Index: chrome/common/component_flash_hint_file_linux.cc |
diff --git a/chrome/common/component_flash_hint_file_linux.cc b/chrome/common/component_flash_hint_file_linux.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..77616bee66663f91c9e37ec369057ad470c0906b |
--- /dev/null |
+++ b/chrome/common/component_flash_hint_file_linux.cc |
@@ -0,0 +1,222 @@ |
+// Copyright 2015 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "chrome/common/component_flash_hint_file.h" |
+ |
+#include <fcntl.h> |
+#include <sys/mman.h> |
+ |
+#include "base/base64.h" |
+#include "base/files/file_path.h" |
+#include "base/files/file_util.h" |
+#include "base/files/important_file_writer.h" |
+#include "base/files/memory_mapped_file.h" |
+#include "base/files/scoped_file.h" |
+#include "base/json/json_string_value_serializer.h" |
+#include "base/path_service.h" |
+#include "base/posix/eintr_wrapper.h" |
+#include "base/stl_util.h" |
+#include "base/values.h" |
+#include "chrome/common/chrome_paths.h" |
+#include "crypto/secure_hash.h" |
+#include "crypto/sha2.h" |
+ |
+namespace chrome { |
+ |
+namespace { |
+// The current version of the hints file. |
+const int kCurrentHintFileVersion = 0x10; |
+// The earliest version of the hints file. |
+const int kEarliestHintFileVersion = 0x10; |
+// The Version field in the JSON encoded file. |
+const char kVersionField[] = "Version"; |
+// The HashAlgorithm field in the JSON encoded file. |
+const char kHashAlgoField[] = "HashAlgorithm"; |
+// The Hash field in the JSON encoded file. |
+const char kHashField[] = "Hash"; |
+// The PluginPath field in the JSON encoded file. |
+const char kPluginPath[] = "PluginPath"; |
+// The PluginVersion field in the JSON encoded file. |
+const char kPluginVersion[] = "PluginVersion"; |
+// For use with the scoped_ptr of an mmap-ed buffer |
+struct MmapDeleter { |
+ size_t map_size; |
+ inline void operator()(uint8_t* ptr) const { |
+ if (ptr != MAP_FAILED) |
+ munmap(ptr, map_size); |
+ } |
+}; |
+ |
+// Hashes the plugin file and returns the result in the out params. |
+void SHA256Hash(const base::MemoryMappedFile& mapped_file, |
+ void* result, |
+ size_t len) { |
+ CHECK(len == crypto::kSHA256Length); |
jln (very slow on Chromium)
2015/08/06 18:48:15
CHECK_EQ()
Greg K
2015/08/07 21:15:29
Done.
|
+ scoped_ptr<crypto::SecureHash> secure_hash( |
+ crypto::SecureHash::Create(crypto::SecureHash::SHA256)); |
+ size_t bytes_remaining = mapped_file.length(), bytes_read = 0; |
jln (very slow on Chromium)
2015/08/06 18:48:15
Style: one line per variable (can't find where tha
Greg K
2015/08/07 21:15:29
Done.
|
+ const size_t page_size = sysconf(_SC_PAGE_SIZE); |
+ |
+ while (bytes_remaining > 0) { |
+ const size_t len = |
+ bytes_remaining >= page_size ? page_size : bytes_remaining; |
+ CHECK(bytes_remaining >= len); |
jln (very slow on Chromium)
2015/08/06 18:48:14
CHECK_GE()
Greg K
2015/08/07 21:15:29
Acknowledged.
|
+ secure_hash->Update(mapped_file.data() + bytes_read, len); |
jln (very slow on Chromium)
2015/08/06 18:48:14
Why force this page by page? Why not ask update to
Greg K
2015/08/07 21:15:29
Done.
|
+ bytes_remaining -= len; |
+ bytes_read += len; |
+ } |
+ secure_hash->Finish(result, len); |
+} |
+ |
+} // namespace |
+ |
+// static |
+bool ComponentFlashHintFile::TestExecutableMapping(const base::FilePath& path) { |
+ const base::ScopedFD fd(HANDLE_EINTR(open(path.value().c_str(), O_RDONLY))); |
jln (very slow on Chromium)
2015/08/06 18:48:15
Do CLOEXEC while you're at it.
Greg K
2015/08/07 21:15:29
Done.
|
+ if (!fd.is_valid()) |
+ return false; |
+ const MmapDeleter deleter = {.map_size = sizeof(uint8_t)}; |
jln (very slow on Chromium)
2015/08/06 18:48:14
Style: I don't think we allow designed initializer
Greg K
2015/08/07 21:15:29
Done.
