1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef COMPONENTS_NACL_BROWSER_NACL_PROCESS_HOST_H_
6 #define COMPONENTS_NACL_BROWSER_NACL_PROCESS_HOST_H_
8 #include "build/build_config.h"
10 #include "base/files/file.h"
11 #include "base/files/file_path.h"
12 #include "base/files/file_util_proxy.h"
13 #include "base/memory/ref_counted.h"
14 #include "base/memory/shared_memory.h"
15 #include "base/memory/weak_ptr.h"
16 #include "base/message_loop/message_loop.h"
17 #include "base/process/process.h"
18 #include "components/nacl/common/nacl_types.h"
19 #include "content/public/browser/browser_child_process_host_delegate.h"
20 #include "content/public/browser/browser_child_process_host_iterator.h"
21 #include "ipc/ipc_channel_handle.h"
22 #include "native_client/src/public/nacl_file_info.h"
23 #include "net/socket/socket_descriptor.h"
24 #include "ppapi/shared_impl/ppapi_permissions.h"
28 class BrowserChildProcessHost;
29 class BrowserPpapiHost;
38 class NaClHostMessageFilter;
39 void* AllocateAddressSpaceASLR(base::ProcessHandle process, size_t size);
41 // Represents the browser side of the browser <--> NaCl communication
42 // channel. There will be one NaClProcessHost per NaCl process
43 // The browser is responsible for starting the NaCl process
44 // when requested by the renderer.
45 // After that, most of the communication is directly between NaCl plugin
46 // running in the renderer and NaCl processes.
47 class NaClProcessHost : public content::BrowserChildProcessHostDelegate {
49 // manifest_url: the URL of the manifest of the Native Client plugin being
51 // nexe_file: A file that corresponds to the nexe module to be loaded.
52 // nexe_token: A cache validation token for nexe_file.
53 // permissions: PPAPI permissions, to control access to private APIs.
54 // render_view_id: RenderView routing id, to control access to private APIs.
55 // permission_bits: controls which interfaces the NaCl plugin can use.
56 // uses_nonsfi_mode: whether the program should be loaded under non-SFI mode.
57 // off_the_record: was the process launched from an incognito renderer?
58 // process_type: the type of NaCl process.
59 // profile_directory: is the path of current profile directory.
60 NaClProcessHost(const GURL& manifest_url,
62 const NaClFileToken& nexe_token,
63 ppapi::PpapiPermissions permissions,
65 uint32 permission_bits,
66 bool uses_nonsfi_mode,
68 NaClAppProcessType process_type,
69 const base::FilePath& profile_directory);
70 ~NaClProcessHost() override;
72 void OnProcessCrashed(int exit_status) override;
74 // Do any minimal work that must be done at browser startup.
75 static void EarlyStartup();
77 // Specifies throttling time in milliseconds for PpapiHostMsg_Keepalive IPCs.
78 static void SetPpapiKeepAliveThrottleForTesting(unsigned milliseconds);
80 // Initialize the new NaCl process. Result is returned by sending ipc
82 void Launch(NaClHostMessageFilter* nacl_host_message_filter,
83 IPC::Message* reply_msg,
84 const base::FilePath& manifest_path);
86 void OnChannelConnected(int32 peer_pid) override;
89 void OnProcessLaunchedByBroker(base::ProcessHandle handle);
90 void OnDebugExceptionHandlerLaunchedByBroker(bool success);
93 bool Send(IPC::Message* msg);
95 content::BrowserChildProcessHost* process() { return process_.get(); }
96 content::BrowserPpapiHost* browser_ppapi_host() { return ppapi_host_.get(); }
101 // Mark the process as using a particular GDB debug stub port and notify
102 // listeners (if the port is not kGdbDebugStubPortUnknown).
103 void SetDebugStubPort(int port);
105 #if defined(OS_POSIX)
106 // Create bound TCP socket in the browser process so that the NaCl GDB debug
107 // stub can use it to accept incoming connections even when the Chrome sandbox
109 net::SocketDescriptor GetDebugStubSocketHandle();
113 // Called when the debug stub port has been selected.
114 void OnDebugStubPortSelected(uint16_t debug_stub_port);
119 // BrowserChildProcessHostDelegate implementation:
120 bool OnMessageReceived(const IPC::Message& msg) override;
121 void OnProcessLaunched() override;
123 void OnResourcesReady();
125 // Enable the PPAPI proxy only for NaCl processes corresponding to a renderer.
