Add a whitelist check for nacl-nonsfi mode

chrome/browser/nacl_host/nacl_browser_delegate_impl.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/nacl_host/nacl_browser_delegate_impl.h"
 
 #include "base/path_service.h"
 #include "base/strings/string_split.h"
 #include "base/strings/string_util.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/component_updater/pnacl/pnacl_component_installer.h"
 #include "chrome/browser/extensions/extension_service.h"
 #include "chrome/browser/nacl_host/nacl_infobar_delegate.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/browser/renderer_host/pepper/chrome_browser_pepper_host_factory.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/chrome_paths_internal.h"
 #include "chrome/common/chrome_version_info.h"
 #include "chrome/common/logging_chrome.h"
+#include "chrome/common/pepper_permission_util.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/site_instance.h"
 #include "extensions/browser/extension_system.h"
 #include "extensions/browser/info_map.h"
 #include "extensions/browser/process_manager.h"
 #include "extensions/common/constants.h"
 #include "extensions/common/extension.h"
 #include "extensions/common/manifest_handlers/shared_module_info.h"
 #include "extensions/common/url_pattern.h"
 #include "ppapi/c/private/ppb_nacl_private.h"
 
 using extensions::SharedModuleInfo;
 
 namespace {
 
+// These are temporarily needed for testing non-sfi mode on ChromeOS without
+// passing command-line arguments to Chrome.
+const char* const kAllowedNonSfiOrigins[] = {
+  "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F",  // see crbug.com/355141
+  "4EB74897CB187C7633357C2FE832E0AD6A44883A"   // see crbug.com/355141
+};
+
 // Handles an extension's NaCl process transitioning in or out of idle state by
 // relaying the state to the extension's process manager.
 //
 // A NaCl instance, when active (making PPAPI calls or receiving callbacks),
 // sends keepalive IPCs to the browser process BrowserPpapiHost at a throttled
 // rate. The content::BrowserPpapiHost passes context information up to the
 // chrome level NaClProcessHost where we use the instance's context to find the
 // associated extension process manager.
 //
 // There is a 1:many relationship for extension:nacl-embeds, but only a
@@ skipping 54 matching lines @@
                                               instance_data,
                                               profile_data_directory));
 }
 
 }  // namespace
 
 NaClBrowserDelegateImpl::NaClBrowserDelegateImpl(
     ProfileManager* profile_manager)
     : profile_manager_(profile_manager), inverse_debug_patterns_(false) {
   DCHECK(profile_manager_);
+  for (size_t i = 0; i < arraysize(kAllowedNonSfiOrigins); ++i) {
+    allowed_nonsfi_origins_.insert(kAllowedNonSfiOrigins[i]);
+  }
 }
 
 NaClBrowserDelegateImpl::~NaClBrowserDelegateImpl() {
 }
 
 void NaClBrowserDelegateImpl::ShowMissingArchInfobar(int render_process_id,
                                                      int render_view_id) {
   content::BrowserThread::PostTask(
       content::BrowserThread::UI, FROM_HERE,
       base::Bind(&NaClInfoBarDelegate::Create, render_process_id,
@@ skipping 82 matching lines @@
   }
 }
 
 // This function is security sensitive.  Be sure to check with a security
 // person before you modify it.
 bool NaClBrowserDelegateImpl::MapUrlToLocalFilePath(
     const GURL& file_url,
     bool use_blocking_api,
     const base::FilePath& profile_directory,
     base::FilePath* file_path) {
-  // Get the profile associated with the renderer.
-  Profile* profile = profile_manager_->GetProfileByPath(profile_directory);
-  if (!profile)
-    return false;
-
   scoped_refptr<extensions::InfoMap> extension_info_map =
-      extensions::ExtensionSystem::Get(profile)->info_map();
-  DCHECK(extension_info_map);
-
+      GetExtensionInfoMap(profile_directory);
   // Check that the URL is recognized by the extension system.
   const extensions::Extension* extension =
       extension_info_map->extensions().GetExtensionOrAppByURL(file_url);
   if (!extension)
     return false;
 
   // This is a short-cut which avoids calling a blocking file operation
   // (GetFilePath()), so that this can be called on the IO thread. It only
   // handles a subset of the urls.
   if (!use_blocking_api) {
@@ skipping 40 matching lines @@
     return false;
 
   *file_path = resource_file_path;
   return true;
 }
 
 content::BrowserPpapiHost::OnKeepaliveCallback
 NaClBrowserDelegateImpl::GetOnKeepaliveCallback() {
   return base::Bind(&OnKeepalive);
 }
+
+bool NaClBrowserDelegateImpl::IsNonSfiModeAllowed(
+    const base::FilePath& profile_directory, const GURL& manifest_url) {
+  const extensions::ExtensionSet* extension_set =
+      &GetExtensionInfoMap(profile_directory)->extensions();
+  return chrome::IsExtensionOrSharedModuleWhitelisted(
+      manifest_url, extension_set, allowed_nonsfi_origins_);
+}
+
+scoped_refptr<extensions::InfoMap> NaClBrowserDelegateImpl::GetExtensionInfoMap(
+    const base::FilePath& profile_directory) {
+  // Get the profile associated with the renderer.
+  Profile* profile = profile_manager_->GetProfileByPath(profile_directory);
+  DCHECK(profile);

[elijahtaylor1, 2014/05/09 18:39:55]

I would like confirmation that this is ok to DCHECK on (before it was a test and
'return false' in MapUrlToLocalFilePath)

+  scoped_refptr<extensions::InfoMap> extension_info_map =
+      extensions::ExtensionSystem::Get(profile)->info_map();
+  DCHECK(extension_info_map);
+  return extension_info_map;
+}