1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "content/browser/media/midi_host.h" 6 7 #include "base/bind.h" 8 #include "base/bind_helpers.h" 9 #include "base/debug/trace_event.h" 10 #include "base/process/process.h" 11 #include "content/browser/browser_main_loop.h" 12 #include "content/browser/child_process_security_policy_impl.h" 13 #include "content/browser/media/media_internals.h" 14 #include "content/common/media/midi_messages.h" 15 #include "content/public/browser/content_browser_client.h" 16 #include "content/public/browser/media_observer.h" 17 #include "content/public/browser/user_metrics.h" 18 #include "media/midi/midi_manager.h" 19 #include "media/midi/midi_message_queue.h" 20 #include "media/midi/midi_message_util.h" 21 22 using media::MidiManager; 23 using media::MidiPortInfoList; 24 25 namespace content { 26 namespace { 27 28 // The total number of bytes which we're allowed to send to the OS 29 // before knowing that they have been successfully sent. 30 const size_t kMaxInFlightBytes = 10 * 1024 * 1024; // 10 MB. 31 32 // We keep track of the number of bytes successfully sent to 33 // the hardware. Every once in a while we report back to the renderer 34 // the number of bytes sent since the last report. This threshold determines 35 // how many bytes will be sent before reporting back to the renderer. 36 const size_t kAcknowledgementThresholdBytes = 1024 * 1024; // 1 MB. 37 38 bool IsDataByte(uint8 data) { 39 return (data & 0x80) == 0; 40 } 41 42 bool IsSystemRealTimeMessage(uint8 data) { 43 return 0xf8 <= data && data <= 0xff; 44 } 45 46 } // namespace 47 48 using media::kSysExByte; 49 using media::kEndOfSysExByte; 50 51 MidiHost::MidiHost(int renderer_process_id, media::MidiManager* midi_manager) 52 : BrowserMessageFilter(MidiMsgStart), 53 renderer_process_id_(renderer_process_id), 54 has_sys_ex_permission_(false), 55 midi_manager_(midi_manager), 56 sent_bytes_in_flight_(0), 57 bytes_sent_since_last_acknowledgement_(0) { 58 } 59 60 MidiHost::~MidiHost() { 61 if (midi_manager_) 62 midi_manager_->EndSession(this); 63 } 64 65 void MidiHost::OnDestruct() const { 66 BrowserThread::DeleteOnIOThread::Destruct(this); 67 } 68 69 // IPC Messages handler 70 bool MidiHost::OnMessageReceived(const IPC::Message& message) { 71 bool handled = true; 72 IPC_BEGIN_MESSAGE_MAP(MidiHost, message) 73 IPC_MESSAGE_HANDLER(MidiHostMsg_StartSession, OnStartSession) 74 IPC_MESSAGE_HANDLER(MidiHostMsg_SendData, OnSendData) 75 IPC_MESSAGE_UNHANDLED(handled = false) 76 IPC_END_MESSAGE_MAP() 77 78 return handled; 79 } 80 81 void MidiHost::OnStartSession(int client_id) { 82 if (midi_manager_) 83 midi_manager_->StartSession(this, client_id); 84 } 85 86 void MidiHost::OnSendData(uint32 port, 87 const std::vector<uint8>& data, 88 double timestamp) { 89 if (!midi_manager_) 90 return; 91 92 if (data.empty()) 93 return; 94 95 // Blink running in a renderer checks permission to raise a SecurityError 96 // in JavaScript. The actual permission check for security purposes 97 // happens here in the browser process. 98 if (!has_sys_ex_permission_ && 99 std::find(data.begin(), data.end(), kSysExByte) != data.end()) { 100 RecordAction(base::UserMetricsAction("BadMessageTerminate_MIDI")); 101 BadMessageReceived(); 102 return; 103 } 104 105 if (!IsValidWebMIDIData(data)) 106 return; 107 108 { 109 base::AutoLock auto_lock(in_flight_lock_); 110 // Sanity check that we won't send too much data. 111 // TODO(yukawa): Consider to send an error event back to the renderer 112 // after some future discussion in W3C. 113 if (data.size() + sent_bytes_in_flight_ > kMaxInFlightBytes) 114 