| Index: components/nacl/browser/nacl_process_host.cc
|
| diff --git a/components/nacl/browser/nacl_process_host.cc b/components/nacl/browser/nacl_process_host.cc
|
| index e273204194852c306dbadd64996e59d12ffdbd7c..a10eba722dc2e22ce519a7ff0a7d8434fb722cf3 100644
|
| --- a/components/nacl/browser/nacl_process_host.cc
|
| +++ b/components/nacl/browser/nacl_process_host.cc
|
| @@ -235,19 +235,55 @@ void CloseFile(base::File file) {
|
| unsigned NaClProcessHost::keepalive_throttle_interval_milliseconds_ =
|
| ppapi::kKeepaliveThrottleIntervalDefaultMilliseconds;
|
|
|
| -NaClProcessHost::NaClProcessHost(const GURL& manifest_url,
|
| - base::File nexe_file,
|
| - const NaClFileToken& nexe_token,
|
| - ppapi::PpapiPermissions permissions,
|
| - int render_view_id,
|
| - uint32 permission_bits,
|
| - bool uses_nonsfi_mode,
|
| - bool off_the_record,
|
| - NaClAppProcessType process_type,
|
| - const base::FilePath& profile_directory)
|
| +ResourceFileInfo::ResourceFileInfo()
|
| + : file_token_() {
|
| +}
|
| +
|
| +ResourceFileInfo::ResourceFileInfo(
|
| + base::File file,
|
| + const NaClFileToken& file_token,
|
| + const std::string& file_key)
|
| + : file_(file.Pass()),
|
| + file_token_(file_token),
|
| + file_key_(file_key) {
|
| +}
|
| +
|
| +ResourceFileInfo::~ResourceFileInfo() {
|
| +}
|
| +
|
| +ResourceFileInfo::ResourceFileInfo(RValue other)
|
| + : file_(other.object->file_.Pass()),
|
| + file_token_(other.object->file_token_),
|
| + file_key_(other.object->file_key_) {
|
| +}
|
| +
|
| +ResourceFileInfo& ResourceFileInfo::operator=(RValue other) {
|
| + if (this != other.object) {
|
| + file_ = other.object->file_.Pass();
|
| + file_token_ = other.object->file_token_;
|
| + file_key_ = other.object->file_key_;
|
| + }
|
| + return *this;
|
| +}
|
| +
|
| +NaClProcessHost::NaClProcessHost(
|
| + const GURL& manifest_url,
|
| + base::File nexe_file,
|
| + const NaClFileToken& nexe_token,
|
| + scoped_ptr<ResourceFileInfo[]> resource_files_info,
|
| + size_t resource_files_info_len,
|
| + ppapi::PpapiPermissions permissions,
|
| + int render_view_id,
|
| + uint32 permission_bits,
|
| + bool uses_nonsfi_mode,
|
| + bool off_the_record,
|
| + NaClAppProcessType process_type,
|
| + const base::FilePath& profile_directory)
|
| : manifest_url_(manifest_url),
|
| nexe_file_(nexe_file.Pass()),
|
| nexe_token_(nexe_token),
|
| + resource_files_info_(resource_files_info.Pass()),
|
| + resource_files_info_len_(resource_files_info_len),
|
| permissions_(permissions),
|
| #if defined(OS_WIN)
|
| process_launched_by_broker_(false),
|
| @@ -886,32 +922,45 @@ bool NaClProcessHost::StartNaClExecution() {
|
| }
|
|
|
| base::FilePath file_path;
|
| - // Don't retrieve the file path when using nonsfi mode; there's no validation
|
| - // caching in that case, so it's unnecessary work, and would expose the file
|
| - // path to the plugin.
|
| - if (!uses_nonsfi_mode_ &&
|
| - NaClBrowser::GetInstance()->GetFilePath(nexe_token_.lo,
|
| - nexe_token_.hi,
|
| - &file_path)) {
|
| - // We have to reopen the file in the browser process; we don't want a
|
| - // compromised renderer to pass an arbitrary fd that could get loaded
|
| - // into the plugin process.
|
| - if (base::PostTaskAndReplyWithResult(
|
| - content::BrowserThread::GetBlockingPool(),
|
| - FROM_HERE,
|
| - base::Bind(OpenNaClReadExecImpl,
|
| - file_path,
|
| - true /* is_executable */),
|
| - base::Bind(&NaClProcessHost::StartNaClFileResolved,
|
| - weak_factory_.GetWeakPtr(),
|
| - params,
|
| - file_path))) {
|
| - return true;
|
| + if (uses_nonsfi_mode_) {
|
| + // Don't retrieve the file path when using nonsfi mode; there's no
|
| + // validation caching in that case, so it's unnecessary work, and would
|
| + // expose the file path to the plugin.
|
| + for (size_t i = 0; i < resource_files_info_len_; ++i) {
|
| + IPC::PlatformFileForTransit file = IPC::TakeFileHandleForProcess(
|
| + resource_files_info_[i].file_.Pass(), process_->GetData().handle);
|
| + std::string file_key = resource_files_info_[i].file_key_;
|
| + params.resource_files.push_back(
|
| + // Pass an empty base::FilePath since Non-SFI mode does not use it.
|
| + NaClStartParams::ResourceFileInfo(file, base::FilePath(), file_key));
|
| }
|
| + } else {
|
| + if (NaClBrowser::GetInstance()->GetFilePath(nexe_token_.lo,
|
| + nexe_token_.hi,
|
| + &file_path)) {
|
| + // We have to reopen the file in the browser process; we don't want a
|
| + // compromised renderer to pass an arbitrary fd that could get loaded
|
| + // into the plugin process.
|
| + if (base::PostTaskAndReplyWithResult(
|
| + content::BrowserThread::GetBlockingPool(),
|
| + FROM_HERE,
|
| + base::Bind(OpenNaClReadExecImpl,
|
| + file_path,
|
| + true /* is_executable */),
|
| + base::Bind(&NaClProcessHost::StartNaClFileResolved,
|
| + weak_factory_.GetWeakPtr(),
|
| + params,
|
| + file_path))) {
|
| + return true;
|
| + }
|
| + }
|
| + // TODO(yusukes): Handle |resource_files_info_| for SFI-NaCl.
|
| }
|
|
|
| params.nexe_file = IPC::TakeFileHandleForProcess(nexe_file_.Pass(),
|
| process_->GetData().handle);
|
| +
|
| + params.CheckNumOfDescriptors();
|
| process_->Send(new NaClProcessMsg_Start(params));
|
| return true;
|
| }
|
|
|
Chromium Code Reviews
Issue 649603004:
Non-SFI NaCl: Batch-open resource files (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master