1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
|
/* Copyright (c) 2012 The Chromium Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*/
/* This file contains NaCl private interfaces. This interface is not versioned
* and is for internal Chrome use. It may change without notice. */
label Chrome {
M25 = 1.0
};
#inline c
#include "ppapi/c/private/pp_file_handle.h"
#include "ppapi/c/private/ppb_instance_private.h"
#endinl
/** NaCl-specific errors that should be reported to the user.
* These error codes are reported via UMA so, if you edit them:
* 1) make sure you understand UMA first.
* 2) update src/tools/metrics/histograms/histograms.xml
* Values are explicitly specified to make sure they don't shift around when
* edited, and also to make reading about:histograms easier.
*/
enum PP_NaClError {
PP_NACL_ERROR_LOAD_SUCCESS = 0,
PP_NACL_ERROR_LOAD_ABORTED = 1,
PP_NACL_ERROR_UNKNOWN = 2,
PP_NACL_ERROR_MANIFEST_RESOLVE_URL = 3,
PP_NACL_ERROR_MANIFEST_LOAD_URL = 4,
PP_NACL_ERROR_MANIFEST_STAT = 5,
PP_NACL_ERROR_MANIFEST_TOO_LARGE = 6,
PP_NACL_ERROR_MANIFEST_OPEN = 7,
PP_NACL_ERROR_MANIFEST_MEMORY_ALLOC = 8,
PP_NACL_ERROR_MANIFEST_READ = 9,
PP_NACL_ERROR_MANIFEST_PARSING = 10,
PP_NACL_ERROR_MANIFEST_SCHEMA_VALIDATE = 11,
PP_NACL_ERROR_MANIFEST_GET_NEXE_URL = 12,
PP_NACL_ERROR_NEXE_LOAD_URL = 13,
PP_NACL_ERROR_NEXE_ORIGIN_PROTOCOL = 14,
PP_NACL_ERROR_NEXE_FH_DUP = 15,
PP_NACL_ERROR_NEXE_STAT = 16,
PP_NACL_ERROR_ELF_CHECK_IO = 17,
PP_NACL_ERROR_ELF_CHECK_FAIL = 18,
PP_NACL_ERROR_SEL_LDR_INIT = 19,
PP_NACL_ERROR_SEL_LDR_CREATE_LAUNCHER = 20,
PP_NACL_ERROR_SEL_LDR_FD = 21,
PP_NACL_ERROR_SEL_LDR_LAUNCH = 22,
/* Deprecated, safe to reuse the value because it's never logged in UMA.
PP_NACL_ERROR_SEL_LDR_COMMUNICATION = 23, */
PP_NACL_ERROR_SEL_LDR_SEND_NEXE = 24,
PP_NACL_ERROR_SEL_LDR_HANDLE_PASSING = 25,
PP_NACL_ERROR_SEL_LDR_START_MODULE = 26,
PP_NACL_ERROR_SEL_LDR_START_STATUS = 27,
PP_NACL_ERROR_SRPC_CONNECTION_FAIL = 28,
PP_NACL_ERROR_START_PROXY_CHECK_PPP = 29,
PP_NACL_ERROR_START_PROXY_ALLOC = 30,
PP_NACL_ERROR_START_PROXY_MODULE = 31,
PP_NACL_ERROR_START_PROXY_INSTANCE = 32,
PP_NACL_ERROR_SEL_LDR_COMMUNICATION_CMD_CHANNEL = 33,
PP_NACL_ERROR_SEL_LDR_COMMUNICATION_REV_SETUP = 34,
PP_NACL_ERROR_SEL_LDR_COMMUNICATION_WRAPPER = 35,
PP_NACL_ERROR_SEL_LDR_COMMUNICATION_REV_SERVICE = 36,
PP_NACL_ERROR_START_PROXY_CRASH = 37,
PP_NACL_ERROR_MANIFEST_PROGRAM_MISSING_ARCH = 38,
PP_NACL_ERROR_PNACL_CACHE_OPEN_INPROGRESS = 39,
PP_NACL_ERROR_PNACL_CACHE_OPEN_NOACCESS = 40,
PP_NACL_ERROR_PNACL_CACHE_OPEN_NOQUOTA = 41,
PP_NACL_ERROR_PNACL_CACHE_OPEN_NOSPACE = 42,
PP_NACL_ERROR_PNACL_CACHE_OPEN_OTHER = 43,
