关于本机客户端和Pepper Plugin API的说明

Google’s Native Client (NaCl) is a brilliant idea. TL;DR: it allows native code to be run securely in the browser. Here’s a collection of developer-centric notes about it (it’s not very Unity specific).

Google的Native Client (NaCl)是一个绝妙的主意。 TL; DR ：它允许本机代码在浏览器中安全运行。 这是有关以开发人员为中心的注释的集合(不是特定于Unity的)。

But is it secure?

但是安全吗？

“Bububut, waitaminnit! Native code is not secure by definition” you say. Turns out, that isn’t necessarily true. With a specially massaged compiler, some runtime support and careful native code validation it is possible to ensure native code, when ran in the browser, can’t cause harm to user’s machine. I suggest taking a look at the original NaCl for x86 paper and more recently, how similar techniques would apply to ARM CPUs.

“ Bububut，waitaminnit！ 本地代码从定义上讲是不安全的 。 事实证明，这不一定是正确的。 使用经过特殊处理的编译器，一些运行时支持和仔细的本机代码验证，可以确保本机代码在浏览器中运行时不会对用户的计算机造成损害。 我建议您看一下x86纸的原始NaCl，以及最近的类似技术如何应用​​于ARM CPU 。

But what can you do with it?

但是你能用它做什么？

So that’s great. It means it is possible to take C/C++ code, compile it with NaCl SDK (a gcc derived toolchain) and have it run in the browser. We can make a loop in C that multiplies a ton of floating point numbers, and it will run at native speed. That’s wonderful, except you can’t really do much interesting stuff with your own C code in isolation…

太好了。 这意味着可以获取C / C ++代码，并使用NaCl SDK(gcc衍生的工具链)对其进行编译，然后使其在浏览器中运行。 我们可以在C中创建一个循环，该循环将一吨浮点数相乘，并且将以本机速度运行。 太好了，除了您不能用自己的C代码真正做很多有趣的事情之外……

You need access to the hardware and/or OS. As game developers, we need pixels to appear on the screen. Preferably lots of them, with the help of something like a GPU. Audio waves to come out of the speakers. Mouse moves and keyboard presses to translate to some fancy actions. Post a high score to the internets. And so on.

您需要访问硬件和/或操作系统。 作为游戏开发人员，我们需要在屏幕上显示像素。 最好是在GPU之类的帮助下完成许多任务。 音频波从扬声器中发出。 鼠标移动和键盘按键转换为一些精美的动作。 在互联网上发布高分。 等等。

NaCl surely can’t just allow my C code to call Direct3DCreate9 and run with it, while keeping the promise of “it’s secure”? Or a more extreme case, FILE* f = fopen("/etc/passwd", "rt");?!

当然，NaCl不能只允许我的C代码调用Direct3DCreate9并与其一起运行，同时还要保证“它是安全的”？ 或更极端的情况是， FILE * f = fopen(“ / etc / passwd”，“ rt”); ？！

And that’s true; NaCl does not allow you to use completely arbitrary APIs. It has it’s own set of APIs to interface with “the system”.

没错； NaCl不允许您使用完全任意的API。 它具有自己的一套API与“系统”接口。

Ok, how do I interface with the system?

好的，如何与系统交互？

…and that’s where the current state of NaCl gets a bit confusing.

……这就是NaCl的当前状态令人困惑的地方。

Initially Google developed an improved “browser plugin model” and called it Pepper. This Pepper thing would then take care of actually putting your code into the browser. Starting it up, tearing it down, controlling repaints, processing events and so on. But then apparently they realized that building on top of a decade-old Netscape plugin API (NPAPI) isn’t going to really work, so they developed Pepper2 or PPAPI (Pepper Plugin API) which ditches NPAPI completely. To write a native client plugin, you only interface with PPAPI.

最初，Google开发了一种改进的“浏览器插件模型”，并将其称为Pepper。 然后，这Pepper事情会处理实际将您的代码放入浏览器的过程 。 启动，拆除，控制重绘，处理事件等。 但是后来他们显然意识到，在具有十年历史的Netscape插件API( NPAPI )的基础上构建是行不通的，因此他们开发了Pepper2或PPAPI(Pepper Plugin API)，可以完全取代NPAPI。 要编写本机客户端插件，您只能与PPAPI交互。

So some of the pages on the internets reference the “old API” (which is gone as far as I can see), and some others reference the new one. It does not help that Native Client’s own documentation are scattered around in Chromium, NaCl, NaCl SDK and PPAPI sites. Seriously, it’s a mess, with seemingly no high level, up to date “introduction” page that tells what exactly PPAPI can and can’t do. Edit: I’m told that the definitive entry point to NaCl right now is this page: http://code.google.com/chrome/nativeclient/ which clears up some mess.

因此，互联网上的某些页面引用了“旧API”(据我所知，这已经消失了)，另一些页面则引用了新的API。 Native Client自己的文档分散在Chromium ， NaCl ， NaCl SDK和PPAPI站点中并没有帮助。 严重的是， 这看起来一团糟 ，似乎没有高级的，最新的“简介”页面，该页面告诉PPAPI可以做什么和不能做什么。 编辑 ：有人告诉我，现在NaCl的明确入口点是此页面： http : //code.google.com/chrome/nativeclient/ ，这可以清除一些混乱。

Here’s what I think it can do

我认为这是可以做的

Note: we have an in-progress Unity NaCl port using this PPAPI. However, I am not working on it, so my knowledge may or may not be true. Take everything with a grain of NaCl ;)

注意：我们有一个使用此PPAPI的正在进行中的Unity NaCl端口。 但是，我没有为此工作，因此我的知识可能是正确的，也可能不是正确的。 用一粒NaCl吸收一切；)

Most of things below found by poking around at PPAPI source tree, and by looking into Unity’s NaCl platform dependent bits.

