search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove PlatformFile from profile_browsertest
[chromium-blink-merge.git] / content / browser / plugin_process_host.cc
blob8aa69dd6b5ab929ed8514b54ad02342aa1ef395a
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "content/browser/plugin_process_host.h"
6
7 #if defined(OS_WIN)
8 #include <windows.h>
9 #elif defined(OS_POSIX)
10 #include <utility> // for pair<>
11 #endif
12
13 #include <vector>
14
15 #include "base/base_switches.h"
16 #include "base/bind.h"
17 #include "base/command_line.h"
18 #include "base/files/file_path.h"
19 #include "base/logging.h"
20 #include "base/metrics/histogram.h"
21 #include "base/path_service.h"
22 #include "base/strings/string_number_conversions.h"
23 #include "base/strings/string_util.h"
24 #include "base/strings/utf_string_conversions.h"
25 #include "content/browser/browser_child_process_host_impl.h"
26 #include "content/browser/loader/resource_message_filter.h"
27 #include "content/browser/gpu/gpu_data_manager_impl.h"
28 #include "content/browser/plugin_service_impl.h"
29 #include "content/common/child_process_host_impl.h"
30 #include "content/common/plugin_process_messages.h"
31 #include "content/common/resource_messages.h"
32 #include "content/public/browser/browser_thread.h"
33 #include "content/public/browser/content_browser_client.h"
34 #include "content/public/browser/notification_types.h"
35 #include "content/public/browser/plugin_service.h"
36 #include "content/public/browser/resource_context.h"
37 #include "content/public/common/content_switches.h"
38 #include "content/public/common/process_type.h"
39 #include "content/public/common/sandboxed_process_launcher_delegate.h"
40 #include "ipc/ipc_switches.h"
41 #include "net/url_request/url_request_context_getter.h"
42 #include "ui/base/ui_base_switches.h"
43 #include "ui/gfx/native_widget_types.h"
44 #include "ui/gl/gl_switches.h"
45
46 #if defined(USE_X11)
47 #include "ui/gfx/gtk_native_view_id_manager.h"
48 #endif
49
50 #if defined(OS_MACOSX)
51 #include "base/mac/mac_util.h"
52 #include "content/common/plugin_carbon_interpose_constants_mac.h"
53 #include "ui/gfx/rect.h"
54 #endif
55
56 #if defined(OS_WIN)
57 #include "base/win/windows_version.h"
58 #include "content/common/plugin_constants_win.h"
59 #include "ui/gfx/switches.h"
60 #endif
61
62 namespace content {
63
64 #if defined(OS_WIN)
65 void PluginProcessHost::OnPluginWindowDestroyed(HWND window, HWND parent) {
66 // The window is destroyed at this point, we just care about its parent, which
67 // is the intermediate window we created.
68 std::set<HWND>::iterator window_index =
69 plugin_parent_windows_set_.find(parent);
70 if (window_index == plugin_parent_windows_set_.end())
71 return;
72
73 plugin_parent_windows_set_.erase(window_index);
74 PostMessage(parent, WM_CLOSE, 0, 0);
75 }
76
77 void PluginProcessHost::AddWindow(HWND window) {
78 plugin_parent_windows_set_.insert(window);
79 }
80 #endif // defined(OS_WIN)
81
82 // NOTE: changes to this class need to be reviewed by the security team.
83 class PluginSandboxedProcessLauncherDelegate
84 : public SandboxedProcessLauncherDelegate {
85 public:
86 explicit PluginSandboxedProcessLauncherDelegate(ChildProcessHost* host)
87 #if defined(OS_POSIX)
88 : ipc_fd_(host->TakeClientFileDescriptor())
89 #endif // OS_POSIX
90 {}
91
92 virtual ~PluginSandboxedProcessLauncherDelegate() {}
93
94 #if defined(OS_WIN)
95 virtual bool ShouldSandbox() OVERRIDE {
96 return false;
97 }
98
99 #elif defined(OS_POSIX)
100 virtual int GetIpcFd() OVERRIDE {
101 return ipc_fd_;
102 }
103 #endif // OS_WIN
104
105 private:
106 #if defined(OS_POSIX)
107 int ipc_fd_;
108 #endif // OS_POSIX
109
110 DISALLOW_COPY_AND_ASSIGN(PluginSandboxedProcessLauncherDelegate);
111 };
112
113 #if defined(TOOLKIT_GTK)
114 void PluginProcessHost::OnMapNativeViewId(gfx::NativeViewId id,
115 gfx::PluginWindowHandle* output) {
116 *output = 0;
117 #if !defined(USE_AURA)
118 GtkNativeViewManager::GetInstance()->GetXIDForId(output, id);
119 #endif
120 }
121 #endif // defined(TOOLKIT_GTK)
122
123 PluginProcessHost::PluginProcessHost()
124 #if defined(OS_MACOSX)
125 : plugin_cursor_visible_(true)
126 #endif
127 {
128 process_.reset(new BrowserChildProcessHostImpl(PROCESS_TYPE_PLUGIN, this));
129 }
130
131 PluginProcessHost::~PluginProcessHost() {
132 #if defined(OS_WIN)
133 // We erase HWNDs from the plugin_parent_windows_set_ when we receive a
134 // notification that the window is being destroyed. If we don't receive this
135 // notification and the PluginProcessHost instance is being destroyed, it
136 // means that the plugin process crashed. We paint a sad face in this case in
137 // the renderer process. To ensure that the sad face shows up, and we don't
138 // leak HWNDs, we should destroy existing plugin parent windows.
