| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/syscall_broker/broker_host.h" | 5 #include "sandbox/linux/syscall_broker/broker_host.h" |
| 6 | 6 |
| 7 #include <fcntl.h> | 7 #include <fcntl.h> |
| 8 #include <sys/socket.h> | 8 #include <sys/socket.h> |
| 9 #include <sys/stat.h> | 9 #include <sys/stat.h> |
| 10 #include <sys/syscall.h> | 10 #include <sys/syscall.h> |
| (...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 147 | 147 |
| 148 if (sent <= 0) { | 148 if (sent <= 0) { |
| 149 LOG(ERROR) << "Could not send IPC reply"; | 149 LOG(ERROR) << "Could not send IPC reply"; |
| 150 return false; | 150 return false; |
| 151 } | 151 } |
| 152 return true; | 152 return true; |
| 153 } | 153 } |
| 154 | 154 |
| 155 } // namespace | 155 } // namespace |
| 156 | 156 |
| 157 BrokerHost::BrokerHost(const BrokerPolicy& broker_policy, int ipc_channel) | 157 BrokerHost::BrokerHost(const BrokerPolicy& broker_policy, |
| 158 : broker_policy_(broker_policy), ipc_channel_(ipc_channel) { | 158 BrokerChannel::EndPoint ipc_channel) |
| 159 : broker_policy_(broker_policy), ipc_channel_(ipc_channel.Pass()) { |
| 159 } | 160 } |
| 160 | 161 |
| 161 BrokerHost::~BrokerHost() { | 162 BrokerHost::~BrokerHost() { |
| 162 } | 163 } |
| 163 | 164 |
| 164 // Handle a request on the IPC channel ipc_channel_. | 165 // Handle a request on the IPC channel ipc_channel_. |
| 165 // A request should have a file descriptor attached on which we will reply and | 166 // A request should have a file descriptor attached on which we will reply and |
| 166 // that we will then close. | 167 // that we will then close. |
| 167 // A request should start with an int that will be used as the command type. | 168 // A request should start with an int that will be used as the command type. |
| 168 bool BrokerHost::HandleRequest() const { | 169 BrokerHost::RequestStatus BrokerHost::HandleRequest() const { |
| 169 ScopedVector<base::ScopedFD> fds; | 170 ScopedVector<base::ScopedFD> fds; |
| 170 char buf[kMaxMessageLength]; | 171 char buf[kMaxMessageLength]; |
| 171 errno = 0; | 172 errno = 0; |
| 172 const ssize_t msg_len = | 173 const ssize_t msg_len = |
| 173 UnixDomainSocket::RecvMsg(ipc_channel_, buf, sizeof(buf), &fds); | 174 UnixDomainSocket::RecvMsg(ipc_channel_.get(), buf, sizeof(buf), &fds); |
| 174 | 175 |
| 175 if (msg_len == 0 || (msg_len == -1 && errno == ECONNRESET)) { | 176 if (msg_len == 0 || (msg_len == -1 && errno == ECONNRESET)) { |
| 176 // EOF from the client, or the client died, we should die. | 177 // EOF from the client, or the client died, we should die. |
| 177 // TODO(jln): change this. | 178 return RequestStatus::LOST_CLIENT; |
| 178 _exit(0); | |
| 179 } | 179 } |
| 180 | 180 |
| 181 // The client should send exactly one file descriptor, on which we | 181 // The client should send exactly one file descriptor, on which we |
| 182 // will write the reply. | 182 // will write the reply. |
| 183 // TODO(mdempsky): ScopedVector doesn't have 'at()', only 'operator[]'. | 183 // TODO(mdempsky): ScopedVector doesn't have 'at()', only 'operator[]'. |
| 184 if (msg_len < 0 || fds.size() != 1 || fds[0]->get() < 0) { | 184 if (msg_len < 0 || fds.size() != 1 || fds[0]->get() < 0) { |
| 185 PLOG(ERROR) << "Error reading message from the client"; | 185 PLOG(ERROR) << "Error reading message from the client"; |
| 186 return false; | 186 return RequestStatus::FAILURE; |
| 187 } | 187 } |
| 188 | 188 |
| 189 base::ScopedFD temporary_ipc(fds[0]->Pass()); | 189 base::ScopedFD temporary_ipc(fds[0]->Pass()); |
| 190 | 190 |
| 191 Pickle pickle(buf, msg_len); | 191 Pickle pickle(buf, msg_len); |
| 192 PickleIterator iter(pickle); | 192 PickleIterator iter(pickle); |
| 193 int command_type; | 193 int command_type; |
| 194 if (pickle.ReadInt(&iter, &command_type)) { | 194 if (pickle.ReadInt(&iter, &command_type)) { |
| 195 bool r = false; | 195 bool command_handled = false; |
| 196 // Go through all the possible IPC messages. | 196 // Go through all the possible IPC messages. |
| 197 switch (command_type) { | 197 switch (command_type) { |
| 198 case COMMAND_ACCESS: | 198 case COMMAND_ACCESS: |
| 199 case COMMAND_OPEN: | 199 case COMMAND_OPEN: |
| 200 // We reply on the file descriptor sent to us via the IPC channel. | 200 // We reply on the file descriptor sent to us via the IPC channel. |
| 201 r = HandleRemoteCommand(broker_policy_, | 201 command_handled = HandleRemoteCommand( |
| 202 static_cast<IPCCommand>(command_type), | 202 broker_policy_, static_cast<IPCCommand>(command_type), |
| 203 temporary_ipc.get(), | 203 temporary_ipc.get(), pickle, iter); |
| 204 pickle, | |
| 205 iter); | |
| 206 break; | 204 break; |
| 207 default: | 205 default: |
| 208 NOTREACHED(); | 206 NOTREACHED(); |
| 209 r = false; | |
| 210 break; | 207 break; |
| 211 } | 208 } |
| 212 return r; | 209 |
| 210 if (command_handled) { |
| 211 return RequestStatus::SUCCESS; |
| 212 } else { |
| 213 return RequestStatus::FAILURE; |
| 214 } |
| 215 |
| 216 NOTREACHED(); |
| 213 } | 217 } |
| 214 | 218 |
| 215 LOG(ERROR) << "Error parsing IPC request"; | 219 LOG(ERROR) << "Error parsing IPC request"; |
| 216 return false; | 220 return RequestStatus::FAILURE; |
| 217 } | 221 } |
| 218 | 222 |
| 219 } // namespace syscall_broker | 223 } // namespace syscall_broker |
| 220 | 224 |
| 221 } // namespace sandbox | 225 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 723343002:
Update from https://crrev.com/304121 (Closed)
Base URL: git@github.com:domokit/mojo.git@master