| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/renderer/webplugin_delegate_proxy.h" | 5 #include "content/renderer/webplugin_delegate_proxy.h" |
| 6 | 6 |
| 7 #if defined(TOOLKIT_USES_GTK) | 7 #if defined(TOOLKIT_USES_GTK) |
| 8 #include <gtk/gtk.h> | 8 #include <gtk/gtk.h> |
| 9 #elif defined(USE_X11) | 9 #elif defined(USE_X11) |
| 10 #include <cairo/cairo.h> | 10 #include <cairo/cairo.h> |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 52 #include "webkit/plugins/sad_plugin.h" | 52 #include "webkit/plugins/sad_plugin.h" |
| 53 | 53 |
| 54 #if defined(OS_POSIX) | 54 #if defined(OS_POSIX) |
| 55 #include "ipc/ipc_channel_posix.h" | 55 #include "ipc/ipc_channel_posix.h" |
| 56 #endif | 56 #endif |
| 57 | 57 |
| 58 #if defined(OS_MACOSX) | 58 #if defined(OS_MACOSX) |
| 59 #include "base/mac/mac_util.h" | 59 #include "base/mac/mac_util.h" |
| 60 #endif | 60 #endif |
| 61 | 61 |
| 62 #if defined(OS_WIN) |
| 63 #include "content/common/sandbox_policy.h" |
| 64 #endif |
| 65 |
| 62 using WebKit::WebBindings; | 66 using WebKit::WebBindings; |
| 63 using WebKit::WebCursorInfo; | 67 using WebKit::WebCursorInfo; |
| 64 using WebKit::WebDragData; | 68 using WebKit::WebDragData; |
| 65 using WebKit::WebInputEvent; | 69 using WebKit::WebInputEvent; |
| 66 using WebKit::WebString; | 70 using WebKit::WebString; |
| 67 using WebKit::WebView; | 71 using WebKit::WebView; |
| 68 | 72 |
| 69 // Proxy for WebPluginResourceClient. The object owns itself after creation, | 73 // Proxy for WebPluginResourceClient. The object owns itself after creation, |
| 70 // deleting itself after its callback has been called. | 74 // deleting itself after its callback has been called. |
| 71 class ResourceClientProxy : public webkit::npapi::WebPluginResourceClient { | 75 class ResourceClientProxy : public webkit::npapi::WebPluginResourceClient { |
| (...skipping 404 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 476 | 480 |
| 477 #if defined(OS_MACOSX) || defined(OS_WIN) | 481 #if defined(OS_MACOSX) || defined(OS_WIN) |
| 478 // Ensure that the renderer doesn't think the plugin still has focus. | 482 // Ensure that the renderer doesn't think the plugin still has focus. |
| 479 if (render_view_) | 483 if (render_view_) |
| 480 render_view_->PluginFocusChanged(false, instance_id_); | 484 render_view_->PluginFocusChanged(false, instance_id_); |
| 481 #endif | 485 #endif |
| 482 } | 486 } |
| 483 | 487 |
| 484 static void CopyTransportDIBHandleForMessage( | 488 static void CopyTransportDIBHandleForMessage( |
| 485 const TransportDIB::Handle& handle_in, | 489 const TransportDIB::Handle& handle_in, |
| 486 TransportDIB::Handle* handle_out) { | 490 TransportDIB::Handle* handle_out, |
| 491 base::ProcessId peer_pid) { |
| 487 #if defined(OS_MACOSX) | 492 #if defined(OS_MACOSX) |
| 488 // On Mac, TransportDIB::Handle is typedef'ed to FileDescriptor, and | 493 // On Mac, TransportDIB::Handle is typedef'ed to FileDescriptor, and |
| 489 // FileDescriptor message fields needs to remain valid until the message is | 494 // FileDescriptor message fields needs to remain valid until the message is |
| 490 // sent or else the sendmsg() call will fail. | 495 // sent or else the sendmsg() call will fail. |
| 491 if ((handle_out->fd = HANDLE_EINTR(dup(handle_in.fd))) < 0) { | 496 if ((handle_out->fd = HANDLE_EINTR(dup(handle_in.fd))) < 0) { |
| 492 PLOG(ERROR) << "dup()"; | 497 PLOG(ERROR) << "dup()"; |
| 493 return; | 498 return; |
| 494 } | 499 } |
| 495 handle_out->auto_close = true; | 500 handle_out->auto_close = true; |
| 501 #elif defined(OS_WIN) |
| 502 // On Windows we need to duplicate the handle for the plugin process. |
| 503 *handle_out = NULL; |
| 504 sandbox::BrokerDuplicateHandle(handle_in, peer_pid, handle_out, |
| 505 STANDARD_RIGHTS_REQUIRED | FILE_MAP_READ | |
| 506 FILE_MAP_WRITE, FALSE, 0); |
| 507 DCHECK(*handle_out != NULL); |
| 496 #else | 508 #else |
| 497 // Don't need to do anything special for other platforms. | 509 // Don't need to do anything special for other platforms. |
| 498 *handle_out = handle_in; | 510 *handle_out = handle_in; |
