search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Apply _RELATIVE relocations ahead of others.
[chromium-blink-merge.git] / content / common / child_process_sandbox_support_impl_linux.cc
blob5cc8144e5ec68db2d117659abdffd486a5644b75
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "content/common/child_process_sandbox_support_impl_linux.h"
6
7 #include <sys/stat.h>
8
9 #include <limits>
10
11 #include "base/basictypes.h"
12 #include "base/debug/trace_event.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "base/numerics/safe_conversions.h"
15 #include "base/pickle.h"
16 #include "base/posix/eintr_wrapper.h"
17 #include "base/posix/unix_domain_socket_linux.h"
18 #include "base/sys_byteorder.h"
19 #include "content/common/sandbox_linux/sandbox_linux.h"
20 #include "content/common/zygote_commands_linux.h"
21 #include "third_party/WebKit/public/platform/linux/WebFallbackFont.h"
22 #include "third_party/WebKit/public/platform/linux/WebFontRenderStyle.h"
23
24 namespace content {
25
26 void GetFallbackFontForCharacter(int32_t character,
27 const char* preferred_locale,
28 blink::WebFallbackFont* fallbackFont) {
29 TRACE_EVENT0("sandbox_ipc", "GetFontFamilyForCharacter");
30
31 Pickle request;
32 request.WriteInt(LinuxSandbox::METHOD_GET_FALLBACK_FONT_FOR_CHAR);
33 request.WriteInt(character);
34 request.WriteString(preferred_locale);
35
36 uint8_t buf[512];
37 const ssize_t n = UnixDomainSocket::SendRecvMsg(GetSandboxFD(), buf,
38 sizeof(buf), NULL, request);
39
40 std::string family_name;
41 std::string filename;
42 int fontconfigInterfaceId = 0;
43 int ttcIndex = 0;
44 bool isBold = false;
45 bool isItalic = false;
46 if (n != -1) {
47 Pickle reply(reinterpret_cast<char*>(buf), n);
48 PickleIterator pickle_iter(reply);
49 if (reply.ReadString(&pickle_iter, &family_name) &&
50 reply.ReadString(&pickle_iter, &filename) &&
51 reply.ReadInt(&pickle_iter, &fontconfigInterfaceId) &&
52 reply.ReadInt(&pickle_iter, &ttcIndex) &&
53 reply.ReadBool(&pickle_iter, &isBold) &&
54 reply.ReadBool(&pickle_iter, &isItalic)) {
55 fallbackFont->name = family_name;
56 fallbackFont->filename = filename;
57 fallbackFont->fontconfigInterfaceId = fontconfigInterfaceId;
58 fallbackFont->ttcIndex = ttcIndex;
59 fallbackFont->isBold = isBold;
60 fallbackFont->isItalic = isItalic;
61 }
62 }
63 }
64
65 void GetRenderStyleForStrike(const char* family,
66 int size_and_style,
67 blink::WebFontRenderStyle* out) {
68 TRACE_EVENT0("sandbox_ipc", "GetRenderStyleForStrike");
69
70 out->setDefaults();
71
72 if (size_and_style < 0)
73 return;
74
75 const bool bold = size_and_style & 1;
76 const bool italic = size_and_style & 2;
77 const int pixel_size = size_and_style >> 2;
78 if (pixel_size > std::numeric_limits<uint16>::max())
79 return;
80
81 Pickle request;
82 request.WriteInt(LinuxSandbox::METHOD_GET_STYLE_FOR_STRIKE);
83 request.WriteString(family);
84 request.WriteBool(bold);
85 request.WriteBool(italic);
86 request.WriteUInt16(pixel_size);
87
88 uint8_t buf[512];
89 const ssize_t n = UnixDomainSocket::SendRecvMsg(GetSandboxFD(), buf,
90 sizeof(buf), NULL, request);
91 if (n == -1)
92 return;
93
94 Pickle reply(reinterpret_cast<char*>(buf), n);
95 PickleIterator pickle_iter(reply);
96 int use_bitmaps, use_autohint, use_hinting, hint_style, use_antialias;
97 int use_subpixel_rendering, use_subpixel_positioning;
98 if (reply.ReadInt(&pickle_iter, &use_bitmaps) &&
99 reply.ReadInt(&pickle_iter, &use_autohint) &&
100 reply.ReadInt(&pickle_iter, &use_hinting) &&
101 reply.ReadInt(&pickle_iter, &hint_style) &&
102 reply.ReadInt(&pickle_iter, &use_antialias) &&
103 reply.ReadInt(&pickle_iter, &use_subpixel_rendering) &&
104 reply.ReadInt(&pickle_iter, &use_subpixel_positioning)) {
105 out->useBitmaps = use_bitmaps;
