diff options
| author | ncbray@chromium.org <ncbray@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-05-25 14:10:09 +0000 |
|---|---|---|
| committer | ncbray@chromium.org <ncbray@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-05-25 14:10:09 +0000 |
| commit | 8adc12577f8f982a13411594c6a7a16c9697e37d (patch) | |
| tree | 405c7345a70f180d0fc8281608c64a7c79e14fb5 /ppapi/c | |
| parent | 5816c3af91eeeefbdea545a7c3d111fe621abe45 (diff) | |
| download | chromium_src-8adc12577f8f982a13411594c6a7a16c9697e37d.zip chromium_src-8adc12577f8f982a13411594c6a7a16c9697e37d.tar.gz chromium_src-8adc12577f8f982a13411594c6a7a16c9697e37d.tar.bz2 | |
NaCl: enable meta-based validation for shared libraries.
This is the Chrome-side half of a CL to allow mmaping and skipping validation
for chrome-extension: files we have seen before and know are safe. To do this
we need to know the path of the file on disk, but we don't entirely trust the
renderer not to tamper with it. To work around this, a nonce is passed along
with the file handle. This nonce can be used by the NaCl process to acquire the
file handle directly from the browser process, as well as a fresh copy of the
file handle.
This change significantly revises the OpenNaClExecutable method of the
PPB_NaCl_Private interface. The method was added anticipation of this CL, but
the overall design shifted after the method was added.
BUG=https://code.google.com/p/chromium/issues/detail?id=224434
Review URL: https://chromiumcodereview.appspot.com/14750007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@202278 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'ppapi/c')
| -rw-r--r-- | ppapi/c/private/ppb_nacl_private.h | 24 |
1 files changed, 5 insertions, 19 deletions
diff --git a/ppapi/c/private/ppb_nacl_private.h b/ppapi/c/private/ppb_nacl_private.h index 8e40fd8..72b62e9 100644 --- a/ppapi/c/private/ppb_nacl_private.h +++ b/ppapi/c/private/ppb_nacl_private.h @@ -3,7 +3,7 @@ * found in the LICENSE file. */ -/* From private/ppb_nacl_private.idl modified Mon Apr 22 22:25:20 2013. */ +/* From private/ppb_nacl_private.idl modified Fri May 17 13:21:13 2013. */ #ifndef PPAPI_C_PRIVATE_PPB_NACL_PRIVATE_H_ #define PPAPI_C_PRIVATE_PPB_NACL_PRIVATE_H_ @@ -12,7 +12,6 @@ #include "ppapi/c/pp_instance.h" #include "ppapi/c/pp_macros.h" #include "ppapi/c/pp_stdint.h" -#include "ppapi/c/pp_var.h" #define PPB_NACL_PRIVATE_INTERFACE_1_0 "PPB_NaCl_Private;1.0" #define PPB_NACL_PRIVATE_INTERFACE PPB_NACL_PRIVATE_INTERFACE_1_0 @@ -57,19 +56,6 @@ typedef enum { */ /** - * @addtogroup Structs - * @{ - */ -struct PP_NaClExecutableMetadata { - /** File path of NaCl executable. This is created by the OpenNaClExecutableFd - * function. It is the caller's responsiblity to release it. */ - struct PP_Var file_path; -}; -/** - * @} - */ - -/** * @addtogroup Interfaces * @{ */ @@ -149,10 +135,10 @@ struct PPB_NaCl_Private_1_0 { * corresponding to the file URL and returns a file descriptor, or an invalid * handle on failure. |metadata| is left unchanged on failure. */ - PP_FileHandle (*OpenNaClExecutable)( - PP_Instance instance, - const char* file_url, - struct PP_NaClExecutableMetadata* metadata); + PP_FileHandle (*OpenNaClExecutable)(PP_Instance instance, + const char* file_url, + uint64_t* file_token_lo, + uint64_t* file_token_hi); }; typedef struct PPB_NaCl_Private_1_0 PPB_NaCl_Private; |