PP_NACL_ERROR_PNACL_CACHE_DIRECTORY_CREATE = 44,
PP_NACL_ERROR_PNACL_CACHE_FILEOPEN_NOACCESS = 45,
PP_NACL_ERROR_PNACL_CACHE_FILEOPEN_NOQUOTA = 46,
PP_NACL_ERROR_PNACL_CACHE_FILEOPEN_NOSPACE = 47,
PP_NACL_ERROR_PNACL_CACHE_FILEOPEN_NOTAFILE = 48,
PP_NACL_ERROR_PNACL_CACHE_FILEOPEN_OTHER = 49,
PP_NACL_ERROR_PNACL_CACHE_FETCH_NOACCESS = 50,
PP_NACL_ERROR_PNACL_CACHE_FETCH_NOTFOUND = 51,
PP_NACL_ERROR_PNACL_CACHE_FETCH_OTHER = 52,
PP_NACL_ERROR_PNACL_CACHE_FINALIZE_COPY_NOQUOTA = 53,
PP_NACL_ERROR_PNACL_CACHE_FINALIZE_COPY_NOSPACE = 54,
PP_NACL_ERROR_PNACL_CACHE_FINALIZE_COPY_OTHER = 55,
PP_NACL_ERROR_PNACL_CACHE_FINALIZE_RENAME_NOACCESS = 56,
PP_NACL_ERROR_PNACL_CACHE_FINALIZE_RENAME_OTHER = 57,
PP_NACL_ERROR_PNACL_RESOURCE_FETCH = 58,
PP_NACL_ERROR_PNACL_PEXE_FETCH_ABORTED = 59,
PP_NACL_ERROR_PNACL_PEXE_FETCH_NOACCESS = 60,
PP_NACL_ERROR_PNACL_PEXE_FETCH_OTHER = 61,
PP_NACL_ERROR_PNACL_THREAD_CREATE = 62,
PP_NACL_ERROR_PNACL_LLC_SETUP = 63,
PP_NACL_ERROR_PNACL_LD_SETUP = 64,
PP_NACL_ERROR_PNACL_LLC_INTERNAL = 65,
PP_NACL_ERROR_PNACL_LD_INTERNAL = 66,
PP_NACL_ERROR_PNACL_CREATE_TEMP = 67,
/* This entry is no longer used, but should not be removed, because UMA
numbers need to be kept consistent. */
PP_NACL_ERROR_PNACL_NOT_ENABLED = 68,
PP_NACL_ERROR_MANIFEST_NOACCESS_URL = 69,
PP_NACL_ERROR_NEXE_NOACCESS_URL = 70,
PP_NACL_ERROR_PNACL_CRASH_THROTTLED = 71,
/* If you add a code, read the enum comment above on how to update
histograms. */
PP_NACL_ERROR_MAX
};
/** Event types that NaCl may use when reporting load progress or errors. */
enum PP_NaClEventType {
PP_NACL_EVENT_LOADSTART,
PP_NACL_EVENT_PROGRESS,
PP_NACL_EVENT_ERROR,
PP_NACL_EVENT_ABORT,
PP_NACL_EVENT_LOAD,
PP_NACL_EVENT_LOADEND,
PP_NACL_EVENT_CRASH
};
enum PP_UrlSchemeType {
PP_SCHEME_CHROME_EXTENSION,
PP_SCHEME_DATA,
PP_SCHEME_OTHER
};
enum PP_NaClReadyState {
/* The trusted plugin begins in this ready state. */
PP_NACL_READY_STATE_UNSENT = 0,
/* The manifest file has been requested, but not yet received. */
PP_NACL_READY_STATE_OPENED = 1,
/* The manifest file has been received and the nexe successfully requested. */
PP_NACL_READY_STATE_LOADING = 3,
/* The nexe has been loaded and the proxy started, so it is ready for
interaction with the page. */
PP_NACL_READY_STATE_DONE = 4
};
struct PP_PNaClOptions {
PP_Bool translate;
PP_Bool is_debug;
int32_t opt_level;
};
/* Callback invoked upon completion of PPP_ManifestService::OpenResource(). */
typedef void PP_OpenResourceCompletionCallback([inout] mem_t user_data,
[in] PP_FileHandle file_handle);
/* ManifestService to support irt_open_resource() function.
