Disable untrusted exception handling for PNaCl

BUG= https://code.google.com/p/nativeclient/issues/detail?id=3444
R=dmichael@chromium.org, jln@chromium.org, mseaborn@chromium.org, thakis@chromium.org, yzshen@chromium.org

Review URL: https://codereview.chromium.org/15901015

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@205914 0039d316-1c4b-4281-b951-d872f2087c98

11 files changed, 162 insertions, 10 deletions

diff --git a/chrome/browser/nacl_host/nacl_process_host.cc b/chrome/browser/nacl_host/nacl_process_host.cc
index 2e46e6a..7b2a8f2 100644
--- a/chrome/browser/nacl_host/nacl_process_host.cc
+++ b/chrome/browser/nacl_host/nacl_process_host.cc
@@ -184,6 +184,7 @@ NaClProcessHost::NaClProcessHost(const GURL& manifest_url,
                                  uint32 permission_bits,
                                  bool uses_irt,
                                  bool enable_dyncode_syscalls,
+                                 bool enable_exception_handling,
                                  bool off_the_record,
                                  const base::FilePath& profile_directory)
     : manifest_url_(manifest_url),
@@ -197,10 +198,10 @@ NaClProcessHost::NaClProcessHost(const GURL& manifest_url,
 #endif
       internal_(new NaClInternal()),
       weak_factory_(this),
-      enable_exception_handling_(true),
-      enable_debug_stub_(false),
       uses_irt_(uses_irt),
+      enable_debug_stub_(false),
       enable_dyncode_syscalls_(enable_dyncode_syscalls),
+      enable_exception_handling_(enable_exception_handling),
       off_the_record_(off_the_record),
       profile_directory_(profile_directory),
       ipc_plugin_listener_(this),
diff --git a/chrome/browser/nacl_host/nacl_process_host.h b/chrome/browser/nacl_host/nacl_process_host.h
index 4ee83c3..3df8c27 100644
--- a/chrome/browser/nacl_host/nacl_process_host.h
+++ b/chrome/browser/nacl_host/nacl_process_host.h
@@ -53,6 +53,7 @@ class NaClProcessHost : public content::BrowserChildProcessHostDelegate {
                   uint32 permission_bits,
                   bool uses_irt,
                   bool enable_dyncode_syscalls,
+                  bool enable_exception_handling,
                   bool off_the_record,
                   const base::FilePath& profile_directory);
   virtual ~NaClProcessHost();
@@ -191,12 +192,11 @@ class NaClProcessHost : public content::BrowserChildProcessHostDelegate {
 
   scoped_ptr<content::BrowserChildProcessHost> process_;
 
-  bool enable_exception_handling_;
-  bool enable_debug_stub_;
-
   bool uses_irt_;
 
+  bool enable_debug_stub_;
   bool enable_dyncode_syscalls_;
+  bool enable_exception_handling_;
 
   bool off_the_record_;
 
diff --git a/chrome/browser/renderer_host/chrome_render_message_filter.cc b/chrome/browser/renderer_host/chrome_render_message_filter.cc
index 0fcde96..ee2e428 100644
--- a/chrome/browser/renderer_host/chrome_render_message_filter.cc
+++ b/chrome/browser/renderer_host/chrome_render_message_filter.cc
@@ -296,6 +296,7 @@ void ChromeRenderMessageFilter::OnLaunchNaCl(
       launch_params.permission_bits,
       launch_params.uses_irt,
       launch_params.enable_dyncode_syscalls,
+      launch_params.enable_exception_handling,
       off_the_record_,
       profile_->GetPath());
   host->Launch(this, reply_msg, extension_info_map_);
diff --git a/chrome/common/nacl_types.cc b/chrome/common/nacl_types.cc
index c03de85..1e19719 100644
--- a/chrome/common/nacl_types.cc
+++ b/chrome/common/nacl_types.cc
@@ -22,19 +22,22 @@ NaClLaunchParams::NaClLaunchParams()
     : render_view_id(0),
       permission_bits(0),
       uses_irt(false),
-      enable_dyncode_syscalls(false) {
+      enable_dyncode_syscalls(false),
+      enable_exception_handling(false)  {
 }
 
