1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef PPAPI_PROXY_PLUGIN_DISPATCHER_H_
6#define PPAPI_PROXY_PLUGIN_DISPATCHER_H_
7
8#include <set>
9#include <string>
10
11#include "base/basictypes.h"
12#include "base/containers/hash_tables.h"
13#include "base/memory/ref_counted.h"
14#include "base/memory/weak_ptr.h"
15#include "base/process/process.h"
16#include "build/build_config.h"
17#include "ipc/ipc_sync_channel.h"
18#include "ppapi/c/pp_instance.h"
19#include "ppapi/c/pp_rect.h"
20#include "ppapi/c/ppb_console.h"
21#include "ppapi/proxy/dispatcher.h"
22#include "ppapi/shared_impl/ppapi_preferences.h"
23#include "ppapi/shared_impl/ppb_view_shared.h"
24#include "ppapi/shared_impl/singleton_resource_id.h"
25#include "ppapi/shared_impl/tracked_callback.h"
26
27namespace IPC {
28class SyncMessageFilter;
29}
30
31namespace ppapi {
32
33struct Preferences;
34class Resource;
35
36namespace thunk {
37class PPB_Instance_API;
38class ResourceCreationAPI;
39}
40
41namespace proxy {
42
43class ResourceMessageReplyParams;
44
45// Used to keep track of per-instance data.
46struct InstanceData {
47  InstanceData();
48  ~InstanceData();
49
50  ViewData view;
51
52  // When non-NULL, indicates the callback to execute when mouse lock is lost.
53  scoped_refptr<TrackedCallback> mouse_lock_callback;
54
55  // A map of singleton resources which are lazily created.
56  typedef std::map<SingletonResourceID, scoped_refptr<Resource> >
57      SingletonResourceMap;
58  SingletonResourceMap singleton_resources;
59
60  // Calls to |RequestSurroundingText()| are done by posted tasks. Track whether
61  // a) a task is pending, to avoid redundant calls, and b) whether we should
62  // actually call |RequestSurroundingText()|, to avoid stale calls (i.e.,
63  // calling when we shouldn't).
64  bool is_request_surrounding_text_pending;
65  bool should_do_request_surrounding_text;
66};
67
68class PPAPI_PROXY_EXPORT PluginDispatcher
69    : public Dispatcher,
70      public base::SupportsWeakPtr<PluginDispatcher> {
71 public:
72  class PPAPI_PROXY_EXPORT PluginDelegate : public ProxyChannel::Delegate {
73   public:
74    // Returns the set used for globally uniquifying PP_Instances. This same
75    // set must be returned for all channels.
76    //
77    // DEREFERENCE ONLY ON THE I/O THREAD.
78    virtual std::set<PP_Instance>* GetGloballySeenInstanceIDSet() = 0;
79
80    // Registers the plugin dispatcher and returns an ID.
81    // Plugin dispatcher IDs will be used to dispatch messages from the browser.
82    // Each call to Register() has to be matched with a call to Unregister().
83    virtual uint32 Register(PluginDispatcher* plugin_dispatcher) = 0;
84    virtual void Unregister(uint32 plugin_dispatcher_id) = 0;
85  };
86
87  // Constructor for the plugin side. The init and shutdown functions will be
88  // will be automatically called when requested by the renderer side. The
89  // module ID will be set upon receipt of the InitializeModule message.
90  //
91  // Note about permissions: On the plugin side, the dispatcher and the plugin
92  // run in the same address space (including in nacl). This means that the
93  // permissions here are subject to malicious modification and bypass, and
94  // an exploited or malicious plugin could send any IPC messages and just
95  // bypass the permissions. All permissions must be checked "for realz" in the
96  // host process when receiving messages. We check them on the plugin side
97  // primarily to keep honest plugins honest, especially with respect to
98  // dev interfaces that they "shouldn't" be using.
99  //
100  // You must call InitPluginWithChannel after the constructor.
101  PluginDispatcher(PP_GetInterface_Func get_interface,
102                   const PpapiPermissions& permissions,
103                   bool incognito);
104  virtual ~PluginDispatcher();
105
106  // The plugin side maintains a mapping from PP_Instance to Dispatcher so
107  // that we can send the messages to the right channel if there are multiple
108  // renderers sharing the same plugin. This mapping is maintained by
109  // DidCreateInstance/DidDestroyInstance.
110  static PluginDispatcher* GetForInstance(PP_Instance instance);
111
112  // Same as GetForInstance but retrieves the instance from the given resource
113  // object as a convenience. Returns NULL on failure.
