OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/linux/services/proc_util.h" | 5 #include "sandbox/linux/services/proc_util.h" |
6 | 6 |
7 #include <dirent.h> | 7 #include <dirent.h> |
8 #include <errno.h> | 8 #include <errno.h> |
9 #include <fcntl.h> | 9 #include <fcntl.h> |
10 #include <string.h> | 10 #include <string.h> |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
44 int proc_self_fd = HANDLE_EINTR( | 44 int proc_self_fd = HANDLE_EINTR( |
45 openat(proc_fd, "self/fd/", O_DIRECTORY | O_RDONLY | O_CLOEXEC)); | 45 openat(proc_fd, "self/fd/", O_DIRECTORY | O_RDONLY | O_CLOEXEC)); |
46 PCHECK(0 <= proc_self_fd); | 46 PCHECK(0 <= proc_self_fd); |
47 | 47 |
48 // Ownership of proc_self_fd is transferred here, it must not be closed | 48 // Ownership of proc_self_fd is transferred here, it must not be closed |
49 // or modified afterwards except via dir. | 49 // or modified afterwards except via dir. |
50 ScopedDIR dir(fdopendir(proc_self_fd)); | 50 ScopedDIR dir(fdopendir(proc_self_fd)); |
51 CHECK(dir); | 51 CHECK(dir); |
52 | 52 |
53 int count = 0; | 53 int count = 0; |
| 54 struct dirent e; |
54 struct dirent* de; | 55 struct dirent* de; |
55 #if defined(OS_NACL_NONSFI) | |
56 // NaCl has not implemented readdir. | |
57 struct dirent e; | |
58 while (!readdir_r(dir.get(), &e, &de) && de) { | 56 while (!readdir_r(dir.get(), &e, &de) && de) { |
59 #else | 57 if (strcmp(e.d_name, ".") == 0 || strcmp(e.d_name, "..") == 0) { |
60 // In all implementations of the C library that Chromium can run with, | |
61 // concurrent calls to readdir that specify different directory streams are | |
62 // thread-safe. This is the case here, since the directory stream is scoped to | |
63 // the current function. See https://codereview.chromium.org/2411833004/#msg3 | |
64 for (de = readdir(dir.get()); de; de = readdir(dir.get())) { | |
65 #endif | |
66 if (strcmp(de->d_name, ".") == 0 || strcmp(de->d_name, "..") == 0) { | |
67 continue; | 58 continue; |
68 } | 59 } |
69 | 60 |
70 int fd_num; | 61 int fd_num; |
71 CHECK(base::StringToInt(de->d_name, &fd_num)); | 62 CHECK(base::StringToInt(e.d_name, &fd_num)); |
72 if (fd_num == proc_fd || fd_num == proc_self_fd) { | 63 if (fd_num == proc_fd || fd_num == proc_self_fd) { |
73 continue; | 64 continue; |
74 } | 65 } |
75 | 66 |
76 ++count; | 67 ++count; |
77 } | 68 } |
78 return count; | 69 return count; |
79 } | 70 } |
80 | 71 |
81 bool ProcUtil::HasOpenDirectory(int proc_fd) { | 72 bool ProcUtil::HasOpenDirectory(int proc_fd) { |
82 DCHECK_LE(0, proc_fd); | 73 DCHECK_LE(0, proc_fd); |
83 int proc_self_fd = | 74 int proc_self_fd = |
84 openat(proc_fd, "self/fd/", O_DIRECTORY | O_RDONLY | O_CLOEXEC); | 75 openat(proc_fd, "self/fd/", O_DIRECTORY | O_RDONLY | O_CLOEXEC); |
85 | 76 |
86 PCHECK(0 <= proc_self_fd); | 77 PCHECK(0 <= proc_self_fd); |
87 | 78 |
88 // Ownership of proc_self_fd is transferred here, it must not be closed | 79 // Ownership of proc_self_fd is transferred here, it must not be closed |
89 // or modified afterwards except via dir. | 80 // or modified afterwards except via dir. |
90 ScopedDIR dir(fdopendir(proc_self_fd)); | 81 ScopedDIR dir(fdopendir(proc_self_fd)); |
91 CHECK(dir); | 82 CHECK(dir); |
92 | 83 |
| 84 struct dirent e; |
93 struct dirent* de; | 85 struct dirent* de; |
94 #if defined(OS_NACL_NONSFI) | |
95 // NaCl has not implemented readdir. | |
96 struct dirent e; | |
97 while (!readdir_r(dir.get(), &e, &de) && de) { | 86 while (!readdir_r(dir.get(), &e, &de) && de) { |
98 #else | 87 if (strcmp(e.d_name, ".") == 0 || strcmp(e.d_name, "..") == 0) { |
99 // In all implementations of the C library that Chromium can run with, | |
100 // concurrent calls to readdir that specify different directory streams are | |
101 // thread-safe. This is the case here, since the directory stream is scoped to | |
102 // the current function. See https://codereview.chromium.org/2411833004/#msg3 | |
103 for (de = readdir(dir.get()); de; de = readdir(dir.get())) { | |
104 #endif | |
105 if (strcmp(de->d_name, ".") == 0 || strcmp(de->d_name, "..") == 0) { | |
106 continue; | 88 continue; |
107 } | 89 } |
108 | 90 |
109 int fd_num; | 91 int fd_num; |
110 CHECK(base::StringToInt(de->d_name, &fd_num)); | 92 CHECK(base::StringToInt(e.d_name, &fd_num)); |
111 if (fd_num == proc_fd || fd_num == proc_self_fd) { | 93 if (fd_num == proc_fd || fd_num == proc_self_fd) { |
112 continue; | 94 continue; |
113 } | 95 } |
114 | 96 |
115 struct stat s; | 97 struct stat s; |
116 // It's OK to use proc_self_fd here, fstatat won't modify it. | 98 // It's OK to use proc_self_fd here, fstatat won't modify it. |
117 CHECK(fstatat(proc_self_fd, de->d_name, &s, 0) == 0); | 99 CHECK(fstatat(proc_self_fd, e.d_name, &s, 0) == 0); |
118 if (S_ISDIR(s.st_mode)) { | 100 if (S_ISDIR(s.st_mode)) { |
119 return true; | 101 return true; |
120 } | 102 } |
121 } | 103 } |
122 | 104 |
123 // No open unmanaged directories found. | 105 // No open unmanaged directories found. |
124 return false; | 106 return false; |
125 } | 107 } |
126 | 108 |
127 bool ProcUtil::HasOpenDirectory() { | 109 bool ProcUtil::HasOpenDirectory() { |
128 base::ScopedFD proc_fd( | 110 base::ScopedFD proc_fd( |
129 HANDLE_EINTR(open("/proc/", O_DIRECTORY | O_RDONLY | O_CLOEXEC))); | 111 HANDLE_EINTR(open("/proc/", O_DIRECTORY | O_RDONLY | O_CLOEXEC))); |
130 return HasOpenDirectory(proc_fd.get()); | 112 return HasOpenDirectory(proc_fd.get()); |
131 } | 113 } |
132 | 114 |
133 // static | 115 // static |
134 base::ScopedFD ProcUtil::OpenProc() { | 116 base::ScopedFD ProcUtil::OpenProc() { |
135 return OpenDirectory("/proc/"); | 117 return OpenDirectory("/proc/"); |
136 } | 118 } |
137 | 119 |
138 } // namespace sandbox | 120 } // namespace sandbox |
OLD | NEW |