 101 profile_data_directory)); | 107 profile_data_directory)); |
| 102 } | 108 } |
| 103 | 109 |
| 104 } // namespace | 110 } // namespace |
| 105 | 111 |
| 106 NaClBrowserDelegateImpl::NaClBrowserDelegateImpl( | 112 NaClBrowserDelegateImpl::NaClBrowserDelegateImpl( |
| 107 extensions::InfoMap* extension_info_map) | 113 extensions::InfoMap* extension_info_map) |
| 108 : extension_info_map_(extension_info_map), inverse_debug_patterns_(false) {} | 114 : extension_info_map_(extension_info_map), inverse_debug_patterns_(false) { |
| 115 for (size_t i = 0; i < arraysize(kAllowedNonSfiOrigins); ++i) { | |
| 116 allowed_nonsfi_origins_.insert(kAllowedNonSfiOrigins[i]); | |
| 117 } | |
| 118 } | |
| 109 | 119 |
| 110 NaClBrowserDelegateImpl::~NaClBrowserDelegateImpl() { | 120 NaClBrowserDelegateImpl::~NaClBrowserDelegateImpl() { |
| 111 } | 121 } |
| 112 | 122 |
| 113 void NaClBrowserDelegateImpl::ShowMissingArchInfobar(int render_process_id, | 123 void NaClBrowserDelegateImpl::ShowMissingArchInfobar(int render_process_id, |
| 114 int render_view_id) { | 124 int render_view_id) { |
| 115 content::BrowserThread::PostTask( | 125 content::BrowserThread::PostTask( |
| 116 content::BrowserThread::UI, FROM_HERE, | 126 content::BrowserThread::UI, FROM_HERE, |
| 117 base::Bind(&NaClInfoBarDelegate::Create, render_process_id, | 127 base::Bind(&NaClInfoBarDelegate::Create, render_process_id, |
| 118 render_view_id)); | 128 render_view_id)); |
| (...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 258 return false; | 268 return false; |
| 259 | 269 |
| 260 *file_path = resource_file_path; | 270 *file_path = resource_file_path; |
| 261 return true; | 271 return true; |
| 262 } | 272 } |
| 263 | 273 |
| 264 content::BrowserPpapiHost::OnKeepaliveCallback | 274 content::BrowserPpapiHost::OnKeepaliveCallback |
| 265 NaClBrowserDelegateImpl::GetOnKeepaliveCallback() { | 275 NaClBrowserDelegateImpl::GetOnKeepaliveCallback() { |
| 266 return base::Bind(&OnKeepalive); | 276 return base::Bind(&OnKeepalive); |
| 267 } | 277 } |
| 278 | |
| 279 bool NaClBrowserDelegateImpl::IsNonSfiModeAllowed(const GURL& manifest_url) { | |
| 280 const extensions::ExtensionSet* extension_set = | |
| 281 &extension_info_map_->extensions(); | |
| 282 return chrome::IsExtensionOrSharedModuleWhitelisted( | |
| 283 manifest_url, extension_set, allowed_nonsfi_origins_); | |
| 284 } | |
| OLD | NEW |
