ipc/ipc_channel_posix.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef IPC_IPC_CHANNEL_POSIX_H_
   6 #define IPC_IPC_CHANNEL_POSIX_H_
   7
   8 #include "ipc/ipc_channel.h"
   9
  10 #include <sys/socket.h>  // for CMSG macros
  11
  12 #include <queue>
  13 #include <set>
  14 #include <string>
  15 #include <vector>
  16
  17 #include "base/files/scoped_file.h"
  18 #include "base/message_loop/message_loop.h"
  19 #include "base/process/process.h"
  20 #include "ipc/ipc_channel_reader.h"
  21 #include "ipc/ipc_message_attachment_set.h"
  22
  23 namespace IPC {
  24
  25 class IPC_EXPORT ChannelPosix : public Channel,
  26                                 public internal::ChannelReader,
  27                                 public base::MessageLoopForIO::Watcher {
  28  public:
  29   // |broker| must outlive the newly created object.
  30   ChannelPosix(const IPC::ChannelHandle& channel_handle,
  31                Mode mode,
  32                Listener* listener,
  33                AttachmentBroker* broker);
  34   ~ChannelPosix() override;
  35
  36   // Channel implementation
  37   bool Connect() override;
  38   void Close() override;
  39   bool Send(Message* message) override;
  40   AttachmentBroker* GetAttachmentBroker() override;
  41   base::ProcessId GetPeerPID() const override;
  42   base::ProcessId GetSelfPID() const override;
  43   int GetClientFileDescriptor() const override;
  44   base::ScopedFD TakeClientFileDescriptor() override;
  45
  46   // Returns true if the channel supports listening for connections.
  47   bool AcceptsConnections() const;
  48
  49   // Returns true if the channel supports listening for connections and is
  50   // currently connected.
  51   bool HasAcceptedConnection() const;
  52
  53   // Closes any currently connected socket, and returns to a listening state
  54   // for more connections.
  55   void ResetToAcceptingConnectionState();
  56
  57   // Returns true if the peer process' effective user id can be determined, in
  58   // which case the supplied peer_euid is updated with it.
  59   bool GetPeerEuid(uid_t* peer_euid) const;
  60
  61   void CloseClientFileDescriptor();
  62
  63   static bool IsNamedServerInitialized(const std::string& channel_id);
  64 #if defined(OS_LINUX)
  65   static void SetGlobalPid(int pid);
  66 #endif  // OS_LINUX
  67
  68  private:
  69   bool CreatePipe(const IPC::ChannelHandle& channel_handle);
  70
  71   bool ProcessOutgoingMessages();
  72
  73   bool AcceptConnection();
  74   void ClosePipeOnError();
  75   int GetHelloMessageProcId() const;
  76   void QueueHelloMessage();
  77   void CloseFileDescriptors(Message* msg);
  78   void QueueCloseFDMessage(int fd, int hops);
  79
  80   // ChannelReader implementation.
  81   ReadState ReadData(char* buffer, int buffer_len, int* bytes_read) override;
  82   bool ShouldDispatchInputMessage(Message* msg) override;
  83   bool GetNonBrokeredAttachments(Message* msg) override;
  84   bool DidEmptyInputBuffers() override;
  85   void HandleInternalMessage(const Message& msg) override;
  86   base::ProcessId GetSenderPID() override;
  87   bool IsAttachmentBrokerEndpoint() override;
  88
  89   // Finds the set of file descriptors in the given message.  On success,
  90   // appends the descriptors to the input_fds_ member and returns true
  91   //
  92   // Returns false if the message was truncated. In this case, any handles that
  93   // were sent will be closed.
  94   bool ExtractFileDescriptorsFromMsghdr(msghdr* msg);
  95
  96   // Closes all handles in the input_fds_ list and clears the list. This is
  97   // used to clean up handles in error conditions to avoid leaking the handles.
  98   void ClearInputFDs();
  99
 100   // MessageLoopForIO::Watcher implementation.