* All functions of the service should have PP_Bool return value. It represents
* whether the service is still alive or not. Trivially Quit() should always
* return false. However, other functions also can return false.
* Once false is called, as the service has been destructed, all functions
* should never be called afterwords.
*/
interface PPP_ManifestService {
/* Called when ManifestService should be destructed. */
PP_Bool Quit([inout] mem_t user_data);
/* Called when PPAPI initialization in the NaCl plugin is finished. */
PP_Bool StartupInitializationComplete([inout] mem_t user_data);
/* Called when irt_open_resource() is invoked in the NaCl plugin.
* Upon completion, callback will be invoked with given callback_user_data
* and the result file handle (or PP_kInvalidFileHandle on error). */
PP_Bool OpenResource([inout] mem_t user_data,
[in] str_t entry_key,
[in] PP_OpenResourceCompletionCallback callback,
[inout] mem_t callback_user_data);
};
/* PPB_NaCl_Private */
interface PPB_NaCl_Private {
/* Launches NaCl's sel_ldr process. Returns PP_EXTERNAL_PLUGIN_OK on success
* and writes a NaClHandle to imc_handle. Returns PP_EXTERNAL_PLUGIN_FAILED on
* failure. The |enable_ppapi_dev| parameter controls whether GetInterface
* returns 'Dev' interfaces to the NaCl plugin. The |uses_ppapi| flag
* indicates that the nexe run by sel_ldr will use the PPAPI APIs.
* This implies that LaunchSelLdr is run from the main thread. If a nexe
* does not need PPAPI, then it can run off the main thread.
* The |uses_irt| flag indicates whether the IRT should be loaded in this
* NaCl process. This is true for ABI stable nexes.
* The |uses_nonsfi_mode| flag indicates whether or not nonsfi-mode should
* be used with the binary pointed by the url.
* The |enable_dyncode_syscalls| flag indicates whether or not the nexe
* will be able to use dynamic code system calls (e.g., mmap with PROT_EXEC).
* The |enable_exception_handling| flag indicates whether or not the nexe
* will be able to use hardware exception handling.
* The |enable_crash_throttling| flag indicates whether or not crashes of
* the nexe contribute to crash throttling statisics and whether nexe starts
* are throttled by crash throttling.
*/
void LaunchSelLdr([in] PP_Instance instance,
[in] str_t alleged_url,
[in] PP_Bool uses_irt,
[in] PP_Bool uses_ppapi,
[in] PP_Bool uses_nonsfi_mode,
[in] PP_Bool enable_ppapi_dev,
[in] PP_Bool enable_dyncode_syscalls,
[in] PP_Bool enable_exception_handling,
[in] PP_Bool enable_crash_throttling,
[in] PPP_ManifestService manifest_service_interface,
[inout] mem_t manifest_service_user_data,
[out] mem_t imc_handle,
[out] PP_Var error_message,
[in] PP_CompletionCallback callback);
/* This function starts the IPC proxy so the nexe can communicate with the
* browser.
*/
PP_Bool StartPpapiProxy(PP_Instance instance);
/* On POSIX systems, this function returns the file descriptor of
* /dev/urandom. On non-POSIX systems, this function returns 0.
*/
int32_t UrandomFD();
/* Whether the Pepper 3D interfaces should be disabled in the NaCl PPAPI
* proxy. This is so paranoid admins can effectively prevent untrusted shader
* code to be processed by the graphics stack.
*/
PP_Bool Are3DInterfacesDisabled();
/* This is Windows-specific. This is a replacement for DuplicateHandle() for
* use inside the Windows sandbox. Note that we provide this via dependency
* injection only to avoid the linkage problems that occur because the NaCl
* plugin is built as a separate DLL/DSO
* (see http://code.google.com/p/chromium/issues/detail?id=114439#c8).
