diff options
| author | ben <ben@chromium.org> | 2016-02-22 23:28:46 -0800 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2016-02-23 07:30:04 +0000 |
| commit | 7569dae2853e09aa469900f354c9121ef0a09b92 (patch) | |
| tree | c00b851eecf6817642ee781e118901ee11a80546 | |
| parent | bcc5607abeaa243d7b7e25a25aaee4c95f1f65e0 (diff) | |
| download | chromium_src-7569dae2853e09aa469900f354c9121ef0a09b92.zip chromium_src-7569dae2853e09aa469900f354c9121ef0a09b92.tar.gz chromium_src-7569dae2853e09aa469900f354c9121ef0a09b92.tar.bz2 | |
This enforces the capability filter specified in an application manifest.
Note that this is mostly set to permissive right now because the capability filters as currently specified are a PITA to use. I'm going to be working with some of the security folk to devise a way to simplify this.
Review URL: https://codereview.chromium.org/1716793003
Cr-Commit-Position: refs/heads/master@{#376940}
40 files changed, 151 insertions, 34 deletions
diff --git a/ash/mus/manifest.json b/ash/mus/manifest.json index 5c31b13..a7403ac 100644 --- a/ash/mus/manifest.json +++ b/ash/mus/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://ash_sysui/", "name": "System UI", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/components/filesystem/BUILD.gn b/components/filesystem/BUILD.gn index f9d9d05..5cfeed2 100644 --- a/components/filesystem/BUILD.gn +++ b/components/filesystem/BUILD.gn @@ -71,6 +71,7 @@ mojo_native_application("apptests") { ] deps = [ + ":apptest_manifest", "//base", "//components/filesystem/public/interfaces", "//mojo/common", @@ -83,3 +84,8 @@ mojo_native_application("apptests") { ":filesystem", ] } + +mojo_application_manifest("apptest_manifest") { + application_name = "filesystem_apptests" + source = "apptest_manifest.json" +} diff --git a/components/filesystem/apptest_manifest.json b/components/filesystem/apptest_manifest.json new file mode 100644 index 0000000..96ecfbc --- /dev/null +++ b/components/filesystem/apptest_manifest.json @@ -0,0 +1,5 @@ +{ + "url": "mojo://filesystem_apptests/", + "name": "File System Service Apptests", + "capabilities": { "*": [ "*" ] } +} diff --git a/components/filesystem/manifest.json b/components/filesystem/manifest.json index 61a2fb4..499ba94 100644 --- a/components/filesystem/manifest.json +++ b/components/filesystem/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://filesystem/", "name": "File System Service", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/components/font_service/manifest.json b/components/font_service/manifest.json index 62ef671..13856fae 100644 --- a/components/font_service/manifest.json +++ b/components/font_service/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://font_service/", "name": "Font Service", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/components/leveldb/BUILD.gn b/components/leveldb/BUILD.gn index 5bdef0a..d713fa3 100644 --- a/components/leveldb/BUILD.gn +++ b/components/leveldb/BUILD.gn @@ -66,6 +66,7 @@ mojo_native_application("apptests") { ] deps = [ + ":apptest_manifest", "//base", "//components/filesystem/public/interfaces", "//components/leveldb/public/interfaces", @@ -80,3 +81,8 @@ mojo_native_application("apptests") { "//components/filesystem:filesystem", ] } + +mojo_application_manifest("apptest_manifest") { + application_name = "leveldb_apptests" + source = "apptest_manifest.json" +} diff --git a/components/leveldb/apptest_manifest.json b/components/leveldb/apptest_manifest.json new file mode 100644 index 0000000..8696d23 --- /dev/null +++ b/components/leveldb/apptest_manifest.json @@ -0,0 +1,5 @@ +{ + "url": "mojo://leveldb_apptests/", + "name": "LevelDB Service Apptests", + "capabilities": { "*": ["*"] } +} diff --git a/components/leveldb/manifest.json b/components/leveldb/manifest.json index 3925b49..a6f08aa 100644 --- a/components/leveldb/manifest.json +++ b/components/leveldb/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://leveldb/", "name": "LevelDB Service", - "capabilities": { } + "capabilities": { "*": ["*"] } } diff --git a/components/mus/manifest.json b/components/mus/manifest.json index 3c992c2..6d73f7b 100644 --- a/components/mus/manifest.json +++ b/components/mus/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://mus/", "name": "Mandoline