diff options
| author | rsesek@chromium.org <rsesek@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-05-25 16:29:45 +0000 |
|---|---|---|
| committer | rsesek@chromium.org <rsesek@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-05-25 16:29:45 +0000 |
| commit | 32a93e0c1ac080239558a2ff6a499857d144571f (patch) | |
| tree | d0239ad9a566322c79163a03d91351b3bf1cf127 | |
| parent | fa13583bee02fb9e2b02c7d761bfb291e9035abc (diff) | |
| download | chromium_src-32a93e0c1ac080239558a2ff6a499857d144571f.zip chromium_src-32a93e0c1ac080239558a2ff6a499857d144571f.tar.gz chromium_src-32a93e0c1ac080239558a2ff6a499857d144571f.tar.bz2 | |
Revert 202278 "NaCl: enable meta-based validation for shared lib..."
Regressed Linux sizes for nacl_helper
http://build.chromium.org/p/chromium/buildstatus?builder=Linux&number=39450
> NaCl: enable meta-based validation for shared libraries.
>
> This is the Chrome-side half of a CL to allow mmaping and skipping validation
> for chrome-extension: files we have seen before and know are safe. To do this
> we need to know the path of the file on disk, but we don't entirely trust the
> renderer not to tamper with it. To work around this, a nonce is passed along
> with the file handle. This nonce can be used by the NaCl process to acquire the
> file handle directly from the browser process, as well as a fresh copy of the
> file handle.
>
> This change significantly revises the OpenNaClExecutable method of the
> PPB_NaCl_Private interface. The method was added anticipation of this CL, but
> the overall design shifted after the method was added.
>
> BUG=https://code.google.com/p/chromium/issues/detail?id=224434
>
> Review URL: https://chromiumcodereview.appspot.com/14750007
TBR=ncbray@chromium.org
Review URL: https://codereview.chromium.org/15820005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@202304 0039d316-1c4b-4281-b951-d872f2087c98
21 files changed, 132 insertions, 441 deletions
diff --git a/chrome/browser/nacl_host/nacl_browser.cc b/chrome/browser/nacl_host/nacl_browser.cc index 9908f1d..d05d42e 100644 --- a/chrome/browser/nacl_host/nacl_browser.cc +++ b/chrome/browser/nacl_host/nacl_browser.cc @@ -10,7 +10,6 @@ #include "base/metrics/histogram.h" #include "base/path_service.h" #include "base/pickle.h" -#include "base/rand_util.h" #include "base/strings/string_split.h" #include "base/win/windows_version.h" #include "build/build_config.h" @@ -37,16 +36,6 @@ enum ValidationCacheStatus { CACHE_MAX }; -// Keep the cache bounded to an arbitrary size. If it's too small, useful -// entries could be evicted when multiple .nexes are loaded at once. On the -// other hand, entries are not always claimed (and hence removed), so the size -// of the cache will likely saturate at its maximum size. -// Entries may not be claimed for two main reasons. 1) the NaCl process could -// be killed while it is loading. 2) the trusted NaCl plugin opens files using -// the code path but doesn't resolve them. -// TODO(ncbray) don't cache files that the plugin will not resolve. -const int kFilePathCacheSize = 100; - const base::FilePath::StringType NaClIrtName() { base::FilePath::StringType irt_name(FILE_PATH_LITERAL("nacl_irt_")); @@ -117,40 +106,6 @@ void LogCacheSet(ValidationCacheStatus status) { } // namespace -namespace nacl { - -void OpenNaClExecutableImpl(const base::FilePath& file_path, - base::PlatformFile* file) { - // Get a file descriptor. On Windows, we need 'GENERIC_EXECUTE' in order to - // memory map the executable. - // IMPORTANT: This file descriptor must not have write access - that could - // allow a NaCl inner sandbox escape. - base::PlatformFileError error_code; - *file = base::CreatePlatformFile( - file_path, - (base::PLATFORM_FILE_OPEN | - base::PLATFORM_FILE_READ | - base::PLATFORM_FILE_EXECUTE), // Windows only flag. - NULL, - &error_code); - if (error_code != base::PLATFORM_FILE_OK) { - *file = base::kInvalidPlatformFileValue; - return; - } - // Check that the file does not reference a directory. Returning a descriptor - // to an extension directory could allow an outer sandbox escape. openat(...) - // could be used to traverse into the file system. - base::PlatformFileInfo file_info; - if (!base::GetPlatformFileInfo(*file, &file_info) || - file_info.is_directory) { - base::ClosePlatformFile(*file); - *file = base::kInvalidPlatformFileValue; - return; - } -} - -} - NaClBrowser::NaClBrowser() : weak_factory_(this), irt_platform_file_(base::kInvalidPlatformFileValue), @@ -164,7 +119,6 @@ NaClBrowser::NaClBrowser() kValidationCacheEnabledByDefault)), validation_cache_is_modified_(false), validation_cache_state_(NaClResourceUninitialized), - path_cache_(kFilePathCacheSize), ok_(true) { InitIrtFilePath(); InitValidationCacheFilePath(); @@ -418,41 +372,6 @@ const base::FilePath& NaClBrowser::GetIrtFilePath() { return irt_filepath_; } -void NaClBrowser::PutFilePath(const base::FilePath& path, uint64* file_token_lo, - uint64* file_token_hi) { - while (true) { - uint64 file_token[2] = {base::RandUint64(), base::RandUint64()}; - // A zero file_token indicates there is no file_token, if we get zero, ask - // for another number. - if (file_token[0] != 0 || file_token[1] != 0) { - // If the file_token is in use, ask for another number. - std::string key(reinterpret_cast<char*>(file_token), sizeof(file_token)); - PathCacheType::iterator iter = path_cache_.Peek(key); - if (iter == path_cache_.end()) { - path_cache_.Put(key, path); - *file_token_lo = file_token[0]; - *file_token_hi = file_token[1]; - break; - } - } - } -} - -bool NaClBrowser::GetFilePath(uint64 file_token_lo, uint64 file_token_hi, - base::FilePath* path) { - uint64 file_token[2] = {file_token_lo, file_token_hi}; - std::string key(reinterpret_cast<char*>(file_token), sizeof(file_token)); - PathCacheType::iterator iter = path_cache_.Peek(key); - if (iter == path_cache_.end()) { - *path = base::FilePath(FILE_PATH_LITERAL("")); - return false; - } - *path = iter->second; - path_cache_.Erase(iter); - return true; -} - - bool NaClBrowser::QueryKnownToValidate(const std::string& signature, bool off_the_record) { if (off_the_record) { diff --git a/chrome/browser/nacl_host/nacl_browser.h b/chrome/browser/nacl_host/nacl_browser.h index e2f041e..f3d8646 100644 --- a/chrome/browser/nacl_host/nacl_browser.h +++ b/chrome/browser/nacl_host/nacl_browser.h @@ -6,7 +6,6 @@ #define CHROME_BROWSER_NACL_HOST_NACL_BROWSER_H_ #include "base/bind.h" -#include "base/containers/mru_cache.h" #include "base/files/file_util_proxy.h" #include "base/memory/singleton.h" #include "base/memory/weak_ptr.h" @@ -16,15 +15,6 @@ class URLPattern; class GURL; -namespace nacl { - -// Open an immutable executable file that can be mmapped. -// This function should only be called on a thread that can perform file IO. -void OpenNaClExecutableImpl(const base::FilePath& file_path, - base::PlatformFile* file); - -} - // Represents shared state for all NaClProcessHost objects in the browser. class NaClBrowser { public: @@ -80,32 +70,6 @@ class NaClBrowser { return validation_cache_.GetValidationCacheKey(); } - // The NaCl singleton keeps information about NaCl executable files opened via - // PPAPI. This allows the NaCl process to get trusted information about the - // file directly from the browser process. In theory, a compromised renderer - // could provide a writable file handle or lie about the file's path. If we - // trusted the handle was read only but it was not, an mmapped file could be - // modified after validation, allowing an escape from the NaCl sandbox. - // Similarly, if we trusted the file path corresponded to the file handle but - // it did not, the validation cache could be tricked into bypassing validation - // for bad code. - // Instead of allowing these attacks, the NaCl process only trusts information - // it gets directly from the browser process. Because the information is - // stored in a cache of bounded size, it is not guaranteed the browser process - // will be able to provide the requested information. In these cases, the - // NaCl process must make conservative assumptions about the origin of the - // file. - // In theory, a compromised renderer could guess file tokens in an attempt to - // read files it normally doesn't have access to. This would not compromise - // the NaCl sandbox, however, and only has a 1 in ~2**120 chance of success - // per guess. - // TODO(ncbray): move the cache onto NaClProcessHost so that we don't need to - // rely on tokens being unguessable by another process. - void PutFilePath(const base::FilePath& path, uint64* file_token_lo, - uint64* file_token_hi); - bool GetFilePath(uint64 file_token_lo, uint64 file_token_hi, - base::FilePath* path); - bool QueryKnownToValidate(const std::string& signature, bool off_the_record); void SetKnownToValidate(const std::string& signature, bool off_the_record); void ClearValidationCache(const base::Closure& callback); @@ -159,9 +123,6 @@ class NaClBrowser { NaClResourceState validation_cache_state_; base::Callback<void(int)> debug_stub_port_listener_; - typedef base::HashingMRUCache<std::string, base::FilePath> PathCacheType; - PathCacheType path_cache_; - bool ok_; // A list of pending tasks to start NaCl processes. diff --git a/chrome/browser/nacl_host/nacl_file_host.cc b/chrome/browser/nacl_host/nacl_file_host.cc index 16015ca..7cb61e6 100644 --- a/chrome/browser/nacl_host/nacl_file_host.cc +++ b/chrome/browser/nacl_host/nacl_file_host.cc @@ -12,7 +12,6 @@ #include "base/threading/sequenced_worker_pool.h" #include "base/utf_string_conversions.h" #include "chrome/browser/extensions/extension_info_map.h" -#include "chrome/browser/nacl_host/nacl_browser.h" #include "chrome/browser/renderer_host/chrome_render_message_filter.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/extensions/manifest_handlers/shared_module_info.h" @@ -129,29 +128,6 @@ void DoCreateTemporaryFile( chrome_render_message_filter->Send(reply_msg); } -void DoRegisterOpenedNaClExecutableFile( - scoped_refptr<ChromeRenderMessageFilter> chrome_render_message_filter, - base::PlatformFile file, - base::FilePath file_path, - IPC::Message* reply_msg) { - // IO thread owns the NaClBrowser singleton. - DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); - - NaClBrowser* nacl_browser = NaClBrowser::GetInstance(); - uint64_t file_token_lo = 0; - uint64_t file_token_hi = 0; - nacl_browser->PutFilePath(file_path, &file_token_lo, &file_token_hi); - - IPC::PlatformFileForTransit file_desc = IPC::GetFileHandleForProcess( - file, - chrome_render_message_filter->peer_handle(), - true /* close_source */); - - ChromeViewHostMsg_OpenNaClExecutable::WriteReplyParams( - reply_msg, file_desc, file_token_lo, file_token_hi); - chrome_render_message_filter->Send(reply_msg); -} - // Convert the file URL into a file path in the extension directory. // This function is security sensitive. Be sure to check with a security // person before you modify it. @@ -218,21 +194,39 @@ void DoOpenNaClExecutableOnThreadPool( return; } - base::PlatformFile file; - nacl::OpenNaClExecutableImpl(file_path, &file); - if (file != base::kInvalidPlatformFileValue) { - // This function is running on the blocking pool, but the path needs to be - // registered in a structure owned by the IO thread. - BrowserThread::PostTask( - BrowserThread::IO, FROM_HERE, - base::Bind( - &DoRegisterOpenedNaClExecutableFile, - chrome_render_message_filter, - file, file_path, reply_msg)); - } else { + // Get a file descriptor. On Windows, we need 'GENERIC_EXECUTE' in order to + // memory map the executable. + // IMPORTANT: This file descriptor must not have write access - that could + // allow a sandbox escape. + base::PlatformFileError error_code; + base::PlatformFile file = base::CreatePlatformFile( + file_path, + base::PLATFORM_FILE_OPEN | + base::PLATFORM_FILE_READ | + base::PLATFORM_FILE_EXECUTE, // Windows only flag. + NULL, + &error_code); + if (error_code != base::PLATFORM_FILE_OK) { NotifyRendererOfError(chrome_render_message_filter, reply_msg); return; } + // Check that the file does not reference a directory. Returning a descriptor + // to an extension directory could allow a sandbox escape. + base::PlatformFileInfo file_info; + if (!base::GetPlatformFileInfo(file, &file_info) || file_info.is_directory) + { + NotifyRendererOfError(chrome_render_message_filter, reply_msg); + return; + } + + IPC::PlatformFileForTransit file_desc = IPC::GetFileHandleForProcess( + file, + chrome_render_message_filter->peer_handle(), + true /* close_source */); + + ChromeViewHostMsg_OpenNaClExecutable::WriteReplyParams( + reply_msg, file_path, file_desc); + chrome_render_message_filter->Send(reply_msg); } } // namespace diff --git a/chrome/browser/nacl_host/nacl_process_host.cc b/chrome/browser/nacl_host/nacl_process_host.cc index 3cac2b74..a2f383e 100644 --- a/chrome/browser/nacl_host/nacl_process_host.cc +++ b/chrome/browser/nacl_host/nacl_process_host.cc @@ -619,8 +619,6 @@ bool NaClProcessHost::OnMessageReceived(const IPC::Message& msg) { OnQueryKnownToValidate) IPC_MESSAGE_HANDLER(NaClProcessMsg_SetKnownToValidate, OnSetKnownToValidate) - IPC_MESSAGE_HANDLER_DELAY_REPLY(NaClProcessMsg_ResolveFileToken, - OnResolveFileToken) #if defined(OS_WIN) IPC_MESSAGE_HANDLER_DELAY_REPLY(NaClProcessMsg_AttachDebugExceptionHandler, OnAttachDebugExceptionHandler) @@ -759,6 +757,7 @@ bool NaClProcessHost::StartNaClExecution() { if (params.uses_irt) { base::PlatformFile irt_file = nacl_browser->IrtFile(); CHECK_NE(irt_file, base::kInvalidPlatformFileValue); + // Send over the IRT file handle. We don't close our own copy! if (!ShareHandleToSelLdr(data.handle, irt_file, false, ¶ms.handles)) return false; @@ -927,86 +926,6 @@ void NaClProcessHost::OnSetKnownToValidate(const std::string& signature) { NaClBrowser::GetInstance()->SetKnownToValidate(signature, off_the_record_); } -void NaClProcessHost::FileResolved( - base::PlatformFile* file, - const base::FilePath& file_path, - IPC::Message* reply_msg) { - if (*file != base::kInvalidPlatformFileValue) { - IPC::PlatformFileForTransit handle = IPC::GetFileHandleForProcess( - *file, - process_->GetData().handle, - true /* close_source */); - NaClProcessMsg_ResolveFileToken::WriteReplyParams( - reply_msg, - handle, - file_path); - } else { - NaClProcessMsg_ResolveFileToken::WriteReplyParams( - reply_msg, - IPC::InvalidPlatformFileForTransit(), - base::FilePath(FILE_PATH_LITERAL(""))); - } - Send(reply_msg); -} - -void NaClProcessHost::OnResolveFileToken(uint64 file_token_lo, - uint64 file_token_hi, - IPC::Message* reply_msg) { - // Was the file registered? - // - // Note that the file path cache is of bounded size, and old entries can get - // evicted. If a large number of NaCl modules are being launched at once, - // resolving the file_token may fail because the path cache was thrashed - // while the file_token was in flight. In this case the query fails, and we - // need to fall back to the slower path. - // - // However: each NaCl process will consume 2-3 entries as it starts up, this - // means that eviction will not happen unless you start up 33+ NaCl processes - // at the same time, and this still requires worst-case timing. As a - // practical matter, no entries should be evicted prematurely. - // The cache itself should take ~ (150 characters * 2 bytes/char + ~60 bytes - // data structure overhead) * 100 = 35k when full, so making it bigger should - // not be a problem, if needed. - // - // Each NaCl process will consume 2-3 entries because the manifest and main - // nexe are currently not resolved. Shared libraries will be resolved. They - // will be loaded sequentially, so they will only consume a single entry - // while the load is in flight. - // - // TODO(ncbray): track behavior with UMA. If entries are getting evicted or - // bogus keys are getting queried, this would be good to know. - base::FilePath file_path; - if (!NaClBrowser::GetInstance()->GetFilePath(file_token_lo, file_token_hi, - &file_path)) { - NaClProcessMsg_ResolveFileToken::WriteReplyParams( - reply_msg, - IPC::InvalidPlatformFileForTransit(), - base::FilePath(FILE_PATH_LITERAL(""))); - Send(reply_msg); - return; - } - - // Scratch space to share between the callbacks. - base::PlatformFile* data = new base::PlatformFile(); - - // Open the file. - if (!content::BrowserThread::PostBlockingPoolTaskAndReply( - FROM_HERE, - base::Bind(nacl::OpenNaClExecutableImpl, - file_path, data), - base::Bind(&NaClProcessHost::FileResolved, - weak_factory_.GetWeakPtr(), - base::Owned(data), - file_path, - reply_msg))) { - NaClProcessMsg_ResolveFileToken::WriteReplyParams( - reply_msg, - IPC::InvalidPlatformFileForTransit(), - base::FilePath(FILE_PATH_LITERAL(""))); - Send(reply_msg); - } -} - #if defined(OS_WIN) void NaClProcessHost::OnAttachDebugExceptionHandler(const std::string& info, IPC::Message* reply_msg) { diff --git a/chrome/browser/nacl_host/nacl_process_host.h b/chrome/browser/nacl_host/nacl_process_host.h index 813890f..584dc9a 100644 --- a/chrome/browser/nacl_host/nacl_process_host.h +++ b/chrome/browser/nacl_host/nacl_process_host.h @@ -146,11 +146,6 @@ class NaClProcessHost : public content::BrowserChildProcessHostDelegate { // Message handlers for validation caching. void OnQueryKnownToValidate(const std::string& signature, bool* result); void OnSetKnownToValidate(const std::string& signature); - void OnResolveFileToken(uint64 file_token_lo, uint64 file_token_hi, - IPC::Message* reply_msg); - void FileResolved(base::PlatformFile* file, const base::FilePath& file_path, - IPC::Message* reply_msg); - #if defined(OS_WIN) // Message