Google Git
Sign in
skia / buildbot / 68d78b97caef27b6ea7026f3e685568f170a5c05 / . / webtry / main.cpp
blob: 0562a14fd8e939da903d94e6860de8c3e7cd4481 [file] [log] [blame]
#include <sys/time.h>
#include <sys/resource.h>
#include "GrContextFactory.h"
#include "SkCanvas.h"
#include "SkCommandLineFlags.h"
#include "SkData.h"
#include "SkDocument.h"
#include "SkFontMgr.h"
#include "SkForceLinking.h"
#include "SkGraphics.h"
#include "SkImageDecoder.h"
#include "SkImageEncoder.h"
#include "SkImageInfo.h"
#include "SkOSFile.h"
#include "SkStream.h"
#include "SkSurface.h"
#include "seccomp_bpf.h"
__SK_FORCE_IMAGE_DECODER_LINKING;
DEFINE_string(out, "", "Output basename; fiddle will append the config used and the appropriate extension");
DEFINE_string(source, "", "Filename of the source image.");
DEFINE_int32(width, 256, "Width of output image.");
DEFINE_int32(height, 256, "Height of output image.");
DEFINE_bool(gpu, false, "Use GPU (Mesa) rendering.");
DEFINE_bool(raster, true, "Use Raster rendering.");
DEFINE_bool(pdf, false, "Use PDF rendering.");
// Defined in template.cpp.
extern SkBitmap source;
static bool install_syscall_filter() {
#ifndef SK_UNSAFE_BUILD_DESKTOP_ONLY
struct sock_filter filter[] = {
/* Grab the system call number. */
EXAMINE_SYSCALL,
/* List allowed syscalls. */
ALLOW_SYSCALL(exit_group),
ALLOW_SYSCALL(exit),
ALLOW_SYSCALL(fstat),
ALLOW_SYSCALL(read),
ALLOW_SYSCALL(write),
ALLOW_SYSCALL(close),
ALLOW_SYSCALL(mmap),
ALLOW_SYSCALL(munmap),
ALLOW_SYSCALL(brk),
ALLOW_SYSCALL(futex),
KILL_PROCESS,
};
struct sock_fprog prog = {
SK_ARRAY_COUNT(filter),
filter,
};
// Lock down the app so that it can't get new privs, such as setuid.
// Calling this is a requirement for an unprivileged process to use mode
// 2 seccomp filters, ala SECCOMP_MODE_FILTER, otherwise we'd have to be
// root.
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
perror("prctl(NO_NEW_PRIVS)");
goto failed;
}
// Now call seccomp and restrict the system calls that can be made to only
// the ones in the provided filter list.
if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) {
perror("prctl(SECCOMP)");
goto failed;
}
return true;
failed:
if (errno == EINVAL) {
fprintf(stderr, "SECCOMP_FILTER is not available. :(\n");
}
return false;
#else
return true;
#endif /* SK_UNSAFE_BUILD_DESKTOP_ONLY */
}
static void setLimits() {
struct rlimit n;
// Limit to 5 seconds of CPU.
n.rlim_cur = 5;
n.rlim_max = 5;
if (setrlimit(RLIMIT_CPU, &n)) {
perror("setrlimit(RLIMIT_CPU)");
}
// Limit to 150M of Address space.
n.rlim_cur = 150000000;
n.rlim_max = 150000000;
if (setrlimit(RLIMIT_AS, &n)) {
perror("setrlimit(RLIMIT_CPU)");
}
}
extern void draw(SkCanvas* canvas);
static void drawAndDump(SkSurface* surface, SkWStream* stream) {
SkCanvas *canvas = surface->getCanvas();
draw(canvas);
// Write out the image as a PNG.
SkAutoTUnref<SkImage> image(surface->newImageSnapshot());
SkAutoTUnref<SkData> data(image->encode(SkImageEncoder::kPNG_Type, 100));
if (NULL == data.get()) {
printf("Failed to encode\n");
exit(1);
}
stream->write(data->data(), data->size());
}
static void drawRaster(SkWStream* stream, SkImageInfo info) {
SkAutoTUnref<SkSurface> surface;
surface.reset(SkSurface::NewRaster(info));
drawAndDump(surface, stream);
}
static void drawGPU(SkWStream* stream, GrContext* gr, SkImageInfo info) {
SkAutoTUnref<SkSurface> surface;
surface.reset(SkSurface::NewRenderTarget(gr,info));
drawAndDump(surface, stream);
}
static void drawPDF(SkWStream* stream, SkImageInfo info) {
SkAutoTUnref<SkDocument> document(SkDocument::CreatePDF(stream));
SkCanvas *canvas = document->beginPage(info.width(), info.height());
SkAutoTDelete<SkStreamAsset> pdfData;
draw(canvas);
canvas->flush();
document->endPage();
document->close();
}
int main(int argc, char** argv) {
SkCommandLineFlags::Parse(argc, argv);
SkAutoGraphics init;
if (FLAGS_out.count() == 0) {
perror("The --out flag must have an argument.");
return 1;
}
if (FLAGS_source.count() == 1) {
const char *sourceDir = getenv("WEBTRY_INOUT");
if (NULL == sourceDir) {
sourceDir = "/skia_build/inout";
}
SkString sourcePath = SkOSPath::Join(sourceDir, FLAGS_source[0]);
if (!SkImageDecoder::DecodeFile(sourcePath.c_str(), &source)) {
perror("Unable to read the source image.");
}
}
// make sure to open any needed output files before we set up the security
// jail
SkWStream* streams[3] = {NULL, NULL, NULL};
if (FLAGS_raster) {
SkString outPath;
outPath.printf("%s_raster.png", FLAGS_out[0]);
streams[0] = SkNEW_ARGS(SkFILEWStream,(outPath.c_str()));
}
if (FLAGS_gpu) {
SkString outPath;
outPath.printf("%s_gpu.png", FLAGS_out[0]);
streams[1] = SkNEW_ARGS(SkFILEWStream,(outPath.c_str()));
}
if (FLAGS_pdf) {
SkString outPath;
outPath.printf("%s.pdf", FLAGS_out[0]);
streams[2] = SkNEW_ARGS(SkFILEWStream,(outPath.c_str()));
}
SkImageInfo info = SkImageInfo::MakeN32(FLAGS_width, FLAGS_height, kPremul_SkAlphaType);
GrContext *gr = NULL;
GrContextFactory* grFactory = NULL;
// need to set up the GPU context before we install system call restrictions
if (FLAGS_gpu) {
GrContext::Options grContextOpts;
grFactory = new GrContextFactory(grContextOpts);
gr = grFactory->get(GrContextFactory::kMESA_GLContextType);
}
// RefDefault will cause the custom font manager to scan the system for fonts
// and cache an SkStream for each one; that way we don't have to open font files
// after we've set up the chroot jail.
SkAutoTUnref<SkFontMgr> unusedFM(SkFontMgr::RefDefault());
setLimits();
if (!install_syscall_filter()) {
return 1;
}
if (NULL != streams[0]) {
drawRaster(streams[0], info);
}
if (NULL != streams[1]) {
drawGPU(streams[1], gr, info);
}
if (NULL != streams[2]) {
drawPDF(streams[2], info);
}
if (gr) {
delete grFactory;
}
}