106 out->useAutoHint = use_autohint;
107 out->useHinting = use_hinting;
108 out->hintStyle = hint_style;
109 out->useAntiAlias = use_antialias;
110 out->useSubpixelRendering = use_subpixel_rendering;
111 out->useSubpixelPositioning = use_subpixel_positioning;
112 }
113 }
114
115 int MatchFontWithFallback(const std::string& face,
116 bool bold,
117 bool italic,
118 int charset,
119 PP_BrowserFont_Trusted_Family fallback_family) {
120 TRACE_EVENT0("sandbox_ipc", "MatchFontWithFallback");
121
122 Pickle request;
123 request.WriteInt(LinuxSandbox::METHOD_MATCH_WITH_FALLBACK);
124 request.WriteString(face);
125 request.WriteBool(bold);
126 request.WriteBool(italic);
127 request.WriteUInt32(charset);
128 request.WriteUInt32(fallback_family);
129 uint8_t reply_buf[64];
130 int fd = -1;
131 UnixDomainSocket::SendRecvMsg(GetSandboxFD(), reply_buf, sizeof(reply_buf),
132 &fd, request);
133 return fd;
134 }
135
136 bool GetFontTable(int fd, uint32_t table_tag, off_t offset,
137 uint8_t* output, size_t* output_length) {
138 if (offset < 0)
139 return false;
140
141 size_t data_length = 0; // the length of the file data.
142 off_t data_offset = 0; // the offset of the data in the file.
143 if (table_tag == 0) {
144 // Get the entire font file.
145 struct stat st;
146 if (fstat(fd, &st) < 0)
147 return false;
148 data_length = base::checked_cast<size_t>(st.st_size);
149 } else {
150 // Get a font table. Read the header to find its offset in the file.
151 uint16_t num_tables;
152 ssize_t n = HANDLE_EINTR(pread(fd, &num_tables, sizeof(num_tables),
153 4 /* skip the font type */));
154 if (n != sizeof(num_tables))
155 return false;
156 // Font data is stored in net (big-endian) order.
157 num_tables = base::NetToHost16(num_tables);
158
159 // Read the table directory.
160 static const size_t kTableEntrySize = 16;
161 const size_t directory_size = num_tables * kTableEntrySize;
162 scoped_ptr<uint8_t[]> table_entries(new uint8_t[directory_size]);
163 n = HANDLE_EINTR(pread(fd, table_entries.get(), directory_size,
164 12 /* skip the SFNT header */));
165 if (n != base::checked_cast<ssize_t>(directory_size))
166 return false;
167
168 for (uint16_t i = 0; i < num_tables; ++i) {
169 uint8_t* entry = table_entries.get() + i * kTableEntrySize;
170 uint32_t tag = *reinterpret_cast<uint32_t*>(entry);
171 if (tag == table_tag) {
172 // Font data is stored in net (big-endian) order.
173 data_offset =
174 base::NetToHost32(*reinterpret_cast<uint32_t*>(entry + 8));
175 data_length =
176 base::NetToHost32(*reinterpret_cast<uint32_t*>(entry + 12));
177 break;
178 }
179 }
180 }
181
182 if (!data_length)
183 return false;
184 // Clamp |offset| inside the allowable range. This allows the read to succeed
185 // but return 0 bytes.
186 offset = std::min(offset, base::checked_cast<off_t>(data_length));
187 // Make sure it's safe to add the data offset and the caller's logical offset.
188 // Define the maximum positive offset on 32 bit systems.
189 static const off_t kMaxPositiveOffset32 = 0x7FFFFFFF; // 2 GB - 1.
190 if ((offset > kMaxPositiveOffset32 / 2) ||
191 (data_offset > kMaxPositiveOffset32 / 2))
192 return false;
193 data_offset += offset;
194 data_length -= offset;
195
196 if (output) {
197 // 'output_length' holds the maximum amount of data the caller can accept.
198 data_length = std::min(data_length, *output_length);
199 ssize_t n = HANDLE_EINTR(pread(fd, output, data_length, data_offset));
200 if (n != base::checked_cast<ssize_t>(data_length))
201 return false;
202 }
203 *output_length = data_length;
204
205 return true;
206 }
207
208 bool SendZygoteChildPing(int fd) {
209 return UnixDomainSocket::SendMsg(fd,
210 kZygoteChildPingMessage,
211 sizeof(kZygoteChildPingMessage),
212 std::vector<int>());
213 }
214
215 } // namespace content