| 499 #endif | 511 #endif |
| 500 } | 512 } |
| 501 | 513 |
| 502 void WebPluginDelegateProxy::SendUpdateGeometry( | 514 void WebPluginDelegateProxy::SendUpdateGeometry( |
| 503 bool bitmaps_changed) { | 515 bool bitmaps_changed) { |
| 504 PluginMsg_UpdateGeometry_Param param; | 516 PluginMsg_UpdateGeometry_Param param; |
| 505 param.window_rect = plugin_rect_; | 517 param.window_rect = plugin_rect_; |
| 506 param.clip_rect = clip_rect_; | 518 param.clip_rect = clip_rect_; |
| 507 param.windowless_buffer0 = TransportDIB::DefaultHandleValue(); | 519 param.windowless_buffer0 = TransportDIB::DefaultHandleValue(); |
| 508 param.windowless_buffer1 = TransportDIB::DefaultHandleValue(); | 520 param.windowless_buffer1 = TransportDIB::DefaultHandleValue(); |
| 509 param.windowless_buffer_index = back_buffer_index(); | 521 param.windowless_buffer_index = back_buffer_index(); |
| 510 param.background_buffer = TransportDIB::DefaultHandleValue(); | 522 param.background_buffer = TransportDIB::DefaultHandleValue(); |
| 511 param.transparent = transparent_; | 523 param.transparent = transparent_; |
| 512 | 524 |
| 513 #if defined(OS_POSIX) | 525 #if defined(OS_POSIX) |
| 514 // If we're using POSIX mmap'd TransportDIBs, sending the handle across | 526 // If we're using POSIX mmap'd TransportDIBs, sending the handle across |
| 515 // IPC establishes a new mapping rather than just sending a window ID, | 527 // IPC establishes a new mapping rather than just sending a window ID, |
| 516 // so only do so if we've actually changed the shared memory bitmaps. | 528 // so only do so if we've actually changed the shared memory bitmaps. |
| 517 if (bitmaps_changed) | 529 if (bitmaps_changed) |
| 518 #endif | 530 #endif |
| 519 { | 531 { |
| 520 if (transport_stores_[0].dib.get()) | 532 if (transport_stores_[0].dib.get()) |
| 521 CopyTransportDIBHandleForMessage(transport_stores_[0].dib->handle(), | 533 CopyTransportDIBHandleForMessage(transport_stores_[0].dib->handle(), |
| 522 ¶m.windowless_buffer0); | 534 ¶m.windowless_buffer0, |
| 535 channel_host_->peer_pid()); |
| 523 | 536 |
| 524 if (transport_stores_[1].dib.get()) | 537 if (transport_stores_[1].dib.get()) |
| 525 CopyTransportDIBHandleForMessage(transport_stores_[1].dib->handle(), | 538 CopyTransportDIBHandleForMessage(transport_stores_[1].dib->handle(), |
| 526 ¶m.windowless_buffer1); | 539 ¶m.windowless_buffer1, |
| 540 channel_host_->peer_pid()); |
| 527 | 541 |
| 528 if (background_store_.dib.get()) | 542 if (background_store_.dib.get()) |
| 529 CopyTransportDIBHandleForMessage(background_store_.dib->handle(), | 543 CopyTransportDIBHandleForMessage(background_store_.dib->handle(), |
| 530 ¶m.background_buffer); | 544 ¶m.background_buffer, |
| 545 channel_host_->peer_pid()); |
| 531 } | 546 } |
| 532 | 547 |
| 533 IPC::Message* msg; | 548 IPC::Message* msg; |
| 534 #if defined(OS_WIN) | 549 #if defined(OS_WIN) |
| 535 if (UseSynchronousGeometryUpdates()) { | 550 if (UseSynchronousGeometryUpdates()) { |
| 536 msg = new PluginMsg_UpdateGeometrySync(instance_id_, param); | 551 msg = new PluginMsg_UpdateGeometrySync(instance_id_, param); |
| 537 } else // NOLINT | 552 } else // NOLINT |
| 538 #endif | 553 #endif |
| 539 { | 554 { |
| 540 msg = new PluginMsg_UpdateGeometry(instance_id_, param); | 555 msg = new PluginMsg_UpdateGeometry(instance_id_, param); |
| (...skipping 915 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1456 } | 1471 } |
| 1457 #endif | 1472 #endif |
| 1458 | 1473 |
| 1459 void WebPluginDelegateProxy::OnURLRedirectResponse(bool allow, | 1474 void WebPluginDelegateProxy::OnURLRedirectResponse(bool allow, |
| 1460 int resource_id) { | 1475 int resource_id) { |
| 1461 if (!plugin_) | 1476 if (!plugin_) |
| 1462 return; | 1477 return; |
| 1463 | 1478 |
| 1464 plugin_->URLRedirectResponse(allow, resource_id); | 1479 plugin_->URLRedirectResponse(allow, resource_id); |
| 1465 } | 1480 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9838083:
Add a sandbox API for broker handle duplication (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/