139 std::set<HWND>::iterator window_index;
140 for (window_index = plugin_parent_windows_set_.begin();
141 window_index != plugin_parent_windows_set_.end();
142 ++window_index) {
143 PostMessage(*window_index, WM_CLOSE, 0, 0);
144 }
145 #elif defined(OS_MACOSX)
146 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
147 // If the plugin process crashed but had fullscreen windows open at the time,
148 // make sure that the menu bar is visible.
149 for (size_t i = 0; i < plugin_fullscreen_windows_set_.size(); ++i) {
150 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
151 base::Bind(base::mac::ReleaseFullScreen,
152 base::mac::kFullScreenModeHideAll));
153 }
154 // If the plugin hid the cursor, reset that.
155 if (!plugin_cursor_visible_) {
156 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
157 base::Bind(base::mac::SetCursorVisibility, true));
158 }
159 #endif
160 // Cancel all pending and sent requests.
161 CancelRequests();
162 }
163
164 bool PluginProcessHost::Send(IPC::Message* message) {
165 return process_->Send(message);
166 }
167
168 bool PluginProcessHost::Init(const WebPluginInfo& info) {
169 info_ = info;
170 process_->SetName(info_.name);
171
172 std::string channel_id = process_->GetHost()->CreateChannel();
173 if (channel_id.empty())
174 return false;
175
176 // Build command line for plugin. When we have a plugin launcher, we can't
177 // allow "self" on linux and we need the real file path.
178 const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess();
179 CommandLine::StringType plugin_launcher =
180 browser_command_line.GetSwitchValueNative(switches::kPluginLauncher);
181
182 #if defined(OS_MACOSX)
183 // Run the plug-in process in a mode tolerant of heap execution without
184 // explicit mprotect calls. Some plug-ins still rely on this quaint and
185 // archaic "feature." See http://crbug.com/93551.
186 int flags = ChildProcessHost::CHILD_ALLOW_HEAP_EXECUTION;
187 #elif defined(OS_LINUX)
188 int flags = plugin_launcher.empty() ? ChildProcessHost::CHILD_ALLOW_SELF :
189 ChildProcessHost::CHILD_NORMAL;
190 #else
191 int flags = ChildProcessHost::CHILD_NORMAL;
192 #endif
193
194 base::FilePath exe_path = ChildProcessHost::GetChildPath(flags);
195 if (exe_path.empty())
196 return false;
197
198 CommandLine* cmd_line = new CommandLine(exe_path);
199 // Put the process type and plugin path first so they're easier to see
200 // in process listings using native process management tools.
201 cmd_line->AppendSwitchASCII(switches::kProcessType, switches::kPluginProcess);
202 cmd_line->AppendSwitchPath(switches::kPluginPath, info.path);
203
204 // Propagate the following switches to the plugin command line (along with
205 // any associated values) if present in the browser command line
206 static const char* const kSwitchNames[] = {
207 switches::kDisableBreakpad,
208 #if defined(OS_MACOSX)
209 switches::kDisableCoreAnimationPlugins,
210 switches::kEnableSandboxLogging,
211 #endif
212 switches::kEnableStatsTable,
213 switches::kFullMemoryCrashReport,
214 #if defined(OS_WIN)
215 switches::kHighDPISupport,
216 #endif
217 switches::kLoggingLevel,
218 switches::kLogPluginMessages,
219 switches::kNoSandbox,
220 switches::kPluginStartupDialog,
221 switches::kTestSandbox,
222 switches::kTraceStartup,
223 switches::kUseGL,
224 };
225
226 cmd_line->CopySwitchesFrom(browser_command_line, kSwitchNames,
227 arraysize(kSwitchNames));
228
229 GpuDataManagerImpl::GetInstance()->AppendPluginCommandLine(cmd_line);
230
231 // If specified, prepend a launcher program to the command line.