 NaClLaunchParams::NaClLaunchParams(const std::string& manifest_url_,
                                    int render_view_id_,
                                    uint32 permission_bits_,
                                    bool uses_irt_,
-                                   bool enable_dyncode_syscalls_)
+                                   bool enable_dyncode_syscalls_,
+                                   bool enable_exception_handling_)
     : manifest_url(manifest_url_),
       render_view_id(render_view_id_),
       permission_bits(permission_bits_),
       uses_irt(uses_irt_),
-      enable_dyncode_syscalls(enable_dyncode_syscalls_) {
+      enable_dyncode_syscalls(enable_dyncode_syscalls_),
+      enable_exception_handling(enable_exception_handling_)  {
 }
 
 NaClLaunchParams::NaClLaunchParams(const NaClLaunchParams& l) {
@@ -43,6 +46,7 @@ NaClLaunchParams::NaClLaunchParams(const NaClLaunchParams& l) {
   permission_bits = l.permission_bits;
   uses_irt = l.uses_irt;
   enable_dyncode_syscalls = l.enable_dyncode_syscalls;
+  enable_exception_handling = l.enable_exception_handling;
 }
 
 NaClLaunchParams::~NaClLaunchParams() {
diff --git a/chrome/common/nacl_types.h b/chrome/common/nacl_types.h
index 84fd018..a5f6e6b 100644
--- a/chrome/common/nacl_types.h
+++ b/chrome/common/nacl_types.h
@@ -68,7 +68,8 @@ struct NaClStartParams {
 struct NaClLaunchParams {
   NaClLaunchParams();
   NaClLaunchParams(const std::string& u, int r, uint32 p, bool uses_irt,
-                   bool enable_dyncode_syscalls);
+                   bool enable_dyncode_syscalls,
+                   bool enable_exception_handling);
   NaClLaunchParams(const NaClLaunchParams& l);
   ~NaClLaunchParams();
 
@@ -77,6 +78,7 @@ struct NaClLaunchParams {
   uint32 permission_bits;
   bool uses_irt;
   bool enable_dyncode_syscalls;
+  bool enable_exception_handling;
 };
 
 }  // namespace nacl
diff --git a/chrome/common/render_messages.h b/chrome/common/render_messages.h
index 7d7ed1b..a5bbb06 100644
--- a/chrome/common/render_messages.h
+++ b/chrome/common/render_messages.h
@@ -202,6 +202,7 @@ IPC_STRUCT_TRAITS_BEGIN(nacl::NaClLaunchParams)
   IPC_STRUCT_TRAITS_MEMBER(permission_bits)
   IPC_STRUCT_TRAITS_MEMBER(uses_irt)
   IPC_STRUCT_TRAITS_MEMBER(enable_dyncode_syscalls)
+  IPC_STRUCT_TRAITS_MEMBER(enable_exception_handling)
 IPC_STRUCT_TRAITS_END()
 
