chromium/src
0
Fork 0
Code Activity

Remove NaCl broker process

Browse Source 
The Windows-specific nacl broker process is no longer needed now that
nacl is no longer supported on Windows. Remove it.

Bug: b:303417958
Change-Id: I17582ef26b92642913f5eb925e7aa81c05b0df89
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4946652
Reviewed-by: Alex Ilin <alexilin@chromium.org>
Reviewed-by: Will Harris <wfh@chromium.org>
Reviewed-by: Derek Schuff <dschuff@chromium.org>
Commit-Queue: Fabian Sommer <fabiansommer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1214791}
This commit is contained in:
Fabian Sommer
2023-10-25 13:00:08 +00:00
committed by Chromium LUCI CQ
parent 7c01da9662
commit 517bec58eb
23 changed files with 0 additions and 1003 deletions

5
chrome/BUILD.gn

@ -1545,11 +1545,6 @@ if (is_win) {
]
}
process_version_rc_template("nacl64_exe_version") {
sources = [ "app/nacl64_exe.ver" ]
output = "$target_gen_dir/nacl64_exe_version.rc"
}
process_version_rc_template("other_version") {
sources = [ "app/other.ver" ]
output = "$target_gen_dir/other_version.rc"

2
chrome/app/nacl64_exe.ver

@ -1,2 +0,0 @@
INTERNAL_NAME=nacl64_exe
ORIGINAL_FILENAME=nacl64.exe

5
chrome/install_static/install_util.cc

@ -32,7 +32,6 @@ enum class ProcessType {
OTHER_PROCESS,
BROWSER_PROCESS,
#if BUILDFLAG(ENABLE_NACL)
NACL_BROKER_PROCESS,
NACL_LOADER_PROCESS,
#endif
CRASHPAD_HANDLER_PROCESS,
@ -81,7 +80,6 @@ constexpr wchar_t kRegValueUsageStats[] = L"usagestats";
constexpr wchar_t kMetricsReportingEnabled[] = L"MetricsReportingEnabled";
#if BUILDFLAG(ENABLE_NACL)
constexpr wchar_t kNaClBrokerProcess[] = L"nacl-broker";
constexpr wchar_t kNaClLoaderProcess[] = L"nacl-loader";
#endif
@ -261,8 +259,6 @@ ProcessType GetProcessType(const std::wstring& process_type) {
if (process_type.empty())
return ProcessType::BROWSER_PROCESS;
#if BUILDFLAG(ENABLE_NACL)
if (process_type == kNaClBrokerProcess)
return ProcessType::NACL_BROKER_PROCESS;
if (process_type == kNaClLoaderProcess)
return ProcessType::NACL_LOADER_PROCESS;
#endif
@ -279,7 +275,6 @@ bool ProcessNeedsProfileDir(ProcessType process_type) {
switch (process_type) {
case ProcessType::BROWSER_PROCESS:
#if BUILDFLAG(ENABLE_NACL)
case ProcessType::NACL_BROKER_PROCESS:
case ProcessType::NACL_LOADER_PROCESS:
#endif
return true;

9
chrome/nacl/DEPS

@ -1,9 +0,0 @@
include_rules = [
"+chrome/app/chrome_crash_reporter_client_win.h",
"+chrome/install_static/product_install_details.h",
"+components/crash",
"+components/nacl",
"+content/public/app/sandbox_helper_win.h",
"+content/public/common/content_switches.h",
"+sandbox/win/src",
]

6
chrome/nacl/DIR_METADATA

@ -1,6 +0,0 @@
buganizer_public {
component_id: 1258585 # ChromeOS Public Tracker > Enterprise & Edu > NaCl
}
buganizer {
component_id: 1258533
}

3
chrome/nacl/OWNERS

@ -1,3 +0,0 @@
bradnelson@chromium.org
dschuff@chromium.org
mseaborn@chromium.org

37
chrome/nacl/nacl_exe_win_64.cc

@ -1,37 +0,0 @@
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "base/at_exit.h"
#include "base/command_line.h"
#include "base/lazy_instance.h"
#include "build/build_config.h"
#include "chrome/app/chrome_crash_reporter_client_win.h"
#include "chrome/install_static/product_install_details.h"
#include "components/crash/content/app/breakpad_win.h"
#include "components/nacl/loader/nacl_helper_win_64.h"
#include "content/public/common/content_switches.h"
namespace {
base::LazyInstance<ChromeCrashReporterClient>::Leaky g_chrome_crash_client =
LAZY_INSTANCE_INITIALIZER;
} // namespace
int APIENTRY wWinMain(HINSTANCE instance, HINSTANCE, wchar_t*, int) {
#if BUILDFLAG(IS_WIN)
install_static::InitializeProductDetailsForPrimaryModule();
#endif
base::AtExitManager exit_manager;
base::CommandLine::Init(0, NULL);
std::string process_type =
base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
switches::kProcessType);
crash_reporter::SetCrashReporterClient(g_chrome_crash_client.Pointer());
breakpad::InitCrashReporter(process_type);
return nacl::NaClWin64Main();
}

