| // Copyright 2018 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "mojo/public/cpp/platform/socket_utils_posix.h" |
| |
| #include <stddef.h> |
| #include <sys/socket.h> |
| #include <unistd.h> |
| |
| #if !defined(OS_NACL) |
| #include <sys/uio.h> |
| #endif |
| |
| #include "base/files/file_util.h" |
| #include "base/logging.h" |
| #include "base/posix/eintr_wrapper.h" |
| #include "build/build_config.h" |
| |
| namespace mojo { |
| |
| namespace { |
| |
| #if !defined(OS_NACL) |
| bool IsRecoverableError() { |
| return errno == ECONNABORTED || errno == EMFILE || errno == ENFILE || |
| errno == ENOMEM || errno == ENOBUFS; |
| } |
| |
| bool GetPeerEuid(base::PlatformFile fd, uid_t* peer_euid) { |
| #if defined(OS_MACOSX) || defined(OS_OPENBSD) || defined(OS_FREEBSD) |
| uid_t socket_euid; |
| gid_t socket_gid; |
| if (getpeereid(fd, &socket_euid, &socket_gid) < 0) { |
| PLOG(ERROR) << "getpeereid " << fd; |
| return false; |
| } |
| *peer_euid = socket_euid; |
| return true; |
| #else |
| struct ucred cred; |
| socklen_t cred_len = sizeof(cred); |
| if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len) < 0) { |
| PLOG(ERROR) << "getsockopt " << fd; |
| return false; |
| } |
| if (static_cast<unsigned>(cred_len) < sizeof(cred)) { |
| NOTREACHED() << "Truncated ucred from SO_PEERCRED?"; |
| return false; |
| } |
| *peer_euid = cred.uid; |
| return true; |
| #endif |
| } |
| |
| bool IsPeerAuthorized(base::PlatformFile fd) { |
| uid_t peer_euid; |
| if (!GetPeerEuid(fd, &peer_euid)) |
| return false; |
| if (peer_euid != geteuid()) { |
| DLOG(ERROR) << "Client euid is not authorized"; |
| return false; |
| } |
| return true; |
| } |
| #endif // !defined(OS_NACL) |
| |
| // NOTE: On Linux |SIGPIPE| is suppressed by passing |MSG_NOSIGNAL| to |
| // |sendmsg()|. On Mac we instead set |SO_NOSIGPIPE| on the socket itself. |
| #if defined(OS_MACOSX) |
| constexpr int kSendmsgFlags = 0; |
| #else |
| constexpr int kSendmsgFlags = MSG_NOSIGNAL; |
| #endif |
| |
| constexpr size_t kMaxSendmsgHandles = 128; |
| |
| } // namespace |
| |
| ssize_t SocketWrite(base::PlatformFile socket, |
| const void* bytes, |
| size_t num_bytes) { |
| #if defined(OS_MACOSX) || defined(OS_NACL_NONSFI) |
| return HANDLE_EINTR(write(socket, bytes, num_bytes)); |
| #else |
| return send(socket, bytes, num_bytes, kSendmsgFlags); |
| #endif |
| } |
| |
| ssize_t SocketWritev(base::PlatformFile socket, |
| struct iovec* iov, |
| size_t num_iov) { |
| #if defined(OS_MACOSX) |
| return HANDLE_EINTR(writev(socket, iov, static_cast<int>(num_iov))); |
| #else |
| struct msghdr msg = {}; |
| msg.msg_iov = iov; |
| msg.msg_iovlen = num_iov; |
| return HANDLE_EINTR(sendmsg(socket, &msg, kSendmsgFlags)); |
| #endif |
| } |
| |
| ssize_t SendmsgWithHandles(base::PlatformFile socket, |
| struct iovec* iov, |
| size_t num_iov, |