*/
int32_t BrokerDuplicateHandle([in] PP_FileHandle source_handle,
[in] uint32_t process_id,
[out] PP_FileHandle target_handle,
[in] uint32_t desired_access,
[in] uint32_t options);
/* Returns a read-only file descriptor of a file rooted in the Pnacl
* component directory, or an invalid handle on failure.
*/
PP_FileHandle GetReadonlyPnaclFd([in] str_t filename);
/* This creates a temporary file that will be deleted by the time
* the last handle is closed (or earlier on POSIX systems), and
* returns a posix handle to that temporary file.
*/
PP_FileHandle CreateTemporaryFile([in] PP_Instance instance);
/* Return the number of processors in the system as reported by the OS */
int32_t GetNumberOfProcessors();
/* Return whether the non-SFI mode is enabled. */
PP_Bool IsNonSFIModeEnabled();
/* Create a temporary file, which will be deleted by the time the
* last handle is closed (or earlier on POSIX systems), to use for
* the nexe with the cache information given by |pexe_url|,
* |abi_version|, |opt_level|, and |headers|. If the nexe is already present
* in the cache, |is_hit| is set to PP_TRUE and the contents of the nexe will
* be copied into the temporary file. Otherwise |is_hit| is set to PP_FALSE
* and the temporary file will be writeable. Currently the implementation is
* a stub, which always sets is_hit to false and calls the implementation of
* CreateTemporaryFile. In a subsequent CL it will call into the browser
* which will remember the association between the cache key and the fd, and
* copy the nexe into the cache after the translation finishes.
*/
int32_t GetNexeFd([in] PP_Instance instance,
[in] str_t pexe_url,
[in] uint32_t abi_version,
[in] uint32_t opt_level,
[in] str_t headers,
[in] str_t extra_flags,
[out] PP_Bool is_hit,
[out] PP_FileHandle nexe_handle,
[in] PP_CompletionCallback callback);
/* Report to the browser that translation of the pexe for |instance|
* has finished, or aborted with an error. If |success| is true, the
* browser may then store the translation in the cache. The renderer
* must first have called GetNexeFd for the same instance. (The browser is
* not guaranteed to store the nexe even if |success| is true; if there is
* an error on the browser side, or the file is too big for the cache, or
* the browser is in incognito mode, no notification will be delivered to
* the plugin.)
*/
void ReportTranslationFinished([in] PP_Instance instance,
[in] PP_Bool success);
/* Opens a NaCl executable file in the application's extension directory
* corresponding to the file URL and returns a file descriptor, or an invalid
* handle on failure. |metadata| is left unchanged on failure.
*/
PP_FileHandle OpenNaClExecutable([in] PP_Instance instance,
[in] str_t file_url,
[out] uint64_t file_token_lo,
[out] uint64_t file_token_hi);
/* Dispatch a progress event on the DOM element where the given instance is
* embedded.
*/
void DispatchEvent([in] PP_Instance instance,
[in] PP_NaClEventType event_type,
[in] str_t resource_url,
[in] PP_Bool length_is_computable,
[in] uint64_t loaded_bytes,
[in] uint64_t total_bytes);
/* Report that the attempt to open the nexe has finished. Opening the file
* may have failed, as indicated by a pp_error value that is not PP_OK or an
* fd of -1. Failure to stat the file to determine its length results in
* nexe_bytes_read being -1.
*/
void NexeFileDidOpen([in] PP_Instance instance,
[in] int32_t pp_error,
[in] int32_t fd,
[in] int32_t http_status,
[in] int64_t nexe_bytes_read,
[in] str_t url,
[in] int64_t time_since_open);
/* Report that the nexe loaded successfully. */
void ReportLoadSuccess([in] PP_Instance instance,
[in] str_t url,
[in] uint64_t loaded_bytes,
[in] uint64_t total_bytes);
/* Report an error that occured while attempting to load a nexe. */
void ReportLoadError([in] PP_Instance instance,
[in] PP_NaClError error,
[in] str_t error_message,
[in] str_t console_message);
/* Reports that loading a nexe was aborted. */
void ReportLoadAbort([in] PP_Instance instance);
/* Reports that the nexe has crashed. */
void NexeDidCrash([in] PP_Instance instance,
[in] str_t crash_log);
/* Performs internal setup when an instance is created. */
void InstanceCreated([in] PP_Instance instance);
/* Performs internal cleanup when an instance is destroyed. */
void InstanceDestroyed([in] PP_Instance instance);
/* Return true if the NaCl debug stub is enabled and the app loaded from
* alleged_nmf_url will be attached to a debugger.
