Home | History | Annotate | Download | only in nacl_host 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_NACL_HOST_NACL_PROCESS_HOST_H_
      6 #define CHROME_BROWSER_NACL_HOST_NACL_PROCESS_HOST_H_
      7 
      8 #include "build/build_config.h"
      9 
     10 #include "base/files/file_path.h"
     11 #include "base/files/file_util_proxy.h"
     12 #include "base/memory/ref_counted.h"
     13 #include "base/memory/weak_ptr.h"
     14 #include "base/message_loop/message_loop.h"
     15 #include "base/process/process.h"
     16 #include "components/nacl/common/nacl_types.h"
     17 #include "content/public/browser/browser_child_process_host_delegate.h"
     18 #include "content/public/browser/browser_child_process_host_iterator.h"
     19 #include "ipc/ipc_channel_handle.h"
     20 #include "net/socket/tcp_listen_socket.h"
     21 #include "ppapi/shared_impl/ppapi_permissions.h"
     22 #include "url/gurl.h"
     23 
     24 class CommandLine;
     25 class ExtensionInfoMap;
     26 class NaClBrowserDelegate;
     27 class NaClHostMessageFilter;
     28 
     29 namespace content {
     30 class BrowserChildProcessHost;
     31 class BrowserPpapiHost;
     32 }
     33 
     34 namespace IPC {
     35 class ChannelProxy;
     36 }
     37 
     38 // Represents the browser side of the browser <--> NaCl communication
     39 // channel. There will be one NaClProcessHost per NaCl process
     40 // The browser is responsible for starting the NaCl process
     41 // when requested by the renderer.
     42 // After that, most of the communication is directly between NaCl plugin
     43 // running in the renderer and NaCl processes.
     44 class NaClProcessHost : public content::BrowserChildProcessHostDelegate {
     45  public:
     46   // manifest_url: the URL of the manifest of the Native Client plugin being
     47   // executed.
     48   // render_view_id: RenderView routing id, to control access to private APIs.
     49   // permission_bits: controls which interfaces the NaCl plugin can use.
     50   // off_the_record: was the process launched from an incognito renderer?
     51   // profile_directory: is the path of current profile directory.
     52   NaClProcessHost(const GURL& manifest_url,
     53                   int render_view_id,
     54                   uint32 permission_bits,
     55                   bool uses_irt,
     56                   bool enable_dyncode_syscalls,
     57                   bool enable_exception_handling,
     58                   bool off_the_record,
     59                   const base::FilePath& profile_directory);
     60   virtual ~NaClProcessHost();
     61 
     62   // Do any minimal work that must be done at browser startup.
     63   static void EarlyStartup(NaClBrowserDelegate* delegate);
     64 
     65   // Initialize the new NaCl process. Result is returned by sending ipc
     66   // message reply_msg.
     67   void Launch(NaClHostMessageFilter* nacl_host_message_filter,
     68               IPC::Message* reply_msg,
     69               const base::FilePath& manifest_path);
     70 
     71   virtual void OnChannelConnected(int32 peer_pid) OVERRIDE;
     72 
     73 #if defined(OS_WIN)
     74   void OnProcessLaunchedByBroker(base::ProcessHandle handle);
     75   void OnDebugExceptionHandlerLaunchedByBroker(bool success);
     76 #endif
     77 
     78   bool Send(IPC::Message* msg);
     79 
     80   content::BrowserChildProcessHost* process() { return process_.get(); }
     81   content::BrowserPpapiHost* browser_ppapi_host() { return ppapi_host_.get(); }
     82 
     83  private:
     84   friend class PluginListener;
     85 
     86   // Internal class that holds the NaClHandle objecs so that
     87   // nacl_process_host.h doesn't include NaCl headers.  Needed since it's
     88   // included by src\content, which can't depend on the NaCl gyp file because it
     89   // depends on chrome.gyp (circular dependency).
     90   struct NaClInternal;
     91 
     92   // PluginListener that forwards any messages from untrusted code that aren't
     93   // handled by the PepperMessageFilter to us.
     94   class PluginListener : public IPC::Listener {
     95    public:
     96     explicit PluginListener(NaClProcessHost* host);
     97     virtual bool OnMessageReceived(const IPC::Message& message) OVERRIDE;
     98    private:
     99     // Non-owning pointer so we can forward messages to the host.
    100     NaClProcessHost* host_;
    101   };
    102 
    103   bool LaunchNaClGdb();
    104 
    105 #if defined(OS_POSIX)
    106   // Create bound TCP socket in the browser process so that the NaCl GDB debug
    107   // stub can use it to accept incoming connections even when the Chrome sandbox
    108   // is enabled.