164
components/nacl/broker/BUILD.gn

@ -1,164 +0,0 @@
# Copyright 2016 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/config/compiler/compiler.gni")
import("//components/nacl/features.gni")
# This file builds nacl64.exe, which is a 64-bit x86 Windows executable
# used only in the 32-bit x86 Windows build. The :broker code runs both
# in nacl64.exe and in the 32-bit chrome executable, to launch
# nacl64.exe and communicate with it.
assert(enable_nacl)
assert(is_win)
assert(target_cpu == "x86")
source_set("broker") {
sources = [
"nacl_broker_listener.cc",
"nacl_broker_listener.h",
]
deps = [
"//base",
"//components/nacl/common:debug_exception_handler",
"//components/nacl/common:minimal",
"//components/nacl/common:switches",
"//content/public/common:static_switches",
"//content/public/common/zygote:buildflags",
"//ipc",
"//mojo/public/cpp/platform",
"//mojo/public/cpp/system",
"//sandbox",
"//sandbox/policy/mojom",
"//services/service_manager/public/cpp",
]
if (current_cpu == target_cpu) {
deps += [ "//content/public/common" ]
} else {
deps += [ ":content_dummy" ]
}
}
# This exists just to make 'gn check' happy with :broker. It can't depend
# on //content/public/common or anything like that, because that would
# bring in lots more stuff that should not be in the nacl64.exe build.
source_set("content_dummy") {
check_includes = false
sources = [
"//content/public/common/sandbox_init_win.h",
"//content/public/common/sandboxed_process_launcher_delegate.h",
]
}
if (current_cpu == "x86") {
# Tests, packaging rules, etc. will expect to find nacl64.exe in the root
# of the output directory. It gets built in a non-default toolchain and
# so will be delivered in the toolchain output subdirectory. So this
# just copies it to the expected place. Having this target also makes
# it simpler for things to depend on nacl64, since they don't have to
# use a toolchain qualifier.
copy("nacl64") {
# NOTE: This must match what //build/config/BUILDCONFIG.gn uses
# as default toolchain for the corresponding x64 build.
x64_toolchain = "//build/toolchain/win:win_clang_nacl_win64"
nacl64_label = ":nacl64($x64_toolchain)"
nacl64_out_dir = get_label_info(nacl64_label, "root_out_dir")
sources = [
"$nacl64_out_dir/nacl64.exe",
"$nacl64_out_dir/nacl64.exe.pdb",
]
outputs = [ "$root_out_dir/{{source_file_part}}" ]
deps = [ nacl64_label ]
}
} else if (current_cpu == "x64") {
# In the x64 toolchain context, build nacl64.exe for real.
executable("nacl64") {
configs += [ "//build/config/win:windowed" ]
# //build/config/compiler:optimize{,_max} adds this for official builds
# only, as it only reduces binary size and is not necessary for
# correctness. But for nacl64.exe, it makes more than a six-fold
# difference in the binary size, so always use it in release builds.
# Note that using this flag disables incremental linking. In debug
# builds, incremental rebuild time is usually of more concern than
# binary size, so incremental linking is preferable to size reduction.
if (!is_debug) {
ldflags = [ "/OPT:REF" ]
}
sources = [ "//chrome/nacl/nacl_exe_win_64.cc" ]
deps = [
":broker",
":nacl64_content",
":nacl64_crash_reporter_client",
"//base",
"//build/win:default_exe_manifest",
"//chrome:nacl64_exe_version",
"//chrome/install_static:install_static_util",
"//components/crash/content/app:deprecated_breakpad_win",
"//components/nacl/loader:nacl_helper_win_64",
"//content/public/common:static_switches",
"//ppapi/proxy:ipc",
"//sandbox",
"//third_party/breakpad:breakpad_handler",
]
}
# This is a tiny subset of //content built specially for nacl64.exe.
# There are no subcomponents of //content small enough to get just
# what nacl64.exe needs without bringing in other stuff that causes
# problems for the build.
source_set("nacl64_content") {
sources = [
"//content/app/sandbox_helper_win.cc",
"//content/common/sandbox_init_win.cc",
"//content/public/common/sandboxed_process_launcher_delegate.cc",
"//sandbox/policy/win/sandbox_win.cc",
]
defines = [
"COMPILE_CONTENT_STATICALLY",
"NACL_WIN64",
]
# This defangs 'gn check', which does not like this cherry-picking.
# All the source files here are part of other proper components
# under //content, where their #include discipline will be checked.
check_includes = false
deps = [
"//base",
"//content/public/common:static_switches",
"//content/public/common/zygote:buildflags",
"//sandbox",
"//sandbox/policy",
]
}
source_set("nacl64_crash_reporter_client") {
sources = [
"//chrome/app/chrome_crash_reporter_client_win.cc",
"//chrome/common/crash_keys.cc",
]
defines = [ "NACL_WIN64" ]
check_includes = false
deps = [
"//chrome/chrome_elf:constants",
"//chrome/common:constants",
"//chrome/install_static:install_static_util",
"//chrome/installer/util:with_no_strings",
"//components/crash/core/common",
"//components/flags_ui:switches",
"//components/policy:generated",
"//content/public/common:static_switches",
"//ipc",
]
}
}