232 if (!plugin_launcher.empty())
233 cmd_line->PrependWrapper(plugin_launcher);
234
235 std::string locale = GetContentClient()->browser()->GetApplicationLocale();
236 if (!locale.empty()) {
237 // Pass on the locale so the null plugin will use the right language in the
238 // prompt to install the desired plugin.
239 cmd_line->AppendSwitchASCII(switches::kLang, locale);
240 }
241
242 cmd_line->AppendSwitchASCII(switches::kProcessChannelID, channel_id);
243
244 #if defined(OS_POSIX)
245 base::EnvironmentMap env;
246 #if defined(OS_MACOSX) && !defined(__LP64__)
247 if (browser_command_line.HasSwitch(switches::kEnableCarbonInterposing)) {
248 std::string interpose_list = GetContentClient()->GetCarbonInterposePath();
249 if (!interpose_list.empty()) {
250 // Add our interposing library for Carbon. This is stripped back out in
251 // plugin_main.cc, so changes here should be reflected there.
252 const char* existing_list = getenv(kDYLDInsertLibrariesKey);
253 if (existing_list) {
254 interpose_list.insert(0, ":");
255 interpose_list.insert(0, existing_list);
256 }
257 }
258 env[kDYLDInsertLibrariesKey] = interpose_list;
259 }
260 #endif
261 #endif
262
263 process_->Launch(
264 new PluginSandboxedProcessLauncherDelegate(process_->GetHost()),
265 cmd_line);
266
267 // The plugin needs to be shutdown gracefully, i.e. NP_Shutdown needs to be
268 // called on the plugin. The plugin process exits when it receives the
269 // OnChannelError notification indicating that the browser plugin channel has
270 // been destroyed.
271 process_->SetTerminateChildOnShutdown(false);
272
273 ResourceMessageFilter::GetContextsCallback get_contexts_callback(
274 base::Bind(&PluginProcessHost::GetContexts,
275 base::Unretained(this)));
276
277 // TODO(jam): right now we're passing NULL for appcache, blob storage, and
278 // file system. If NPAPI plugins actually use this, we'll have to plumb them.
279 ResourceMessageFilter* resource_message_filter = new ResourceMessageFilter(
280 process_->GetData().id, PROCESS_TYPE_PLUGIN, NULL, NULL, NULL, NULL,
281 get_contexts_callback);
282 process_->AddFilter(resource_message_filter);
283 return true;
284 }
285
286 void PluginProcessHost::ForceShutdown() {
287 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
288 Send(new PluginProcessMsg_NotifyRenderersOfPendingShutdown());
289 process_->ForceShutdown();
290 }
291
292 bool PluginProcessHost::OnMessageReceived(const IPC::Message& msg) {
293 bool handled = true;
294 IPC_BEGIN_MESSAGE_MAP(PluginProcessHost, msg)
295 IPC_MESSAGE_HANDLER(PluginProcessHostMsg_ChannelCreated, OnChannelCreated)
296 IPC_MESSAGE_HANDLER(PluginProcessHostMsg_ChannelDestroyed,
297 OnChannelDestroyed)
298 #if defined(OS_WIN)
299 IPC_MESSAGE_HANDLER(PluginProcessHostMsg_PluginWindowDestroyed,
300 OnPluginWindowDestroyed)
301 #endif
302 #if defined(TOOLKIT_GTK)
303 IPC_MESSAGE_HANDLER(PluginProcessHostMsg_MapNativeViewId,
304 OnMapNativeViewId)
305 #endif
306 #if defined(OS_MACOSX)
307 IPC_MESSAGE_HANDLER(PluginProcessHostMsg_PluginSelectWindow,
308 OnPluginSelectWindow)
309 IPC_MESSAGE_HANDLER(PluginProcessHostMsg_PluginShowWindow,
310 OnPluginShowWindow)
311 IPC_MESSAGE_HANDLER(PluginProcessHostMsg_PluginHideWindow,
312 OnPluginHideWindow)
313 IPC_MESSAGE_HANDLER(PluginProcessHostMsg_PluginSetCursorVisibility,
314 OnPluginSetCursorVisibility)
315 #endif
316 IPC_MESSAGE_UNHANDLED(handled = false)
317 IPC_END_MESSAGE_MAP()
318
319 return handled;
320 }
321
322 void PluginProcessHost::OnChannelConnected(int32 peer_pid) {
323 for (size_t i = 0; i < pending_requests_.size(); ++i) {
324 RequestPluginChannel(pending_requests_[i]);
325 }
326
327 pending_requests_.clear();
328 }
329
330 void PluginProcessHost::OnChannelError() {
331 CancelRequests();
