Chromium Code Reviews Chromium Code Reviews
Issue 385983008:
Mojo + NaCl prototype. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 // WARNING this file was generated by $script_name | |
| 6 // Do not edit by hand. | |
| 7 | |
| 8 #include "mojo/monacl/mojo_syscall.h" | |
| 9 | |
| 10 #include <stdio.h> | |
| 11 | |
| 12 #include "mojo/public/c/system/core.h" | |
| 13 #include "native_client/src/public/nacl_app.h" | |
| 14 #include "native_client/src/trusted/desc/nacl_desc_custom.h" | |
| 15 #include "native_client/src/trusted/service_runtime/nacl_copy.h" | |
| 16 #include "native_client/src/trusted/service_runtime/sel_ldr.h" | |
| 17 | |
| 18 namespace { | |
| 19 | |
| 20 class ScopedCopyLock { | |
|
Mark Seaborn
2014/08/26 16:25:53
How about putting all these definitions into a nor
Nick Bray (chromium)
2014/09/03 23:45:03
Moved out templates and inline functions.
| |
| 21 public: | |
| 22 explicit ScopedCopyLock(struct NaClApp *nap) : nap_(nap) { | |
|
Mark Seaborn
2014/08/26 16:25:53
Use "* " spacing in Chromium code. Same elsewhere
Nick Bray (chromium)
2014/09/03 23:45:03
Done.
| |
| 23 NaClCopyTakeLock(nap_); | |
| 24 } | |
| 25 ~ScopedCopyLock() { | |
| 26 NaClCopyDropLock(nap_); | |
| 27 } | |
| 28 private: | |
| 29 struct NaClApp *nap_; | |
| 30 }; | |
| 31 | |
| 32 static INLINE uintptr_t NaClUserToSysAddrArray( | |
| 33 struct NaClApp *nap, | |
| 34 uintptr_t uaddr, | |
|
Mark Seaborn
2014/08/26 16:25:53
Nit: use uint32_t (as you do below)
Nick Bray (chromium)
2014/09/03 23:45:03
Done.
| |
| 35 size_t count, | |
| 36 size_t size) { | |
| 37 // TODO overflow checking | |
|
Mark Seaborn
2014/08/26 16:25:52
Nit: "TODO(ncbray)"
Nick Bray (chromium)
2014/09/03 23:45:02
Done.
| |
| 38 size_t range = count * size; | |
| 39 return NaClUserToSysAddrRange(nap, uaddr, range); | |
| 40 } | |
| 41 | |
| 42 template <typename T> bool ConvertScalarInput( | |
|
Mark Seaborn
2014/08/26 16:25:52
"Convert" is vague. How about ReadScalarInput or
Nick Bray (chromium)
2014/09/03 23:45:03
Although correct for this function, all the "conve
| |
| 43 struct NaClApp *nap, | |
| 44 uint32_t user_ptr, | |
| 45 T* value) { | |
| 46 if (user_ptr) { | |
| 47 uintptr_t temp = NaClUserToSysAddrRange(nap, user_ptr, sizeof(T)); | |
|
Mark Seaborn
2014/08/26 16:25:53
Nit: 'temp' -> 'sys_addr'
Nick Bray (chromium)
2014/09/03 23:45:02
Breaks naming used in related functions.
| |
| 48 if (temp != kNaClBadAddress) { | |
| 49 *value = *reinterpret_cast<T volatile*>(temp); | |
| 50 return true; | |
| 51 } | |
| 52 } | |
| 53 return false; | |
| 54 } | |
| 55 | |
| 56 template <typename T> bool ConvertScalarOutput( | |
|
Mark Seaborn
2014/08/26 16:25:53
This looks like it would be like ConvertScalarInpu
Nick Bray (chromium)
2014/09/03 23:45:03
Part of larger naming discussion. (See above)
| |
| 57 struct NaClApp *nap, | |
| 58 uint32_t user_ptr, | |
| 59 T volatile** sys_ptr) { | |
| 60 if (user_ptr) { | |
| 61 uintptr_t temp = NaClUserToSysAddrRange(nap, user_ptr, sizeof(T)); | |
| 62 if (temp != kNaClBadAddress) { | |
| 63 *sys_ptr = reinterpret_cast<T volatile*>(temp); | |
| 64 return true; | |
| 65 } | |
| 66 } | |
| 67 return false; | |
|
Mark Seaborn
2014/08/26 16:25:53
Security bug: this leaves *sys_ptr undefined, so t
Nick Bray (chromium)
2014/09/03 23:45:03
The caller will always early out. Added paranoid
| |
| 68 } | |
| 69 | |
| 70 template <typename T> bool ConvertScalarInOut( | |
| 71 struct NaClApp *nap, | |
| 72 uint32_t user_ptr, | |
| 73 bool optional, | |
| 74 T* value, | |
| 75 T volatile** sys_ptr) { | |
| 76 if (user_ptr) { | |
| 77 uintptr_t temp = NaClUserToSysAddrRange(nap, user_ptr, sizeof(T)); | |
| 78 if (temp != kNaClBadAddress) { | |
| 79 T volatile* converted = reinterpret_cast<T volatile*>(temp); | |