6
components/nacl/broker/DEPS

@ -1,6 +0,0 @@
include_rules = [
"+content/public/app/sandbox_helper_win.h",
"+mojo/public/cpp/system",
"+sandbox/policy",
"+sandbox/win/src",
]

158
components/nacl/broker/nacl_broker_listener.cc

@ -1,158 +0,0 @@
// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/nacl/broker/nacl_broker_listener.h"
#include <utility>
#include "base/base_switches.h"
#include "base/command_line.h"
#include "base/functional/bind.h"
#include "base/path_service.h"
#include "base/process/launch.h"
#include "base/process/process.h"
#include "base/process/process_handle.h"
#include "base/rand_util.h"
#include "base/strings/string_number_conversions.h"
#include "base/task/single_thread_task_runner.h"
#include "base/win/win_util.h"
#include "components/nacl/common/nacl_cmd_line.h"
#include "components/nacl/common/nacl_debug_exception_handler_win.h"
#include "components/nacl/common/nacl_messages.h"
#include "components/nacl/common/nacl_service.h"
#include "components/nacl/common/nacl_switches.h"
#include "content/public/common/content_switches.h"
#include "content/public/common/sandbox_init_win.h"
#include "ipc/ipc_channel.h"
#include "mojo/public/cpp/platform/platform_channel.h"
#include "mojo/public/cpp/system/invitation.h"
#include "mojo/public/cpp/system/message_pipe.h"
#include "sandbox/policy/mojom/sandbox.mojom.h"
#include "sandbox/policy/win/sandbox_win.h"
#include "sandbox/win/src/sandbox_policy.h"
#include <windows.h>
namespace {
void SendReply(IPC::Channel* channel, int32_t pid, bool result) {
channel->Send(new NaClProcessMsg_DebugExceptionHandlerLaunched(pid, result));
}
} // namespace
NaClBrokerListener::NaClBrokerListener() = default;
NaClBrokerListener::~NaClBrokerListener() = default;
void NaClBrokerListener::Listen() {
NaClService service(base::SingleThreadTaskRunner::GetCurrentDefault());
channel_ = IPC::Channel::CreateClient(
service.TakeChannelPipe().release(), this,
base::SingleThreadTaskRunner::GetCurrentDefault());
CHECK(channel_->Connect());
run_loop_.Run();
}
sandbox::mojom::Sandbox NaClBrokerListener::GetSandboxType() {
return sandbox::mojom::Sandbox::kPpapi;
}
std::string NaClBrokerListener::GetSandboxTag() {
return sandbox::policy::SandboxWin::GetSandboxTagForDelegate(
"nacl-broker-listener", GetSandboxType());
}
void NaClBrokerListener::OnChannelConnected(int32_t peer_pid) {
browser_process_ = base::Process::OpenWithExtraPrivileges(peer_pid);
CHECK(browser_process_.IsValid());
}
bool NaClBrokerListener::OnMessageReceived(const IPC::Message& msg) {
bool handled = true;
IPC_BEGIN_MESSAGE_MAP(NaClBrokerListener, msg)
IPC_MESSAGE_HANDLER(NaClProcessMsg_LaunchLoaderThroughBroker,
OnLaunchLoaderThroughBroker)
IPC_MESSAGE_HANDLER(NaClProcessMsg_LaunchDebugExceptionHandler,
OnLaunchDebugExceptionHandler)
IPC_MESSAGE_HANDLER(NaClProcessMsg_StopBroker, OnStopBroker)
IPC_MESSAGE_UNHANDLED(handled = false)
IPC_END_MESSAGE_MAP()
return handled;
}
void NaClBrokerListener::OnChannelError() {
// The browser died unexpectedly, quit to avoid a zombie process.
run_loop_.QuitWhenIdle();
}
void NaClBrokerListener::OnLaunchLoaderThroughBroker(
int launch_id,
mojo::MessagePipeHandle ipc_channel_handle) {
base::ProcessHandle loader_handle_in_browser = 0;
// Create the path to the nacl broker/loader executable - it's the executable
// this code is running in.
base::FilePath exe_path;
base::PathService::Get(base::FILE_EXE, &exe_path);
if (!exe_path.empty()) {
base::CommandLine* cmd_line = new base::CommandLine(exe_path);
nacl::CopyNaClCommandLineArguments(cmd_line);
cmd_line->AppendSwitchASCII(switches::kProcessType,
switches::kNaClLoaderProcess);
// Mojo IPC setup.
mojo::PlatformChannel channel;
base::HandlesToInheritVector handles;
channel.PrepareToPassRemoteEndpoint(&handles, cmd_line);
mojo::OutgoingInvitation invitation;
MojoResult fuse_result = mojo::FuseMessagePipes(
mojo::ScopedMessagePipeHandle(ipc_channel_handle),
invitation.AttachMessagePipe(0));
DCHECK_EQ(MOJO_RESULT_OK, fuse_result);
base::Process loader_process;
sandbox::ResultCode result = content::StartSandboxedProcess(
this, *cmd_line, handles, &loader_process);
if (result == sandbox::SBOX_ALL_OK) {
mojo::OutgoingInvitation::Send(std::move(invitation),
loader_process.Handle(),
channel.TakeLocalEndpoint());
// Note: PROCESS_DUP_HANDLE is necessary here, because:
// 1) The current process is the broker, which is the loader's parent.
// 2) The browser is not the loader's parent, and so only gets the
// access rights we confer here.
// 3) The browser calls DuplicateHandle to set up communications with
// the loader.
// 4) The target process handle to DuplicateHandle needs to have
// PROCESS_DUP_HANDLE access rights.
DuplicateHandle(
::GetCurrentProcess(), loader_process.Handle(),
browser_process_.Handle(), &loader_handle_in_browser,
PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION | PROCESS_TERMINATE,
FALSE, 0);
}
}
channel_->Send(
new NaClProcessMsg_LoaderLaunched(launch_id, loader_handle_in_browser));
}
void NaClBrokerListener::OnLaunchDebugExceptionHandler(
int32_t pid,
base::ProcessHandle process_handle,
const std::string& startup_info) {
NaClStartDebugExceptionHandlerThread(
base::Process(process_handle), startup_info,
base::SingleThreadTaskRunner::GetCurrentDefault(),
base::BindRepeating(SendReply, channel_.get(), pid));
}
void NaClBrokerListener::OnStopBroker() {
run_loop_.QuitWhenIdle();
}

