Pepper: Nexe downloading out of the trusted plugin.

components/nacl/renderer/ppb_nacl_private_impl.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/nacl/renderer/ppb_nacl_private_impl.h"
 
 #include <numeric>
 #include <string>
 #include <vector>
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/command_line.h"
 #include "base/containers/scoped_ptr_hash_map.h"
 #include "base/cpu.h"
 #include "base/lazy_instance.h"
 #include "base/logging.h"
 #include "base/rand_util.h"
 #include "components/nacl/common/nacl_host_messages.h"
 #include "components/nacl/common/nacl_messages.h"
 #include "components/nacl/common/nacl_nonsfi_util.h"
 #include "components/nacl/common/nacl_switches.h"
 #include "components/nacl/common/nacl_types.h"
+#include "components/nacl/renderer/file_downloader.h"
 #include "components/nacl/renderer/histogram.h"
 #include "components/nacl/renderer/json_manifest.h"
 #include "components/nacl/renderer/manifest_downloader.h"
 #include "components/nacl/renderer/manifest_service_channel.h"
 #include "components/nacl/renderer/nexe_load_manager.h"
 #include "components/nacl/renderer/pnacl_translation_resource_host.h"
 #include "components/nacl/renderer/progress_event.h"
 #include "components/nacl/renderer/sandbox_arch.h"
 #include "components/nacl/renderer/trusted_plugin_channel.h"
 #include "content/public/common/content_client.h"
@@ skipping 214 matching lines @@
     bool result = PP_ToBool(manifest_service_.Quit(user_data_));
     DCHECK(!result);
     user_data_ = NULL;
   }
 
   PPP_ManifestService manifest_service_;
   void* user_data_;
   DISALLOW_COPY_AND_ASSIGN(ManifestServiceProxy);
 };
 
+blink::WebURLLoader* CreateWebURLLoader(const blink::WebDocument& document,
+                                        const GURL& gurl) {
+  blink::WebURLLoaderOptions options;
+  options.untrustedHTTP = true;
+
+  // Options settings here follow the original behavior in the trusted
+  // plugin and PepperURLLoaderHost.
+  if (document.securityOrigin().canRequest(gurl)) {
+    options.allowCredentials = true;
+  } else {
+    // Allow CORS.
+    options.crossOriginRequestPolicy =
+        blink::WebURLLoaderOptions::CrossOriginRequestPolicyUseAccessControl;
+  }
+  return document.frame()->createAssociatedURLLoader(options);
+}
+
+blink::WebURLRequest CreateWebURLRequest(const blink::WebDocument& document,
+                                         const GURL& gurl) {
+  blink::WebURLRequest request;
+  request.initialize();
+  request.setURL(gurl);
+  request.setFirstPartyForCookies(document.firstPartyForCookies());
+  return request;
+}
+
 // Launch NaCl's sel_ldr process.
 void LaunchSelLdr(PP_Instance instance,
                   PP_Bool main_service_runtime,
                   const char* alleged_url,
                   PP_Bool uses_irt,
                   PP_Bool uses_ppapi,
                   PP_Bool uses_nonsfi_mode,
                   PP_Bool enable_ppapi_dev,
                   PP_Bool enable_dyncode_syscalls,
                   PP_Bool enable_exception_handling,
@@ skipping 393 matching lines @@
                    uint64_t loaded_bytes,
                    uint64_t total_bytes) {
   ProgressEvent event(event_type,
                       resource_url,
                       PP_ToBool(length_is_computable),
                       loaded_bytes,
                       total_bytes);
   DispatchProgressEvent(instance, event);
 }
 
