search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove stale TODO in FrameTree::GetRenderViewHost.
[chromium-blink-merge.git] / base / posix / unix_domain_socket_linux.cc
blob16d8eaad24177735d0e8f24f066f6c108600d3cd
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/posix/unix_domain_socket_linux.h"
6
7 #include <errno.h>
8 #include <sys/socket.h>
9 #include <unistd.h>
10
11 #include <vector>
12
13 #include "base/files/scoped_file.h"
14 #include "base/logging.h"
15 #include "base/memory/scoped_vector.h"
16 #include "base/pickle.h"
17 #include "base/posix/eintr_wrapper.h"
18 #include "base/stl_util.h"
19
20 #if !defined(OS_NACL_NONSFI)
21 #include <sys/uio.h>
22 #endif
23
24 const size_t UnixDomainSocket::kMaxFileDescriptors = 16;
25
26 #if !defined(OS_NACL_NONSFI)
27 // Creates a connected pair of UNIX-domain SOCK_SEQPACKET sockets, and passes
28 // ownership of the newly allocated file descriptors to |one| and |two|.
29 // Returns true on success.
30 static bool CreateSocketPair(base::ScopedFD* one, base::ScopedFD* two) {
31 int raw_socks[2];
32 if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, raw_socks) == -1)
33 return false;
34 one->reset(raw_socks[0]);
35 two->reset(raw_socks[1]);
36 return true;
37 }
38
39 // static
40 bool UnixDomainSocket::EnableReceiveProcessId(int fd) {
41 const int enable = 1;
42 return setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &enable, sizeof(enable)) == 0;
43 }
44 #endif // !defined(OS_NACL_NONSFI)
45
46 // static
47 bool UnixDomainSocket::SendMsg(int fd,
48 const void* buf,
49 size_t length,
50 const std::vector<int>& fds) {
51 struct msghdr msg = {};
52 struct iovec iov = { const_cast<void*>(buf), length };
53 msg.msg_iov = &iov;
54 msg.msg_iovlen = 1;
55
56 char* control_buffer = NULL;
57 if (fds.size()) {
58 const unsigned control_len = CMSG_SPACE(sizeof(int) * fds.size());
59 control_buffer = new char[control_len];
60
61 struct cmsghdr* cmsg;
62 msg.msg_control = control_buffer;
63 msg.msg_controllen = control_len;
64 cmsg = CMSG_FIRSTHDR(&msg);
65 cmsg->cmsg_level = SOL_SOCKET;
66 cmsg->cmsg_type = SCM_RIGHTS;
67 cmsg->cmsg_len = CMSG_LEN(sizeof(int) * fds.size());
68 memcpy(CMSG_DATA(cmsg), &fds[0], sizeof(int) * fds.size());
69 msg.msg_controllen = cmsg->cmsg_len;
70 }
71
72 // Avoid a SIGPIPE if the other end breaks the connection.
73 // Due to a bug in the Linux kernel (net/unix/af_unix.c) MSG_NOSIGNAL isn't
74 // regarded for SOCK_SEQPACKET in the AF_UNIX domain, but it is mandated by
75 // POSIX.
76 const int flags = MSG_NOSIGNAL;
77 const ssize_t r = HANDLE_EINTR(sendmsg(fd, &msg, flags));
78 const bool ret = static_cast<ssize_t>(length) == r;
79 delete[] control_buffer;
80 return ret;
81 }
82
83 // static
84 ssize_t UnixDomainSocket::RecvMsg(int fd,
85 void* buf,
86 size_t length,
87 ScopedVector<base::ScopedFD>* fds) {
88 return UnixDomainSocket::RecvMsgWithPid(fd, buf, length, fds, NULL);
89 }
90
91 // static
92 ssize_t UnixDomainSocket::RecvMsgWithPid(int fd,
93 void* buf,
94 size_t length,
95 ScopedVector<base::ScopedFD>* fds,
96 base::ProcessId* pid) {
97 return UnixDomainSocket::RecvMsgWithFlags(fd, buf, length, 0, fds, pid);
98 }
99
100 // static
101 ssize_t UnixDomainSocket::RecvMsgWithFlags(int fd,
102 void* buf,
103 size_t length,
104 int flags,
105 ScopedVector<base::ScopedFD>* fds,
106 base::ProcessId* out_pid) {
107 fds->clear();
108
109 struct msghdr msg = {};
110 struct iovec iov = { buf, length };
111 msg.msg_iov = &iov;
112 msg.msg_iovlen = 1;
113
114 const size_t kControlBufferSize =
115 CMSG_SPACE(sizeof(int) * kMaxFileDescriptors)
116 #if !defined(OS_NACL_NONSFI)
117 // The PNaCl toolchain for Non-SFI binary build does not support ucred.
