NaCl: enable meta-based validation for shared libraries.

chrome/nacl/nacl_validation_query.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/nacl/nacl_validation_query.h"
 
 #include "base/logging.h"
 #include "crypto/nss_util.h"
 #include "chrome/nacl/nacl_validation_db.h"
+#include "native_client/src/include/portability.h"

[Mark Seaborn, 2013/05/24 22:48:11]

Why?  You shouldn't be using native_client/src/include/portability.h in
Chromium-side code, outside of the legacy code in ppapi/native_client.

+#include "native_client/src/trusted/validator/nacl_file_info.h"
 #include "native_client/src/trusted/validator/validation_cache.h"
 
 NaClValidationQueryContext::NaClValidationQueryContext(
     NaClValidationDB* db,
     const std::string& profile_key,
     const std::string& nacl_version)
     : db_(db),
       profile_key_(profile_key),
       nacl_version_(nacl_version) {
 
   // Sanity checks.
   CHECK(profile_key.length() >= 8);
   CHECK(nacl_version.length() >= 4);
 }
 
 NaClValidationQuery* NaClValidationQueryContext::CreateQuery() {
   NaClValidationQuery* query = new NaClValidationQuery(db_, profile_key_);
   // Changing the version effectively invalidates existing hashes.
   query->AddData(nacl_version_);
   return query;
 }
 
+bool NaClValidationQueryContext::ResolveFileToken(
+    struct NaClFileToken* file_token,
+    int32* fd,
+    std::string* path) {
+  return db_->ResolveFileToken(file_token, fd, path);
+}
+
 NaClValidationQuery::NaClValidationQuery(NaClValidationDB* db,
                                          const std::string& profile_key)
     : state_(READY),
       hasher_(crypto::HMAC::SHA256),
       db_(db),
       buffer_length_(0) {
   // Without this line on Linux, HMAC::Init will instantiate a singleton that
   // in turn attempts to open a file.  Disabling this behavior avoids a ~70 ms
   // stall the first time HMAC is used.
   // This function is also called in nacl_helper_linux.cc, but nacl_helper may
@@ skipping 78 matching lines @@
 }
 
 static void SetKnownToValidate(void* query) {
   static_cast<NaClValidationQuery*>(query)->SetKnownToValidate();
 }
 
 static void DestroyQuery(void* query) {
   delete static_cast<NaClValidationQuery*>(query);
 }
 
+static int ResolveFileToken(void* handle, struct NaClFileToken* file_token,
+                            int32* fd, char** file_path,
+                            uint32* file_path_length) {
+  std::string path;
+  *file_path = NULL;
+  *file_path_length = 0;
+  bool ok = static_cast<NaClValidationQueryContext*>(handle)->
+      ResolveFileToken(file_token, fd, &path);
+  if (ok) {
+    *file_path = static_cast<char*>(malloc(path.length() + 1));
+    CHECK(*file_path);
+    memcpy(*file_path, path.data(), path.length());
+    (*file_path)[path.length()] = 0;
+    *file_path_length = static_cast<uint32>(path.length());
+  }
+  return ok;
+}
+
 struct NaClValidationCache* CreateValidationCache(
     NaClValidationDB* db, const std::string& profile_key,
     const std::string& nacl_version) {
   NaClValidationCache* cache =
       static_cast<NaClValidationCache*>(malloc(sizeof(NaClValidationCache)));
   // Make sure any fields introduced in a cross-repo change are zeroed.
   memset(cache, 0, sizeof(*cache));
   cache->handle = new NaClValidationQueryContext(db, profile_key, nacl_version);
   cache->CreateQuery = CreateQuery;
   cache->AddData = AddData;
   cache->QueryKnownToValidate = QueryKnownToValidate;
   cache->SetKnownToValidate = SetKnownToValidate;
   cache->DestroyQuery = DestroyQuery;
+  cache->ResolveFileToken = ResolveFileToken;
   return cache;
 }