-void NexeFileDidOpen(PP_Instance instance,
-                     int32_t pp_error,
-                     int32_t fd,
-                     int32_t http_status,
-                     int64_t nexe_bytes_read,
-                     const char* url,
-                     int64_t time_since_open) {
-  NexeLoadManager* load_manager = GetNexeLoadManager(instance);
-  if (load_manager) {
-    load_manager->NexeFileDidOpen(pp_error,
-                                  fd,
-                                  http_status,
-                                  nexe_bytes_read,
-                                  url,
-                                  time_since_open);
-  }
-}
-
 void ReportLoadSuccess(PP_Instance instance,
                        const char* url,
                        uint64_t loaded_bytes,
                        uint64_t total_bytes) {
   NexeLoadManager* load_manager = GetNexeLoadManager(instance);
   if (load_manager)
     load_manager->ReportLoadSuccess(url, loaded_bytes, total_bytes);
 }
 
 void ReportLoadError(PP_Instance instance,
@@ skipping 184 matching lines @@
                                         struct PP_Var* out_data,
                                         base::Time start_time,
                                         PP_NaClError pp_nacl_error,
                                         const std::string& data);
 
 void DownloadManifestToBuffer(PP_Instance instance,
                               struct PP_Var* out_data,
                               struct PP_CompletionCallback callback) {
   nacl::NexeLoadManager* load_manager = GetNexeLoadManager(instance);
   DCHECK(load_manager);
-  if (!load_manager) {
+  content::PepperPluginInstance* plugin_instance =
+      content::PepperPluginInstance::Get(instance);
+  if (!load_manager || !plugin_instance) {
     ppapi::PpapiGlobals::Get()->GetMainThreadMessageLoop()->PostTask(
         FROM_HERE,
         base::Bind(callback.func, callback.user_data,
                    static_cast<int32_t>(PP_ERROR_FAILED)));
   }
+  const blink::WebDocument& document =
+      plugin_instance->GetContainer()->element().document();
 
   const GURL& gurl = load_manager->manifest_base_url();
-
-  content::PepperPluginInstance* plugin_instance =
-      content::PepperPluginInstance::Get(instance);
-  blink::WebURLLoaderOptions options;
-  options.untrustedHTTP = true;
-
-  blink::WebSecurityOrigin security_origin =
-      plugin_instance->GetContainer()->element().document().securityOrigin();
-  // Options settings here follow the original behavior in the trusted
-  // plugin and PepperURLLoaderHost.
-  if (security_origin.canRequest(gurl)) {
-    options.allowCredentials = true;
-  } else {
-    // Allow CORS.
-    options.crossOriginRequestPolicy =
-        blink::WebURLLoaderOptions::CrossOriginRequestPolicyUseAccessControl;
-  }
-
-  blink::WebFrame* frame =
-      plugin_instance->GetContainer()->element().document().frame();
-  blink::WebURLLoader* url_loader = frame->createAssociatedURLLoader(options);
-  blink::WebURLRequest request;
-  request.initialize();
-  request.setURL(gurl);
-  request.setFirstPartyForCookies(frame->document().firstPartyForCookies());
+  scoped_ptr<blink::WebURLLoader> url_loader(
+      CreateWebURLLoader(document, gurl));
+  blink::WebURLRequest request = CreateWebURLRequest(document, gurl);
 
   // ManifestDownloader deletes itself after invoking the callback.
-  ManifestDownloader* client = new ManifestDownloader(
+  ManifestDownloader* manifest_downloader = new ManifestDownloader(
+      url_loader.Pass(),
       load_manager->is_installed(),
       base::Bind(DownloadManifestToBufferCompletion,
                  instance, callback, out_data, base::Time::Now()));
-  url_loader->loadAsynchronously(request, client);
+  manifest_downloader->Load(request);
 }
 
 void DownloadManifestToBufferCompletion(PP_Instance instance,
                                         struct PP_CompletionCallback callback,
                                         struct PP_Var* out_data,
                                         base::Time start_time,
                                         PP_NaClError pp_nacl_error,
                                         const std::string& data) {
   base::TimeDelta download_time = base::Time::Now() - start_time;
   HistogramTimeSmall("NaCl.Perf.StartupTime.ManifestDownload",
@@ skipping 303 matching lines @@
 }
 
 void PostMessageToJavaScript(PP_Instance instance, const char* message) {
   ppapi::PpapiGlobals::Get()->GetMainThreadMessageLoop()->PostTask(
       FROM_HERE,
       base::Bind(&PostMessageToJavaScriptMainThread,
                  instance,
                  std::string(message)));
 }
 
+// Encapsulates some of the state for a call to DownloadNexe to prevent
+// argument lists from getting too long.
+struct DownloadNexeRequest {
+  PP_Instance instance;
+  const char* url;

[bbudge, 2014/05/14 21:46:18]

This pointer makes me very uneasy. It seems it could easily become a dangling
pointer unless you and the callers are very careful. Can we make it a
std::string?

