Google Git
Sign in
chromium / chromium / src.git / main / . / components / sqlite_vfs
tree: da4db69dc6f890e2a00bcc518b22141cc36d5b39 [path history] [tgz]
  1. mojom/
  2. BUILD.gn
  3. constants.h
  4. DEPS
  5. lock_state.h
  6. OWNERS
  7. pending_file_set.cc
  8. pending_file_set.h
  9. README.md
  10. sandboxed_file.cc
  11. sandboxed_file.h
  12. sandboxed_file_unittest.cc
  13. sqlite_database_vfs_file_set.cc
  14. sqlite_database_vfs_file_set.h
  15. sqlite_database_vfs_file_set_unittest.cc
  16. sqlite_sandboxed_vfs.cc
  17. sqlite_sandboxed_vfs.h
  18. sqlite_sandboxed_vfs_unittest.cc
  19. vfs_utils.cc
  20. vfs_utils.h
components/sqlite_vfs/README.md

SQLite VFS

This component provides a sandboxed SQLite Virtual File System (VFS). It is used by components/persistent_cache to provide a sandboxed SQLite database access.

Usage

A trusted process (that can access the filesystem) can create a PendingFileSet object. This PendingFileSet object is then used by clients to connect to a database in a sandboxed process.

persistent_cache::PersistentCache is one such client that utilizes a PendingFileSet. Specifically, persistent_cache::SqliteBackendImpl (located in components/persistent_cache/sqlite/sqlite_backend_impl.cc) takes a PendingFileSet, registers the SqliteVfsFileSet with SqliteSandboxedVfsDelegate::RegisterSandboxedFiles(), and then opens the database using sql::Database with the virtual file path returned by SqliteVfsFileSet::GetDbVirtualFilePath(), allowing access from a sandboxed process.