59
components/nacl/broker/nacl_broker_listener.h

@ -1,59 +0,0 @@
// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_NACL_BROKER_NACL_BROKER_LISTENER_H_
#define COMPONENTS_NACL_BROKER_NACL_BROKER_LISTENER_H_
#include <stdint.h>
#include <memory>
#include "base/process/process.h"
#include "base/run_loop.h"
#include "components/nacl/common/nacl_types.h"
#include "content/public/common/sandboxed_process_launcher_delegate.h"
#include "ipc/ipc_listener.h"
namespace IPC {
class Channel;
}
// The BrokerThread class represents the thread that handles the messages from
// the browser process and starts NaCl loader processes.
class NaClBrokerListener : public content::SandboxedProcessLauncherDelegate,
public IPC::Listener {
public:
NaClBrokerListener();
NaClBrokerListener(const NaClBrokerListener&) = delete;
NaClBrokerListener& operator=(const NaClBrokerListener&) = delete;
~NaClBrokerListener() override;
void Listen();
// content::SandboxedProcessLauncherDelegate implementation:
sandbox::mojom::Sandbox GetSandboxType() override;
std::string GetSandboxTag() override;
// IPC::Listener implementation.
void OnChannelConnected(int32_t peer_pid) override;
bool OnMessageReceived(const IPC::Message& msg) override;
void OnChannelError() override;
private:
void OnLaunchLoaderThroughBroker(
int launch_id,
mojo::MessagePipeHandle service_request_pipe);
void OnLaunchDebugExceptionHandler(int32_t pid,
base::ProcessHandle process_handle,
const std::string& startup_info);
void OnStopBroker();
base::RunLoop run_loop_;
base::Process browser_process_;
std::unique_ptr<IPC::Channel> channel_;
};
#endif // COMPONENTS_NACL_BROKER_NACL_BROKER_LISTENER_H_