[teravest, 2014/05/15 19:12:21]

Done.

+  PP_CompletionCallback callback;
+  base::Time start_time;
+};
+
+// A utility class to ensure that we don't send progress events more often than
+// every 10ms for a given file.
+class DownloadProgressTracker {

[bbudge, 2014/05/14 21:46:18]

How about ProgressEventRateLimiter?

[teravest, 2014/05/15 19:12:21]

Done.

+ public:
+  explicit DownloadProgressTracker(PP_Instance instance) : instance_(instance) {
+  }
+
+  void ReportProgress(const std::string& url,
+                      int64_t total_bytes_received,
+                      int64_t total_bytes_to_be_received) {
+    base::Time now = base::Time::Now();
+    if (now - last_event_ > base::TimeDelta::FromMilliseconds(10)) {
+      DispatchProgressEvent(instance_,
+                            ProgressEvent(PP_NACL_EVENT_PROGRESS,
+                                          url,
+                                          total_bytes_to_be_received >= 0,
+                                          total_bytes_received,
+                                          total_bytes_to_be_received));
+      last_event_ = now;
+    }
+  }
+
+ private:
+  PP_Instance instance_;
+  base::Time last_event_;
+};
+
+void DownloadNexeCompletion(const DownloadNexeRequest& request,
+                            scoped_ptr<blink::WebURLLoader> loader,
+                            base::PlatformFile target_file,
+                            PP_FileHandle* out_handle,
+                            FileDownloader::Status status,
+                            int http_status);
+
+void DownloadNexe(PP_Instance instance,
+                  const char* url,
+                  PP_FileHandle* out_handle,
+                  PP_CompletionCallback callback) {
+  CHECK(url);
+  CHECK(out_handle);
+  DownloadNexeRequest request;
+  request.instance = instance;
+  request.url = url;
+  request.callback = callback;
+  request.start_time = base::Time::Now();
+
+  // Try the fast path for retrieving the file first.
+  uint64_t file_token_lo = 0;
+  uint64_t file_token_hi = 0;
+  PP_FileHandle file_handle = OpenNaClExecutable(instance,
+                                                 url,
+                                                 &file_token_lo,
+                                                 &file_token_hi);
+  if (file_handle != PP_kInvalidFileHandle) {
+    DownloadNexeCompletion(request,
+                           scoped_ptr<blink::WebURLLoader>(),
+                           file_handle,
+                           out_handle,
+                           FileDownloader::SUCCESS,
+                           200);
+    return;
+  }
+
+  // The fast path didn't work, we'll fetch the file using URLLoader and write
+  // it to local storage.
+  base::PlatformFile target_file = CreateTemporaryFile(instance);
+  GURL gurl(url);
+
+  content::PepperPluginInstance* plugin_instance =
+      content::PepperPluginInstance::Get(instance);
+  if (!plugin_instance) {
+    ppapi::PpapiGlobals::Get()->GetMainThreadMessageLoop()->PostTask(
+        FROM_HERE,
+        base::Bind(callback.func, callback.user_data,
+                   static_cast<int32_t>(PP_ERROR_FAILED)));
+  }
+  const blink::WebDocument& document =
+      plugin_instance->GetContainer()->element().document();
+  scoped_ptr<blink::WebURLLoader> url_loader(
+      CreateWebURLLoader(document, gurl));
+  blink::WebURLRequest url_request = CreateWebURLRequest(document, gurl);
+
+  DownloadProgressTracker* tracker = new DownloadProgressTracker(instance);
+
+  // FileDownloader deletes itself after invoking the callback.
+  FileDownloader* file_downloader = new FileDownloader(
+      url_loader.Pass(),
+      target_file,
+      base::Bind(&DownloadNexeCompletion, request, base::Passed(&url_loader),
+                 target_file, out_handle),

[bbudge, 2014/05/14 21:46:18]

In this case, request's 'url' field likely will be invalid by the time the
callback is invoked.

