Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(822)

Unified Diff: components/nacl/browser/nacl_host_message_filter.cc

Issue 338523007: Pepper: Whitelist dev channel APIs for some apps. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: gross pnacl hack Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « components/nacl/browser/nacl_host_message_filter.h ('k') | components/nacl/browser/nacl_process_host.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/nacl/browser/nacl_host_message_filter.cc
diff --git a/components/nacl/browser/nacl_host_message_filter.cc b/components/nacl/browser/nacl_host_message_filter.cc
index a71f419358b74d586fa80c269b809f6973e2bd05..16f55929e2673bfb8d71622c75ae9ad28c00ea58 100644
--- a/components/nacl/browser/nacl_host_message_filter.cc
+++ b/components/nacl/browser/nacl_host_message_filter.cc
@@ -10,13 +10,56 @@
#include "components/nacl/browser/nacl_process_host.h"
#include "components/nacl/browser/pnacl_host.h"
#include "components/nacl/common/nacl_host_messages.h"
+#include "content/public/browser/browser_thread.h"
+#include "content/public/browser/plugin_service.h"
+#include "content/public/browser/render_process_host.h"
+#include "content/public/browser/web_contents.h"
#include "ipc/ipc_platform_file.h"
#include "net/url_request/url_request_context.h"
#include "net/url_request/url_request_context_getter.h"
+#include "ppapi/shared_impl/ppapi_permissions.h"
#include "url/gurl.h"
namespace nacl {
+namespace {
+
+ppapi::PpapiPermissions GetNaClPermissions(
+ uint32 permission_bits,
+ content::BrowserContext* browser_context,
+ const GURL& document_url) {
+ // Only allow NaCl plugins to request certain permissions. We don't want
+ // a compromised renderer to be able to start a nacl plugin with e.g. Flash
+ // permissions which may expand the surface area of the sandbox.
+ uint32 masked_bits = permission_bits & ppapi::PERMISSION_DEV;
+ if (content::PluginService::GetInstance()->PpapiDevChannelSupported(
+ browser_context, document_url))
+ masked_bits |= ppapi::PERMISSION_DEV_CHANNEL;
+ return ppapi::PpapiPermissions::GetForCommandLine(masked_bits);
+}
+
+
+ppapi::PpapiPermissions GetPpapiPermissions(uint32 permission_bits,
+ int render_process_id,
+ int render_view_id) {
+ // We get the URL from WebContents from the RenderViewHost, since we don't
+ // have a BrowserPpapiHost yet.
+ content::RenderProcessHost* host =
+ content::RenderProcessHost::FromID(render_process_id);
+ content::RenderViewHost* view_host =
+ content::RenderViewHost::FromID(render_process_id, render_view_id);
+ GURL document_url;
+ content::WebContents* contents =
+ content::WebContents::FromRenderViewHost(view_host);
+ if (contents)
+ document_url = contents->GetLastCommittedURL();
+ return GetNaClPermissions(permission_bits,
+ host->GetBrowserContext(),
+ document_url);
+}
+
+} // namespace
+
NaClHostMessageFilter::NaClHostMessageFilter(
int render_process_id,
bool is_off_the_record,
@@ -72,8 +115,35 @@ net::HostResolver* NaClHostMessageFilter::GetHostResolver() {
void NaClHostMessageFilter::OnLaunchNaCl(
const nacl::NaClLaunchParams& launch_params,
IPC::Message* reply_msg) {
+ // PNaCl hack
+ if (!launch_params.enable_dyncode_syscalls) {
+ uint32 perms = launch_params.permission_bits & ppapi::PERMISSION_DEV;
+ LaunchNaClContinuation(
+ launch_params,
+ reply_msg,
+ ppapi::PpapiPermissions(perms));
+ return;
+ }
+ content::BrowserThread::PostTaskAndReplyWithResult(
+ content::BrowserThread::UI,
+ FROM_HERE,
+ base::Bind(&GetPpapiPermissions,
+ launch_params.permission_bits,
+ render_process_id_,
+ launch_params.render_view_id),
+ base::Bind(&NaClHostMessageFilter::LaunchNaClContinuation,
+ this,
+ launch_params,
+ reply_msg));
+}
+
+void NaClHostMessageFilter::LaunchNaClContinuation(
+ const nacl::NaClLaunchParams& launch_params,
+ IPC::Message* reply_msg,
+ ppapi::PpapiPermissions permissions) {
NaClProcessHost* host = new NaClProcessHost(
GURL(launch_params.manifest_url),
+ permissions,
launch_params.render_view_id,
launch_params.permission_bits,
launch_params.uses_irt,
« no previous file with comments | « components/nacl/browser/nacl_host_message_filter.h ('k') | components/nacl/browser/nacl_process_host.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698