UI Services", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/components/mus/ws/BUILD.gn b/components/mus/ws/BUILD.gn index 59d1e82..53eb3b4 100644 --- a/components/mus/ws/BUILD.gn +++ b/components/mus/ws/BUILD.gn @@ -5,6 +5,7 @@ import("//build/config/ui.gni") import("//testing/test.gni") import("//mojo/public/mojo_application.gni") +import("//mojo/public/mojo_application_manifest.gni") source_set("lib") { sources = [ @@ -183,6 +184,7 @@ mojo_native_application("apptests") { ] deps = [ + ":manifest", ":test_support", "//base", "//base/test:test_config", @@ -207,3 +209,8 @@ mojo_native_application("apptests") { deps += [ "//tools/xdisplaycheck" ] } } + +mojo_application_manifest("manifest") { + application_name = "mus_apptests" + source = "apptest_manifest.json" +} diff --git a/components/mus/ws/apptest_manifest.json b/components/mus/ws/apptest_manifest.json new file mode 100644 index 0000000..d672c16 --- /dev/null +++ b/components/mus/ws/apptest_manifest.json @@ -0,0 +1,5 @@ +{ + "url": "mojo://mus_apptests/", + "name": "Mus Apptests", + "capabilities": { "*": [ "*" ] } +} diff --git a/components/resource_provider/BUILD.gn b/components/resource_provider/BUILD.gn index e8bd971..6a7a7e5 100644 --- a/components/resource_provider/BUILD.gn +++ b/components/resource_provider/BUILD.gn @@ -140,6 +140,7 @@ mojo_native_application("apptests") { ] deps = [ + ":apptest_manifest", "//base", "//base/test:test_config", "//components/resource_provider/public/cpp", @@ -152,3 +153,8 @@ mojo_native_application("apptests") { ":resource_provider", ] } + +mojo_application_manifest("apptest_manifest") { + application_name = "resource_provider_apptests" + source = "apptest_manifest.json" +} diff --git a/components/resource_provider/apptest_manifest.json b/components/resource_provider/apptest_manifest.json new file mode 100644 index 0000000..f5bd1e8 --- /dev/null +++ b/components/resource_provider/apptest_manifest.json @@ -0,0 +1,5 @@ +{ + "url": "mojo://resource_provider_apptests/", + "name": "Resource Provider Apptests", + "capabilities": { "*": [ "*" ] } +} diff --git a/components/resource_provider/manifest.json b/components/resource_provider/manifest.json index a341aae..58b801a 100644 --- a/components/resource_provider/manifest.json +++ b/components/resource_provider/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://resource_provider/", "name": "Resource Provider", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/mash/browser_driver/manifest.json b/mash/browser_driver/manifest.json index a032321..f6966b5 100644 --- a/mash/browser_driver/manifest.json +++ b/mash/browser_driver/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://browser_driver/", "name": "Browser Driver", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/mash/example/views_examples/BUILD.gn b/mash/example/views_examples/BUILD.gn index 6758400..8de22c8 100644 --- a/mash/example/views_examples/BUILD.gn +++ b/mash/example/views_examples/BUILD.gn @@ -4,6 +4,7 @@ import("//build/config/ui.gni") import("//mojo/public/mojo_application.gni") +import("//mojo/public/mojo_application_manifest.gni") import("//mojo/public/tools/bindings/mojom.gni") import("//tools/grit/repack.gni") @@ -17,6 +18,7 @@ mojo_native_application("views_examples") { ] deps = [ + ":manifest", "//base", "//components/mus/public/interfaces", "//mojo/converters/geometry", @@ -38,3 +40,8 @@ mojo_native_application("views_examples") { "//components/mus", ] } + +mojo_application_manifest("manifest") { + application_name = "views_examples" + source = "manifest.json" +} diff --git a/mash/example/views_examples/manifest.json b/mash/example/views_examples/manifest.json new file mode 100644 index 0000000..2a69d68 --- /dev/null +++ b/mash/example/views_examples/manifest.json @@ -0,0 +1,5 @@ +{ + "url": "mojo://views_examples/", + "name": "Views Examples", + "capabilities": { "*": ["*"] } +} diff --git a/mash/example/window_type_launcher/BUILD.gn b/mash/example/window_type_launcher/BUILD.gn index 9a4c4d3..4f89109 100644 --- a/mash/example/window_type_launcher/BUILD.gn +++ b/mash/example/window_type_launcher/BUILD.gn @@ -4,6 +4,7 @@ import("//build/config/ui.gni") import("//mojo/public/mojo_application.gni") +import("//mojo/public/mojo_application_manifest.gni") import("//mojo/public/tools/bindings/mojom.gni") import("//tools/grit/repack.gni") @@ -18,6 +19,7 @@ executable("window_type_launcher") { ] deps = [ + ":manifest", ":window_type_launcher_resources", "//base", "//base:base_static", @@ -57,3 +59,9 @@ copy("window_type_launcher_resources") { "//ui/views/mus:resources", ] } + +mojo_application_manifest("manifest") { + type = "exe" + application_name = "window_type_launcher_exe" + source = "manifest.json" +} diff --git a/mash/example/window_type_launcher/manifest.json b/mash/example/window_type_launcher/manifest.json new file mode 100644 index 0000000..8aaa855 --- /dev/null +++ b/mash/example/window_type_launcher/manifest.json @@ -0,0 +1,5 @@ +{ + "url": "exe://window_type_launcher_exe/", + "name": "Window Type Launcher", + "capabilities": { "*": ["*"] } +} diff --git a/mash/quick_launch/manifest.json b/mash/quick_launch/manifest.json index 2af531a..c3be25d 100644 --- a/mash/quick_launch/manifest.json +++ b/mash/quick_launch/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://quick_launch/", "name": "Quick Launch", - "capabilities": { } + "capabilities": { "*": ["*"] } } diff --git a/mash/screenlock/manifest.json b/mash/screenlock/manifest.json index e625d0e..e4d94c4 100644 --- a/mash/screenlock/manifest.json +++ b/mash/screenlock/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://screenlock/", "name": "Screen Lock", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/mash/shell/manifest.json b/mash/shell/manifest.json index 5fa6a81..892b5c2 100644 --- a/mash/shell/manifest.json +++ b/mash/shell/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://mash_shell/", "name": "System Service Controller", - "capabilities": { } + "capabilities": { "*": ["*"] } } diff --git a/mash/task_viewer/manifest.json b/mash/task_viewer/manifest.json index 2801e44..f9b4675 100644 --- a/mash/task_viewer/manifest.json +++ b/mash/task_viewer/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://task_viewer/", "name": "Task Viewer", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/mash/wm/BUILD.gn b/mash/wm/BUILD.gn index 347c0f1..45dcaeb 100644 --- a/mash/wm/BUILD.gn +++ b/mash/wm/BUILD.gn @@ -148,6 +148,7 @@ mojo_native_application("apptests") { ] deps = [ + ":apptest_manifest", "//base", "//base/test:test_config", "//components/mus/public/cpp", @@ -170,6 +171,11 @@ mojo_native_application("apptests") { } } +mojo_application_manifest("apptest_manifest") { + application_name = "mash_wm_apptests" + source = "apptest_manifest.json" +} + source_set("unittests") { testonly = true diff --git a/mash/wm/apptest_manifest.json b/mash/wm/apptest_manifest.json new file mode 100644 index 0000000..93b9ece --- /dev/null +++ b/mash/wm/apptest_manifest.json @@ -0,0 +1,5 @@ +{ + "url": "mojo://mash_wm_apptests/", + "name": "Desktop Window Manager Apptests", + "capabilities": { "*": ["*"] } +} diff --git a/mash/wm/manifest.json b/mash/wm/manifest.json index c0188d3..ba06818 100644 --- a/mash/wm/manifest.json +++ b/mash/wm/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://desktop_wm/", "name": "Desktop Window Manager", - "capabilities": { } + "capabilities": { "*": ["*"] } } diff --git a/media/mojo/services/BUILD.gn b/media/mojo/services/BUILD.gn index 7df7098..c73f88e 100644 --- a/media/mojo/services/BUILD.gn +++ b/media/mojo/services/BUILD.gn @@ -5,6 +5,7 @@ import("//media/media_options.gni") import("//testing/test.gni") import("//mojo/public/mojo_application.gni") +import("//mojo/public/mojo_application_manifest.gni") # Target naming conventions: # - converters: C++/Mojo type converters. @@ -265,6 +266,7 @@ mojo_native_application("media_apptests") { ] deps = [ + ":apptest_manifest", ":proxy", "//media/base:test_support", "//mojo/shell/public/cpp:test_support", @@ -277,10 +279,16 @@ mojo_native_application("media_apptests") { ] } +mojo_application_manifest("apptest_manifest") { + application_name = "media_apptests" + source = "apptest_manifest.json" +} + mojo_native_application("media_pipeline_integration_apptests") { testonly = true deps = [ + ":pipeline_apptest_manifest", "//media/test:mojo_pipeline_integration_tests", ] @@ -289,6 +297,11 @@ mojo_native_application("media_pipeline_integration_apptests") { ] } +mojo_application_manifest("pipeline_apptest_manifest") { + application_name = "media_pipeline_integration_apptests" + source = "pipeline_apptest_manifest.json" +} + group("tests") { testonly = true deps = [ diff --git a/media/mojo/services/apptest_manifest.json b/media/mojo/services/apptest_manifest.json new file mode 100644 index 0000000..e5f2b8d --- /dev/null +++ b/media/mojo/services/apptest_manifest.json @@ -0,0 +1,5 @@ +{ + "url": "mojo://media_apptests/", + "name": "Media Apptests", + "capabilities": { "*": ["*"] } +} diff --git a/media/mojo/services/pipeline_apptest_manifest.json b/media/mojo/services/pipeline_apptest_manifest.json new file mode 100644 index 0000000..e43d68a --- /dev/null +++ b/media/mojo/services/pipeline_apptest_manifest.json @@ -0,0 +1,5 @@ +{ + "url": "mojo://media_pipeline_integration_apptests/", + "name": "Media Pipeline Integration Apptests", + "capabilities": { "*": ["*"] } +} diff --git a/mojo/public/mojo_application_manifest.gni b/mojo/public/mojo_application_manifest.gni index d1a3cc0..5b6cefe 100644 --- a/mojo/public/mojo_application_manifest.gni +++ b/mojo/public/mojo_application_manifest.gni @@ -62,6 +62,10 @@ template("mojo_application_manifest") { } application_name = invoker.application_name + inputs = [ + invoker.source, + ] + if (type == "mojo") { output = "$root_out_dir/$application_name/manifest.json" } else { @@ -83,6 +87,7 @@ template("mojo_application_manifest") { if (defined(invoker.packaged_applications)) { foreach(application_name, invoker.packaged_applications) { input = "$root_out_dir/$application_name/manifest.json" + inputs += [ input ] args += [ rebase_path(input, root_build_dir) ] } } diff --git a/mojo/services/package_manager/manifest.json b/mojo/services/package_manager/manifest.json index 3ce5376..61474b1 100644 --- a/mojo/services/package_manager/manifest.json +++ b/mojo/services/package_manager/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://package_manager/", "name": "Package Manager", - "capabilities": { } + "capabilities": {} } diff --git a/mojo/services/package_manager/package_manager.cc b/mojo/services/package_manager/package_manager.cc index ccc1202..1ec443a 100644 --- a/mojo/services/package_manager/package_manager.cc +++ b/mojo/services/package_manager/package_manager.cc @@ -151,6 +151,8 @@ void PackageManager::ResolveMojoURL(const mojo::String& mojo_url, if (alias_iter != mojo_url_aliases_.end()) { resolved_url = GURL(alias_iter->second.first); qualifier = alias_iter->second.second; + } else { + qualifier = resolved_url.host(); } EnsureURLInCatalog(resolved_url, qualifier, callback); @@ -193,13 +195,15 @@ void PackageManager::CompleteResolveMojoURL( file_url = system_package_dir_.Resolve(resolved_url.host() + extension); } - // TODO(beng): Use the actual capability filter from |info|! mojo::shell::mojom::CapabilityFilterPtr filter( mojo::shell::mojom::CapabilityFilter::New()); - mojo::Array<mojo::String> all_interfaces; - all_interfaces.push_back("*"); - filter->filter.insert("*", std::move(all_interfaces)); - + filter->filter = mojo::Map<mojo::String, mojo::Array<mojo::String>>(); + for (const auto& entry : info_iter->second.base_filter) { + mojo::Array<mojo::String> interfaces; + for (auto interface_name : entry.second) + interfaces.push_back(interface_name); + filter->filter.insert(entry.first, std::move(interfaces)); + } callback.Run(resolved_url.spec(), qualifier, std::move(filter), file_url.spec()); } diff --git a/mojo/services/tracing/manifest.json b/mojo/services/tracing/manifest.json index ee4a0aa..402e2fe 100644 --- a/mojo/services/tracing/manifest.json +++ b/mojo/services/tracing/manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://tracing/", "name": "Tracing Collector", - "capabilities": { } + "capabilities": {} } diff --git a/mojo/shell/application_manager.cc b/mojo/shell/application_manager.cc index 1a4cfa0..1ff5901 100644 --- a/mojo/shell/application_manager.cc +++ b/mojo/shell/application_manager.cc @@ -301,7 +301,7 @@ void ApplicationManager::OnShellClientFactoryLost(const Identity& which) { void ApplicationManager::OnGotResolvedURL( scoped_ptr<ConnectParams> params, const String& resolved_url, - const String& qualifier, + const String& resolved_qualifier, mojom::CapabilityFilterPtr base_filter, const