NaCl: Bind TCP socket for the GDB debug stub in the browser process

This allows the debug stub to work without "--no-sandbox".

This change is only for POSIX since Windows requires very different code.

BUG= http://code.google.com/p/nativeclient/issues/detail?id=3007
TEST= launch NaCl page in chrome with --enable-nacl-debug but without --no-sandbox
try to connect nacl gdb.
Review URL: https://chromiumcodereview.appspot.com/10928050

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156784 0039d316-1c4b-4281-b951-d872f2087c98

6 files changed, 42 insertions, 2 deletions

diff --git a/chrome/browser/nacl_host/nacl_process_host.cc b/chrome/browser/nacl_host/nacl_process_host.cc
index 56de033..867f735 100644
--- a/chrome/browser/nacl_host/nacl_process_host.cc
+++ b/chrome/browser/nacl_host/nacl_process_host.cc
@@ -40,6 +40,7 @@
 #include "ipc/ipc_switches.h"
 #include "native_client/src/shared/imc/nacl_imc.h"
 #include "net/base/net_util.h"
+#include "net/base/tcp_listen_socket.h"
 #include "ppapi/proxy/ppapi_messages.h"
 
 #if defined(OS_POSIX)
@@ -634,6 +635,21 @@ bool NaClProcessHost::ReplyToRenderer(
   return true;
 }
 
+// TCP port we chose for NaCl debug stub. It can be any other number.
+static const int kDebugStubPort = 4014;
+
+#if defined(OS_POSIX)
+SocketDescriptor NaClProcessHost::GetDebugStubSocketHandle() {
+  SocketDescriptor s = net::TCPListenSocket::CreateAndBind("127.0.0.1",
+                                                           kDebugStubPort);
+  if (listen(s, 1)) {
+    LOG(ERROR) << "listen() failed on debug stub socket";
+    return net::TCPListenSocket::kInvalidSocket;
+  }
+  return s;
+}
+#endif
+
 bool NaClProcessHost::StartNaClExecution() {
   NaClBrowser* nacl_browser = NaClBrowser::GetInstance();
 
@@ -684,6 +700,16 @@ bool NaClProcessHost::StartNaClExecution() {
   params.handles.push_back(memory_fd);
 #endif
 
+#if defined(OS_POSIX)
+  if (enable_debug_stub_) {
+    SocketDescriptor server_bound_socket = GetDebugStubSocketHandle();
+    if (server_bound_socket != net::TCPListenSocket::kInvalidSocket) {
+      params.debug_stub_server_bound_socket =
+          nacl::FileDescriptor(server_bound_socket, true);
+    }
+  }
+#endif
+
   process_->Send(new NaClProcessMsg_Start(params));
 
   internal_->sockets_for_sel_ldr.clear();
diff --git a/chrome/browser/nacl_host/nacl_process_host.h b/chrome/browser/nacl_host/nacl_process_host.h
index b2d0c53..6cfc3be 100644
--- a/chrome/browser/nacl_host/nacl_process_host.h
+++ b/chrome/browser/nacl_host/nacl_process_host.h
@@ -17,6 +17,7 @@
 #include "content/public/browser/browser_child_process_host_delegate.h"
 #include "googleurl/src/gurl.h"
 #include "ipc/ipc_channel_handle.h"
+#include "net/base/tcp_listen_socket.h"
 
 class ChromeRenderMessageFilter;
 class CommandLine;
@@ -91,6 +92,12 @@ class NaClProcessHost : public content::BrowserChildProcessHostDelegate {
   bool LaunchNaClGdb(base::ProcessId pid);
   void OnNaClGdbAttached();
 #endif
+#if defined(OS_POSIX)
+  // Create bound TCP socket in the browser process so that the NaCl GDB debug
+  // stub can use it to accept incoming connections even when the Chrome sandbox
+  // is enabled.
+  SocketDescriptor GetDebugStubSocketHandle();
+#endif
   // Get path to manifest on local disk if possible.
   FilePath GetManifestPath();
   bool LaunchSelLdr();
diff --git a/chrome/common/nacl_messages.h b/chrome/common/nacl_messages.h
index 57d5e10..7ccba59 100644
--- a/chrome/common/nacl_messages.h
+++ b/chrome/common/nacl_messages.h
@@ -14,6 +14,7 @@
 
 IPC_STRUCT_TRAITS_BEGIN(nacl::NaClStartParams)
   IPC_STRUCT_TRAITS_MEMBER(handles)
+  IPC_STRUCT_TRAITS_MEMBER(debug_stub_server_bound_socket)
   IPC_STRUCT_TRAITS_MEMBER(validation_cache_enabled)
   IPC_STRUCT_TRAITS_MEMBER(validation_cache_key)
   IPC_STRUCT_TRAITS_MEMBER(version)
diff --git a/chrome/common/nacl_types.h b/chrome/common/nacl_types.h
index 0c61759..ca44e03 100644
--- a/chrome/common/nacl_types.h
+++ b/chrome/common/nacl_types.h
@@ -44,6 +44,7 @@ struct NaClStartParams {
   ~NaClStartParams();
 
   std::vector<FileDescriptor> handles;
+  FileDescriptor debug_stub_server_bound_socket;
 
   bool validation_cache_enabled;
   std::string validation_cache_key;
diff --git a/chrome/nacl/nacl_listener.cc b/chrome/nacl/nacl_listener.cc
index 7d1fde6..d8e5dad 100644
--- a/chrome/nacl/nacl_listener.cc
+++ b/chrome/nacl/nacl_listener.cc
@@ -260,6 +260,10 @@ void NaClListener::OnMsgStart(const nacl::NaClStartParams& params) {
   args->imc_bootstrap_handle = nacl::ToNativeHandle(handles[0]);
   args->enable_exception_handling = params.enable_exception_handling;
   args->enable_debug_stub = params.enable_debug_stub;
+#if defined(OS_LINUX) || defined(OS_MACOSX)
+  args->debug_stub_server_bound_socket_fd = nacl::ToNativeHandle(
+      params.debug_stub_server_bound_socket);
+#endif
 #if defined(OS_WIN)
   args->broker_duplicate_handle_func = BrokerDuplicateHandle;
   args->attach_debug_exception_handler_func = AttachDebugExceptionHandler;
diff --git a/net/base/tcp_listen_socket.h b/net/base/tcp_listen_socket.h
index e194e28..8b469fc 100644
--- a/net/base/tcp_listen_socket.h
+++ b/net/base/tcp_listen_socket.h
@@ -22,14 +22,15 @@ class NET_EXPORT TCPListenSocket : public StreamListenSocket {
   static scoped_refptr<TCPListenSocket> CreateAndListen(
       const std::string& ip, int port, StreamListenSocket::Delegate* del);
 
+  // Get raw TCP socket descriptor bound to ip:port.
+  static SocketDescriptor CreateAndBind(const std::string& ip, int port);
+
  protected:
   friend class scoped_refptr<TCPListenSocket>;
 
   TCPListenSocket(SocketDescriptor s, StreamListenSocket::Delegate* del);
   virtual ~TCPListenSocket();
 
-  static SocketDescriptor CreateAndBind(const std::string& ip, int port);
-
   // Implements StreamListenSocket::Accept.
   virtual void Accept() OVERRIDE;