| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (c) 2012 The Native Client Authors. All rights reserved. | 2 * Copyright (c) 2012 The Native Client Authors. All rights reserved. |
| 3 * Use of this source code is governed by a BSD-style license that can be | 3 * Use of this source code is governed by a BSD-style license that can be |
| 4 * found in the LICENSE file. | 4 * found in the LICENSE file. |
| 5 */ | 5 */ |
| 6 | 6 |
| 7 // Second generation sel_universal implemented in C++ | 7 // Second generation sel_universal implemented in C++ |
| 8 | 8 |
| 9 #include <stdio.h> | 9 #include <stdio.h> |
| 10 | 10 |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 54 " --event_replay <file>\n" | 54 " --event_replay <file>\n" |
| 55 " --debug\n" | 55 " --debug\n" |
| 56 " --abort_on_error\n" | 56 " --abort_on_error\n" |
| 57 " --silence_nexe\n" | 57 " --silence_nexe\n" |
| 58 " --command_prefix <prefix>\n" | 58 " --command_prefix <prefix>\n" |
| 59 " --command_file <file>\n" | 59 " --command_file <file>\n" |
| 60 " --var <tag> <value>\n" | 60 " --var <tag> <value>\n" |
| 61 " --url_alias <url> <filename>\n" | 61 " --url_alias <url> <filename>\n" |
| 62 " --uses_reverse_service\n" | 62 " --uses_reverse_service\n" |
| 63 " --no_app_channel\n" | 63 " --no_app_channel\n" |
| 64 " --untrusted\n" |
| 64 " --irt <file>\n" | 65 " --irt <file>\n" |
| 65 "\n" | 66 "\n" |
| 66 "The following sel_ldr arguments might be useful:\n" | 67 "The following sel_ldr arguments might be useful:\n" |
| 67 " -v increase verbosity\n" | 68 " -v increase verbosity\n" |
| 68 " -E NACL_SRPC_DEBUG=1 even more verbosity for srpc debugging\n"; | 69 " -E NACL_SRPC_DEBUG=1 even more verbosity for srpc debugging\n"; |
| 69 | 70 |
| 70 | 71 |
| 71 // NOTE: this used to be stack allocated inside main which cause | 72 // NOTE: this used to be stack allocated inside main which cause |
| 72 // problems on ARM (probably a tool chain bug). | 73 // problems on ARM (probably a tool chain bug). |
| 73 // NaClSrpcChannel is pretty big (> 256kB) | 74 // NaClSrpcChannel is pretty big (> 256kB) |
| 74 static NaClSrpcChannel command_channel; | 75 static NaClSrpcChannel command_channel; |
| 75 static NaClSrpcChannel channel; | 76 static NaClSrpcChannel channel; |
| 76 | 77 |
| 77 // variables set via command line | 78 // variables set via command line |
| 78 static map<string, string> initial_vars; | 79 static map<string, string> initial_vars; |
| 79 static vector<string> initial_commands; | 80 static vector<string> initial_commands; |
| 80 static bool abort_on_error = false; | 81 static bool abort_on_error = false; |
| 81 static bool silence_nexe = false; | 82 static bool silence_nexe = false; |
| 82 static vector<string> command_prefix; | 83 static vector<string> command_prefix; |
| 83 static bool uses_reverse_service = false; | 84 static bool uses_reverse_service = false; |
| 84 static bool app_channel = true; | 85 static bool app_channel = true; |
| 86 static bool trusted = true; |
| 85 | 87 |
| 86 // When given argc and argv this function (a) extracts the nexe argument, | 88 // When given argc and argv this function (a) extracts the nexe argument, |
| 87 // (b) populates sel_ldr_argv with sel_ldr arguments, and (c) populates | 89 // (b) populates sel_ldr_argv with sel_ldr arguments, and (c) populates |
| 88 // app_argv with nexe module args. Also see kUsage above for details. | 90 // app_argv with nexe module args. Also see kUsage above for details. |
| 89 // It will call exit with codes 0 (help message) and 1 (incorrect args). | 91 // It will call exit with codes 0 (help message) and 1 (incorrect args). |
| 90 static nacl::string ProcessArguments(int argc, | 92 static nacl::string ProcessArguments(int argc, |
| 91 char* argv[], | 93 char* argv[], |
| 92 nacl::string* irt_name, | 94 nacl::string* irt_name, |
| 93 vector<nacl::string>* const sel_ldr_argv, | 95 vector<nacl::string>* const sel_ldr_argv, |
| 94 vector<nacl::string>* const app_argv) { | 96 vector<nacl::string>* const app_argv) { |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 140 } | 142 } |
| 141 | 143 |
| 142 const string tag = string(argv[i + 1]); | 144 const string tag = string(argv[i + 1]); |
| 143 const string val = string(argv[i + 2]); | 145 const string val = string(argv[i + 2]); |
| 144 i += 2; | 146 i += 2; |
| 145 initial_vars[tag] = val; | 147 initial_vars[tag] = val; |
| 146 } else if (flag == "--uses_reverse_service") { | 148 } else if (flag == "--uses_reverse_service") { |
| 147 uses_reverse_service = true; | 149 uses_reverse_service = true; |
| 148 } else if (flag == "--no_app_channel") { | 150 } else if (flag == "--no_app_channel") { |
| 149 app_channel = false; | 151 app_channel = false; |
| 152 } else if (flag == "--untrusted") { |
