ppapi/native_client/src/trusted/plugin/plugin.h

   1 // -*- c++ -*-
   2 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   3 // Use of this source code is governed by a BSD-style license that can be
   4 // found in the LICENSE file.
   5
   6 // The portable representation of an instance and root scriptable object.
   7 // The PPAPI version of the plugin instantiates a subclass of this class.
   8
   9 #ifndef NATIVE_CLIENT_SRC_TRUSTED_PLUGIN_PLUGIN_H_
  10 #define NATIVE_CLIENT_SRC_TRUSTED_PLUGIN_PLUGIN_H_
  11
  12 #include <stdio.h>
  13
  14 #include <map>
  15 #include <queue>
  16 #include <set>
  17 #include <string>
  18
  19 #include "native_client/src/include/nacl_macros.h"
  20 #include "native_client/src/include/nacl_scoped_ptr.h"
  21 #include "native_client/src/include/nacl_string.h"
  22 #include "native_client/src/public/nacl_file_info.h"
  23
  24 #include "ppapi/c/private/ppb_nacl_private.h"
  25 #include "ppapi/cpp/instance.h"
  26 #include "ppapi/cpp/private/uma_private.h"
  27 #include "ppapi/cpp/url_loader.h"
  28 #include "ppapi/cpp/var.h"
  29 #include "ppapi/cpp/view.h"
  30
  31 #include "ppapi/native_client/src/trusted/plugin/nacl_subprocess.h"
  32 #include "ppapi/native_client/src/trusted/plugin/pnacl_coordinator.h"
  33 #include "ppapi/native_client/src/trusted/plugin/service_runtime.h"
  34 #include "ppapi/native_client/src/trusted/plugin/utility.h"
  35
  36 #include "ppapi/utility/completion_callback_factory.h"
  37
  38 namespace nacl {
  39 class DescWrapper;
  40 class DescWrapperFactory;
  41 }  // namespace nacl
  42
  43 namespace pp {
  44 class CompletionCallback;
  45 class URLLoader;
  46 class URLUtil_Dev;
  47 }
  48
  49 namespace plugin {
  50
  51 class ErrorInfo;
  52 class Manifest;
  53
  54 int32_t ConvertFileDescriptor(PP_FileHandle handle);
  55
  56 const PP_NaClFileInfo kInvalidNaClFileInfo = {
  57   PP_kInvalidFileHandle,
  58   0,  // token_lo
  59   0,  // token_hi
  60 };
  61
  62 class Plugin : public pp::Instance {
  63  public:
  64   explicit Plugin(PP_Instance instance);
  65
  66   // ----- Methods inherited from pp::Instance:
  67
  68   // Initializes this plugin with <embed/object ...> tag attribute count |argc|,
  69   // names |argn| and values |argn|. Returns false on failure.
  70   // Gets called by the browser right after New().
  71   virtual bool Init(uint32_t argc, const char* argn[], const char* argv[]);
  72
  73   // Handles document load, when the plugin is a MIME type handler.
  74   virtual bool HandleDocumentLoad(const pp::URLLoader& url_loader);
  75
  76   // Load support.
  77   //
  78   // Starts NaCl module but does not wait until low-level
  79   // initialization (e.g. ld.so dynamic loading of manifest files) is
  80   // done.  The module will become ready later, asynchronously.  Other
  81   // event handlers should block until the module is ready before
  82   // trying to communicate with it, i.e., until nacl_ready_state is
  83   // DONE.
  84   //
  85   // NB: currently we do not time out, so if the untrusted code
  86   // does not signal that it is ready, then we will deadlock the main
  87   // thread of the renderer on this subsequent event delivery.  We
  88   // should include a time-out at which point we declare the
  89   // nacl_ready_state to be done, and let the normal crash detection
  90   // mechanism(s) take over.
  91   void LoadNaClModule(PP_NaClFileInfo file_info,
  92                       bool uses_nonsfi_mode,
  93                       bool enable_dyncode_syscalls,
  94                       bool enable_exception_handling,
  95                       bool enable_crash_throttling,
  96                       const pp::CompletionCallback& init_done_cb,
  97                       const pp::CompletionCallback& crash_cb);
  98
  99   // Finish hooking interfaces up, after low-level initialization is
 100   // complete.
 101   bool LoadNaClModuleContinuationIntern();
 102
 103   // Continuation for starting SRPC/JSProxy services as appropriate.
 104   // This is invoked as a callback when the NaCl module makes the
 105   // init_done reverse RPC to tell us that low-level initialization
 106   // such as ld.so processing is done.  That initialization requires
 107   // that the main thread be free in order to do Pepper
 108   // main-thread-only operations such as file processing.
 109   bool LoadNaClModuleContinuation(int32_t pp_error);
 110
 111   // Load support.
 112   // A helper SRPC NaCl module can be loaded given a PP_NaClFileInfo.
 113   // Blocks until the helper module signals initialization is done.
 114   // Does not update nacl_module_origin().
 115   // Returns NULL or the NaClSubprocess of the new helper NaCl module.
 116   NaClSubprocess* LoadHelperNaClModule(const nacl::string& helper_url,
 117                                        PP_NaClFileInfo file_info,
 118                                        ErrorInfo* error_info);
 119
 120   // Report an error that was encountered while loading a module.