| 80 *sys_ptr = converted; | |
| 81 *value = *converted; | |
| 82 return true; | |
| 83 } | |
| 84 } else if (optional) { | |
| 85 *sys_ptr = 0; | |
| 86 *value = static_cast<T>(0); // Paranoia. | |
| 87 return true; | |
| 88 } | |
| 89 return false; | |
| 90 } | |
| 91 | |
| 92 template <typename T> bool ConvertArray( | |
| 93 struct NaClApp *nap, | |
| 94 uint32_t user_ptr, | |
| 95 uint32_t length, | |
| 96 bool optional, | |
| 97 T** sys_ptr) { | |
| 98 if (user_ptr) { | |
| 99 uintptr_t temp = NaClUserToSysAddrArray(nap, user_ptr, length, sizeof(T)); | |
| 100 if (temp != kNaClBadAddress) { | |
| 101 *sys_ptr = reinterpret_cast<T*>(temp); | |
| 102 return true; | |
| 103 } | |
| 104 } else if (optional) { | |
| 105 *sys_ptr = 0; | |
| 106 return true; | |
| 107 } | |
| 108 return false; | |
| 109 } | |
| 110 | |
| 111 template <typename T> bool ConvertBytes( | |
| 112 struct NaClApp *nap, | |
| 113 uint32_t user_ptr, | |
| 114 uint32_t length, | |
| 115 bool optional, | |
| 116 T** sys_ptr) { | |
| 117 if (user_ptr) { | |
| 118 uintptr_t temp = NaClUserToSysAddrRange(nap, user_ptr, length); | |
| 119 if (temp != kNaClBadAddress) { | |
| 120 *sys_ptr = reinterpret_cast<T*>(temp); | |
| 121 return true; | |
| 122 } | |
| 123 } else if (optional) { | |
| 124 *sys_ptr = 0; | |
| 125 return true; | |
| 126 } | |
| 127 return false; | |
| 128 } | |
| 129 | |
| 130 // TODO(ncbray): size validation and complete copy. | |
| 131 // TODO(ncbray): ensure non-null / missized structs are covered by a test case. | |
| 132 template <typename T> bool ConvertStruct( | |
| 133 struct NaClApp *nap, | |
| 134 uint32_t user_ptr, | |
| 135 bool optional, | |
| 136 T** sys_ptr) { | |
| 137 if (user_ptr) { | |
| 138 uintptr_t temp = NaClUserToSysAddrRange(nap, user_ptr, sizeof(T)); | |
| 139 if (temp != kNaClBadAddress) { | |
| 140 *sys_ptr = reinterpret_cast<T*>(temp); | |
| 141 return true; | |
| 142 } | |
| 143 } else if (optional) { | |
| 144 *sys_ptr = 0; | |
| 145 return true; | |
| 146 } | |
| 147 return false; | |
| 148 } | |
| 149 | |
| 150 void MojoDescDestroy(void *handle) { | |
| 151 UNREFERENCED_PARAMETER(handle); | |
| 152 } | |
| 153 | |
| 154 ssize_t MojoDescSendMsg(void *handle, | |
| 155 const struct NaClImcTypedMsgHdr *msg, | |
| 156 int flags) { | |
| 157 UNREFERENCED_PARAMETER(flags); | |
| 158 | |
| 159 struct NaClApp *nap = static_cast<struct NaClApp*>(handle); | |
| 160 | |
| 161 if (msg->iov_length != 1 || msg->iov[0].length < 8 || msg->ndesc_length != 0) { | |
| 162 return -1; | |
| 163 } | |
| 164 | |
| 165 uint32_t *params = static_cast<uint32_t*>(msg->iov[0].base); | |
| 166 uint32_t numParams = msg->iov[0].length / sizeof(*params); | |
| 167 | |
| 168 uint32_t msgType = params[0]; | |
| 169 switch (msgType) { | |
| 170 $body | |
| 171 default: | |
| 172 return -1; | |
| 173 } | |
| 174 | |
| 175 return -1; | |
| 176 } | |
| 177 | |
| 178 ssize_t MojoDescRecvMsg(void *handle, | |
| 179 struct NaClImcTypedMsgHdr *msg, | |
| 180 int flags) { | |
| 181 UNREFERENCED_PARAMETER(handle); | |
| 182 UNREFERENCED_PARAMETER(msg); | |
| 183 UNREFERENCED_PARAMETER(flags); | |
| 184 | |
| 185 return -1; | |
| 186 } | |
| 187 | |
| 188 struct NaClDesc *MakeMojoDesc(struct NaClApp *nap) { | |
| 189 struct NaClDescCustomFuncs funcs = NACL_DESC_CUSTOM_FUNCS_INITIALIZER; | |
| 190 funcs.Destroy = MojoDescDestroy; | |
| 191 funcs.SendMsg = MojoDescSendMsg; | |
| 192 funcs.RecvMsg = MojoDescRecvMsg; | |
| 193 return NaClDescMakeCustomDesc(nap, &funcs); | |
| 194 } | |
| 195 | |
| 196 } // namespace | |
| 197 | |
| 198 #define NACL_MOJO_DESC 8 | |
| 199 | |
| 200 void InjectMojo(struct NaClApp *nap) { | |
| 201 NaClAppSetDesc(nap, NACL_MOJO_DESC, MakeMojoDesc(nap)); | |
| 202 } | |
| OLD | NEW |