| 153 trusted = false; |
| 150 } else if (flag == "--irt") { | 154 } else if (flag == "--irt") { |
| 151 if (argc <= i + 1) { | 155 if (argc <= i + 1) { |
| 152 NaClLog(LOG_FATAL, "not enough args for --irt option\n"); | 156 NaClLog(LOG_FATAL, "not enough args for --irt option\n"); |
| 153 } | 157 } |
| 154 *irt_name = argv[++i]; | 158 *irt_name = argv[++i]; |
| 155 } else if (flag == "--") { | 159 } else if (flag == "--") { |
| 156 // Done processing sel_ldr args. The first argument after '--' is the | 160 // Done processing sel_ldr args. The first argument after '--' is the |
| 157 // nexe. | 161 // nexe. |
| 158 i++; | 162 i++; |
| 159 if (app_name == "" && i < argc) { | 163 if (app_name == "" && i < argc) { |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 204 sel_ldr_argv.push_back(ss_stderr.str()); | 208 sel_ldr_argv.push_back(ss_stderr.str()); |
| 205 } | 209 } |
| 206 // Start sel_ldr with the given application and arguments. | 210 // Start sel_ldr with the given application and arguments. |
| 207 nacl::SelLdrLauncherStandalone launcher; | 211 nacl::SelLdrLauncherStandalone launcher; |
| 208 nacl::DescWrapperFactory factory; // DescWrapper "namespace" | 212 nacl::DescWrapperFactory factory; // DescWrapper "namespace" |
| 209 | 213 |
| 210 if (!launcher.StartViaCommandLine(command_prefix, sel_ldr_argv, app_argv)) { | 214 if (!launcher.StartViaCommandLine(command_prefix, sel_ldr_argv, app_argv)) { |
| 211 NaClLog(LOG_FATAL, "sel_universal: Failed to launch sel_ldr\n"); | 215 NaClLog(LOG_FATAL, "sel_universal: Failed to launch sel_ldr\n"); |
| 212 } | 216 } |
| 213 | 217 |
| 214 if (!launcher.SetupCommand(&command_channel)) { | 218 if (trusted) { |
| 215 NaClLog(LOG_ERROR, "sel_universal: set up command failed\n"); | 219 if (!launcher.SetupCommand(&command_channel)) { |
| 216 exit(1); | 220 NaClLog(LOG_ERROR, "sel_universal: set up command failed\n"); |
| 221 exit(1); |
| 222 } |
| 223 } else { |
| 224 if (!launcher.SetupUntrustedCommand(&command_channel)) { |
| 225 NaClLog(LOG_ERROR, "sel_universal: set up untrusted command failed\n"); |
| 226 exit(1); |
| 227 } |
| 217 } | 228 } |
| 218 | 229 |
| 219 DescWrapper *host_file = factory.OpenHostFile(app_name.c_str(), O_RDONLY, 0); | 230 DescWrapper *host_file = factory.OpenHostFile(app_name.c_str(), O_RDONLY, 0); |
| 220 if (NULL == host_file) { | 231 if (NULL == host_file) { |
| 221 NaClLog(LOG_ERROR, "Could not open %s\n", app_name.c_str()); | 232 NaClLog(LOG_ERROR, "Could not open %s\n", app_name.c_str()); |
| 222 exit(1); | 233 exit(1); |
| 223 } | 234 } |
| 224 | 235 |
| 225 if (!launcher.LoadModule(&command_channel, host_file)) { | 236 if (!launcher.LoadModule(&command_channel, host_file)) { |
| 226 NaClLog(LOG_ERROR, "sel_universal: load module failed\n"); | 237 NaClLog(LOG_ERROR, "sel_universal: load module failed\n"); |
| (...skipping 20 matching lines...) Expand all Loading... |
| 247 if (uses_reverse_service) { | 258 if (uses_reverse_service) { |
| 248 ReverseEmulateInit(&command_channel, &launcher); | 259 ReverseEmulateInit(&command_channel, &launcher); |
| 249 } | 260 } |
| 250 | 261 |
| 251 if (!launcher.StartModule(&command_channel)) { | 262 if (!launcher.StartModule(&command_channel)) { |
| 252 NaClLog(LOG_ERROR, | 263 NaClLog(LOG_ERROR, |
| 253 "sel_universal: start module failed\n"); | 264 "sel_universal: start module failed\n"); |
| 254 exit(1); | 265 exit(1); |
| 255 } | 266 } |
| 256 | 267 |
| 257 if (app_channel) { | 268 if (trusted && app_channel) { |
| 258 if (!launcher.SetupAppChannel(&channel)) { | 269 if (!launcher.SetupAppChannel(&channel)) { |
| 259 NaClLog(LOG_ERROR, | 270 NaClLog(LOG_ERROR, |
| 260 "sel_universal: set up app channel failed\n"); | 271 "sel_universal: set up app channel failed\n"); |
| 261 exit(1); | 272 exit(1); |
| 262 } | 273 } |
| 263 } | 274 } |
| 264 | 275 |
| 265 NaClCommandLoop loop(channel.client, | 276 NaClCommandLoop loop(channel.client, |
| 266 &channel, | 277 &channel, |
| 267 launcher.socket_addr()->desc()); | 278 launcher.socket_addr()->desc()); |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 328 NaClSrpcModuleInit(); | 339 NaClSrpcModuleInit(); |
| 329 NaClNrdAllModulesInit(); | 340 NaClNrdAllModulesInit(); |
| 330 | 341 |
| 331 int exit_status = raii_main(argc, argv); | 342 int exit_status = raii_main(argc, argv); |
| 332 | 343 |
| 333 NaClSrpcModuleFini(); | 344 NaClSrpcModuleFini(); |
| 334 NaClNrdAllModulesFini(); | 345 NaClNrdAllModulesFini(); |
| 335 | 346 |
| 336 return exit_status; | 347 return exit_status; |
| 337 } | 348 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10914138:
Split secure command channel and untrusted application channel (Closed)
Base URL: svn://svn.chromium.org/native_client/trunk/src/native_client