// Copyright 2018 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "mojo/public/cpp/platform/socket_utils_posix.h"
#include <stddef.h>
#include <sys/socket.h>
#include <unistd.h>
#if !defined(OS_NACL)
#include <sys/uio.h>
#endif
#include "base/files/file_util.h"
#include "base/logging.h"
#include "base/posix/eintr_wrapper.h"
#include "build/build_config.h"
namespace mojo {
namespace {
#if !defined(OS_NACL)
bool IsRecoverableError() {
return errno == ECONNABORTED || errno == EMFILE || errno == ENFILE ||
errno == ENOMEM || errno == ENOBUFS;
}
bool GetPeerEuid(base::PlatformFile fd, uid_t* peer_euid) {
#if defined(OS_MACOSX) || defined(OS_OPENBSD) || defined(OS_FREEBSD)
uid_t socket_euid;
gid_t socket_gid;
if (getpeereid(fd, &socket_euid, &socket_gid) < 0) {
PLOG(ERROR) << "getpeereid " << fd;
return false;
}
*peer_euid = socket_euid;
return true;
#else
struct ucred cred;
socklen_t cred_len = sizeof(cred);
if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len) < 0) {
PLOG(ERROR) << "getsockopt " << fd;
return false;
}
if (static_cast<unsigned>(cred_len) < sizeof(cred)) {
NOTREACHED() << "Truncated ucred from SO_PEERCRED?";
return false;
}
*peer_euid = cred.uid;
return true;
#endif
}
bool IsPeerAuthorized(base::PlatformFile fd) {
uid_t peer_euid;
if (!GetPeerEuid(fd, &peer_euid))
return false;
if (peer_euid != geteuid()) {
DLOG(ERROR) << "Client euid is not authorized";
return false;
}
return true;
}
#endif // !defined(OS_NACL)
// NOTE: On Linux |SIGPIPE| is suppressed by passing |MSG_NOSIGNAL| to
// |sendmsg()|. On Mac we instead set |SO_NOSIGPIPE| on the socket itself.
#if defined(OS_MACOSX)
constexpr int kSendmsgFlags = 0;
#else
constexpr int kSendmsgFlags = MSG_NOSIGNAL;
#endif
constexpr size_t kMaxSendmsgHandles = 128;
} // namespace
ssize_t SocketWrite(base::PlatformFile socket,
const void* bytes,
size_t num_bytes) {
#if defined(OS_MACOSX) || defined(OS_NACL_NONSFI)
return HANDLE_EINTR(write(socket, bytes, num_bytes));
#else
return send(socket, bytes, num_bytes, kSendmsgFlags);
#endif
}
ssize_t SocketWritev(base::PlatformFile socket,
struct iovec* iov,
size_t num_iov) {
#if defined(OS_MACOSX)
return HANDLE_EINTR(writev(socket, iov, static_cast<int>(num_iov)));
#else
struct msghdr msg = {};
msg.msg_iov = iov;
msg.msg_iovlen = num_iov;
return HANDLE_EINTR(sendmsg(socket, &msg, kSendmsgFlags));
#endif
}
ssize_t SendmsgWithHandles(base::PlatformFile socket,
struct iovec* iov,
size_t num_iov,
const std::vector<base::ScopedFD>& descriptors) {
DCHECK(iov);
DCHECK_GT(num_iov, 0u);
DCHECK(!descriptors.empty());
DCHECK_LE(descriptors.size(), kMaxSendmsgHandles);
char cmsg_buf[CMSG_SPACE(kMaxSendmsgHandles * sizeof(int))];
struct msghdr msg = {};
msg.msg_iov = iov;
msg.msg_iovlen = num_iov;
msg.msg_control = cmsg_buf;
msg.msg_controllen = CMSG_LEN(descriptors.size() * sizeof(int));
struct cmsghdr* cmsg = CMSG_FIRSTHDR(&msg);
cmsg->cmsg_level = SOL_SOCKET;
cmsg->cmsg_type = SCM_RIGHTS;
cmsg->cmsg_len = CMSG_LEN(descriptors.size() * sizeof(int));
for (size_t i = 0; i < descriptors.size(); ++i) {
DCHECK_GE(descriptors[i].get(), 0);
reinterpret_cast<int*>(CMSG_DATA(cmsg))[i] = descriptors[i].get();
}
return HANDLE_EINTR(sendmsg(socket, &msg, kSendmsgFlags));
}
ssize_t SocketRecvmsg(base::PlatformFile socket,
void* buf,
size_t num_bytes,
std::vector<base::ScopedFD>* descriptors,
bool block) {
struct iovec iov = {buf, num_bytes};
char cmsg_buf[CMSG_SPACE(kMaxSendmsgHandles * sizeof(int))];
struct msghdr msg = {};
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
msg.msg_control = cmsg_buf;
msg.msg_controllen = sizeof(cmsg_buf);
ssize_t result =
HANDLE_EINTR(recvmsg(socket, &msg, block ? 0 : MSG_DONTWAIT));
if (result < 0)
return result;
if (msg.msg_controllen == 0)
return result;
DCHECK(!(msg.msg_flags & MSG_CTRUNC));
descriptors->clear();
for (cmsghdr* cmsg = CMSG_FIRSTHDR(&msg); cmsg;
cmsg = CMSG_NXTHDR(&msg, cmsg)) {
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
size_t payload_length = cmsg->cmsg_len - CMSG_LEN(0);
DCHECK_EQ(payload_length % sizeof(int), 0u);
size_t num_fds = payload_length / sizeof(int);
const int* fds = reinterpret_cast<int*>(CMSG_DATA(cmsg));
for (size_t i = 0; i < num_fds; ++i) {
base::ScopedFD fd(fds[i]);
DCHECK(fd.is_valid());
descriptors->emplace_back(std::move(fd));
}
}
}
return result;
}
bool AcceptSocketConnection(base::PlatformFile server_fd,
base::ScopedFD* connection_fd,
bool check_peer_user) {
DCHECK_GE(server_fd, 0);
connection_fd->reset();
#if defined(OS_NACL)
NOTREACHED();
return false;
#else
base::ScopedFD accepted_handle(HANDLE_EINTR(accept(server_fd, nullptr, 0)));
if (!accepted_handle.is_valid())
return IsRecoverableError();
if (check_peer_user && !IsPeerAuthorized(accepted_handle.get()))
return true;
if (!base::SetNonBlocking(accepted_handle.get())) {
PLOG(ERROR) << "base::SetNonBlocking() failed " << accepted_handle.get();
return true;
}
*connection_fd = std::move(accepted_handle);
return true;
#endif // defined(OS_NACL)
}
} // namespace mojo