Chromium Code Reviews Chromium Code Reviews
Issue 332463003:
Pepper: Remove LOAD_MODULE SRPC call in SFI mode. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: components/nacl/browser/nacl_process_host.cc |
| diff --git a/components/nacl/browser/nacl_process_host.cc b/components/nacl/browser/nacl_process_host.cc |
| index 0a3a0c936d3496e4c22ccd6f1f67e0862d917a55..296d20547f0eb2096764e4de8e3c519bee0aa6b0 100644 |
| --- a/components/nacl/browser/nacl_process_host.cc |
| +++ b/components/nacl/browser/nacl_process_host.cc |
| @@ -250,6 +250,7 @@ unsigned NaClProcessHost::keepalive_throttle_interval_milliseconds_ = |
| NaClProcessHost::NaClProcessHost(const GURL& manifest_url, |
| base::File nexe_file, |
| + NaClFileToken nexe_token, |
| ppapi::PpapiPermissions permissions, |
| int render_view_id, |
| uint32 permission_bits, |
| @@ -262,6 +263,7 @@ NaClProcessHost::NaClProcessHost(const GURL& manifest_url, |
| const base::FilePath& profile_directory) |
| : manifest_url_(manifest_url), |
| nexe_file_(nexe_file.Pass()), |
| + nexe_token_(nexe_token), |
| permissions_(permissions), |
| #if defined(OS_WIN) |
| process_launched_by_broker_(false), |
| @@ -817,15 +819,24 @@ bool NaClProcessHost::StartNaClExecution() { |
| // Enable PPAPI proxy channel creation only for renderer processes. |
| params.enable_ipc_proxy = enable_ppapi_proxy(); |
| + // nexe_file_ still keeps the ownership at this moment, because |params| |
| + // may just be destroyed before sending IPC is properly processed. |
| + // Note that although we set auto_close=true for FileDescriptor's |
| + // constructor, it is not automatically handled in its destructor as RAII. |
| +#if defined(OS_POSIX) |
| + params.nexe_file = |
| + base::FileDescriptor(nexe_file_.TakePlatformFile(), false); |
|
Mark Seaborn
2014/07/08 18:46:00
This leaks the FD. You should either do:
// take
teravest
2014/07/08 19:03:45
Yes, you're right. I wanted GetPlatformFile() here
|
| +#elif defined(OS_WIN) |
| + params.nexe_file = IPC::GetFileHandleForProcess(nexe_file_.TakePlatformFile(), |
|
Mark Seaborn
2014/07/08 18:46:00
This has a similar leak.
teravest
2014/07/08 19:03:45
Done.
|
| + process_->GetData().handle, |
| + false); |
| +#else |
| +#error Unsupported target platform. |
| +#endif |
| + |
| if (uses_nonsfi_mode_) { |
| // Currently, non-SFI mode is supported only on Linux. |
| #if defined(OS_LINUX) |
| - // nexe_file_ still keeps the ownership at this moment, because |params| |
| - // may just be destroyed before sending IPC is properly processed. |
| - // Note that although we set auto_close=true for FileDescriptor's |
| - // constructor, it is not automatically handled in its destructor as RAII. |
| - params.nexe_file = |
| - base::FileDescriptor(nexe_file_.GetPlatformFile(), true); |
| // In non-SFI mode, we do not use SRPC. Make sure that the socketpair is |
| // not created. |
| DCHECK_EQ(internal_->socket_for_sel_ldr, NACL_INVALID_HANDLE); |
| @@ -840,6 +851,11 @@ bool NaClProcessHost::StartNaClExecution() { |
| params.uses_irt = uses_irt_; |
| params.enable_dyncode_syscalls = enable_dyncode_syscalls_; |
| + // TODO(teravest): Resolve the file tokens right now instead of making the |
| + // loader send IPC to resolve them later. |
| + params.nexe_token_lo = nexe_token_.lo; |
| + params.nexe_token_hi = nexe_token_.hi; |
| + |
| const ChildProcessData& data = process_->GetData(); |
| if (!ShareHandleToSelLdr(data.handle, |
| internal_->socket_for_sel_ldr, true, |
| @@ -891,11 +907,10 @@ bool NaClProcessHost::StartNaClExecution() { |
| #endif |
| } |
| - // Here we are about to send the IPC, so release file descriptors to delegate |
| - // the ownership to the message. |
| - if (uses_nonsfi_mode_) { |
| - nexe_file_.TakePlatformFile(); |
| - } else { |
| + // Here we are about to send the IPC, so close the file descriptor in |
| + // nexe_file_. |
| + nexe_file_.Close(); |
|
Mark Seaborn
2014/07/08 18:46:00
This has no effect, because the code did TakePlatf
teravest
2014/07/08 19:03:45
Done.
|
| + if (!uses_nonsfi_mode_) { |
| internal_->socket_for_sel_ldr = NACL_INVALID_HANDLE; |
| } |