 101   void OnFileCanReadWithoutBlocking(int fd) override;
 102   void OnFileCanWriteWithoutBlocking(int fd) override;
 103
 104   Mode mode_;
 105
 106   base::ProcessId peer_pid_;
 107
 108   // After accepting one client connection on our server socket we want to
 109   // stop listening.
 110   base::MessageLoopForIO::FileDescriptorWatcher
 111   server_listen_connection_watcher_;
 112   base::MessageLoopForIO::FileDescriptorWatcher read_watcher_;
 113   base::MessageLoopForIO::FileDescriptorWatcher write_watcher_;
 114
 115   // Indicates whether we're currently blocked waiting for a write to complete.
 116   bool is_blocked_on_write_;
 117   bool waiting_connect_;
 118
 119   // If sending a message blocks then we use this variable
 120   // to keep track of where we are.
 121   size_t message_send_bytes_written_;
 122
 123   // File descriptor we're listening on for new connections if we listen
 124   // for connections.
 125   base::ScopedFD server_listen_pipe_;
 126
 127   // The pipe used for communication.
 128   base::ScopedFD pipe_;
 129
 130   // For a server, the client end of our socketpair() -- the other end of our
 131   // pipe_ that is passed to the client.
 132   base::ScopedFD client_pipe_;
 133   mutable base::Lock client_pipe_lock_;  // Lock that protects |client_pipe_|.
 134
 135   // The "name" of our pipe.  On Windows this is the global identifier for
 136   // the pipe.  On POSIX it's used as a key in a local map of file descriptors.
 137   std::string pipe_name_;
 138
 139   // Messages to be sent are queued here.
 140   std::queue<Message*> output_queue_;
 141
 142   // We assume a worst case: kReadBufferSize bytes of messages, where each
 143   // message has no payload and a full complement of descriptors.
 144   static const size_t kMaxReadFDs =
 145       (Channel::kReadBufferSize / sizeof(IPC::Message::Header)) *
 146       MessageAttachmentSet::kMaxDescriptorsPerMessage;
 147
 148   // Buffer size for file descriptors used for recvmsg. On Mac the CMSG macros
 149   // are not constant so we have to pick a "large enough" padding for headers.
 150 #if defined(OS_MACOSX)
 151   static const size_t kMaxReadFDBuffer = 1024 + sizeof(int) * kMaxReadFDs;
 152 #else
 153   static const size_t kMaxReadFDBuffer = CMSG_SPACE(sizeof(int) * kMaxReadFDs);
 154 #endif
 155   static_assert(kMaxReadFDBuffer <= 8192,
 156                 "kMaxReadFDBuffer too big for a stack buffer");
 157
 158   // File descriptors extracted from messages coming off of the channel. The
 159   // handles may span messages and come off different channels from the message
 160   // data (in the case of READWRITE), and are processed in FIFO here.
 161   // NOTE: The implementation assumes underlying storage here is contiguous, so
 162   // don't change to something like std::deque<> without changing the
 163   // implementation!
 164   std::vector<int> input_fds_;
 165
 166
 167   void ResetSafely(base::ScopedFD* fd);
 168   bool in_dtor_;
 169
 170 #if defined(OS_MACOSX)
 171   // On OSX, sent FDs must not be closed until we get an ack.
 172   // Keep track of sent FDs here to make sure the remote is not
 173   // trying to bamboozle us.
 174   std::set<int> fds_to_close_;
 175 #endif
 176
 177   // True if we are responsible for unlinking the unix domain socket file.
 178   bool must_unlink_;
 179
 180 #if defined(OS_LINUX)
 181   // If non-zero, overrides the process ID sent in the hello message.
 182   static int global_pid_;
 183 #endif  // OS_LINUX
 184
 185   // |broker_| must outlive this instance.
 186   AttachmentBroker* broker_;
 187
 188   DISALLOW_IMPLICIT_CONSTRUCTORS(ChannelPosix);
 189 };
 190
 191 }  // namespace IPC
 192
 193 #endif  // IPC_IPC_CHANNEL_POSIX_H_