handler for Windows hardware exception handling. void OnAttachDebugExceptionHandler(const std::string& info, diff --git a/chrome/common/nacl_messages.h b/chrome/common/nacl_messages.h index f37ca83..acafe7e 100644 --- a/chrome/common/nacl_messages.h +++ b/chrome/common/nacl_messages.h @@ -9,7 +9,6 @@ #include "chrome/common/nacl_types.h" #include "ipc/ipc_channel_handle.h" #include "ipc/ipc_message_macros.h" -#include "ipc/ipc_platform_file.h" #define IPC_MESSAGE_START NaClMsgStart @@ -79,15 +78,6 @@ IPC_SYNC_MESSAGE_CONTROL1_1(NaClProcessMsg_QueryKnownToValidate, IPC_MESSAGE_CONTROL1(NaClProcessMsg_SetKnownToValidate, std::string /* A validation signature */) -// Used by the NaCl process to acquire trusted information about a file directly -// from the browser, including the file's path as well as a fresh version of the -// file handle. -IPC_SYNC_MESSAGE_CONTROL2_2(NaClProcessMsg_ResolveFileToken, - uint64, /* file_token_lo */ - uint64, /* file_token_hi */ - IPC::PlatformFileForTransit, /* fd */ - base::FilePath /* Path opened to get fd */) - // Notify the browser process that the server side of the PPAPI channel was // created successfully. IPC_MESSAGE_CONTROL1(NaClProcessHostMsg_PpapiChannelCreated, diff --git a/chrome/common/render_messages.h b/chrome/common/render_messages.h index 366394a..5a946e3 100644 --- a/chrome/common/render_messages.h +++ b/chrome/common/render_messages.h @@ -614,12 +614,11 @@ IPC_MESSAGE_CONTROL2(ChromeViewHostMsg_NaClErrorStatus, // A renderer sends this to the browser process when it wants to // open a NaCl executable file from an installed application directory. -IPC_SYNC_MESSAGE_CONTROL2_3(ChromeViewHostMsg_OpenNaClExecutable, +IPC_SYNC_MESSAGE_CONTROL2_2(ChromeViewHostMsg_OpenNaClExecutable, int /* render_view_id */, GURL /* URL of NaCl executable file */, - IPC::PlatformFileForTransit /* output file */, - uint64_t /* file_token_lo */, - uint64_t /* file_token_hi */) + base::FilePath /* absolute path to opened file */, + IPC::PlatformFileForTransit /* output file */) // Notification that the page has an OpenSearch description document // associated with it. diff --git a/chrome/nacl/nacl_listener.cc b/chrome/nacl/nacl_listener.cc index d70ecd1..b0b27e9 100644 --- a/chrome/nacl/nacl_listener.cc +++ b/chrome/nacl/nacl_listener.cc @@ -21,7 +21,6 @@ #include "ipc/ipc_sync_channel.h" #include "ipc/ipc_sync_message_filter.h" #include "native_client/src/trusted/service_runtime/sel_main_chrome.h" -#include "native_client/src/trusted/validator/nacl_file_info.h" #if defined(OS_POSIX) #include "base/file_descriptor_posix.h" @@ -131,38 +130,6 @@ class BrowserValidationDBProxy : public NaClValidationDB { } } - virtual bool ResolveFileToken(struct NaClFileToken* file_token, - int32* fd, std::string* path) OVERRIDE { - *fd = -1; - *path = ""; - if (file_token->lo == 0 && file_token->hi == 0) { - return false; - } - IPC::PlatformFileForTransit ipc_fd; - base::FilePath ipc_path; - if (!listener_->Send(new NaClProcessMsg_ResolveFileToken(file_token->lo, - file_token->hi, - &ipc_fd, - &ipc_path))) { - return false; - } - if (ipc_fd == IPC::InvalidPlatformFileForTransit()) { - return false; - } - base::PlatformFile handle = - IPC::PlatformFileForTransitToPlatformFile(ipc_fd); -#if defined(OS_WIN) - // On Windows, valid handles are 32 bit unsigned integers so this is safe. - *fd = reinterpret_cast<uintptr_t>(handle); -#else - *fd = handle; -#endif - // It doesn't matter if the path is invalid UTF8 as long as it's consistent - // and unforgeable. - *path = ipc_path.AsUTF8Unsafe(); - return true; - } - private: // The listener never dies, otherwise this might be a dangling reference. NaClListener* listener_; diff --git a/chrome/nacl/nacl_validation_db.h b/chrome/nacl/nacl_validation_db.h index 81351d22..c4fabcb 100644 --- a/chrome/nacl/nacl_validation_db.h +++ b/chrome/nacl/nacl_validation_db.h @@ -9,8 +9,6 @@ #include "base/basictypes.h" -struct NaClFileToken; - class NaClValidationDB { public: NaClValidationDB() {} @@ -18,8 +16,6 @@ class NaClValidationDB { virtual bool QueryKnownToValidate(const std::string& signature) = 0; virtual void SetKnownToValidate(const std::string& signature) = 0; - virtual bool ResolveFileToken(struct NaClFileToken* file_token, - int32* fd, std::string* path) = 0; private: DISALLOW_COPY_AND_ASSIGN(NaClValidationDB); diff --git a/chrome/nacl/nacl_validation_query.cc b/chrome/nacl/nacl_validation_query.cc index 0ff831c..37d9b78 100644 --- a/chrome/nacl/nacl_validation_query.cc +++ b/chrome/nacl/nacl_validation_query.cc @@ -7,8 +7,6 @@ #include "base/logging.h" #include "crypto/nss_util.h" #include "chrome/nacl/nacl_validation_db.h" -#include "native_client/src/include/portability.h" -#include "native_client/src/trusted/validator/nacl_file_info.h" #include "native_client/src/trusted/validator/validation_cache.h" NaClValidationQueryContext::NaClValidationQueryContext( @@ -31,13 +29,6 @@ NaClValidationQuery* NaClValidationQueryContext::CreateQuery() { return query; } -bool NaClValidationQueryContext::ResolveFileToken( - struct NaClFileToken* file_token, - int32* fd, - std::string* path) { - return db_->ResolveFileToken(file_token, fd, path); -} - NaClValidationQuery::NaClValidationQuery(NaClValidationDB* db, const std::string& profile_key) : state_(READY), @@ -136,24 +127,6 @@ static void DestroyQuery(void* query) { delete static_cast<NaClValidationQuery*>(query); } -static int ResolveFileToken(void* handle, struct NaClFileToken* file_token, - int32* fd, char** file_path, - uint32* file_path_length) { - std::string path; - *file_path = NULL; - *file_path_length = 0; - bool ok = static_cast<NaClValidationQueryContext*>(handle)-> - ResolveFileToken(file_token, fd, &path); - if (ok) { - *file_path = static_cast<char*>(malloc(path.length() + 1)); - CHECK(*file_path); - memcpy(*file_path, path.data(), path.length()); - (*file_path)[path.length()] = 