 IPC_STRUCT_TRAITS_BEGIN(RendererContentSettingRules)
diff --git a/chrome/renderer/pepper/ppb_nacl_private_impl.cc b/chrome/renderer/pepper/ppb_nacl_private_impl.cc
index dab0726..e6dc6c5 100644
--- a/chrome/renderer/pepper/ppb_nacl_private_impl.cc
+++ b/chrome/renderer/pepper/ppb_nacl_private_impl.cc
@@ -73,6 +73,7 @@ PP_NaClResult LaunchSelLdr(PP_Instance instance,
                            PP_Bool uses_ppapi,
                            PP_Bool enable_ppapi_dev,
                            PP_Bool enable_dyncode_syscalls,
+                           PP_Bool enable_exception_handling,
                            void* imc_handle) {
   nacl::FileDescriptor result_socket;
   IPC::Sender* sender = content::RenderThread::Get();
@@ -107,7 +108,8 @@ PP_NaClResult LaunchSelLdr(PP_Instance instance,
                                  routing_id,
                                  perm_bits,
                                  PP_ToBool(uses_irt),
-                                 PP_ToBool(enable_dyncode_syscalls)),
+                                 PP_ToBool(enable_dyncode_syscalls),
+                                 PP_ToBool(enable_exception_handling)),
           &result_socket,
           &instance_info.channel_handle,
           &instance_info.plugin_pid,
diff --git a/chrome/test/data/nacl/nacl_test_data.gyp b/chrome/test/data/nacl/nacl_test_data.gyp
index 40756ec..aac2592 100644
--- a/chrome/test/data/nacl/nacl_test_data.gyp
+++ b/chrome/test/data/nacl/nacl_test_data.gyp
@@ -238,6 +238,43 @@
         'ppapi_test_lib',
       ],
     },
+    {
+      'target_name': 'pnacl_exception_handling_disabled_test',
+      'type': 'none',
+      'variables': {
+        # This tests that nexes produced by translation in the browser are not
+        # able to use hardware exception handling.  Pre-translated nexes are
+        # not subject to this constraint, so we do not test them.
+        'enable_x86_32': 0,
+        'enable_x86_64': 0,
+        'enable_arm': 0,
+        'nexe_target': 'pnacl_exception_handling_disabled',
+        'build_pnacl_newlib': 1,
+        'nexe_destination_dir': 'nacl_test_data',
+        'link_flags': [
+          '-lppapi',
+          '-lppapi_test_lib',
+          '-lplatform',
+          '-lgio',
+          '-lnacl_exception',
+        ],
+        'sources': [
+          'pnacl_exception_handling_disabled/pnacl_exception_handling_disabled.cc',
+        ],
+        'test_files': [
+          'pnacl_exception_handling_disabled/pnacl_exception_handling_disabled.html',
+        ],
+      },
+      'dependencies': [
+        '<(DEPTH)/native_client/src/shared/gio/gio.gyp:gio_lib',
+        '<(DEPTH)/native_client/src/shared/platform/platform.gyp:platform_lib',
+        '<(DEPTH)/native_client/src/untrusted/nacl/nacl.gyp:nacl_exception_lib',
+        '<(DEPTH)/native_client/tools.gyp:prep_toolchain',
+        '<(DEPTH)/ppapi/native_client/native_client.gyp:ppapi_lib',
+        '<(DEPTH)/ppapi/ppapi_untrusted.gyp:ppapi_cpp_lib',
+        'ppapi_test_lib',
+      ],
+    },
     # Legacy NaCl PPAPI interface tests being here.
     {
       'target_name': 'ppapi_ppb_core',
diff --git a/chrome/test/data/nacl/pnacl_exception_handling_disabled/pnacl_exception_handling_disabled.cc b/chrome/test/data/nacl/pnacl_exception_handling_disabled/pnacl_exception_handling_disabled.cc
new file mode 100644
index 0000000..107b6be
--- /dev/null
+++ b/chrome/test/data/nacl/pnacl_exception_handling_disabled/pnacl_exception_handling_disabled.cc
@@ -0,0 +1,49 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "native_client/src/include/nacl/nacl_exception.h"
