Pepper: Whitelist dev channel APIs for some apps.

components/nacl/browser/nacl_process_host.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/nacl/browser/nacl_process_host.h"
 
 #include <algorithm>
 #include <string>
 #include <vector>
 
@@ skipping 20 matching lines @@
 #include "components/nacl/browser/nacl_host_message_filter.h"
 #include "components/nacl/common/nacl_cmd_line.h"
 #include "components/nacl/common/nacl_host_messages.h"
 #include "components/nacl/common/nacl_messages.h"
 #include "components/nacl/common/nacl_process_type.h"
 #include "components/nacl/common/nacl_switches.h"
 #include "content/public/browser/browser_child_process_host.h"
 #include "content/public/browser/browser_ppapi_host.h"
 #include "content/public/browser/child_process_data.h"
 #include "content/public/browser/plugin_service.h"
+#include "content/public/browser/render_process_host.h"
 #include "content/public/common/child_process_host.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/process_type.h"
 #include "content/public/common/sandboxed_process_launcher_delegate.h"
 #include "ipc/ipc_channel.h"
 #include "ipc/ipc_switches.h"
 #include "native_client/src/shared/imc/nacl_imc_c.h"
 #include "net/base/net_util.h"
 #include "net/socket/tcp_listen_socket.h"
 #include "ppapi/host/host_factory.h"
@@ skipping 170 matching lines @@
       reinterpret_cast<nacl::FileDescriptor>(channel));
 #else
   nacl::FileDescriptor channel;
   channel.fd = sourceh;
   channel.auto_close = close_source;
   handles_for_sel_ldr->push_back(channel);
 #endif
   return true;
 }
 
-ppapi::PpapiPermissions GetNaClPermissions(uint32 permission_bits) {
+ppapi::PpapiPermissions GetNaClPermissions(
+    uint32 permission_bits,
+    content::BrowserContext* browser_context,
+    const GURL& document_url) {
   // Only allow NaCl plugins to request certain permissions. We don't want
   // a compromised renderer to be able to start a nacl plugin with e.g. Flash
   // permissions which may expand the surface area of the sandbox.
   uint32 masked_bits = permission_bits & ppapi::PERMISSION_DEV;
-  if (content::PluginService::GetInstance()->PpapiDevChannelSupported())
+  if (content::PluginService::GetInstance()->PpapiDevChannelSupported(
+          browser_context, document_url))
     masked_bits |= ppapi::PERMISSION_DEV_CHANNEL;
   return ppapi::PpapiPermissions::GetForCommandLine(masked_bits);
 }
 
 }  // namespace
 
 namespace nacl {
 
 struct NaClProcessHost::NaClInternal {
   NaClHandle socket_for_renderer;
   NaClHandle socket_for_sel_ldr;
 
   NaClInternal()
     : socket_for_renderer(NACL_INVALID_HANDLE),
       socket_for_sel_ldr(NACL_INVALID_HANDLE) { }
 };
 
 // -----------------------------------------------------------------------------
 
 unsigned NaClProcessHost::keepalive_throttle_interval_milliseconds_ =
     ppapi::kKeepaliveThrottleIntervalDefaultMilliseconds;
 
-NaClProcessHost::NaClProcessHost(const GURL& manifest_url,
+NaClProcessHost::NaClProcessHost(const GURL& document_url,
+                                 const GURL& manifest_url,
+                                 int render_process_id,
                                  int render_view_id,
                                  uint32 permission_bits,
                                  bool uses_irt,
                                  bool uses_nonsfi_mode,
                                  bool enable_dyncode_syscalls,
                                  bool enable_exception_handling,
                                  bool enable_crash_throttling,
                                  bool off_the_record,
                                  const base::FilePath& profile_directory)
     : manifest_url_(manifest_url),
-      permissions_(GetNaClPermissions(permission_bits)),
 #if defined(OS_WIN)
       process_launched_by_broker_(false),
 #endif
       reply_msg_(NULL),
 #if defined(OS_WIN)
       debug_exception_handler_requested_(false),
 #endif
       internal_(new NaClInternal()),
       weak_factory_(this),
       uses_irt_(uses_irt),
       uses_nonsfi_mode_(uses_nonsfi_mode),
       enable_debug_stub_(false),
       enable_dyncode_syscalls_(enable_dyncode_syscalls),
       enable_exception_handling_(enable_exception_handling),
       enable_crash_throttling_(enable_crash_throttling),
       off_the_record_(off_the_record),
       profile_directory_(profile_directory),
       render_view_id_(render_view_id) {
+
+  content::RenderProcessHost* host =
+      content::RenderProcessHost::FromID(render_process_id);
+  permissions_ = GetNaClPermissions(permission_bits,
+                                    host->GetBrowserContext(),
+                                    document_url);
   process_.reset(content::BrowserChildProcessHost::Create(
       PROCESS_TYPE_NACL_LOADER, this));
 
   // Set the display name so the user knows what plugin the process is running.
   // We aren't on the UI thread so getting the pref locale for language
   // formatting isn't possible, so IDN will be lost, but this is probably OK
   // for this use case.
   process_->SetName(net::FormatUrl(manifest_url_, std::string()));
 
   enable_debug_stub_ = CommandLine::ForCurrentProcess()->HasSwitch(
@@ skipping 832 matching lines @@
         process_handle.Take(), info,
         base::MessageLoopProxy::current(),
         base::Bind(&NaClProcessHost::OnDebugExceptionHandlerLaunchedByBroker,
                    weak_factory_.GetWeakPtr()));
     return true;
   }
 }
 #endif
 
 }  // namespace nacl