[teravest, 2014/05/15 19:12:21]

Changed to std::string.

+      base::Bind(&DownloadProgressTracker::ReportProgress,
+                 base::Owned(tracker), url));
+  file_downloader->Load(url_request);
+}
+
+void DownloadNexeCompletion(const DownloadNexeRequest& request,
+                            scoped_ptr<blink::WebURLLoader> loader,
+                            base::PlatformFile target_file,
+                            PP_FileHandle* out_handle,
+                            FileDownloader::Status status,
+                            int http_status) {
+  int32_t pp_error;
+  switch (status) {
+    case FileDownloader::SUCCESS:
+      *out_handle = target_file;
+      pp_error = PP_OK;
+      break;
+    case FileDownloader::ACCESS_DENIED:
+      pp_error = PP_ERROR_NOACCESS;
+      break;
+    case FileDownloader::FAILED:
+      pp_error = PP_ERROR_FAILED;
+      break;
+    default:
+      NOTREACHED();
+      return;
+  }
+
+  int64_t bytes_read = -1;
+  if (pp_error == PP_OK && target_file != base::kInvalidPlatformFileValue) {
+    base::PlatformFileInfo info;
+    if (GetPlatformFileInfo(target_file, &info))
+      bytes_read = info.size;
+  }
+
+  if (bytes_read == -1) {
+    base::ClosePlatformFile(target_file);
+    pp_error = PP_ERROR_FAILED;
+  }
+
+  base::TimeDelta download_time = base::Time::Now() - request.start_time;
+
+  NexeLoadManager* load_manager = GetNexeLoadManager(request.instance);
+  if (load_manager) {
+    load_manager->NexeFileDidOpen(pp_error,
+                                  target_file,
+                                  http_status,
+                                  bytes_read,
+                                  request.url,
+                                  download_time);
+  }
+
+  request.callback.func(request.callback.user_data, pp_error);
+}
+
 const PPB_NaCl_Private nacl_interface = {
   &LaunchSelLdr,
   &StartPpapiProxy,
   &UrandomFD,
   &Are3DInterfacesDisabled,
   &BrokerDuplicateHandle,
   &GetReadonlyPnaclFD,
   &CreateTemporaryFile,
   &GetNumberOfProcessors,
   &PPIsNonSFIModeEnabled,
   &GetNexeFd,
   &ReportTranslationFinished,
   &OpenNaClExecutable,
   &DispatchEvent,
-  &NexeFileDidOpen,
   &ReportLoadSuccess,
   &ReportLoadError,
   &ReportLoadAbort,
   &NexeDidCrash,
   &InstanceCreated,
   &InstanceDestroyed,
   &NaClDebugEnabledForURL,
   &GetSandboxArch,
   &LogToConsole,
   &GetNaClReadyState,
@@ skipping 11 matching lines @@
   &GetManifestURLArgument,
   &DevInterfacesEnabled,
   &DownloadManifestToBuffer,
   &CreatePNaClManifest,
   &CreateJsonManifest,
   &DestroyManifest,
   &ManifestGetProgramURL,
   &ManifestResolveKey,
   &GetPNaClResourceInfo,
   &GetCpuFeatureAttrs,
-  &PostMessageToJavaScript
+  &PostMessageToJavaScript,
+  &DownloadNexe
 };
 
 }  // namespace
 
 const PPB_NaCl_Private* GetNaClPrivateInterface() {
   return &nacl_interface;
 }
 
 }  // namespace nacl