summaryrefslogtreecommitdiffstats
path: root/ppapi/c
diff options
context:
space:
mode:
authormseaborn@chromium.org <mseaborn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-04-17 00:47:50 +0000
committermseaborn@chromium.org <mseaborn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-04-17 00:47:50 +0000
commite4f6eb02319b57de1c2f0d0c23cde72a486e2bfd (patch)
tree5794afb3d0b0f103fe75f0e243da2a509fc876a4 /ppapi/c
parentdc976477a26ef1b7e1cd4ae455812c05759c8468 (diff)
downloadchromium_src-e4f6eb02319b57de1c2f0d0c23cde72a486e2bfd.zip
chromium_src-e4f6eb02319b57de1c2f0d0c23cde72a486e2bfd.tar.gz
chromium_src-e4f6eb02319b57de1c2f0d0c23cde72a486e2bfd.tar.bz2
Supply Windows handle-passing function to NaCl
Pass BrokerDuplicateHandle() to the NaCl loader process in nacl_listener.cc. Pass BrokerDuplicateHandle() to the NaCl trusted plugin. We need to add this to PPB_NaCl_Private in order to pass it through. Remove the use of the "init_handle_passing" SRPC call. Otherwise the NaCl process will attempt to do an imc_connect() to the renderer, which involves sending a handle to it, which fails. Add a wrapper for AddTargetPeer() to 'content' so that nacl_process_host.cc can use it. Change the renderer's handle-passing policy to allow sending handles other than Sections. The NaCl trusted plugin sends other handle types to the NaCl loader process. This change will allow the sandbox to be tightened up, in the future, so that the NaCl loader process and the renderer process do not have handles to each other. BUG=http://code.google.com/p/nativeclient/issues/detail?id=2719 TEST=nacl_integration etc. Review URL: https://chromiumcodereview.appspot.com/10039001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@132496 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'ppapi/c')
-rw-r--r--ppapi/c/private/ppb_nacl_private.h20
1 files changed, 18 insertions, 2 deletions
diff --git a/ppapi/c/private/ppb_nacl_private.h b/ppapi/c/private/ppb_nacl_private.h
index e275a90..939f37f 100644
--- a/ppapi/c/private/ppb_nacl_private.h
+++ b/ppapi/c/private/ppb_nacl_private.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -8,7 +8,7 @@
#include "ppapi/c/pp_resource.h"
#include "ppapi/c/pp_stdint.h"
-#define PPB_NACL_PRIVATE_INTERFACE "PPB_NaCl(Private);0.2"
+#define PPB_NACL_PRIVATE_INTERFACE "PPB_NaCl(Private);0.3"
struct PPB_NaCl_Private {
// This function launches NaCl's sel_ldr process. On success, the function
@@ -33,6 +33,22 @@ struct PPB_NaCl_Private {
// Enables the creation of sel_ldr processes from other than the main thread.
void (*EnableBackgroundSelLdrLaunch)();
+
+ // This is Windows-specific. This is a replacement for
+ // DuplicateHandle() for use inside the Windows sandbox. Note that
+ // we provide this via dependency injection only to avoid the
+ // linkage problems that occur because the NaCl plugin is built as a
+ // separate DLL/DSO (see
+ // http://code.google.com/p/chromium/issues/detail?id=114439#c8).
+ // We use void* rather than the Windows HANDLE type to avoid an
+ // #ifdef here. We use int rather than PP_Bool/bool so that this is
+ // usable with NaClSetBrokerDuplicateHandleFunc() without further
+ // wrapping.
+ int (*BrokerDuplicateHandle)(void* source_handle,
+ uint32_t process_id,
+ void** target_handle,
+ uint32_t desired_access,
+ uint32_t options);
};
#endif // PPAPI_C_PRIVATE_PPB_NACL_PRIVATE_H_