1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_NACL_HOST_NACL_PROCESS_HOST_H_ 6 #define CHROME_BROWSER_NACL_HOST_NACL_PROCESS_HOST_H_ 7 8 #include "build/build_config.h" 9 10 #include "base/files/file_path.h" 11 #include "base/files/file_util_proxy.h" 12 #include "base/memory/ref_counted.h" 13 #include "base/memory/weak_ptr.h" 14 #include "base/message_loop/message_loop.h" 15 #include "base/process/process.h" 16 #include "components/nacl/common/nacl_types.h" 17 #include "content/public/browser/browser_child_process_host_delegate.h" 18 #include "content/public/browser/browser_child_process_host_iterator.h" 19 #include "ipc/ipc_channel_handle.h" 20 #include "net/socket/tcp_listen_socket.h" 21 #include "ppapi/shared_impl/ppapi_permissions.h" 22 #include "url/gurl.h" 23 24 class CommandLine; 25 class ExtensionInfoMap; 26 class NaClBrowserDelegate; 27 class NaClHostMessageFilter; 28 29 namespace content { 30 class BrowserChildProcessHost; 31 class BrowserPpapiHost; 32 } 33 34 namespace IPC { 35 class ChannelProxy; 36 } 37 38 // Represents the browser side of the browser <--> NaCl communication 39 // channel. There will be one NaClProcessHost per NaCl process 40 // The browser is responsible for starting the NaCl process 41 // when requested by the renderer. 42 // After that, most of the communication is directly between NaCl plugin 43 // running in the renderer and NaCl processes. 44 class NaClProcessHost : public content::BrowserChildProcessHostDelegate { 45 public: 46 // manifest_url: the URL of the manifest of the Native Client plugin being 47 // executed. 48 // render_view_id: RenderView routing id, to control access to private APIs. 49 // permission_bits: controls which interfaces the NaCl plugin can use. 50 // off_the_record: was the process launched from an incognito renderer? 51 // profile_directory: is the path of current profile directory. 52 NaClProcessHost(const GURL& manifest_url, 53 int render_view_id, 54 uint32 permission_bits, 55 bool uses_irt, 56 bool enable_dyncode_syscalls, 57 bool enable_exception_handling, 58 bool off_the_record, 59 const base::FilePath& profile_directory); 60 virtual ~NaClProcessHost(); 61 62 // Do any minimal work that must be done at browser startup. 63 static void EarlyStartup(NaClBrowserDelegate* delegate); 64 65 // Initialize the new NaCl process. Result is returned by sending ipc 66 // message reply_msg. 67 void Launch(NaClHostMessageFilter* nacl_host_message_filter, 68 IPC::Message* reply_msg, 69 const base::FilePath& manifest_path); 70 71 virtual void OnChannelConnected(int32 peer_pid) OVERRIDE; 72 73 #if defined(OS_WIN) 74 void OnProcessLaunchedByBroker(base::ProcessHandle handle); 75 void OnDebugExceptionHandlerLaunchedByBroker(bool success); 76 #endif 77 78 bool Send(IPC::Message* msg); 79 80 content::BrowserChildProcessHost* process() { return process_.get(); } 81 content::BrowserPpapiHost* browser_ppapi_host() { return ppapi_host_.get(); } 82 83 private: 84 friend class PluginListener; 85 86 // Internal class that holds the NaClHandle objecs so that 87 // nacl_process_host.h doesn't include NaCl headers. Needed since it's 88 // included by src\content, which can't depend on the NaCl gyp file because it 89 // depends on chrome.gyp (circular dependency). 90 struct NaClInternal; 91 92 // PluginListener that forwards any messages from untrusted code that aren't 93 // handled by the PepperMessageFilter to us. 94 class PluginListener : public IPC::Listener { 95 public: 96 explicit PluginListener(NaClProcessHost* host); 97 virtual bool OnMessageReceived(const IPC::Message& message) OVERRIDE; 98 private: 99 // Non-owning pointer so we can forward messages to the host. 100 NaClProcessHost* host_; 101 }; 102 103 bool LaunchNaClGdb(); 104 105 #if defined(OS_POSIX) 106 // Create bound TCP socket in the browser process so that the NaCl GDB debug 107 // stub can use it to accept incoming connections even when the Chrome sandbox 108 // is enabled. 