137
components/nacl/browser/nacl_broker_host_win.cc

@ -1,137 +0,0 @@
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/nacl/browser/nacl_broker_host_win.h"
#include <windows.h>
#include <memory>
#include "base/base_switches.h"
#include "base/command_line.h"
#include "base/memory/ptr_util.h"
#include "components/nacl/browser/nacl_broker_service_win.h"
#include "components/nacl/browser/nacl_browser.h"
#include "components/nacl/common/nacl_cmd_line.h"
#include "components/nacl/common/nacl_constants.h"
#include "components/nacl/common/nacl_messages.h"
#include "components/nacl/common/nacl_process_type.h"
#include "components/nacl/common/nacl_switches.h"
#include "content/public/browser/browser_child_process_host.h"
#include "content/public/browser/child_process_data.h"
#include "content/public/browser/child_process_host.h"
#include "content/public/common/content_switches.h"
#include "content/public/common/sandboxed_process_launcher_delegate.h"
#include "sandbox/policy/mojom/sandbox.mojom.h"
namespace {
// NOTE: changes to this class need to be reviewed by the security team.
class NaClBrokerSandboxedProcessLauncherDelegate
: public content::SandboxedProcessLauncherDelegate {
public:
NaClBrokerSandboxedProcessLauncherDelegate() {}
NaClBrokerSandboxedProcessLauncherDelegate(
const NaClBrokerSandboxedProcessLauncherDelegate&) = delete;
NaClBrokerSandboxedProcessLauncherDelegate& operator=(
const NaClBrokerSandboxedProcessLauncherDelegate&) = delete;
sandbox::mojom::Sandbox GetSandboxType() override {
return sandbox::mojom::Sandbox::kNoSandbox;
}
std::string GetSandboxTag() override {
// kNoSandbox does not use a TargetPolicy, if the sandbox type is changed
// then provide a unique tag here.
return "";
}
};
} // namespace
namespace nacl {
NaClBrokerHost::NaClBrokerHost() : is_terminating_(false) {
}
NaClBrokerHost::~NaClBrokerHost() {
}
bool NaClBrokerHost::Init() {
DCHECK(!process_);
process_ = content::BrowserChildProcessHost::Create(
static_cast<content::ProcessType>(PROCESS_TYPE_NACL_BROKER), this,
content::ChildProcessHost::IpcMode::kLegacy);
process_->SetMetricsName("NaCl Broker");
process_->GetHost()->CreateChannelMojo();
// Create the path to the nacl broker/loader executable.
base::FilePath nacl_path;
if (!NaClBrowser::GetInstance()->GetNaCl64ExePath(&nacl_path))
return false;
base::CommandLine* cmd_line = new base::CommandLine(nacl_path);
CopyNaClCommandLineArguments(cmd_line);
cmd_line->AppendSwitchASCII(switches::kProcessType,
switches::kNaClBrokerProcess);
if (NaClBrowser::GetDelegate()->DialogsAreSuppressed())
cmd_line->AppendSwitch(switches::kNoErrorDialogs);
process_->Launch(
std::make_unique<NaClBrokerSandboxedProcessLauncherDelegate>(),
base::WrapUnique(cmd_line), true);
return true;
}
bool NaClBrokerHost::OnMessageReceived(const IPC::Message& msg) {
bool handled = true;
IPC_BEGIN_MESSAGE_MAP(NaClBrokerHost, msg)
IPC_MESSAGE_HANDLER(NaClProcessMsg_LoaderLaunched, OnLoaderLaunched)
IPC_MESSAGE_HANDLER(NaClProcessMsg_DebugExceptionHandlerLaunched,
OnDebugExceptionHandlerLaunched)
IPC_MESSAGE_UNHANDLED(handled = false)
IPC_END_MESSAGE_MAP()
return handled;
}
bool NaClBrokerHost::LaunchLoader(
int launch_id,
mojo::ScopedMessagePipeHandle ipc_channel_handle) {
return process_->Send(new NaClProcessMsg_LaunchLoaderThroughBroker(
launch_id, ipc_channel_handle.release()));
}
void NaClBrokerHost::OnLoaderLaunched(int launch_id,
base::ProcessHandle handle) {
NaClBrokerService::GetInstance()->OnLoaderLaunched(launch_id,
base::Process(handle));
}
bool NaClBrokerHost::LaunchDebugExceptionHandler(
int32_t pid,
base::ProcessHandle process_handle,
const std::string& startup_info) {
base::ProcessHandle broker_process =
process_->GetData().GetProcess().Handle();
base::ProcessHandle handle_in_broker_process;
if (!DuplicateHandle(::GetCurrentProcess(), process_handle,
broker_process, &handle_in_broker_process,
0, /* bInheritHandle= */ FALSE, DUPLICATE_SAME_ACCESS))
return false;
return process_->Send(new NaClProcessMsg_LaunchDebugExceptionHandler(
pid, handle_in_broker_process, startup_info));
}
void NaClBrokerHost::OnDebugExceptionHandlerLaunched(int32_t pid,
bool success) {
NaClBrokerService::GetInstance()->OnDebugExceptionHandlerLaunched(pid,
success);
}
void NaClBrokerHost::StopBroker() {
is_terminating_ = true;
process_->Send(new NaClProcessMsg_StopBroker());
}
} // namespace nacl

69
components/nacl/browser/nacl_broker_host_win.h

@ -1,69 +0,0 @@
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_NACL_BROWSER_NACL_BROKER_HOST_WIN_H_
#define COMPONENTS_NACL_BROWSER_NACL_BROKER_HOST_WIN_H_
#include <stdint.h>
#include <memory>
#include <string>
#include "base/process/process.h"
#include "content/public/browser/browser_child_process_host_delegate.h"
#include "mojo/public/cpp/system/message_pipe.h"
namespace content {
class BrowserChildProcessHost;
}
namespace nacl {
class NaClBrokerHost : public content::BrowserChildProcessHostDelegate {
public:
NaClBrokerHost();
NaClBrokerHost(const NaClBrokerHost&) = delete;
NaClBrokerHost& operator=(const NaClBrokerHost&) = delete;
~NaClBrokerHost() override;
// This function starts the broker process. It needs to be called
// before loaders can be launched.
bool Init();
// Send a message to the broker process, causing it to launch
// a Native Client loader process.
bool LaunchLoader(int launch_id,
mojo::ScopedMessagePipeHandle ipc_channel_handle);
bool LaunchDebugExceptionHandler(int32_t pid,
base::ProcessHandle process_handle,
const std::string& startup_info);
// Stop the broker process.
void StopBroker();
// Returns true if the process has been asked to terminate. If true, this
// object should no longer be used; it will eventually be destroyed by
// BrowserChildProcessHostImpl::OnChildDisconnected()
bool IsTerminating() { return is_terminating_; }
private:
// Handler for NaClProcessMsg_LoaderLaunched message
void OnLoaderLaunched(int launch_id, base::ProcessHandle handle);
// Handler for NaClProcessMsg_DebugExceptionHandlerLaunched message
void OnDebugExceptionHandlerLaunched(int32_t pid, bool success);
// BrowserChildProcessHostDelegate implementation:
bool OnMessageReceived(const IPC::Message& msg) override;
std::unique_ptr<content::BrowserChildProcessHost> process_;
bool is_terminating_;
};
} // namespace nacl
#endif // COMPONENTS_NACL_BROWSER_NACL_BROKER_HOST_WIN_H_