+#include "native_client/tests/ppapi_test_lib/get_browser_interface.h"
+#include "native_client/tests/ppapi_test_lib/test_interface.h"
+
+namespace {
+
+void TestExceptionSetHandler(void) {
+  int retval = nacl_exception_set_handler(NULL);
+  // TODO(sehr,mseaborn): the IRT method currently returns -ENOSYS and
+  // should return ENOSYS.  Remove the second clause when this is fixed.
+  EXPECT((retval == ENOSYS) || (retval == -ENOSYS));
+
+  TEST_PASSED;
+}
+
+void TestExceptionSetStack(void) {
+  int retval = nacl_exception_set_stack(NULL, 0);
+  EXPECT((retval == ENOSYS) || (retval == -ENOSYS));
+
+  TEST_PASSED;
+}
+
+void TestExceptionClearFlag(void) {
+  int retval = nacl_exception_clear_flag();
+  EXPECT((retval == ENOSYS) || (retval == -ENOSYS));
+
+  TEST_PASSED;
+}
+
+}  // namespace
+
+void SetupTests() {
+  RegisterTest("TestExceptionSetHandler", TestExceptionSetHandler);
+  RegisterTest("TestExceptionSetStack", TestExceptionSetStack);
+  RegisterTest("TestExceptionClearFlag", TestExceptionClearFlag);
+}
+
+void SetupPluginInterfaces() {
+  // none
+}
diff --git a/chrome/test/data/nacl/pnacl_exception_handling_disabled/pnacl_exception_handling_disabled.html b/chrome/test/data/nacl/pnacl_exception_handling_disabled/pnacl_exception_handling_disabled.html
new file mode 100644
index 0000000..837d374
--- /dev/null
+++ b/chrome/test/data/nacl/pnacl_exception_handling_disabled/pnacl_exception_handling_disabled.html
@@ -0,0 +1,49 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+  <!-- Copyright 2013 Google Inc.  All rights reserved. -->
+  <head>
+    <META HTTP-EQUIV="Pragma" CONTENT="no-cache" />
+    <META HTTP-EQUIV="Expires" CONTENT="-1" />
+    <script type="text/javascript" src="nacltest.js"></script>
+    <script type="application/x-javascript">
+      //<![CDATA[
+      function setupTests(tester, plugin) {
+        function addTest(test_name, responses) {
+          if (responses === undefined) {
+            responses = [];
+          }
+          var expected_messages = [test_name + ':PASSED'].concat(responses);
+          tester.addAsyncTest(test_name, function(test) {
+            test.expectMessageSequence(plugin, expected_messages);
+            plugin.postMessage(test_name)
+          });
+        }
+
+        // On the main thread.
+        addTest('TestExceptionSetHandler');
+        addTest('TestExceptionSetStack');
+        addTest('TestExceptionClearFlag');
+      }
+      //]]>
+    </script>
+    <title>PNaCl Dyncode Syscall Disabled Test</title>
+  </head>
+  <body>
+    <h1>PNaCl Dyncode Syscall Disabled Test</h1>
+
+    <embed type="application/x-nacl" id="test_nexe"
+           name="nacl_module"
+           src="pnacl_exception_handling_disabled.nmf"
+           width="100" height="100" />
+
+    <script type="text/javascript">
+      //<![CDATA[
+      var tester = new Tester();
+      setupTests(tester, $('test_nexe'));
+      tester.waitFor($('test_nexe'));
+      tester.run();
+      //]]>
+    </script>
+  </body>
+</html>
diff --git a/chrome/test/nacl/nacl_browsertest.cc b/chrome/test/nacl/nacl_browsertest.cc
index 8012779..36a81d7 100644
--- a/chrome/test/nacl/nacl_browsertest.cc
+++ b/chrome/test/nacl/nacl_browsertest.cc
@@ -111,4 +111,10 @@ IN_PROC_BROWSER_TEST_F(NaClBrowserTestPnacl,
       "pnacl_dyncode_syscall_disabled.html"));
 }
 
+IN_PROC_BROWSER_TEST_F(NaClBrowserTestPnacl,
+                       MAYBE_PNACL(PnaclExceptionHandlingDisabled)) {
+  RunNaClIntegrationTest(FILE_PATH_LITERAL(
+      "pnacl_exception_handling_disabled.html"));
+}
+
 }  // namespace anonymous