String& file_url) { // It's possible that when this manifest request was issued, another one was @@ -310,9 +310,15 @@ void ApplicationManager::OnGotResolvedURL( if (ConnectToExistingInstance(¶ms)) return; - Identity source = params->source(), target = params->target(); + Identity source = params->source(); + CapabilityFilter filter = params->target().filter(); + // TODO(beng): this clobbers the filter passed via Connect(). + if (!base_filter.is_null()) + filter = base_filter->filter.To<CapabilityFilter>(); + Identity target(params->target().url(), params->target().qualifier(), filter); + mojom::ShellClientRequest request; - ApplicationInstance* instance = CreateInstance(params->target(), &request); + ApplicationInstance* instance = CreateInstance(target, &request); instance->ConnectToClient(std::move(params)); if (LoadWithLoader(target, &request)) @@ -322,13 +328,11 @@ void ApplicationManager::OnGotResolvedURL( GURL resolved_gurl = resolved_url.To<GURL>(); if (target.url().spec() != resolved_url) { - // TODO(beng): this clobbers the CapabilityFilter passed via Connect(). - CapabilityFilter capability_filter = GetPermissiveCapabilityFilter(); - if (!base_filter.is_null()) - capability_filter = base_filter->filter.To<CapabilityFilter>(); - + // In cases where a package alias is resolved, we have to use the qualifier + // from the original request rather than for the package itself, which will + // always be the same. CreateShellClient(source, - Identity(resolved_gurl, qualifier, capability_filter), + Identity(resolved_gurl, target.qualifier(), filter), target.url(), std::move(request)); } else { bool start_sandboxed = false; diff --git a/mojo/shell/application_manager.h b/mojo/shell/application_manager.h index 9e0f437..83c1ad7 100644 --- a/mojo/shell/application_manager.h +++ b/mojo/shell/application_manager.h @@ -151,7 +151,7 @@ class ApplicationManager : public ShellClient, // run with, from its manifest. void OnGotResolvedURL(scoped_ptr<ConnectParams> params, const String& resolved_url, - const String& qualifier, + const String& resolved_qualifier, mojom::CapabilityFilterPtr base_filter, const String& file_url); diff --git a/mojo/shell/tests/application_manager_apptest_driver_manifest.json b/mojo/shell/tests/application_manager_apptest_driver_manifest.json index d4b33a4..2360aab 100644 --- a/mojo/shell/tests/application_manager_apptest_driver_manifest.json +++ b/mojo/shell/tests/application_manager_apptest_driver_manifest.json @@ -1,5 +1,5 @@ { "url": "exe://application_manager_apptest_driver/", "name": "Application Manager Apptests: Driver", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/mojo/shell/tests/application_manager_apptest_manifest.json b/mojo/shell/tests/application_manager_apptest_manifest.json index 1c8fd8a..e204a34 100644 --- a/mojo/shell/tests/application_manager_apptest_manifest.json +++ b/mojo/shell/tests/application_manager_apptest_manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://mojo_shell_apptests/", "name": "Application Manager Apptests", - "capabilities": { } + "capabilities": { "*": [ "*" ] } } diff --git a/mojo/shell/tests/package_test_app_a_manifest.json b/mojo/shell/tests/package_test_app_a_manifest.json index 497d7b9..2867904 100644 --- a/mojo/shell/tests/package_test_app_a_manifest.json +++ b/mojo/shell/tests/package_test_app_a_manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://package_test_a/", "name": "Package Test A", - "capabilities": { } + "capabilities": {} } diff --git a/mojo/shell/tests/package_test_app_b_manifest.json b/mojo/shell/tests/package_test_app_b_manifest.json index 8f6d6c9..418c275 100644 --- a/mojo/shell/tests/package_test_app_b_manifest.json +++ b/mojo/shell/tests/package_test_app_b_manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://package_test_b/", "name": "Package Test B", - "capabilities": { } + "capabilities": {} } diff --git a/mojo/shell/tests/package_test_package_manifest.json b/mojo/shell/tests/package_test_package_manifest.json index d4825b2..3ff5f95 100644 --- a/mojo/shell/tests/package_test_package_manifest.json +++ b/mojo/shell/tests/package_test_package_manifest.json @@ -1,5 +1,5 @@ { "url": "mojo://package_test_package/", "name": "Package Test Package", - "capabilities": { } + "capabilities": {} } |