113
components/nacl/browser/nacl_broker_service_win.cc

@ -1,113 +0,0 @@
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/nacl/browser/nacl_broker_service_win.h"
#include "components/nacl/browser/nacl_process_host.h"
#include "components/nacl/common/nacl_process_type.h"
#include "content/public/browser/browser_child_process_host_iterator.h"
using content::BrowserChildProcessHostIterator;
namespace nacl {
NaClBrokerService* NaClBrokerService::GetInstance() {
return base::Singleton<NaClBrokerService>::get();
}
NaClBrokerService::NaClBrokerService()
: loaders_running_(0) {
}
NaClBrokerService::~NaClBrokerService() {
}
bool NaClBrokerService::StartBroker() {
NaClBrokerHost* broker_host = new NaClBrokerHost;
if (!broker_host->Init()) {
delete broker_host;
return false;
}
return true;
}
bool NaClBrokerService::LaunchLoader(
base::WeakPtr<nacl::NaClProcessHost> nacl_process_host,
mojo::ScopedMessagePipeHandle ipc_channel_handle) {
// Add task to the list
int launch_id = ++next_launch_id_;
pending_launches_[launch_id] = nacl_process_host;
NaClBrokerHost* broker_host = GetBrokerHost();
if (!broker_host) {
if (!StartBroker())
return false;
broker_host = GetBrokerHost();
}
broker_host->LaunchLoader(launch_id, std::move(ipc_channel_handle));
return true;
}
void NaClBrokerService::OnLoaderLaunched(int launch_id, base::Process process) {
PendingLaunchesMap::iterator it = pending_launches_.find(launch_id);
if (pending_launches_.end() == it) {
NOTREACHED();
return;
}
NaClProcessHost* client = it->second.get();
if (client)
client->OnProcessLaunchedByBroker(std::move(process));
pending_launches_.erase(it);
++loaders_running_;
}
void NaClBrokerService::OnLoaderDied() {
DCHECK(loaders_running_ > 0);
--loaders_running_;
// Stop the broker only if there are no loaders running or being launched.
NaClBrokerHost* broker_host = GetBrokerHost();
if (loaders_running_ + pending_launches_.size() == 0 && broker_host != NULL) {
broker_host->StopBroker();
}
}
bool NaClBrokerService::LaunchDebugExceptionHandler(
base::WeakPtr<NaClProcessHost> nacl_process_host,
int32_t pid,
base::ProcessHandle process_handle,
const std::string& startup_info) {
pending_debuggers_[pid] = nacl_process_host;
NaClBrokerHost* broker_host = GetBrokerHost();
if (!broker_host)
return false;
return broker_host->LaunchDebugExceptionHandler(pid, process_handle,
startup_info);
}
void NaClBrokerService::OnDebugExceptionHandlerLaunched(int32_t pid,
bool success) {
PendingDebugExceptionHandlersMap::iterator it = pending_debuggers_.find(pid);
if (pending_debuggers_.end() == it)
NOTREACHED();
NaClProcessHost* client = it->second.get();
if (client)
client->OnDebugExceptionHandlerLaunchedByBroker(success);
pending_debuggers_.erase(it);
}
NaClBrokerHost* NaClBrokerService::GetBrokerHost() {
BrowserChildProcessHostIterator iter(PROCESS_TYPE_NACL_BROKER);
while (!iter.Done()) {
NaClBrokerHost* host = static_cast<NaClBrokerHost*>(iter.GetDelegate());
if (!host->IsTerminating())
return host;
++iter;
}
return NULL;
}
} // namespace nacl