126 bool enable_ppapi_proxy() { return render_view_id_ != 0; }
128 // Sends the reply message to the renderer who is waiting for the plugin
129 // to load. Returns true on success.
130 bool ReplyToRenderer(
131 const IPC::ChannelHandle& ppapi_channel_handle,
132 const IPC::ChannelHandle& trusted_channel_handle,
133 const IPC::ChannelHandle& manifest_service_channel_handle);
135 // Sends the reply with error message to the renderer.
136 void SendErrorToRenderer(const std::string& error_message);
138 // Sends the reply message to the renderer. Either result or
139 // error message must be empty.
140 void SendMessageToRenderer(const NaClLaunchResult& result,
141 const std::string& error_message);
143 // Sends the message to the NaCl process to load the plugin. Returns true
145 bool StartNaClExecution();
147 // Does post-process-launching tasks for starting the NaCl process once
148 // we have a connection.
150 // Returns false on failure.
151 bool StartWithLaunchedProcess();
153 // Message handlers for validation caching.
154 void OnQueryKnownToValidate(const std::string& signature, bool* result);
155 void OnSetKnownToValidate(const std::string& signature);
156 void OnResolveFileToken(uint64 file_token_lo, uint64 file_token_hi,
157 IPC::Message* reply_msg);
158 void OnResolveFileTokenAsync(uint64 file_token_lo, uint64 file_token_hi);
159 void FileResolved(const base::FilePath& file_path,
160 IPC::Message* reply_msg,
162 void FileResolvedAsync(uint64_t file_token_lo,
163 uint64_t file_token_hi,
164 const base::FilePath& file_path,
167 // Message handler for Windows hardware exception handling.
168 void OnAttachDebugExceptionHandler(const std::string& info,
169 IPC::Message* reply_msg);
170 bool AttachDebugExceptionHandler(const std::string& info,
171 IPC::Message* reply_msg);
174 // Called when the PPAPI IPC channels to the browser/renderer have been
176 void OnPpapiChannelsCreated(
177 const IPC::ChannelHandle& browser_channel_handle,
178 const IPC::ChannelHandle& ppapi_renderer_channel_handle,
179 const IPC::ChannelHandle& trusted_renderer_channel_handle,
180 const IPC::ChannelHandle& manifest_service_channel_handle);
183 base::File nexe_file_;
184 NaClFileToken nexe_token_;
186 ppapi::PpapiPermissions permissions_;
189 // This field becomes true when the broker successfully launched
191 bool process_launched_by_broker_;
193 // The NaClHostMessageFilter that requested this NaCl process. We use
194 // this for sending the reply once the process has started.
195 scoped_refptr<NaClHostMessageFilter> nacl_host_message_filter_;
197 // The reply message to send. We must always send this message when the
198 // sub-process either succeeds or fails to unblock the renderer waiting for
199 // the reply. NULL when there is no reply to send.
200 IPC::Message* reply_msg_;
202 bool debug_exception_handler_requested_;
203 scoped_ptr<IPC::Message> attach_debug_exception_handler_reply_msg_;
206 // The file path to the manifest is passed to nacl-gdb when it is used to
207 // debug the NaCl loader.
208 base::FilePath manifest_path_;
210 scoped_ptr<content::BrowserChildProcessHost> process_;
212 bool uses_nonsfi_mode_;
214 bool enable_debug_stub_;
215 bool enable_crash_throttling_;
216 bool off_the_record_;
217 NaClAppProcessType process_type_;
219 const base::FilePath profile_directory_;
221 // Channel proxy to terminate the NaCl-Browser PPAPI channel.
222 scoped_ptr<IPC::ChannelProxy> ipc_proxy_channel_;
223 // Browser host for plugin process.
224 scoped_ptr<content::BrowserPpapiHost> ppapi_host_;
228 // Throttling time in milliseconds for PpapiHostMsg_Keepalive IPCs.
229 static unsigned keepalive_throttle_interval_milliseconds_;
231 // Shared memory provided to the plugin and renderer for
232 // reporting crash information.
233 base::SharedMemory crash_info_shmem_;
235 base::File socket_for_renderer_;
236 base::File socket_for_sel_ldr_;
238 base::WeakPtrFactory<NaClProcessHost> weak_factory_;
240 DISALLOW_COPY_AND_ASSIGN(NaClProcessHost);
245 #endif // COMPONENTS_NACL_BROWSER_NACL_PROCESS_HOST_H_