0; - *file_path_length = static_cast<uint32>(path.length()); - } - return ok; -} - struct NaClValidationCache* CreateValidationCache( NaClValidationDB* db, const std::string& profile_key, const std::string& nacl_version) { @@ -167,6 +140,5 @@ struct NaClValidationCache* CreateValidationCache( cache->QueryKnownToValidate = QueryKnownToValidate; cache->SetKnownToValidate = SetKnownToValidate; cache->DestroyQuery = DestroyQuery; - cache->ResolveFileToken = ResolveFileToken; return cache; } diff --git a/chrome/nacl/nacl_validation_query.h b/chrome/nacl/nacl_validation_query.h index a849b81..fe82649 100644 --- a/chrome/nacl/nacl_validation_query.h +++ b/chrome/nacl/nacl_validation_query.h @@ -11,7 +11,6 @@ #include "base/strings/string_piece.h" #include "crypto/hmac.h" -struct NaClFileToken; struct NaClValidationCache; class NaClValidationDB; class NaClValidationQuery; @@ -24,9 +23,6 @@ class NaClValidationQueryContext { NaClValidationQuery* CreateQuery(); - bool ResolveFileToken(struct NaClFileToken* file_token, int32* fd, - std::string* path); - private: NaClValidationDB* db_; diff --git a/chrome/nacl/nacl_validation_query_unittest.cc b/chrome/nacl/nacl_validation_query_unittest.cc index 511000d..baf930d 100644 --- a/chrome/nacl/nacl_validation_query_unittest.cc +++ b/chrome/nacl/nacl_validation_query_unittest.cc @@ -67,13 +67,6 @@ class MockValidationDB : public NaClValidationDB { NaClValidationQuery::kDigestLength)); } - virtual bool ResolveFileToken(struct NaClFileToken* file_token, int32* fd, - std::string* path) OVERRIDE { - *fd = -1; - *path = ""; - return false; - } - bool did_query_; bool did_set_; bool status_; diff --git a/chrome/renderer/pepper/ppb_nacl_private_impl.cc b/chrome/renderer/pepper/ppb_nacl_private_impl.cc index dab0726..60a79ebc 100644 --- a/chrome/renderer/pepper/ppb_nacl_private_impl.cc +++ b/chrome/renderer/pepper/ppb_nacl_private_impl.cc @@ -272,22 +272,19 @@ PP_NaClResult ReportNaClError(PP_Instance instance, PP_FileHandle OpenNaClExecutable(PP_Instance instance, const char* file_url, - uint64_t* nonce_lo, - uint64_t* nonce_hi) { + PP_NaClExecutableMetadata* metadata) { IPC::PlatformFileForTransit out_fd = IPC::InvalidPlatformFileForTransit(); IPC::Sender* sender = content::RenderThread::Get(); if (sender == NULL) sender = g_background_thread_sender.Pointer()->get(); - *nonce_lo = 0; - *nonce_hi = 0; + metadata->file_path = PP_MakeUndefined(); base::FilePath file_path; if (!sender->Send( new ChromeViewHostMsg_OpenNaClExecutable(GetRoutingID(instance), GURL(file_url), - &out_fd, - nonce_lo, - nonce_hi))) { + &file_path, + &out_fd))) { return base::kInvalidPlatformFileValue; } @@ -295,6 +292,9 @@ PP_FileHandle OpenNaClExecutable(PP_Instance instance, return base::kInvalidPlatformFileValue; } + metadata->file_path = + ppapi::StringVar::StringToPPVar(file_path.AsUTF8Unsafe()); + base::PlatformFile handle = IPC::PlatformFileForTransitToPlatformFile(out_fd); return handle; diff --git a/ppapi/api/private/ppb_nacl_private.idl b/ppapi/api/private/ppb_nacl_private.idl index c871178..b1f47ce 100644 --- a/ppapi/api/private/ppb_nacl_private.idl +++ b/ppapi/api/private/ppb_nacl_private.idl @@ -34,6 +34,12 @@ enum PP_NaClError { PP_NACL_MANIFEST_MISSING_ARCH = 0 }; +struct PP_NaClExecutableMetadata { + /** File path of NaCl executable. This is created by the OpenNaClExecutableFd + * function. It is the caller's responsiblity to release it. */ + PP_Var file_path; +}; + /* PPB_NaCl_Private */ interface PPB_NaCl_Private { /* Launches NaCl's sel_ldr process. Returns PP_NACL_OK on success and @@ -123,6 +129,5 @@ interface PPB_NaCl_Private { */ PP_FileHandle OpenNaClExecutable([in] PP_Instance instance, [in] str_t file_url, - [out] uint64_t file_token_lo, - [out] uint64_t file_token_hi); + [out] PP_NaClExecutableMetadata metadata); }; diff --git a/ppapi/c/private/ppb_nacl_private.h b/ppapi/c/private/ppb_nacl_private.h index 72b62e9..8e40fd8 100644 --- a/ppapi/c/private/ppb_nacl_private.h +++ b/ppapi/c/private/ppb_nacl_private.h @@ -3,7 +3,7 @@ * found in the LICENSE file. */ -/* From private/ppb_nacl_private.idl modified Fri May 17 13:21:13 2013. */ +/* From private/ppb_nacl_private.idl modified Mon Apr 22 22:25:20 2013. */ #ifndef PPAPI_C_PRIVATE_PPB_NACL_PRIVATE_H_ #define PPAPI_C_PRIVATE_PPB_NACL_PRIVATE_H_ @@ -12,6 +12,7 @@ #include "ppapi/c/pp_instance.h" #include "ppapi/c/pp_macros.h" #include "ppapi/c/pp_stdint.h" +#include "ppapi/c/pp_var.h" #define PPB_NACL_PRIVATE_INTERFACE_1_0 "PPB_NaCl_Private;1.0" #define PPB_NACL_PRIVATE_INTERFACE PPB_NACL_PRIVATE_INTERFACE_1_0 @@ -56,6 +57,19 @@ typedef enum { */ /** + * @addtogroup Structs + * @{ + */ +struct PP_NaClExecutableMetadata { + /** File path of NaCl executable. This is created by the OpenNaClExecutableFd + * function. It is the caller's responsiblity to release it. */ + struct PP_Var file_path; +}; +/** + * @} + */ + +/** * @addtogroup Interfaces * @{ */ @@ -135,10 +149,10 @@ struct PPB_NaCl_Private_1_0 { * corresponding to the file URL and returns a file descriptor, or an invalid * handle on failure. |metadata| is left unchanged on failure. */ - PP_FileHandle (*OpenNaClExecutable)(PP_Instance instance, - const char* file_url, - uint64_t* file_token_lo, - uint64_t* file_token_hi); + PP_FileHandle (*OpenNaClExecutable)( + PP_Instance instance, + const char* file_url, + struct PP_NaClExecutableMetadata* metadata); }; typedef struct PPB_NaCl_Private_1_0 PPB_NaCl_Private; diff --git a/ppapi/native_client/src/trusted/plugin/file_downloader.cc b/ppapi/native_client/src/trusted/plugin/file_downloader.cc index 17081242..ce7fe30 100644 --- a/ppapi/native_client/src/trusted/plugin/file_downloader.cc +++ b/ppapi/native_client/src/trusted/plugin/file_downloader.cc @@ -5,7 +5,6 @@ #include "native_client/src/trusted/plugin/file_downloader.h" #include <stdio.h> -#include <string.h> #include <string> #include "native_client/src/include/portability_io.h" @@ -22,17 +21,8 @@ #include "ppapi/cpp/url_response_info.h" namespace { - const int32_t kExtensionUrlRequestStatusOk = 200; const int32_t kDataUriRequestStatusOk = 0; - -struct NaClFileInfo NoFileInfo() { - struct NaClFileInfo info; - memset(&info, 0, sizeof(info)); - info.desc = -1; - return info; -} - } namespace plugin { @@ -155,8 +145,7 @@ bool FileDownloader::Open( } void FileDownloader::OpenFast(const nacl::string& url, - PP_FileHandle file_handle, - uint64_t file_token_lo, uint64_t file_token_hi) { + PP_FileHandle file_handle) { PLUGIN_PRINTF(("FileDownloader::OpenFast (url=%s)\n", url.c_str())); CHECK(instance_ != NULL); open_time_ = NaClGetTimeOfDayMicroseconds(); @@ -165,12 +154,9 @@ void FileDownloader::OpenFast(const nacl::string& url, url_ = url; mode_ = DOWNLOAD_NONE; file_handle_ = file_handle; - file_token_.lo = file_token_lo; - file_token_.hi = file_token_hi; } -struct NaClFileInfo FileDownloader::GetFileInfo() { - struct NaClFileInfo info = NoFileInfo(); +int32_t FileDownloader::GetPOSIXFileDescriptor() { int32_t file_desc = NACL_NO_FILE_DESC; if (not_streaming() && file_handle_ != PP_kInvalidFileHandle) { #if NACL_WINDOWS @@ -179,14 +165,13 @@ struct NaClFileInfo FileDownloader::GetFileInfo() { #else file_desc = file_handle_; #endif - info.file_token = file_token_; } else { if (!streaming_to_file()) { - return NoFileInfo(); + return NACL_NO_FILE_DESC; } // Use the trusted interface to get the file descriptor. if (file_io_trusted_interface_ == NULL) { - return NoFileInfo(); + return NACL_NO_FILE_DESC; } file_desc = file_io_trusted_interface_->GetOSFileDescriptor( file_reader_.pp_resource()); @@ -198,13 +183,12 @@ struct NaClFileInfo FileDownloader::GetFileInfo() { if (posix_desc == -1) { // Close the Windows HANDLE if it can't be converted. CloseHandle(reinterpret_cast<HANDLE>(file_desc)); - return NoFileInfo(); + return NACL_NO_FILE_DESC; } file_desc = posix_desc; #endif - info.desc = file_desc; - return info; + return file_desc; } int64_t FileDownloader::TimeSinceOpenMilliseconds() const { diff --git a/ppapi/native_client/src/trusted/plugin/file_downloader.h b/ppapi/native_client/src/trusted/plugin/file_downloader.h index 7d87930..a60c837 100644 --- a/ppapi/native_client/src/trusted/plugin/file_downloader.h +++ b/ppapi/native_client/src/trusted/plugin/file_downloader.h @@ -10,7 +10,6 @@ #include "native_client/src/include/nacl_macros.h" #include "native_client/src/include/nacl_string.h" #include "native_client/src/trusted/plugin/callback_source.h" -#include "native_client/src/trusted/validator/nacl_file_info.h" #include "ppapi/c/private/pp_file_handle.h" #include "ppapi/c/trusted/ppb_file_io_trusted.h" #include "ppapi/c/trusted/ppb_url_loader_trusted.h" @@ -86,16 +85,14 @@ class FileDownloader { StreamCallbackSource* stream_callback_source); // Bypasses downloading and takes a handle to the open file. To get the fd, - // call GetFileInfo(). - void OpenFast(const nacl::string& url, PP_FileHandle file_handle, - uint64_t file_token_lo, uint64_t file_token_hi); + // call GetPOSIXFileDescriptor(). + void OpenFast(const nacl::string& url, PP_FileHandle file_handle); - // Return a structure describing the file opened, including a file desc. // If downloading and opening succeeded, this returns a valid read-only // POSIX file descriptor. On failure, the return value is an invalid // descriptor. The file descriptor is owned by this instance, so the // delegate does not have to close it. - struct NaClFileInfo GetFileInfo(); + int32_t GetPOSIXFileDescriptor(); // Returns the time delta between the call to Open() and this function. int64_t TimeSinceOpenMilliseconds() const; @@ -163,7 +160,6 @@ class FileDownloader { pp::CompletionCallback file_open_notify_callback_; pp::FileIO file_reader_; PP_FileHandle file_handle_; - struct NaClFileToken file_token_; const PPB_FileIOTrusted* file_io_trusted_interface_; const PPB_URLLoaderTrusted* url_loader_trusted_interface_; pp::URLLoader url_loader_; diff --git a/ppapi/native_client/src/trusted/plugin/plugin.cc b/ppapi/native_client/src/trusted/plugin/plugin.cc index cd5dfbf..34b487d 100644 --- a/ppapi/native_client/src/trusted/plugin/plugin.cc +++ b/ppapi/native_client/src/trusted/plugin/plugin.cc @@ -802,16 +802,16 @@ void Plugin::HistogramStartupTimeMedium(const std::string& name, float dt) { void Plugin::NexeFileDidOpen(int32_t pp_error) { PLUGIN_PRINTF(("Plugin::NexeFileDidOpen (pp_error=%"NACL_PRId32")\n", pp_error)); - struct NaClFileInfo info = nexe_downloader_.GetFileInfo(); + int32_t file_desc = nexe_downloader_.GetPOSIXFileDescriptor(); PLUGIN_PRINTF(("Plugin::NexeFileDidOpen (file_desc=%"NACL_PRId32")\n", - info.desc)); + file_desc)); HistogramHTTPStatusCode( is_installed_ ? "NaCl.HttpStatusCodeClass.Nexe.InstalledApp" : "NaCl.HttpStatusCodeClass.Nexe.NotInstalledApp", nexe_downloader_.status_code()); ErrorInfo error_info; - if (pp_error != PP_OK || info.desc == NACL_NO_FILE_DESC) { + if (pp_error != PP_OK || file_desc == NACL_NO_FILE_DESC) { if (pp_error == PP_ERROR_ABORTED) { ReportLoadAbort(); } else if (pp_error == PP_ERROR_NOACCESS) { @@ -824,7 +824,7 @@ void Plugin::NexeFileDidOpen(int32_t pp_error) { } return; } - int32_t file_desc_ok_to_close = DUP(info.desc); + int32_t file_desc_ok_to_close = DUP(file_desc); if (file_desc_ok_to_close == NACL_NO_FILE_DESC) { error_info.SetReport(ERROR_NEXE_FH_DUP, "could not duplicate loaded file handle."); @@ -1083,10 +1083,10 @@ void Plugin::NaClManifestFileDidOpen(int32_t pp_error) { // The manifest file was successfully opened. Set the src property on the // plugin now, so that the full url is available to error handlers. set_manifest_url(nexe_downloader_.url()); - struct NaClFileInfo info = nexe_downloader_.GetFileInfo(); + int32_t file_desc = nexe_downloader_.GetPOSIXFileDescriptor(); PLUGIN_PRINTF(("Plugin::NaClManifestFileDidOpen (file_desc=%" - NACL_PRId32")\n", info.desc)); - if (pp_error != PP_OK || info.desc == NACL_NO_FILE_DESC) { + NACL_PRId32")\n", file_desc)); + if (pp_error != PP_OK || file_desc == NACL_NO_FILE_DESC) { if (pp_error == PP_ERROR_ABORTED) { ReportLoadAbort(); } else if (pp_error == PP_ERROR_NOACCESS) { @@ -1102,7 +1102,7 @@ void Plugin::NaClManifestFileDidOpen(int32_t pp_error) { } // SlurpFile closes the file descriptor after reading (or on error). // Duplicate our file descriptor since it will be handled by the browser. - int dup_file_desc = DUP(info.desc); + int dup_file_desc = DUP(file_desc); nacl::string json_buffer; file_utils::StatusCode status = file_utils::SlurpFile( dup_file_desc, json_buffer, kNaClManifestMaxFileBytes); @@ -1274,32 +1274,28 @@ void Plugin::UrlDidOpenForStreamAsFile(int32_t pp_error, static_cast<void*>(url_downloader))); url_downloaders_.erase(url_downloader); nacl::scoped_ptr<FileDownloader> scoped_url_downloader(url_downloader); - struct NaClFileInfo info = scoped_url_downloader->GetFileInfo(); + int32_t file_desc = scoped_url_downloader->GetPOSIXFileDescriptor(); if (pp_error != PP_OK) { PP_RunCompletionCallback(&callback, pp_error); - } else if (info.desc > NACL_NO_FILE_DESC) { - url_file_info_map_[url_downloader->url_to_open()] = info; + } else if (file_desc > NACL_NO_FILE_DESC) { + url_fd_map_[url_downloader->url_to_open()] = file_desc; PP_RunCompletionCallback(&callback, PP_OK); } else { PP_RunCompletionCallback(&callback, PP_ERROR_FAILED); } } -struct NaClFileInfo Plugin::GetFileInfo(const nacl::string& url) { - struct NaClFileInfo info; - memset(&info, 0, sizeof(info)); - std::map<nacl::string, struct NaClFileInfo>::iterator it = - url_file_info_map_.find(url); - if (it != url_file_info_map_.end()) { - info = it->second; - info.desc = DUP(info.desc); - } else { - info.desc = -1; - } - return info; +int32_t Plugin::GetPOSIXFileDesc(const nacl::string& url) { + PLUGIN_PRINTF(("Plugin::GetFileDesc (url=%s)\n", url.c_str())); + int32_t file_desc_ok_to_close = NACL_NO_FILE_DESC; + std::map<nacl::string, int32_t>::iterator it = url_fd_map_.find(url); + if (it != url_fd_map_.end()) + file_desc_ok_to_close = DUP(it->second); + return file_desc_ok_to_close; } + bool Plugin::StreamAsFile(const nacl::string& url, PP_CompletionCallback callback) { PLUGIN_PRINTF(("Plugin::StreamAsFile (url='%s')\n", url.c_str())); @@ -1578,18 +1574,25 @@ bool Plugin::OpenURLFast(const nacl::string& url, if (!DocumentCanRequest(url)) return false; - uint64_t file_token_lo = 0; - uint64_t file_token_hi = 0; + PP_NaClExecutableMetadata file_metadata; PP_FileHandle file_handle = nacl_interface()->OpenNaClExecutable(pp_instance(), url.c_str(), - &file_token_lo, &file_token_hi); + &file_metadata); // We shouldn't hit this if the file URL is in an installed app. if (file_handle == PP_kInvalidFileHandle) return false; + // Release the PP_Var in the metadata struct. + pp::Module* module = pp::Module::Get(); + const PPB_Var* var_interface = + static_cast<const PPB_Var*>( + module->GetBrowserInterface(PPB_VAR_INTERFACE)); + var_interface->Release(file_metadata.file_path); + // FileDownloader takes ownership of the file handle. - downloader->OpenFast(url, file_handle, file_token_lo, file_token_hi); + // TODO(bbudge) Consume metadata once we have the final format. + downloader->OpenFast(url, file_handle); return true; } diff --git a/ppapi/native_client/src/trusted/plugin/plugin.h b/ppapi/native_client/src/trusted/plugin/plugin.h index eecddc6..37bcfdd 100644 --- a/ppapi/native_client/src/trusted/plugin/plugin.h +++ b/ppapi/native_client/src/trusted/plugin/plugin.h @@ -24,7 +24,6 @@ #include "native_client/src/trusted/plugin/pnacl_coordinator.h" #include "native_client/src/trusted/plugin/service_runtime.h" #include "native_client/src/trusted/plugin/utility.h" -#include "native_client/src/trusted/validator/nacl_file_info.h" #include "ppapi/c/private/ppb_nacl_private.h" #include "ppapi/cpp/private/var_private.h" @@ -253,11 +252,9 @@ class Plugin : public pp::InstancePrivate { // corresponding to the url body is recorded for further lookup. bool StreamAsFile(const nacl::string& url, PP_CompletionCallback pp_callback); - - // Returns rich information for a file retrieved by StreamAsFile(). This info - // contains a file descriptor. The caller must take ownership of this - // descriptor. - struct NaClFileInfo GetFileInfo(const nacl::string& url); + // Returns an open POSIX file descriptor retrieved by StreamAsFile() + // or NACL_NO_FILE_DESC. The caller must take ownership of the descriptor. + int32_t GetPOSIXFileDesc(const nacl::string& url); // A helper function that gets the scheme type for |url|. Uses URLUtil_Dev // interface which this class has as a member. @@ -478,7 +475,7 @@ class Plugin : public pp::InstancePrivate { std::set<FileDownloader*> url_downloaders_; // Keep track of file descriptors opened by StreamAsFile(). // These are owned by the browser. - std::map<nacl::string, struct NaClFileInfo> url_file_info_map_; + std::map<nacl::string, int32_t> url_fd_map_; // Pending progress events. std::queue<ProgressEvent*> progress_events_; diff --git a/ppapi/native_client/src/trusted/plugin/service_runtime.cc b/ppapi/native_client/src/trusted/plugin/service_runtime.cc index 6c44bc4..ba21a49 100644 --- a/ppapi/native_client/src/trusted/plugin/service_runtime.cc +++ b/ppapi/native_client/src/trusted/plugin/service_runtime.cc @@ -46,10 +46,11 @@ #include "native_client/src/trusted/plugin/pnacl_resources.h" #include "native_client/src/trusted/plugin/sel_ldr_launcher_chrome.h" #include "native_client/src/trusted/plugin/srpc_client.h" + +#include "native_client/src/trusted/weak_ref/call_on_main_thread.h" + #include "native_client/src/trusted/service_runtime/nacl_error_code.h" #include "native_client/src/trusted/service_runtime/include/sys/nacl_imc_api.h" -#include "native_client/src/trusted/validator/nacl_file_info.h" -#include "native_client/src/trusted/weak_ref/call_on_main_thread.h" #include "ppapi/c/pp_errors.h" #include "ppapi/c/trusted/ppb_file_io_trusted.h" @@ -171,15 +172,11 @@ bool PluginReverseInterface::EnumerateManifestKeys( // and invoke StreamAsFile with a completion callback that invokes // GetPOSIXFileDesc. bool PluginReverseInterface::OpenManifestEntry(nacl::string url_key, - struct NaClFileInfo* info) { + int32_t* out_desc) { ErrorInfo error_info; bool op_complete = false; // NB: mu_ and cv_ also controls access to this! - // The to_open object is owned by the weak ref callback. Because this function - // waits for the callback to finish, the to_open object will be deallocated on - // the main thread before this function can return. The pointers it contains - // to stack variables will not leak. OpenManifestEntryResource* to_open = - new OpenManifestEntryResource(url_key, info, + new OpenManifestEntryResource(url_key, out_desc, &error_info, &op_complete); CHECK(to_open != NULL); NaClLog(4, "PluginReverseInterface::OpenManifestEntry: %s\n", @@ -231,8 +228,8 @@ bool PluginReverseInterface::OpenManifestEntry(nacl::string url_key, NaClLog(4, "PluginReverseInterface::OpenManifestEntry:" " *out_desc = %d\n", - info->desc); - if (info->desc == -1) { + *out_desc); + if (*out_desc == -1) { // TODO(bsy,ncbray): what else should we do with the error? This // is a runtime error that may simply be a programming error in // the untrusted code, or it may be something else wrong w/ the @@ -270,7 +267,7 @@ void PluginReverseInterface::OpenManifestEntry_MainThreadContinuation( // up requesting thread -- we are done. nacl::MutexLocker take(&mu_); *p->op_complete_ptr = true; // done... - p->file_info->desc = -1; // but failed. + *p->out_desc = -1; // but failed. NaClXCondVarBroadcast(&cv_); return; } @@ -297,7 +294,7 @@ void PluginReverseInterface::OpenManifestEntry_MainThreadContinuation( "StreamAsFile failed\n"); nacl::MutexLocker take(&mu_); *p->op_complete_ptr = true; // done... - p->file_info->desc = -1; // but failed. + *p->out_desc = -1; // but failed. p->error_info->SetReport(ERROR_MANIFEST_OPEN, "ServiceRuntime: StreamAsFile failed"); NaClXCondVarBroadcast(&cv_); @@ -324,9 +321,7 @@ void PluginReverseInterface::OpenManifestEntry_MainThreadContinuation( } nacl::MutexLocker take(&mu_); *p->op_complete_ptr = true; // done! - // TODO(ncbray): enable the fast loading and validation paths for this - // type of file. - p->file_info->desc = fd; + *p->out_desc = fd; NaClXCondVarBroadcast(&cv_); NaClLog(4, "OpenManifestEntry_MainThreadContinuation: GetPnaclFd okay\n"); @@ -352,7 +347,7 @@ void PluginReverseInterface::OpenManifestEntry_MainThreadContinuation( } else { nacl::MutexLocker take(&mu_); *p->op_complete_ptr = true; // done... - p->file_info->desc = -1; // but failed. + *p->out_desc = -1; // but failed. p->error_info->SetReport(ERROR_PNACL_NOT_ENABLED, "ServiceRuntime: GetPnaclFd failed -- pnacl not " "enabled with --enable-pnacl."); @@ -371,17 +366,16 @@ void PluginReverseInterface::StreamAsFile_MainThreadContinuation( nacl::MutexLocker take(&mu_); if (result == PP_OK) { - NaClLog(4, "StreamAsFile_MainThreadContinuation: GetFileInfo(%s)\n", + NaClLog(4, "StreamAsFile_MainThreadContinuation: GetPOSIXFileDesc(%s)\n", p->url.c_str()); - *p->file_info = plugin_->GetFileInfo(p->url); - + *p->out_desc = plugin_->GetPOSIXFileDesc(p->url); NaClLog(4, "StreamAsFile_MainThreadContinuation: PP_OK, desc %d\n", - p->file_info->desc); + *p->out_desc); } else { NaClLog(4, "StreamAsFile_MainThreadContinuation: !PP_OK, setting desc -1\n"); - p->file_info->desc = -1; + *p->out_desc = -1; p->error_info->SetReport(ERROR_MANIFEST_OPEN, "Plugin StreamAsFile failed at callback"); } @@ -403,16 +397,16 @@ void PluginReverseInterface::BitcodeTranslate_MainThreadContinuation( // accepts NaClDescs we can avoid this downcast. NaClDesc* desc = pnacl_coordinator_->ReleaseTranslatedFD()->desc(); struct NaClDescIoDesc* ndiodp = (struct NaClDescIoDesc*)desc; - p->file_info->desc = ndiodp->hd->d; + *p->out_desc = ndiodp->hd->d; pnacl_coordinator_.reset(NULL); NaClLog(4, "BitcodeTranslate_MainThreadContinuation: PP_OK, desc %d\n", - p->file_info->desc); + *p->out_desc); } else { NaClLog(4, "BitcodeTranslate_MainThreadContinuation: !PP_OK, " "setting desc -1\n"); - p->file_info->desc = -1; + *p->out_desc = -1; // Error should have been reported by pnacl coordinator. NaClLog(LOG_ERROR, "PluginReverseInterface::BitcodeTranslate error.\n"); } diff --git a/ppapi/native_client/src/trusted/plugin/service_runtime.h b/ppapi/native_client/src/trusted/plugin/service_runtime.h index 6c6bced..a7eca38 100644 --- a/ppapi/native_client/src/trusted/plugin/service_runtime.h +++ b/ppapi/native_client/src/trusted/plugin/service_runtime.h @@ -27,8 +27,6 @@ #include "ppapi/c/trusted/ppb_file_io_trusted.h" #include "ppapi/cpp/completion_callback.h" -struct NaClFileInfo; - namespace nacl { class DescWrapper; } // namespace @@ -65,15 +63,15 @@ struct PostMessageResource { struct OpenManifestEntryResource { public: OpenManifestEntryResource(const std::string& target_url, - struct NaClFileInfo* finfo, + int32_t* descp, ErrorInfo* infop, bool* op_complete) : url(target_url), - file_info(finfo), + out_desc(descp), error_info(infop), op_complete_ptr(op_complete) {} std::string url; - struct NaClFileInfo* file_info; + int32_t* out_desc; ErrorInfo* error_info; bool* op_complete_ptr; }; @@ -154,8 +152,7 @@ class PluginReverseInterface: public nacl::ReverseInterface { virtual bool EnumerateManifestKeys(std::set<nacl::string>* out_keys); - virtual bool OpenManifestEntry(nacl::string url_key, - struct NaClFileInfo *info); + virtual bool OpenManifestEntry(nacl::string url_key, int32_t* out_desc); virtual bool CloseManifestEntry(int32_t desc); |