void NaClSignalHandlerInit() { int a; /* Build the free list */ for (a = 0; a < MAX_NACL_HANDLERS; a++) { s_SignalNodes[a].next = s_FreeList; s_SignalNodes[a].id = a + 1; s_FreeList = &s_SignalNodes[a]; } NaClSignalHandlerInitPlatform(); #ifdef NACL_STANDALONE /* In stand-alone mode (sel_ldr) we handle all signals. */ NaClSignalHandlerAdd(NaClSignalHandleAll); #else /* * When run in Chrome we handle only signals in untrusted code. * Signals in trusted code are allowed to pass back to Chrome so * that Breakpad can create a minidump when applicable. */ NaClSignalHandlerAdd(NaClSignalHandleUntrusted); #endif if (getenv("NACL_CRASH_TEST") != NULL) { NaClSignalErrorMessage("[CRASH_TEST] Causing crash in NaCl " "trusted code...\n"); /* Clang removes non-volatile NULL pointer references. */ *(volatile int *) 0 = 0; } }
void NaClSignalHandlerInit() { int a; /* return if signals handling is not enabled */ if(!handle_signals) return; /* Build the free list */ for(a = 0; a < MAX_NACL_HANDLERS; a++) { s_SignalNodes[a].next = s_FreeList; s_SignalNodes[a].id = a + 1; s_FreeList = &s_SignalNodes[a]; } NaClSignalHandlerInitPlatform(); /* In stand-alone mode (sel_ldr) we handle all signals. */ NaClSignalHandlerAdd(NaClSignalHandleAll); }
int NaClMainForChromium(int handle_count, const NaClHandle *handles, int debug) { char *av[1]; int ac = 1; const char **envp; struct NaClApp state; int main_thread_only = 1; int export_addr_to = kSrpcFd; /* Used to be set by -X. */ struct NaClApp *nap; NaClErrorCode errcode; int ret_code = 1; struct NaClEnvCleanser env_cleanser; #if NACL_OSX /* Mac dynamic libraries cannot access the environ variable directly. */ envp = (const char **) *_NSGetEnviron(); #else /* Overzealous code style check is overzealous. */ /* @IGNORE_LINES_FOR_CODE_HYGIENE[1] */ extern char **environ; envp = (const char **) environ; #endif NaClAllModulesInit(); /* Add a handler to catch untrusted errors only */ NaClSignalHandlerAdd(NaClSignalHandleUntrusted); /* to be passed to NaClMain, eventually... */ av[0] = "NaClMain"; if (!NaClAppCtor(&state)) { fprintf(stderr, "Error while constructing app state\n"); goto done; } state.restrict_to_main_thread = main_thread_only; nap = &state; errcode = LOAD_OK; /* import IMC handle - used to be "-i" */ CHECK(handle_count == 3); NaClAddImcHandle(nap, handles[0], export_addr_to); NaClAddImcHandle(nap, handles[1], 6); /* async_receive_desc */ NaClAddImcHandle(nap, handles[2], 7); /* async_send_desc */ /* * in order to report load error to the browser plugin through the * secure command channel, we do not immediate jump to cleanup code * on error. rather, we continue processing (assuming earlier * errors do not make it inappropriate) until the secure command * channel is set up, and then bail out. */ /* * Ensure this operating system platform is supported. */ errcode = NaClRunSelQualificationTests(); if (LOAD_OK != errcode) { nap->module_load_status = errcode; fprintf(stderr, "Error while loading in SelMain: %s\n", NaClErrorString(errcode)); } /* Give debuggers a well known point at which xlate_base is known. */ NaClGdbHook(&state); /* * If export_addr_to is set to a non-negative integer, we create a * bound socket and socket address pair and bind the former to * descriptor 3 and the latter to descriptor 4. The socket address * is written out to the export_addr_to descriptor. * * The service runtime also accepts a connection on the bound socket * and spawns a secure command channel thread to service it. * * If export_addr_to is -1, we only create the bound socket and * socket address pair, and we do not export to an IMC socket. This * use case is typically only used in testing, where we only "dump" * the socket address to stdout or similar channel. */ if (-2 < export_addr_to) { NaClCreateServiceSocket(nap); if (0 <= export_addr_to) { NaClSendServiceAddressTo(nap, export_addr_to); /* * NB: spawns a thread that uses the command channel. we do * this after NaClAppLoadFile so that NaClApp object is more * fully populated. Hereafter any changes to nap should be done * while holding locks. */ NaClSecureCommandChannel(nap); } } if (NULL != nap->secure_channel && LOAD_OK == errcode) { /* * wait for start_module RPC call on secure channel thread. */ errcode = NaClWaitForStartModuleCommand(nap); } /* * error reporting done; can quit now if there was an error earlier. */ if (LOAD_OK != errcode) { goto done; } /* * Enable debugging if requested. */ if (debug) NaClDebugSetAllow(1); NaClEnvCleanserCtor(&env_cleanser); if (!NaClEnvCleanserInit(&env_cleanser, envp)) { NaClLog(LOG_FATAL, "Failed to initialise env cleanser\n"); } /* * only nap->ehdrs.e_entry is usable, no symbol table is * available. */ if (!NaClCreateMainThread(nap, ac, av, NaClEnvCleanserEnvironment(&env_cleanser))) { fprintf(stderr, "creating main thread failed\n"); goto done; } NaClEnvCleanserDtor(&env_cleanser); ret_code = NaClWaitForMainThreadToExit(nap); /* * exit_group or equiv kills any still running threads while module * addr space is still valid. otherwise we'd have to kill threads * before we clean up the address space. */ return ret_code; done: fflush(stdout); NaClAllModulesFini(); return ret_code; }