|
+ scoped_ptr<uint8_t, MmapDeleter> buf_ptr( |
+ reinterpret_cast<uint8_t*>(mmap(NULL, deleter.map_size, |
jln (very slow on Chromium)
2015/08/06 18:48:14
Given the simplicity here, I would not use the Mma
Greg K
2015/08/07 21:15:29
Makes sense, but I will leave it there in case som
|
+ PROT_READ | PROT_EXEC, MAP_PRIVATE, |
+ fd.get(), 0)), |
+ deleter); |
+ return buf_ptr.get() != MAP_FAILED; |
+} |
+ |
+// static |
+bool ComponentFlashHintFile::RecordFlashUpdate( |
+ const base::FilePath& unpacked_plugin, |
+ const base::FilePath& moved_plugin, |
+ const std::string& version) { |
+ base::MemoryMappedFile mapped_file; |
+ if (!mapped_file.Initialize(unpacked_plugin)) |
+ return false; |
+ |
+ std::string hash(crypto::kSHA256Length, 0); |
+ SHA256Hash(mapped_file, string_as_array(&hash), hash.size()); |
+ |
+ return WriteToDisk(kCurrentHintFileVersion, |
+ crypto::SecureHash::Algorithm::SHA256, hash, moved_plugin, |
+ version); |
+} |
+ |
+// static |
+bool ComponentFlashHintFile::DoesHintFileExist() { |
+ base::FilePath hint_file_path; |
+ if (!PathService::Get(chrome::FILE_COMPONENT_FLASH_HINT, &hint_file_path)) |
+ return false; |
+ return base::PathExists(hint_file_path); |
+} |
+ |
+// static |
+bool ComponentFlashHintFile::WriteToDisk( |
+ const int version, |
+ const crypto::SecureHash::Algorithm algorithm, |
+ const std::string& hash, |
+ const base::FilePath& plugin_path, |
+ const std::string& flash_version) { |
+ base::FilePath hint_file_path; |
+ if (!PathService::Get(chrome::FILE_COMPONENT_FLASH_HINT, &hint_file_path)) |
+ return false; |
+ |
+ std::string encoded_hash; |
+ base::Base64Encode(hash, &encoded_hash); |
+ |
+ // Now construct a Value object to convert to JSON. |
+ base::DictionaryValue dict; |
+ dict.SetInteger(kVersionField, version); |
+ dict.SetInteger(kHashAlgoField, crypto::SecureHash::SHA256); |
+ dict.SetString(kHashField, encoded_hash); |
+ dict.SetString(kPluginPath, plugin_path.value()); |
+ dict.SetString(kPluginVersion, flash_version); |
+ // Do the serialization of the DictionaryValue to JSON. |
+ std::string json_string; |
+ JSONStringValueSerializer serializer(&json_string); |
+ if (!serializer.Serialize(dict)) |
+ return false; |
+ |
+ return base::ImportantFileWriter::WriteFileAtomically(hint_file_path, |
+ json_string); |
+} |
+ |
+// static |
+bool ComponentFlashHintFile::VerifyAndReturnFlashLocation( |
+ base::FilePath* path, |
+ std::string* flash_version) { |
+ base::FilePath hint_file_path; |
+ if (!PathService::Get(chrome::FILE_COMPONENT_FLASH_HINT, &hint_file_path)) |
+ return false; |
+ |
+ std::string json_string; |
+ if (!base::ReadFileToString(hint_file_path, &json_string)) |
+ return false; |
+ |
+ int error_code; |
+ std::string error_message; |
+ JSONStringValueDeserializer deserializer(json_string); |
+ const scoped_ptr<base::Value> value( |
+ deserializer.Deserialize(&error_code, &error_message)); |
+ |
+ if (value == nullptr) { |
+ LOG(ERROR) |
+ << "Could not deserialize the component updated flash hint file. Error " |
+ << error_code << ": " << error_message; |
+ return false; |
+ } |
+ |
+ base::DictionaryValue* dict = nullptr; |
+ if (!value->GetAsDictionary(&dict)) |
+ return false; |
+ |
+ int version; |
+ if (!dict->GetInteger(kVersionField, &version)) |
+ return false; |
+ if (version < kEarliestHintFileVersion || version > kCurrentHintFileVersion) |
+ return false; |
+ |
+ int hash_algorithm; |
+ if (!dict->GetInteger(kHashAlgoField, &hash_algorithm)) |
+ return false; |
+ if (hash_algorithm != crypto::SecureHash::SHA256) |
+ return false; |
+ |
+ std::string hash; |
+ if (!dict->GetString(kHashField, &hash)) |
+ return false; |
+ |
+ std::string plugin_path_str; |
+ if (!dict->GetString(kPluginPath, &plugin_path_str)) |
+ return false; |
+ |
+ std::string plugin_version_str; |
+ if (!dict->GetString(kPluginVersion, &plugin_version_str)) |
+ return false; |
+ |
+ std::string decoded_hash; |
+ if (!base::Base64Decode(hash, &decoded_hash)) |
+ return false; |
+ |
+ const base::FilePath plugin_path(plugin_path_str); |
+ base::MemoryMappedFile plugin_file; |
+ if (!plugin_file.Initialize(plugin_path)) |
+ return false; |
+ |
+ std::vector<uint8_t> file_hash(crypto::kSHA256Length, 0); |
+ SHA256Hash(plugin_file, &file_hash[0], file_hash.size()); |
+ if (memcmp(&file_hash[0], string_as_array(&decoded_hash), |
jln (very slow on Chromium)
2015/08/06 18:48:15
So there is nothing better than memcmp in crypto/
Greg K
2015/08/07 21:15:29
Turns out there is SecureEqualMem.
|
+ crypto::kSHA256Length) != 0) { |
+ LOG(ERROR) |
+ << "The hash recorded in the component flash hint file does not " |
+ "match the actual hash of the flash plugin found on disk. The " |
+ "component flash plugin will not be loaded."; |
+ return false; |
+ } |
+ |
+ *path = plugin_path; |
+ flash_version->assign(plugin_version_str); |
+ return true; |
+} |
+ |
+} // namespace chrome |