    109   SocketDescriptor GetDebugStubSocketHandle();
    110 #endif
    111   bool LaunchSelLdr();
    112 
    113   // BrowserChildProcessHostDelegate implementation:
    114   virtual bool OnMessageReceived(const IPC::Message& msg) OVERRIDE;
    115   virtual void OnProcessLaunched() OVERRIDE;
    116 
    117   void OnResourcesReady();
    118 
    119   // Enable the PPAPI proxy only for NaCl processes corresponding to a renderer.
    120   bool enable_ppapi_proxy() { return render_view_id_ != 0; }
    121 
    122   // Sends the reply message to the renderer who is waiting for the plugin
    123   // to load. Returns true on success.
    124   bool ReplyToRenderer(const IPC::ChannelHandle& channel_handle);
    125 
    126   // Sends the reply with error message to the renderer.
    127   void SendErrorToRenderer(const std::string& error_message);
    128 
    129   // Sends the reply message to the renderer. Either result or
    130   // error message must be empty.
    131   void SendMessageToRenderer(const nacl::NaClLaunchResult& result,
    132                              const std::string& error_message);
    133 
    134   // Sends the message to the NaCl process to load the plugin. Returns true
    135   // on success.
    136   bool StartNaClExecution();
    137 
    138   // Called once all initialization is complete and the NaCl process is
    139   // ready to go. Returns true on success.
    140   bool SendStart();
    141 
    142   // Does post-process-launching tasks for starting the NaCl process once
    143   // we have a connection.
    144   //
    145   // Returns false on failure.
    146   bool StartWithLaunchedProcess();
    147 
    148   // Message handlers for validation caching.
    149   void OnQueryKnownToValidate(const std::string& signature, bool* result);
    150   void OnSetKnownToValidate(const std::string& signature);
    151   void OnResolveFileToken(uint64 file_token_lo, uint64 file_token_hi,
    152                           IPC::Message* reply_msg);
    153   void FileResolved(base::PlatformFile* file, const base::FilePath& file_path,
    154                     IPC::Message* reply_msg);
    155 
    156 #if defined(OS_WIN)
    157   // Message handler for Windows hardware exception handling.
    158   void OnAttachDebugExceptionHandler(const std::string& info,
    159                                      IPC::Message* reply_msg);
    160   bool AttachDebugExceptionHandler(const std::string& info,
    161                                    IPC::Message* reply_msg);
    162 #endif
    163 
    164   // Called when a PPAPI IPC channel has been created.
    165   void OnPpapiChannelCreated(const IPC::ChannelHandle& channel_handle);
    166   // Called by PluginListener, so messages from the untrusted side of
    167   // the IPC proxy can be handled.
    168   bool OnUntrustedMessageForwarded(const IPC::Message& msg);
    169 
    170   GURL manifest_url_;
    171   ppapi::PpapiPermissions permissions_;
    172 
    173 #if defined(OS_WIN)
    174   // This field becomes true when the broker successfully launched
    175   // the NaCl loader.
    176   bool process_launched_by_broker_;
    177 #endif
    178   // The NaClHostMessageFilter that requested this NaCl process.  We use
    179   // this for sending the reply once the process has started.
    180   scoped_refptr<NaClHostMessageFilter> nacl_host_message_filter_;
    181 
    182   // The reply message to send. We must always send this message when the
    183   // sub-process either succeeds or fails to unblock the renderer waiting for
    184   // the reply. NULL when there is no reply to send.
    185   IPC::Message* reply_msg_;
    186 #if defined(OS_WIN)
    187   bool debug_exception_handler_requested_;
    188   scoped_ptr<IPC::Message> attach_debug_exception_handler_reply_msg_;
    189 #endif
    190 
    191   // The file path to the manifest is passed to nacl-gdb when it is used to
    192   // debug the NaCl loader.
    193   base::FilePath manifest_path_;
    194 
    195   // Socket pairs for the NaCl process and renderer.
    196   scoped_ptr<NaClInternal> internal_;
    197 
    198   base::WeakPtrFactory<NaClProcessHost> weak_factory_;
    199 
    200   scoped_ptr<content::BrowserChildProcessHost> process_;
    201 
    202   bool uses_irt_;
    203 
    204   bool enable_debug_stub_;
    205   bool enable_dyncode_syscalls_;
    206   bool enable_exception_handling_;
    207 
    208   bool off_the_record_;
    209 
    210   const base::FilePath profile_directory_;
    211 
    212   // Channel proxy to terminate the NaCl-Browser PPAPI channel.
    213   scoped_ptr<IPC::ChannelProxy> ipc_proxy_channel_;
    214   // Plugin listener, to forward browser channel messages to us.
    215   PluginListener ipc_plugin_listener_;
    216   // Browser host for plugin process.
    217   scoped_ptr<content::BrowserPpapiHost> ppapi_host_;
    218 
    219   int render_view_id_;
    220 
    221   DISALLOW_COPY_AND_ASSIGN(NaClProcessHost);
    222 };
    223 
    224 #endif  // CHROME_BROWSER_NACL_HOST_NACL_PROCESS_HOST_H_
    225