109 SocketDescriptor GetDebugStubSocketHandle(); 110 #endif 111 bool LaunchSelLdr(); 112 113 // BrowserChildProcessHostDelegate implementation: 114 virtual bool OnMessageReceived(const IPC::Message& msg) OVERRIDE; 115 virtual void OnProcessLaunched() OVERRIDE; 116 117 void OnResourcesReady(); 118 119 // Enable the PPAPI proxy only for NaCl processes corresponding to a renderer. 120 bool enable_ppapi_proxy() { return render_view_id_ != 0; } 121 122 // Sends the reply message to the renderer who is waiting for the plugin 123 // to load. Returns true on success. 124 bool ReplyToRenderer(const IPC::ChannelHandle& channel_handle); 125 126 // Sends the reply with error message to the renderer. 127 void SendErrorToRenderer(const std::string& error_message); 128 129 // Sends the reply message to the renderer. Either result or 130 // error message must be empty. 131 void SendMessageToRenderer(const nacl::NaClLaunchResult& result, 132 const std::string& error_message); 133 134 // Sends the message to the NaCl process to load the plugin. Returns true 135 // on success. 136 bool StartNaClExecution(); 137 138 // Called once all initialization is complete and the NaCl process is 139 // ready to go. Returns true on success. 140 bool SendStart(); 141 142 // Does post-process-launching tasks for starting the NaCl process once 143 // we have a connection. 144 // 145 // Returns false on failure. 146 bool StartWithLaunchedProcess(); 147 148 // Message handlers for validation caching. 149 void OnQueryKnownToValidate(const std::string& signature, bool* result); 150 void OnSetKnownToValidate(const std::string& signature); 151 void OnResolveFileToken(uint64 file_token_lo, uint64 file_token_hi, 152 IPC::Message* reply_msg); 153 void FileResolved(base::PlatformFile* file, const base::FilePath& file_path, 154 IPC::Message* reply_msg); 155 156 #if defined(OS_WIN) 157 // Message handler for Windows hardware exception handling. 158 void OnAttachDebugExceptionHandler(const std::string& info, 159 IPC::Message* reply_msg); 160 bool AttachDebugExceptionHandler(const std::string& info, 161 IPC::Message* reply_msg); 162 #endif 163 164 // Called when a PPAPI IPC channel has been created. 165 void OnPpapiChannelCreated(const IPC::ChannelHandle& channel_handle); 166 // Called by PluginListener, so messages from the untrusted side of 167 // the IPC proxy can be handled. 168 bool OnUntrustedMessageForwarded(const IPC::Message& msg); 169 170 GURL manifest_url_; 171 ppapi::PpapiPermissions permissions_; 172 173 #if defined(OS_WIN) 174 // This field becomes true when the broker successfully launched 175 // the NaCl loader. 176 bool process_launched_by_broker_; 177 #endif 178 // The NaClHostMessageFilter that requested this NaCl process. We use 179 // this for sending the reply once the process has started. 180 scoped_refptr<NaClHostMessageFilter> nacl_host_message_filter_; 181 182 // The reply message to send. We must always send this message when the 183 // sub-process either succeeds or fails to unblock the renderer waiting for 184 // the reply. NULL when there is no reply to send. 185 IPC::Message* reply_msg_; 186 #if defined(OS_WIN) 187 bool debug_exception_handler_requested_; 188 scoped_ptr<IPC::Message> attach_debug_exception_handler_reply_msg_; 189 #endif 190 191 // The file path to the manifest is passed to nacl-gdb when it is used to 192 // debug the NaCl loader. 193 base::FilePath manifest_path_; 194 195 // Socket pairs for the NaCl process and renderer. 196 scoped_ptr<NaClInternal> internal_; 197 198 base::WeakPtrFactory<NaClProcessHost> weak_factory_; 199 200 scoped_ptr<content::BrowserChildProcessHost> process_; 201 202 bool uses_irt_; 203 204 bool enable_debug_stub_; 205 bool enable_dyncode_syscalls_; 206 bool enable_exception_handling_; 207 208 bool off_the_record_; 209 210 const base::FilePath profile_directory_; 211 212 // Channel proxy to terminate the NaCl-Browser PPAPI channel. 213 scoped_ptr<IPC::ChannelProxy> ipc_proxy_channel_; 214 // Plugin listener, to forward browser channel messages to us. 215 PluginListener ipc_plugin_listener_; 216 // Browser host for plugin process. 217 scoped_ptr<content::BrowserPpapiHost> ppapi_host_; 218 219 int render_view_id_; 220 221 DISALLOW_COPY_AND_ASSIGN(NaClProcessHost); 222 }; 223 224 #endif // CHROME_BROWSER_NACL_HOST_NACL_PROCESS_HOST_H_ 225