return; 115 sent_bytes_in_flight_ += data.size(); 116 } 117 midi_manager_->DispatchSendMidiData(this, port, data, timestamp); 118 } 119 120 void MidiHost::CompleteStartSession(int client_id, media::MidiResult result) { 121 MidiPortInfoList input_ports; 122 MidiPortInfoList output_ports; 123 124 if (result == media::MIDI_OK) { 125 input_ports = midi_manager_->input_ports(); 126 output_ports = midi_manager_->output_ports(); 127 received_messages_queues_.clear(); 128 received_messages_queues_.resize(input_ports.size()); 129 // ChildSecurityPolicy is set just before OnStartSession by 130 // MidiDispatcherHost. So we can safely cache the policy. 131 has_sys_ex_permission_ = ChildProcessSecurityPolicyImpl::GetInstance()-> 132 CanSendMidiSysExMessage(renderer_process_id_); 133 } 134 135 Send(new MidiMsg_SessionStarted(client_id, 136 result, 137 input_ports, 138 output_ports)); 139 } 140 141 void MidiHost::ReceiveMidiData( 142 uint32 port, 143 const uint8* data, 144 size_t length, 145 double timestamp) { 146 TRACE_EVENT0("midi", "MidiHost::ReceiveMidiData"); 147 148 if (received_messages_queues_.size() <= port) 149 return; 150 151 // Lazy initialization 152 if (received_messages_queues_[port] == NULL) 153 received_messages_queues_[port] = new media::MidiMessageQueue(true); 154 155 received_messages_queues_[port]->Add(data, length); 156 std::vector<uint8> message; 157 while (true) { 158 received_messages_queues_[port]->Get(&message); 159 if (message.empty()) 160 break; 161 162 // MIDI devices may send a system exclusive messages even if the renderer 163 // doesn't have a permission to receive it. Don't kill the renderer as 164 // OnSendData() does. 165 if (message[0] == kSysExByte && !has_sys_ex_permission_) 166 continue; 167 168 // Send to the renderer. 169 Send(new MidiMsg_DataReceived(port, message, timestamp)); 170 } 171 } 172 173 void MidiHost::AccumulateMidiBytesSent(size_t n) { 174 { 175 base::AutoLock auto_lock(in_flight_lock_); 176 if (n <= sent_bytes_in_flight_) 177 sent_bytes_in_flight_ -= n; 178 } 179 180 if (bytes_sent_since_last_acknowledgement_ + n >= 181 bytes_sent_since_last_acknowledgement_) 182 bytes_sent_since_last_acknowledgement_ += n; 183 184 if (bytes_sent_since_last_acknowledgement_ >= 185 kAcknowledgementThresholdBytes) { 186 Send(new MidiMsg_AcknowledgeSentData( 187 bytes_sent_since_last_acknowledgement_)); 188 bytes_sent_since_last_acknowledgement_ = 0; 189 } 190 } 191 192 // static 193 bool MidiHost::IsValidWebMIDIData(const std::vector<uint8>& data) { 194 bool in_sysex = false; 195 size_t waiting_data_length = 0; 196 for (size_t i = 0; i < data.size(); ++i) { 197 const uint8 current = data[i]; 198 if (IsSystemRealTimeMessage(current)) 199 continue; // Real time message can be placed at any point. 200 if (waiting_data_length > 0) { 201 if (!IsDataByte(current)) 202 return false; // Error: |current| should have been data byte. 203 --waiting_data_length; 204 continue; // Found data byte as expected. 205 } 206 if (in_sysex) { 207 if (data[i] == kEndOfSysExByte) 208 in_sysex = false; 209 else if (!IsDataByte(current)) 210 return false; // Error: |current| should have been data byte. 211 continue; // Found data byte as expected. 212 } 213 if (current == kSysExByte) { 214 in_sysex = true; 215 continue; // Found SysEX 216 } 217 waiting_data_length = media::GetMidiMessageLength(current); 218 if (waiting_data_length == 0) 219 return false; // Error: |current| should have been a valid status byte. 220 --waiting_data_length; // Found status byte 221 } 222 return waiting_data_length == 0 && !in_sysex; 223 } 224 225 } // namespace content 226
