sandbox: extract SetuidSandboxHost code from SetuidSandboxClient

sandbox/linux/suid/client/setuid_sandbox_host.cc

Index: sandbox/linux/suid/client/setuid_sandbox_host.cc
diff --git a/sandbox/linux/suid/client/setuid_sandbox_client.cc b/sandbox/linux/suid/client/setuid_sandbox_host.cc
similarity index 60%
copy from sandbox/linux/suid/client/setuid_sandbox_client.cc
copy to sandbox/linux/suid/client/setuid_sandbox_host.cc
index 9eb538ae37719e088d07e3735b1681c2767c8ec0..d973172b19dd6cc4bda5ece239c437484e4b65d0 100644
--- a/sandbox/linux/suid/client/setuid_sandbox_client.cc
+++ b/sandbox/linux/suid/client/setuid_sandbox_host.cc
@@ -2,39 +2,33 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "sandbox/linux/suid/client/setuid_sandbox_client.h"
+#include "sandbox/linux/suid/client/setuid_sandbox_host.h"
 
 #include <fcntl.h>
-#include <stdlib.h>
-#include <sys/socket.h>
 #include <sys/stat.h>

[hidehiko, 2015/02/04 15:40:05]

nit: #include <stdlib.h>   // for free() at L69? Or, base::FreeDeleter would be
more C++? Up to you.

[mdempsky, 2015/02/05 03:02:07]

Bah, missed the free(), thanks.  (Also apparently I forget getenv() is from
<stdlib.h>, not <unistd.h>.)

-#include <sys/types.h>
-#include <sys/wait.h>
 #include <unistd.h>
 
+#include <string>
+#include <utility>
+
 #include "base/command_line.h"
 #include "base/environment.h"
 #include "base/files/file_path.h"
 #include "base/files/file_util.h"
 #include "base/files/scoped_file.h"
 #include "base/logging.h"
+#include "base/macros.h"

[hidehiko, 2015/02/04 15:40:05]

nit: Looks unused?

[mdempsky, 2015/02/05 03:02:07]

Hm, yeah.  I wonder if I accidentally added it here when I meant to add to the
.h for DISALLOW_*().  Fixed.

 #include "base/memory/scoped_ptr.h"
 #include "base/path_service.h"
 #include "base/posix/eintr_wrapper.h"
 #include "base/process/launch.h"
 #include "base/process/process_metrics.h"
 #include "base/strings/string_number_conversions.h"
-#include "sandbox/linux/services/init_process_reaper.h"
 #include "sandbox/linux/suid/common/sandbox.h"
 #include "sandbox/linux/suid/common/suid_unsafe_environment_variables.h"
 
 namespace {
 
-bool IsFileSystemAccessDenied() {
-  base::ScopedFD self_exe(HANDLE_EINTR(open("/", O_RDONLY)));
-  return !self_exe.is_valid();
-}
-
 // Set an environment variable that reflects the API version we expect from the
 // setuid sandbox. Old versions of the sandbox will ignore this.
 void SetSandboxAPIEnvironmentVariable(base::Environment* env) {
@@ -95,38 +89,6 @@ void SaveSUIDUnsafeEnvironmentVariables(base::Environment* env) {
   }
 }
 
-int GetHelperApi(base::Environment* env) {
-  std::string api_string;
-  int api_number = 0;  // Assume API version 0 if no environment was found.
-  if (env->GetVar(sandbox::kSandboxEnvironmentApiProvides, &api_string) &&
-      !base::StringToInt(api_string, &api_number)) {
-    // It's an error if we could not convert the API number.
-    api_number = -1;
-  }
-  return api_number;
-}
-
-// Convert |var_name| from the environment |env| to an int.
-// Return -1 if the variable does not exist or the value cannot be converted.
-int EnvToInt(base::Environment* env, const char* var_name) {
-  std::string var_string;
-  int var_value = -1;
-  if (env->GetVar(var_name, &var_string) &&
-      !base::StringToInt(var_string, &var_value)) {
-    var_value = -1;
-  }
-  return var_value;
-}
-
-pid_t GetHelperPID(base::Environment* env) {
-  return EnvToInt(env, sandbox::kSandboxHelperPidEnvironmentVarName);
-}
-
-// Get the IPC file descriptor used to communicate with the setuid helper.
-int GetIPCDescriptor(base::Environment* env) {
-  return EnvToInt(env, sandbox::kSandboxDescriptorEnvironmentVarName);
-}
-
 const char* GetDevelSandboxPath() {
   return getenv("CHROME_DEVEL_SANDBOX");
 }
@@ -135,101 +97,26 @@ const char* GetDevelSandboxPath() {
 
 namespace sandbox {
 
-SetuidSandboxClient* SetuidSandboxClient::Create() {
+SetuidSandboxHost* SetuidSandboxHost::Create() {
   base::Environment* environment(base::Environment::Create());
-  SetuidSandboxClient* sandbox_client(new SetuidSandboxClient);
+  SetuidSandboxHost* sandbox_host(new SetuidSandboxHost);
 
   CHECK(environment);
-  sandbox_client->env_ = environment;
-  return sandbox_client;
+  sandbox_host->env_ = environment;
+  return sandbox_host;
 }
 
-SetuidSandboxClient::SetuidSandboxClient()
-    : env_(NULL),
-      sandboxed_(false) {
+SetuidSandboxHost::SetuidSandboxHost()
+    : env_(NULL) {
 }
 