*/
PP_Bool NaClDebugEnabledForURL([in] str_t alleged_nmf_url);
/* Returns the kind of SFI sandbox implemented by NaCl on this
* platform.
*/
str_t GetSandboxArch();
/* Logs the message to the console. */
void LogToConsole([in] PP_Instance instance,
[in] str_t message);
/* Returns the NaCl readiness status for this instance. */
PP_NaClReadyState GetNaClReadyState([in] PP_Instance instance);
/* Returns true if the plugin is an installed app. */
PP_Bool GetIsInstalled([in] PP_Instance instance);
/* Returns the exit status of the plugin process. */
int32_t GetExitStatus([in] PP_Instance instance);
/* Sets the exit status of the plugin process. */
void SetExitStatus([in] PP_Instance instance,
[in] int32_t exit_status);
/* Logs the message via VLOG. */
void Vlog([in] str_t message);
/* Initializes internal state for a NaCl plugin. */
void InitializePlugin([in] PP_Instance instance,
[in] uint32_t argc,
[in, size_as=argc] str_t[] argn,
[in, size_as=argv] str_t[] argv);
/* Returns the size of the nexe. */
int64_t GetNexeSize([in] PP_Instance instance);
/* Performs accounting for requesting the NaCl manifest at the given URL. */
PP_Bool RequestNaClManifest([in] PP_Instance instance,
[in] str_t manifest_url,
[out] PP_Bool is_data_uri);
PP_Var GetManifestBaseURL([in] PP_Instance instance);
PP_Bool ResolvesRelativeToPluginBaseUrl([in] PP_Instance instance,
[in] str_t url);
/* Returns the parsed contents of a data URL. */
PP_Var ParseDataURL([in] str_t data_url);
/* Processes the NaCl manifest once it's been retrieved.
* TODO(teravest): Move the rest of the supporting logic out of the trusted
* plugin.
*/
void ProcessNaClManifest([in] PP_Instance instance,
[in] str_t program_url);
/* Returns the manifest url as passed as a plugin argument. */
PP_Var GetManifestURLArgument([in] PP_Instance instance);
PP_Bool DevInterfacesEnabled([in] PP_Instance instance);
/* Downloads the manifest into the buffer |data|, invoking
* |callback| when finished.
* TODO(teravest): Merge data URL parsing into this. */
void DownloadManifestToBuffer([in] PP_Instance instance,
[out] PP_Var data,
[in] PP_CompletionCallback callback);
int32_t CreatePnaclManifest([in] PP_Instance instance);
int32_t CreateJsonManifest([in] PP_Instance instance,
[in] str_t manifest_base_url,
[in] str_t manifest_data);
void DestroyManifest([in] PP_Instance instance,
[in] int32_t manifest_id);
PP_Bool GetManifestProgramURL([in] PP_Instance instance,
[in] int32_t manifest_id,
[out] PP_Var full_url,
[out] PP_PNaClOptions pnacl_options,
[out] PP_Bool uses_nonsfi_mode);
PP_Bool ManifestResolveKey([in] PP_Instance instance,
[in] int32_t manifest_id,
[in] str_t key,
[out] PP_Var full_url,
[out] PP_PNaClOptions pnacl_options);
/* Returns the filenames for the llc and ld tools, parsing that information
* from the file given in |filename|.
*/
PP_Bool GetPnaclResourceInfo([in] PP_Instance instance,
[in] str_t filename,
[out] PP_Var llc_tool_name,
[out] PP_Var ld_tool_name);
// PP_Var string of attributes describing the CPU features supported
// by the current architecture. The string is a comma-delimited list
// of attributes supported by LLVM in its -mattr= option:
// http://llvm.org/docs/CommandGuide/llc.html#cmdoption-mattr
PP_Var GetCpuFeatureAttrs();
/* Posts a message to the JavaScript object for the given instance.
* This method may be called on any thread.
*/
void PostMessageToJavaScript([in] PP_Instance instance,
[in] str_t message);
};
|