118 + CMSG_SPACE(sizeof(struct ucred))
119 #endif
120 ;
121 char control_buffer[kControlBufferSize];
122 msg.msg_control = control_buffer;
123 msg.msg_controllen = sizeof(control_buffer);
124
125 const ssize_t r = HANDLE_EINTR(recvmsg(fd, &msg, flags));
126 if (r == -1)
127 return -1;
128
129 int* wire_fds = NULL;
130 unsigned wire_fds_len = 0;
131 base::ProcessId pid = -1;
132
133 if (msg.msg_controllen > 0) {
134 struct cmsghdr* cmsg;
135 for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
136 const unsigned payload_len = cmsg->cmsg_len - CMSG_LEN(0);
137 if (cmsg->cmsg_level == SOL_SOCKET &&
138 cmsg->cmsg_type == SCM_RIGHTS) {
139 DCHECK_EQ(payload_len % sizeof(int), 0u);
140 DCHECK_EQ(wire_fds, static_cast<void*>(nullptr));
141 wire_fds = reinterpret_cast<int*>(CMSG_DATA(cmsg));
142 wire_fds_len = payload_len / sizeof(int);
143 }
144 #if !defined(OS_NACL_NONSFI)
145 // The PNaCl toolchain for Non-SFI binary build does not support
146 // SCM_CREDENTIALS.
147 if (cmsg->cmsg_level == SOL_SOCKET &&
148 cmsg->cmsg_type == SCM_CREDENTIALS) {
149 DCHECK_EQ(payload_len, sizeof(struct ucred));
150 DCHECK_EQ(pid, -1);
151 pid = reinterpret_cast<struct ucred*>(CMSG_DATA(cmsg))->pid;
152 }
153 #endif
154 }
155 }
156
157 if (msg.msg_flags & MSG_TRUNC || msg.msg_flags & MSG_CTRUNC) {
158 for (unsigned i = 0; i < wire_fds_len; ++i)
159 close(wire_fds[i]);
160 errno = EMSGSIZE;
161 return -1;
162 }
163
164 if (wire_fds) {
165 for (unsigned i = 0; i < wire_fds_len; ++i)
166 fds->push_back(new base::ScopedFD(wire_fds[i]));
167 }
168
169 if (out_pid) {
170 // |pid| will legitimately be -1 if we read EOF, so only DCHECK if we
171 // actually received a message. Unfortunately, Linux allows sending zero
172 // length messages, which are indistinguishable from EOF, so this check
173 // has false negatives.
174 if (r > 0 || msg.msg_controllen > 0)
175 DCHECK_GE(pid, 0);
176
177 *out_pid = pid;
178 }
179
180 return r;
181 }
182
183 #if !defined(OS_NACL_NONSFI)
184 // static
185 ssize_t UnixDomainSocket::SendRecvMsg(int fd,
186 uint8_t* reply,
187 unsigned max_reply_len,
188 int* result_fd,
189 const Pickle& request) {
190 return UnixDomainSocket::SendRecvMsgWithFlags(fd, reply, max_reply_len,
191 0, /* recvmsg_flags */
192 result_fd, request);
193 }
194
195 // static
196 ssize_t UnixDomainSocket::SendRecvMsgWithFlags(int fd,
197 uint8_t* reply,
198 unsigned max_reply_len,
199 int recvmsg_flags,
200 int* result_fd,
201 const Pickle& request) {
202 // This socketpair is only used for the IPC and is cleaned up before
203 // returning.
204 base::ScopedFD recv_sock, send_sock;
205 if (!CreateSocketPair(&recv_sock, &send_sock))
206 return -1;
207
208 {
209 std::vector<int> send_fds;
210 send_fds.push_back(send_sock.get());
211 if (!SendMsg(fd, request.data(), request.size(), send_fds))
212 return -1;
213 }
214
215 // Close the sending end of the socket right away so that if our peer closes
216 // it before sending a response (e.g., from exiting), RecvMsgWithFlags() will
217 // return EOF instead of hanging.
218 send_sock.reset();
219
220 ScopedVector<base::ScopedFD> recv_fds;
221 // When porting to OSX keep in mind it doesn't support MSG_NOSIGNAL, so the
222 // sender might get a SIGPIPE.
223 const ssize_t reply_len = RecvMsgWithFlags(
224 recv_sock.get(), reply, max_reply_len, recvmsg_flags, &recv_fds, NULL);
225 recv_sock.reset();
226 if (reply_len == -1)
227 return -1;
228
229 // If we received more file descriptors than caller expected, then we treat
230 // that as an error.
231 if (recv_fds.size() > (result_fd != NULL ? 1 : 0)) {
232 NOTREACHED();
233 return -1;
234 }
235
236 if (result_fd)
237 *result_fd = recv_fds.empty() ? -1 : recv_fds[0]->release();
238
239 return reply_len;
240 }
241 #endif // !defined(OS_NACL_NONSFI)