73
components/nacl/browser/nacl_broker_service_win.h

@ -1,73 +0,0 @@
// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_NACL_BROWSER_NACL_BROKER_SERVICE_WIN_H_
#define COMPONENTS_NACL_BROWSER_NACL_BROKER_SERVICE_WIN_H_
#include <stdint.h>
#include <map>
#include "base/memory/singleton.h"
#include "base/memory/weak_ptr.h"
#include "base/process/process.h"
#include "components/nacl/browser/nacl_broker_host_win.h"
#include "mojo/public/cpp/system/message_pipe.h"
namespace nacl {
class NaClProcessHost;
class NaClBrokerService {
public:
// Returns the NaClBrokerService singleton.
static NaClBrokerService* GetInstance();
NaClBrokerService(const NaClBrokerService&) = delete;
NaClBrokerService& operator=(const NaClBrokerService&) = delete;
// Can be called several times, must be called before LaunchLoader.
bool StartBroker();
// Send a message to the broker process, causing it to launch
// a Native Client loader process.
bool LaunchLoader(base::WeakPtr<NaClProcessHost> client,
mojo::ScopedMessagePipeHandle ipc_channel_handle);
// Called by NaClBrokerHost to notify the service that a loader was launched.
void OnLoaderLaunched(int launch_id, base::Process process);
// Called by NaClProcessHost when a loader process is terminated
void OnLoaderDied();
bool LaunchDebugExceptionHandler(base::WeakPtr<NaClProcessHost> client,
int32_t pid,
base::ProcessHandle process_handle,
const std::string& startup_info);
// Called by NaClBrokerHost to notify the service that a debug
// exception handler was started.
void OnDebugExceptionHandlerLaunched(int32_t pid, bool success);
private:
typedef std::map<int, base::WeakPtr<NaClProcessHost>> PendingLaunchesMap;
typedef std::map<int, base::WeakPtr<NaClProcessHost>>
PendingDebugExceptionHandlersMap;
friend struct base::DefaultSingletonTraits<NaClBrokerService>;
NaClBrokerService();
~NaClBrokerService();
NaClBrokerHost* GetBrokerHost();
int loaders_running_;
int next_launch_id_ = 0;
PendingLaunchesMap pending_launches_;
PendingDebugExceptionHandlersMap pending_debuggers_;
};
} // namespace nacl
#endif // COMPONENTS_NACL_BROWSER_NACL_BROKER_SERVICE_WIN_H_

4
components/nacl/common/nacl_switches.cc

@ -15,10 +15,6 @@ const char kEnableNaClDebug[] = "enable-nacl-debug";
// Force use of the Subzero as the PNaCl translator instead of LLC.
const char kForcePNaClSubzero[] = "force-pnacl-subzero";
// Value for --type that causes the process to run as a NativeClient broker
// (used for launching NaCl loader processes on 64-bit Windows).
const char kNaClBrokerProcess[] = "nacl-broker";
// Uses NaCl manifest URL to choose whether NaCl program will be debugged by
// debug stub.
// Switch value format: [!]pattern1,pattern2,...,patternN. Each pattern uses

1
components/nacl/common/nacl_switches.h

@ -14,7 +14,6 @@ namespace switches {
extern const char kDisablePnaclCrashThrottling[];
extern const char kEnableNaClDebug[];
extern const char kForcePNaClSubzero[];
extern const char kNaClBrokerProcess[];
extern const char kNaClDebugMask[];
extern const char kNaClGdbScript[];
extern const char kNaClGdb[];

25
components/nacl/loader/BUILD.gn

@ -68,9 +68,6 @@ if (current_cpu != "arm64") {
sources = []
if (is_win) {
sources += [ "//content/public/common/sandbox_init_win.h" ]
}
if (is_linux || is_chromeos) {
sources += [ "//content/public/common/zygote/sandbox_support_linux.h" ]
}
@ -211,25 +208,3 @@ if ((is_linux || is_chromeos) && current_cpu == "arm64") {
deps = [ label ]
}
}
if (is_win && target_cpu == "x86" && current_cpu == "x64") {
source_set("nacl_helper_win_64") {
sources = [
"nacl_helper_win_64.cc",
"nacl_helper_win_64.h",
]
deps = [
":minimal",
":minimal_content_dummy",
"//base",
"//components/nacl/broker",
"//components/nacl/common:switches",
"//content/public/common:main_function_params",
"//content/public/common:static_switches",
"//mojo/core/embedder",
"//sandbox",
"//sandbox/policy",
]
}
}