 121   void ReportLoadError(const ErrorInfo& error_info);
 122
 123   nacl::DescWrapperFactory* wrapper_factory() const { return wrapper_factory_; }
 124
 125   // A helper function that indicates if |url| can be requested by the document
 126   // under the same-origin policy. Strictly speaking, it may be possible for the
 127   // document to request the URL using CORS even if this function returns false.
 128   bool DocumentCanRequest(const std::string& url);
 129
 130   // set_exit_status may be called off the main thread.
 131   void set_exit_status(int exit_status);
 132
 133   const PPB_NaCl_Private* nacl_interface() const { return nacl_interface_; }
 134   pp::UMAPrivate& uma_interface() { return uma_interface_; }
 135
 136  private:
 137   NACL_DISALLOW_COPY_AND_ASSIGN(Plugin);
 138   // The browser will invoke the destructor via the pp::Instance
 139   // pointer to this object, not from base's Delete().
 140   ~Plugin();
 141
 142   // Shuts down socket connection, service runtime, and receive thread,
 143   // in this order, for the main nacl subprocess.
 144   void ShutDownSubprocesses();
 145
 146   // Histogram helper functions, internal to Plugin so they can use
 147   // uma_interface_ normally.
 148   void HistogramTimeSmall(const std::string& name, int64_t ms);
 149
 150   // Loads and starts a helper (e.g. llc, ld) NaCl module.
 151   // Only to be used from a background (non-main) thread for the PNaCl
 152   // translator. This will fully initialize the |subprocess| if the load was
 153   // successful.
 154   bool LoadHelperNaClModuleInternal(NaClSubprocess* subprocess,
 155                                     const SelLdrStartParams& params);
 156
 157   // Start sel_ldr from the main thread, given the start params.
 158   // |pp_error| is set by CallOnMainThread (should be PP_OK).
 159   void StartSelLdrOnMainThread(int32_t pp_error,
 160                                ServiceRuntime* service_runtime,
 161                                const SelLdrStartParams& params,
 162                                pp::CompletionCallback callback);
 163
 164   // Signals that StartSelLdr has finished.
 165   // This is invoked on the main thread.
 166   void SignalStartSelLdrDone(int32_t pp_error,
 167                              bool* started,
 168                              ServiceRuntime* service_runtime);
 169
 170   // This is invoked on the main thread.
 171   void StartNexe(int32_t pp_error, ServiceRuntime* service_runtime);
 172
 173   // Callback used when getting the URL for the .nexe file.  If the URL loading
 174   // is successful, the file descriptor is opened and can be passed to sel_ldr
 175   // with the sandbox on.
 176   void NexeFileDidOpen(int32_t pp_error);
 177   void NexeFileDidOpenContinuation(int32_t pp_error);
 178
 179   // Callback used when the reverse channel closes.  This is an
 180   // asynchronous event that might turn into a JavaScript error or
 181   // crash event -- this is controlled by the two state variables
 182   // nacl_ready_state_ and nexe_error_reported_: If an error or crash
 183   // had already been reported, no additional crash event is
 184   // generated.  If no error has been reported but nacl_ready_state_
 185   // is not DONE, then the loadend event has not been reported, and we
 186   // enqueue an error event followed by loadend.  If nacl_ready_state_
 187   // is DONE, then we are in the post-loadend (we need temporal
 188   // predicate symbols), and we enqueue a crash event.
 189   void NexeDidCrash(int32_t pp_error);
 190
 191   // Callback used when a .nexe is translated from bitcode.  If the translation
 192   // is successful, the file descriptor is opened and can be passed to sel_ldr
 193   // with the sandbox on.
 194   void BitcodeDidTranslate(int32_t pp_error);
 195   void BitcodeDidTranslateContinuation(int32_t pp_error);
 196
 197   // NaCl ISA selection manifest file support.  The manifest file is specified
 198   // using the "nacl" attribute in the <embed> tag.  First, the manifest URL (or
 199   // data: URI) is fetched, then the JSON is parsed.  Once a valid .nexe is
 200   // chosen for the sandbox ISA, any current service runtime is shut down, the
 201   // .nexe is loaded and run.
 202
 203   // Callback used when getting the manifest file as a local file descriptor.
 204   void NaClManifestFileDidOpen(int32_t pp_error);
 205
 206   // Processes the JSON manifest string and starts loading the nexe.
 207   void ProcessNaClManifest(const nacl::string& manifest_json);
 208
 209   void SetExitStatusOnMainThread(int32_t pp_error, int exit_status);
 210
 211   // Keep track of the NaCl module subprocess that was spun up in the plugin.
 212   NaClSubprocess main_subprocess_;
 213
 214   bool uses_nonsfi_mode_;
 215
 216   nacl::DescWrapperFactory* wrapper_factory_;
 217
 218   pp::CompletionCallbackFactory<Plugin> callback_factory_;
 219
 220   nacl::scoped_ptr<PnaclCoordinator> pnacl_coordinator_;
 221
 222   int exit_status_;
 223
 224   PP_NaClFileInfo nexe_file_info_;
 225
 226   const PPB_NaCl_Private* nacl_interface_;
 227   pp::UMAPrivate uma_interface_;
 228 };
 229
 230 }  // namespace plugin
 231
 232 #endif  // NATIVE_CLIENT_SRC_TRUSTED_PLUGIN_PLUGIN_H_