114  static PluginDispatcher* GetForResource(const Resource* resource);
115
116  // Implements the GetInterface function for the plugin to call to retrieve
117  // a browser interface.
118  static const void* GetBrowserInterface(const char* interface_name);
119
120  // Logs the given log message to the given instance, or, if the instance is
121  // invalid, to all instances associated with all dispatchers. Used for
122  // global log messages.
123  static void LogWithSource(PP_Instance instance,
124                            PP_LogLevel level,
125                            const std::string& source,
126                            const std::string& value);
127
128  const void* GetPluginInterface(const std::string& interface_name);
129
130  // You must call this function before anything else. Returns true on success.
131  // The delegate pointer must outlive this class, ownership is not
132  // transferred.
133  bool InitPluginWithChannel(PluginDelegate* delegate,
134                             base::ProcessId peer_pid,
135                             const IPC::ChannelHandle& channel_handle,
136                             bool is_client);
137
138  // Dispatcher overrides.
139  virtual bool IsPlugin() const;
140  virtual bool Send(IPC::Message* msg);
141
142  // IPC::Listener implementation.
143  virtual bool OnMessageReceived(const IPC::Message& msg);
144  virtual void OnChannelError();
145
146  // Keeps track of which dispatcher to use for each instance, active instances
147  // and tracks associated data like the current size.
148  void DidCreateInstance(PP_Instance instance);
149  void DidDestroyInstance(PP_Instance instance);
150
151  // Gets the data for an existing instance, or NULL if the instance id doesn't
152  // correspond to a known instance.
153  InstanceData* GetInstanceData(PP_Instance instance);
154
155  // Returns the corresponding API. These are APIs not associated with a
156  // resource. Guaranteed non-NULL.
157  thunk::PPB_Instance_API* GetInstanceAPI();
158  thunk::ResourceCreationAPI* GetResourceCreationAPI();
159
160  // Returns the Preferences.
161  const Preferences& preferences() const { return preferences_; }
162
163  uint32 plugin_dispatcher_id() const { return plugin_dispatcher_id_; }
164  bool incognito() const { return incognito_; }
165
166  // Dispatches the given resource message to the appropriate resource in the
167  // plugin process. This should be wired to the various channels that messages
168  // come in from various other processes.
169  static void DispatchResourceReply(
170      const ppapi::proxy::ResourceMessageReplyParams& reply_params,
171      const IPC::Message& nested_msg);
172
173 private:
174  friend class PluginDispatcherTest;
175
176  // Notifies all live instances that they're now closed. This is used when
177  // a renderer crashes or some other error is received.
178  void ForceFreeAllInstances();
179
180  // IPC message handlers.
181  void OnMsgResourceReply(
182      const ppapi::proxy::ResourceMessageReplyParams& reply_params,
183      const IPC::Message& nested_msg);
184  void OnMsgSupportsInterface(const std::string& interface_name, bool* result);
185  void OnMsgSetPreferences(const Preferences& prefs);
186
187  // Internal backed for DispatchResourceReply.
188  static void LockedDispatchResourceReply(
189      const ppapi::proxy::ResourceMessageReplyParams& reply_params,
190      const IPC::Message& nested_msg);
191
192  virtual bool SendMessage(IPC::Message* msg);
193
194  PluginDelegate* plugin_delegate_;
195
196  // Contains all the plugin interfaces we've queried. The mapped value will
197  // be the pointer to the interface pointer supplied by the plugin if it's
198  // supported, or NULL if it's not supported. This allows us to cache failures
199  // and not req-query if a plugin doesn't support the interface.
200  typedef base::hash_map<std::string, const void*> InterfaceMap;
201  InterfaceMap plugin_interfaces_;
202
203  typedef base::hash_map<PP_Instance, InstanceData> InstanceDataMap;
204  InstanceDataMap instance_map_;
205
206  // The preferences sent from the host. We only want to set this once, which
207  // is what the received_preferences_ indicates. See OnMsgSetPreferences.
208  bool received_preferences_;
209  Preferences preferences_;
210
211  uint32 plugin_dispatcher_id_;
212
213  // Set to true when the instances associated with this dispatcher are
214  // incognito mode.
215  bool incognito_;
216
217  // A filter for sending messages from threads other than the main thread.
218  scoped_refptr<IPC::SyncMessageFilter> sync_filter_;
219
220  DISALLOW_COPY_AND_ASSIGN(PluginDispatcher);
221};
222
223}  // namespace proxy
224}  // namespace ppapi
225
226#endif  // PPAPI_PROXY_PLUGIN_DISPATCHER_H_
227