108
components/nacl/loader/nacl_helper_win_64.cc

@ -1,108 +0,0 @@
// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/nacl/loader/nacl_helper_win_64.h"
#include <string>
#include <utility>
#include "base/base_switches.h"
#include "base/check.h"
#include "base/command_line.h"
#include "base/feature_list.h"
#include "base/message_loop/message_pump_type.h"
#include "base/metrics/field_trial.h"
#include "base/power_monitor/power_monitor.h"
#include "base/power_monitor/power_monitor_device_source.h"
#include "base/process/launch.h"
#include "base/process/memory.h"
#include "base/strings/string_util.h"
#include "base/task/single_thread_task_executor.h"
#include "base/timer/hi_res_timer_manager.h"
#include "base/win/process_startup_helper.h"
#include "components/nacl/broker/nacl_broker_listener.h"
#include "components/nacl/common/nacl_switches.h"
#include "components/nacl/loader/nacl_listener.h"
#include "components/nacl/loader/nacl_main_platform_delegate.h"
#include "content/public/app/sandbox_helper_win.h"
#include "content/public/common/content_switches.h"
#include "content/public/common/main_function_params.h"
#include "mojo/core/embedder/embedder.h"
#include "sandbox/policy/sandbox.h"
#include "sandbox/policy/sandbox_type.h"
#include "sandbox/win/src/sandbox_types.h"
extern int NaClMain(content::MainFunctionParams);
namespace {
// main() routine for the NaCl broker process.
// This is necessary for supporting NaCl in Chrome on Win64.
int NaClBrokerMain(content::MainFunctionParams parameters) {
base::SingleThreadTaskExecutor io_task_executor(base::MessagePumpType::IO);
base::PlatformThread::SetName("CrNaClBrokerMain");
mojo::core::InitFeatures();
mojo::core::Init();
base::PowerMonitor::Initialize(
std::make_unique<base::PowerMonitorDeviceSource>());
base::HighResolutionTimerManager hi_res_timer_manager;
NaClBrokerListener listener;
listener.Listen();
return 0;
}
} // namespace
namespace nacl {
int NaClWin64Main() {
sandbox::SandboxInterfaceInfo sandbox_info = {nullptr};
content::InitializeSandboxInfo(&sandbox_info);
const base::CommandLine* command_line =
base::CommandLine::ForCurrentProcess();
std::string process_type =
command_line->GetSwitchValueASCII(switches::kProcessType);
base::FieldTrialList field_trial_list;
base::FieldTrialList::CreateTrialsInChildProcess(*command_line,
/*unused_fd_key=*/0);
auto feature_list = std::make_unique<base::FeatureList>();
base::FieldTrialList::ApplyFeatureOverridesInChildProcess(feature_list.get());
base::FeatureList::SetInstance(std::move(feature_list));
// Copy what ContentMain() does.
base::EnableTerminationOnHeapCorruption();
base::EnableTerminationOnOutOfMemory();
base::win::RegisterInvalidParamHandler();
base::win::SetupCRT(*command_line);
// Route stdio to parent console (if any) or create one.
if (command_line->HasSwitch(switches::kEnableLogging))
base::RouteStdioToConsole(true);
// Initialize the sandbox for this process.
bool sandbox_initialized_ok = sandbox::policy::Sandbox::Initialize(
sandbox::policy::SandboxTypeFromCommandLine(*command_line),
&sandbox_info);
// Die if the sandbox can't be enabled.
CHECK(sandbox_initialized_ok) << "Error initializing sandbox for "
<< process_type;
content::MainFunctionParams main_params(command_line);
main_params.sandbox_info = &sandbox_info;
if (process_type == switches::kNaClLoaderProcess)
return NaClMain(std::move(main_params));
if (process_type == switches::kNaClBrokerProcess)
return NaClBrokerMain(std::move(main_params));
CHECK(false) << "Unknown NaCl 64 process.";
return -1;
}
} // namespace nacl

14
components/nacl/loader/nacl_helper_win_64.h

@ -1,14 +0,0 @@
// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_NACL_LOADER_NACL_HELPER_WIN_64_H_
#define COMPONENTS_NACL_LOADER_NACL_HELPER_WIN_64_H_
namespace nacl {
int NaClWin64Main();
} // namespace nacl
#endif // COMPONENTS_NACL_LOADER_NACL_HELPER_WIN_64_H_

3
sandbox/policy/sandbox_type.cc

@ -213,9 +213,6 @@ sandbox::mojom::Sandbox SandboxTypeFromCommandLine(
#endif
}
if (process_type == switches::kNaClBrokerProcess)
return Sandbox::kNoSandbox;
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS)
// Intermediate process gains a sandbox later.
if (process_type == switches::kZygoteProcessType)

1
sandbox/policy/switches.cc

@ -126,7 +126,6 @@ const char kDisableMetalShaderCache[] = "disable-metal-shader-cache";
// Flags spied upon from other layers.
const char kProcessType[] = "type";
const char kGpuProcess[] = "gpu-process";
const char kNaClBrokerProcess[] = "nacl-broker";
const char kNaClLoaderProcess[] = "nacl-loader";
const char kPpapiPluginProcess[] = "ppapi";
const char kRendererProcess[] = "renderer";

1
sandbox/policy/switches.h

@ -96,7 +96,6 @@ SANDBOX_POLICY_EXPORT extern const char kDisableMetalShaderCache[];
// Flags spied upon from other layers.
SANDBOX_POLICY_EXPORT extern const char kProcessType[];
SANDBOX_POLICY_EXPORT extern const char kGpuProcess[];
SANDBOX_POLICY_EXPORT extern const char kNaClBrokerProcess[];
SANDBOX_POLICY_EXPORT extern const char kNaClLoaderProcess[];
SANDBOX_POLICY_EXPORT extern const char kPpapiPluginProcess[];
SANDBOX_POLICY_EXPORT extern const char kRendererProcess[];