GMPProcessParent.h (3769B)
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- 2 * vim: sw=2 ts=4 et : 3 * This Source Code Form is subject to the terms of the Mozilla Public 4 * License, v. 2.0. If a copy of the MPL was not distributed with this 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 7 #ifndef GMPProcessParent_h 8 #define GMPProcessParent_h 1 9 10 #include "base/basictypes.h" 11 #include "base/file_path.h" 12 #include "base/thread.h" 13 #include "mozilla/ipc/GeckoChildProcessHost.h" 14 #include "mozilla/media/MediaUtils.h" 15 #include "nsIFile.h" 16 17 class nsIRunnable; 18 19 namespace mozilla::gmp { 20 21 class GMPProcessParent final : public mozilla::ipc::GeckoChildProcessHost { 22 public: 23 explicit GMPProcessParent(const std::string& aGMPPath); 24 25 // Synchronously launch the plugin process. If the process fails to launch 26 // after timeoutMs, this method will return false. 27 bool Launch(int32_t aTimeoutMs); 28 29 void Delete(nsCOMPtr<nsIRunnable> aCallback = nullptr); 30 31 bool CanShutdown() override { return true; } 32 const std::string& GetPluginFilePath() { return mGMPPath; } 33 bool UseXPCOM() const { return mUseXpcom; } 34 35 #if defined(XP_MACOSX) && defined(MOZ_SANDBOX) 36 // Init static members on the main thread 37 static void InitStaticMainThread(); 38 39 // Read prefs and environment variables to determine 40 // when and if to start the Mac sandbox for the child 41 // process. Starting the sandbox at launch is the new 42 // preferred method. Code to support starting the sandbox 43 // later at plugin start time should be removed once 44 // starting at launch is stable and shipping. 45 bool IsMacSandboxLaunchEnabled() override; 46 47 // For process sandboxing purposes, set whether or not this 48 // instance of the GMP process requires access to the macOS 49 // window server. At present, Widevine requires window server 50 // access, but OpenH264 decoding does not. 51 void SetRequiresWindowServer(bool aRequiresWindowServer); 52 53 // Return the sandbox type to be used with this process type. 54 static MacSandboxType GetMacSandboxType() { return MacSandboxType_GMP; }; 55 #endif 56 57 using mozilla::ipc::GeckoChildProcessHost::GetChildProcessHandle; 58 59 private: 60 ~GMPProcessParent(); 61 62 void DoDelete(); 63 64 std::string mGMPPath; 65 nsCOMPtr<nsIRunnable> mDeletedCallback; 66 67 // Whether or not XPCOM is enabled in the GMP process. 68 bool mUseXpcom; 69 70 #if defined(XP_MACOSX) && defined(MOZ_SANDBOX) 71 // Indicates whether we'll start the Mac GMP sandbox during 72 // process launch (earlyinit) which is the new preferred method 73 // or later in the process lifetime. 74 static bool sLaunchWithMacSandbox; 75 76 // Whether or not Mac sandbox violation logging is enabled. 77 static bool sMacSandboxGMPLogging; 78 79 // Override so we can set GMP-specific sandbox parameters 80 bool FillMacSandboxInfo(MacSandboxInfo& aInfo) override; 81 82 // Controls whether or not the sandbox will be configured with 83 // window service access. 84 bool mRequiresWindowServer; 85 86 # if defined(DEBUG) 87 // Used to assert InitStaticMainThread() is called before the constructor. 88 static bool sIsMainThreadInitDone; 89 # endif 90 #endif 91 92 // Ticket for blocking shutdown while the process is live. 93 UniquePtr<media::ShutdownBlockingTicket> mShutdownBlocker; 94 95 // For normalizing paths to be compatible with sandboxing. 96 // We use normalized paths to generate the sandbox ruleset. Once 97 // the sandbox has been started, resolving symlinks that point to 98 // allowed directories could require reading paths not allowed by 99 // the sandbox, so we should only attempt to load plugin libraries 100 // using normalized paths. 101 static nsresult NormalizePath(const char* aPath, PathString& aNormalizedPath); 102 103 DISALLOW_COPY_AND_ASSIGN(GMPProcessParent); 104 }; 105 106 } // namespace mozilla::gmp 107 108 #endif // ifndef GMPProcessParent_h