int NaClMainForChromium(int handle_count, const NaClHandle *handles, int debug) { char *av[1]; int ac = 1; const char **envp; struct NaClApp state; int main_thread_only = 1; char *nacl_file = "test_nexe/hello_ppapi.nexe"; struct NaClApp *nap; enum NaClAbiCheckOption check_abi = NACL_ABI_CHECK_OPTION_CHECK; struct GioFile gout; struct GioMemoryFileSnapshot gf; NaClErrorCode errcode; int ret_code = 1; struct NaClEnvCleanser env_cleanser; #if NACL_OSX /* Mac dynamic libraries cannot access the environ variable directly. */ envp = (const char **) *_NSGetEnviron(); #else /* Overzealous code style check is overzealous. */ /* @IGNORE_LINES_FOR_CODE_HYGIENE[1] */ extern char **environ; envp = (const char **) environ; #endif NaClAllModulesInit(); /* Add a handler to catch untrusted errors only */ NaClSignalHandlerAdd(NaClSignalHandleUntrusted); /* to be passed to NaClMain, eventually... */ av[0] = "NaClMain"; if (!NaClAppCtor(&state)) { fprintf(stderr, "Error while constructing app state\n"); goto done; } state.restrict_to_main_thread = main_thread_only; nap = &state; errcode = LOAD_OK; /* * in order to report load error to the browser plugin through the * secure command channel, we do not immediate jump to cleanup code * on error. rather, we continue processing (assuming earlier * errors do not make it inappropriate) until the secure command * channel is set up, and then bail out. */ /* * Ensure this operating system platform is supported. */ errcode = NaClRunSelQualificationTests(); if (LOAD_OK != errcode) { nap->module_load_status = errcode; fprintf(stderr, "Error while loading in SelMain: %s\n", NaClErrorString(errcode)); } /* Give debuggers a well known point at which xlate_base is known. */ NaClGdbHook(&state); if (0 == GioMemoryFileSnapshotCtor(&gf, nacl_file)) { perror("sel_main"); fprintf(stderr, "Cannot open \"%s\".\n", nacl_file); errcode = LOAD_OPEN_ERROR; } if (LOAD_OK == errcode) { errcode = NaClAppLoadFile((struct Gio *) &gf, nap, check_abi); if (LOAD_OK != errcode) { fprintf(stderr, "Error while loading \"%s\": %s\n", nacl_file, NaClErrorString(errcode)); fprintf(stderr, ("Using the wrong type of nexe (nacl-x86-32" " on an x86-64 or vice versa)\n" "or a corrupt nexe file may be" " responsible for this error.\n")); } NaClXMutexLock(&nap->mu); nap->module_load_status = errcode; NaClXCondVarBroadcast(&nap->cv); NaClXMutexUnlock(&nap->mu); } if (LOAD_OK == errcode) { if (verbosity) { gprintf((struct Gio *) &gout, "printing NaClApp details\n"); NaClAppPrintDetails(nap, (struct Gio *) &gout); } /* * Finish setting up the NaCl App. This includes dup'ing * descriptors 0-2 and making them available to the NaCl App. */ errcode = NaClAppPrepareToLaunch(nap, 0, 1, 2); if (LOAD_OK != errcode) { nap->module_load_status = errcode; fprintf(stderr, "NaClAppPrepareToLaunch returned %d", errcode); } } if (-1 == (*((struct Gio *) &gf)->vtbl->Close)((struct Gio *) &gf)) { fprintf(stderr, "Error while closing \"%s\".\n", nacl_file); } (*((struct Gio *) &gf)->vtbl->Dtor)((struct Gio *) &gf); /* * Print out a marker for scripts to use to mark the start of app * output. */ NaClLog(1, "NACL: Application output follows\n"); /* * Make sure all the file buffers are flushed before entering * the application code. */ fflush((FILE *) NULL); /* * Enable debugging if requested. */ if (debug) NaClDebugSetAllow(1); NaClEnvCleanserCtor(&env_cleanser); if (!NaClEnvCleanserInit(&env_cleanser, envp)) { NaClLog(LOG_FATAL, "Failed to initialise env cleanser\n"); } /* * only nap->ehdrs.e_entry is usable, no symbol table is * available. */ if (!NaClCreateMainThread(nap, ac, av, NaClEnvCleanserEnvironment(&env_cleanser))) { fprintf(stderr, "creating main thread failed\n"); goto done; } NaClEnvCleanserDtor(&env_cleanser); ret_code = NaClWaitForMainThreadToExit(nap); /* * exit_group or equiv kills any still running threads while module * addr space is still valid. otherwise we'd have to kill threads * before we clean up the address space. */ return ret_code; done: fflush(stdout); NaClAllModulesFini(); return ret_code; }