通过查看PPAPI源代码树 ，并查看Unity的NaCl平台相关位，可以找到下面的大多数内容。

Graphics

图形

PPAPI provides an OpenGL ES 2.0 implementation for your 3D needs. You need to setup the context and initial surfaces via PPAPI (ppapi/cpp/dev/context_3d_dev.h, ppapi/cpp/dev/surface_3d_dev.h) – similar to what you’d use EGL on other platforms for – and beyond that you just include GLES2/gl2.h, GLES2/gl2ext.h and call ye olde GLES2.0 functions.

PPAPI为您的3D需求提供了OpenGL ES 2.0实现。 您需要通过PPAPI( ppapi / cpp / dev / context_3d_dev.h ， ppapi / cpp / dev / surface_3d_dev.h )设置上下文和初始表面–类似于您在其他平台上使用EGL所用的方法–除此之外，您还需要仅包括GLES2 / gl2.h，GLES2 / gl2ext.h并调用旧的GLES2.0函数。

Behind the scenes, all your GLES2.0 calls will be put into a command buffer and transferred to actual “3D server” process for consuming them. Chrome splits up itself into various processes like that for security reasons — so that each process has the minimum set of privileges, and a crash or a security exploit in one of them can’t easily transfer over to other parts of the browser.

在幕后，您所有的GLES2.0调用都将放入命令缓冲区，并转移到实际的“ 3D服务器”进程中以进行使用。 由于安全原因，Chrome会将自己分为多个进程-以便每个进程都具有最少的特权集，并且其中一个崩溃或安全​​漏洞无法轻易转移到浏览器的其他部分。

Audio

音讯

For audio needs, PPAPI provides a simple buffer based API in ppapi/cpp/audio_config.h and ppapi/cpp/audio.h. Your own callback will be called whenever audio buffer needs to be filled with new samples. That means you do all sound mixing yourself and just fill in the final buffer.

为了满足音频需求，PPAPI在ppapi / cpp / audio_config.h和ppapi / cpp / audio.h中提供了一个基于缓冲区的简单API。 每当音频缓冲区需要填充新样本时，就会调用您自己的回调。 这意味着您需要自己进行所有混音，然后填写最后的缓冲区。

Input

输入项

Your plugin instance (subclass of pp::Instance) will get input events via HandleInputEvent virtual function override. Each event is a simple PPInputEvent struct and can represent keyboard & mouse. No support for gamepads or touch input so far, it seems.

您的插件实例( pp :: Instance的子类)将通过HandleInputEvent虚拟函数重写获取输入事件。 每个事件都是一个简单的PPInputEvent结构 ，可以表示键盘和鼠标。 到目前为止，似乎还不支持游戏手柄或触摸输入。

Other stuff

其他的东西

Doing WWW requests is possible via ppapi/cpp/url_loader.h and friends.

通过ppapi / cpp / url_loader.h和朋友可以进行WWW请求。

Timer & time queries via ppapi/cpp/core.h (e.g. pp::Module::Get()->core()->CallOnMainThread(...)).

通过ppapi / cpp / core.h查询计时器和时间(例如pp :: Module :: Get()-> core()-> CallOnMainThread(...) )。

And, well, a bunch of other stuff is there, like ability to rasterize blocks of text into bitmaps, pop up file selection dialogs, use the browser to decode video streams and so on. Everything – or almost everything – is there to make it possible to do games on it.

而且，还有很多其他功能，例如将文本块光栅化为位图，弹出文件选择对话框，使用浏览器解码视频流等功能。 一切-或几乎所有-都可以在上面进行游戏。

Summary

摘要

Like Chad says, it would be good to end “thou shalt only use Javascript” on the web. Javascript is a very nice language – especially considering how it came into existence – but forcing it on everyone is quite silly. And no matter how hard V8/JägerMonkey/Nitro folks are trying, it is very, very hard to beat performance of a simple, static, compiled language (like C) that has direct access to memory and the programmer is in almost full control of both the code flow and the memory layout. Steve rightly points out that even if for some tasks a super-optimized Javascript engine will approach the speed of C, it will burn much more energy to do so — a very important aspect in the increasingly mobile world.

就像乍得说的那样 ，最好在网络上结束“您只能使用Javascript” 。 Java语言是一种非常好的语言，尤其是考虑到它是如何出现的，但是将其强加给所有人是很愚蠢的。 而且，无论V8 /JägerMonkey/ Nitro人士多么努力，要击败直接访问内存的简单，静态，编译语言(如C)的性能 ，都非常非常困难，程序员几乎可以完全控制它。代码流和内存布局。 Steve正确地指出 ，即使对于某些任务而言，超级优化的Javascript引擎将接近C的速度，但这样做会消耗更多的能量，这在日益移动的世界中非常重要。

Native Client does give some hope that there will be a way to run native code, at native speeds, in the browser, without compromising on security. Let it happen.

Native Client确实希望能够在浏览器中以本机速度运行本机代码，而不影响安全性。 让它发生。

翻译自: https://blogs.unity3d.com/2011/06/02/notes-on-native-client-pepper-plugin-api/