-SetuidSandboxClient::~SetuidSandboxClient() {
+SetuidSandboxHost::~SetuidSandboxHost() {
   delete env_;
 }
 
-void SetuidSandboxClient::CloseDummyFile() {
-  // When we're launched through the setuid sandbox, SetupLaunchOptions
-  // arranges for kZygoteIdFd to be a dummy file descriptor to satisfy an
-  // ancient setuid sandbox ABI requirement. However, the descriptor is no
-  // longer needed, so we can simply close it right away now.
-  CHECK(IsSuidSandboxChild());
-
-  // Sanity check that kZygoteIdFd refers to a pipe.
-  struct stat st;
-  PCHECK(0 == fstat(kZygoteIdFd, &st));
-  CHECK(S_ISFIFO(st.st_mode));
-
-  PCHECK(0 == IGNORE_EINTR(close(kZygoteIdFd)));
-}
-
-bool SetuidSandboxClient::ChrootMe() {
-  int ipc_fd = GetIPCDescriptor(env_);
-
-  if (ipc_fd < 0) {
-    LOG(ERROR) << "Failed to obtain the sandbox IPC descriptor";
-    return false;
-  }
-
-  if (HANDLE_EINTR(write(ipc_fd, &kMsgChrootMe, 1)) != 1) {
-    PLOG(ERROR) << "Failed to write to chroot pipe";
-    return false;
-  }
-
-  // We need to reap the chroot helper process in any event.
-  pid_t helper_pid = GetHelperPID(env_);
-  // If helper_pid is -1 we wait for any child.
-  if (HANDLE_EINTR(waitpid(helper_pid, NULL, 0)) < 0) {
-    PLOG(ERROR) << "Failed to wait for setuid helper to die";
-    return false;
-  }
-
-  char reply;
-  if (HANDLE_EINTR(read(ipc_fd, &reply, 1)) != 1) {
-    PLOG(ERROR) << "Failed to read from chroot pipe";
-    return false;
-  }
-
-  if (reply != kMsgChrootSuccessful) {
-    LOG(ERROR) << "Error code reply from chroot helper";
-    return false;
-  }
-
-  // We now consider ourselves "fully sandboxed" as far as the
-  // setuid sandbox is concerned.
-  CHECK(IsFileSystemAccessDenied());
-  sandboxed_ = true;
-  return true;
-}
-
-bool SetuidSandboxClient::IsSuidSandboxUpToDate() const {
-  return GetHelperApi(env_) == kSUIDSandboxApiNumber;
-}
-
-bool SetuidSandboxClient::IsSuidSandboxChild() const {
-  return GetIPCDescriptor(env_) >= 0;
-}
-
-bool SetuidSandboxClient::IsInNewPIDNamespace() const {
-  return env_->HasVar(kSandboxPIDNSEnvironmentVarName);
-}
-
-bool SetuidSandboxClient::IsInNewNETNamespace() const {
-  return env_->HasVar(kSandboxNETNSEnvironmentVarName);
-}
-
-bool SetuidSandboxClient::IsSandboxed() const {
-  return sandboxed_;
-}
-
 // Check if CHROME_DEVEL_SANDBOX is set but empty. This currently disables
 // the setuid sandbox. TODO(jln): fix this (crbug.com/245376).
-bool SetuidSandboxClient::IsDisabledViaEnvironment() {
+bool SetuidSandboxHost::IsDisabledViaEnvironment() {
   const char* devel_sandbox_path = GetDevelSandboxPath();
   if (devel_sandbox_path && '\0' == *devel_sandbox_path) {
     return true;
@@ -237,7 +124,7 @@ bool SetuidSandboxClient::IsDisabledViaEnvironment() {
   return false;
 }
 
-base::FilePath SetuidSandboxClient::GetSandboxBinaryPath() {
+base::FilePath SetuidSandboxHost::GetSandboxBinaryPath() {
   base::FilePath sandbox_binary;
   base::FilePath exe_dir;
   if (PathService::Get(base::DIR_EXE, &exe_dir)) {
@@ -261,7 +148,7 @@ base::FilePath SetuidSandboxClient::GetSandboxBinaryPath() {
   return sandbox_binary;
 }
 
-void SetuidSandboxClient::PrependWrapper(base::CommandLine* cmd_line) {
+void SetuidSandboxHost::PrependWrapper(base::CommandLine* cmd_line) {
   std::string sandbox_binary(GetSandboxBinaryPath().value());
   struct stat st;
   if (sandbox_binary.empty() || stat(sandbox_binary.c_str(), &st) != 0) {
@@ -282,7 +169,7 @@ void SetuidSandboxClient::PrependWrapper(base::CommandLine* cmd_line) {
   cmd_line->PrependWrapper(sandbox_binary);
 }
 
-void SetuidSandboxClient::SetupLaunchOptions(
+void SetuidSandboxHost::SetupLaunchOptions(
     base::LaunchOptions* options,
     base::FileHandleMappingVector* fds_to_remap,
     base::ScopedFD* dummy_fd) {
@@ -305,7 +192,7 @@ void SetuidSandboxClient::SetupLaunchOptions(
   fds_to_remap->push_back(std::make_pair(dummy_fd->get(), kZygoteIdFd));
 }
 
-void SetuidSandboxClient::SetupLaunchEnvironment() {
+void SetuidSandboxHost::SetupLaunchEnvironment() {
   SaveSUIDUnsafeEnvironmentVariables(env_);
   SetSandboxAPIEnvironmentVariable(env_);
 }