332 }
333
334 bool PluginProcessHost::CanShutdown() {
335 return sent_requests_.empty();
336 }
337
338 void PluginProcessHost::OnProcessCrashed(int exit_code) {
339 PluginServiceImpl::GetInstance()->RegisterPluginCrash(info_.path);
340 }
341
342 void PluginProcessHost::CancelRequests() {
343 for (size_t i = 0; i < pending_requests_.size(); ++i)
344 pending_requests_[i]->OnError();
345 pending_requests_.clear();
346
347 while (!sent_requests_.empty()) {
348 Client* client = sent_requests_.front();
349 if (client)
350 client->OnError();
351 sent_requests_.pop_front();
352 }
353 }
354
355 void PluginProcessHost::OpenChannelToPlugin(Client* client) {
356 BrowserThread::PostTask(
357 BrowserThread::UI, FROM_HERE,
358 base::Bind(&BrowserChildProcessHostImpl::NotifyProcessInstanceCreated,
359 process_->GetData()));
360 client->SetPluginInfo(info_);
361 if (process_->GetHost()->IsChannelOpening()) {
362 // The channel is already in the process of being opened. Put
363 // this "open channel" request into a queue of requests that will
364 // be run once the channel is open.
365 pending_requests_.push_back(client);
366 return;
367 }
368
369 // We already have an open channel, send a request right away to plugin.
370 RequestPluginChannel(client);
371 }
372
373 void PluginProcessHost::CancelPendingRequest(Client* client) {
374 std::vector<Client*>::iterator it = pending_requests_.begin();
375 while (it != pending_requests_.end()) {
376 if (client == *it) {
377 pending_requests_.erase(it);
378 return;
379 }
380 ++it;
381 }
382 DCHECK(it != pending_requests_.end());
383 }
384
385 void PluginProcessHost::CancelSentRequest(Client* client) {
386 std::list<Client*>::iterator it = sent_requests_.begin();
387 while (it != sent_requests_.end()) {
388 if (client == *it) {
389 *it = NULL;
390 return;
391 }
392 ++it;
393 }
394 DCHECK(it != sent_requests_.end());
395 }
396
397 void PluginProcessHost::RequestPluginChannel(Client* client) {
398 // We can't send any sync messages from the browser because it might lead to
399 // a hang. However this async messages must be answered right away by the
400 // plugin process (i.e. unblocks a Send() call like a sync message) otherwise
401 // a deadlock can occur if the plugin creation request from the renderer is
402 // a result of a sync message by the plugin process.
403 PluginProcessMsg_CreateChannel* msg =
404 new PluginProcessMsg_CreateChannel(
405 client->ID(),
406 client->OffTheRecord());
407 msg->set_unblock(true);
408 if (Send(msg)) {
409 sent_requests_.push_back(client);
410 client->OnSentPluginChannelRequest();
411 } else {
412 client->OnError();
413 }
414 }
415
416 void PluginProcessHost::OnChannelCreated(
417 const IPC::ChannelHandle& channel_handle) {
418 Client* client = sent_requests_.front();
419
420 if (client) {
421 if (!resource_context_map_.count(client->ID())) {
422 ResourceContextEntry entry;
423 entry.ref_count = 0;
424 entry.resource_context = client->GetResourceContext();
425 resource_context_map_[client->ID()] = entry;
426 }
427 resource_context_map_[client->ID()].ref_count++;
428 client->OnChannelOpened(channel_handle);
429 }
430 sent_requests_.pop_front();
431 }
432
433 void PluginProcessHost::OnChannelDestroyed(int renderer_id) {
434 resource_context_map_[renderer_id].ref_count--;
435 if (!resource_context_map_[renderer_id].ref_count)
436 resource_context_map_.erase(renderer_id);
437 }
438
439 void PluginProcessHost::GetContexts(const ResourceHostMsg_Request& request,
440 ResourceContext** resource_context,
441 net::URLRequestContext** request_context) {
442 *resource_context =
443 resource_context_map_[request.origin_pid].resource_context;
444 *request_context = (*resource_context)->GetRequestContext();
445 }
446
447 } // namespace content