| const std::vector<base::ScopedFD>& descriptors) { |
| DCHECK(iov); |
| DCHECK_GT(num_iov, 0u); |
| DCHECK(!descriptors.empty()); |
| DCHECK_LE(descriptors.size(), kMaxSendmsgHandles); |
| |
| char cmsg_buf[CMSG_SPACE(kMaxSendmsgHandles * sizeof(int))]; |
| struct msghdr msg = {}; |
| msg.msg_iov = iov; |
| msg.msg_iovlen = num_iov; |
| msg.msg_control = cmsg_buf; |
| msg.msg_controllen = CMSG_LEN(descriptors.size() * sizeof(int)); |
| struct cmsghdr* cmsg = CMSG_FIRSTHDR(&msg); |
| cmsg->cmsg_level = SOL_SOCKET; |
| cmsg->cmsg_type = SCM_RIGHTS; |
| cmsg->cmsg_len = CMSG_LEN(descriptors.size() * sizeof(int)); |
| for (size_t i = 0; i < descriptors.size(); ++i) { |
| DCHECK_GE(descriptors[i].get(), 0); |
| reinterpret_cast<int*>(CMSG_DATA(cmsg))[i] = descriptors[i].get(); |
| } |
| return HANDLE_EINTR(sendmsg(socket, &msg, kSendmsgFlags)); |
| } |
| |
| ssize_t SocketRecvmsg(base::PlatformFile socket, |
| void* buf, |
| size_t num_bytes, |
| std::vector<base::ScopedFD>* descriptors, |
| bool block) { |
| struct iovec iov = {buf, num_bytes}; |
| char cmsg_buf[CMSG_SPACE(kMaxSendmsgHandles * sizeof(int))]; |
| struct msghdr msg = {}; |
| msg.msg_iov = &iov; |
| msg.msg_iovlen = 1; |
| msg.msg_control = cmsg_buf; |
| msg.msg_controllen = sizeof(cmsg_buf); |
| ssize_t result = |
| HANDLE_EINTR(recvmsg(socket, &msg, block ? 0 : MSG_DONTWAIT)); |
| if (result < 0) |
| return result; |
| |
| if (msg.msg_controllen == 0) |
| return result; |
| |
| DCHECK(!(msg.msg_flags & MSG_CTRUNC)); |
| |
| descriptors->clear(); |
| for (cmsghdr* cmsg = CMSG_FIRSTHDR(&msg); cmsg; |
| cmsg = CMSG_NXTHDR(&msg, cmsg)) { |
| if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) { |
| size_t payload_length = cmsg->cmsg_len - CMSG_LEN(0); |
| DCHECK_EQ(payload_length % sizeof(int), 0u); |
| size_t num_fds = payload_length / sizeof(int); |
| const int* fds = reinterpret_cast<int*>(CMSG_DATA(cmsg)); |
| for (size_t i = 0; i < num_fds; ++i) { |
| base::ScopedFD fd(fds[i]); |
| DCHECK(fd.is_valid()); |
| descriptors->emplace_back(std::move(fd)); |
| } |
| } |
| } |
| |
| return result; |
| } |
| |
| bool AcceptSocketConnection(base::PlatformFile server_fd, |
| base::ScopedFD* connection_fd, |
| bool check_peer_user) { |
| DCHECK_GE(server_fd, 0); |
| connection_fd->reset(); |
| #if defined(OS_NACL) |
| NOTREACHED(); |
| return false; |
| #else |
| base::ScopedFD accepted_handle(HANDLE_EINTR(accept(server_fd, nullptr, 0))); |
| if (!accepted_handle.is_valid()) |
| return IsRecoverableError(); |
| if (check_peer_user && !IsPeerAuthorized(accepted_handle.get())) |
| return true; |
| if (!base::SetNonBlocking(accepted_handle.get())) { |
| PLOG(ERROR) << "base::SetNonBlocking() failed " << accepted_handle.get(); |
| return true; |
| } |
| |
| *connection_fd = std::move(accepted_handle); |
| return true; |
| #endif // defined(OS_NACL) |
| } |
| |
| } // namespace mojo |