Added condition that checks if ephemeral user has GAIA account (not a public session...
[chromium-blink-merge.git] / ipc / unix_domain_socket_util.cc
blob74053445b7aa0130e4a98ff2669c98df6c3fe80c
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "ipc/unix_domain_socket_util.h"
7 #include <errno.h>
8 #include <fcntl.h>
9 #include <sys/socket.h>
10 #include <sys/stat.h>
11 #include <sys/un.h>
12 #include <unistd.h>
14 #include "base/files/file_path.h"
15 #include "base/files/file_util.h"
16 #include "base/files/scoped_file.h"
17 #include "base/logging.h"
18 #include "base/posix/eintr_wrapper.h"
20 namespace IPC {
22 // Verify that kMaxSocketNameLength is a decent size.
23 static_assert(sizeof(((sockaddr_un*)0)->sun_path) >= kMaxSocketNameLength,
24 "sun_path is too long.");
26 namespace {
28 // Returns fd (>= 0) on success, -1 on failure. If successful, fills in
29 // |unix_addr| with the appropriate data for the socket, and sets
30 // |unix_addr_len| to the length of the data therein.
31 int MakeUnixAddrForPath(const std::string& socket_name,
32 struct sockaddr_un* unix_addr,
33 size_t* unix_addr_len) {
34 DCHECK(unix_addr);
35 DCHECK(unix_addr_len);
37 if (socket_name.length() == 0) {
38 LOG(ERROR) << "Empty socket name provided for unix socket address.";
39 return -1;
41 // We reject socket_name.length() == kMaxSocketNameLength to make room for
42 // the NUL terminator at the end of the string.
43 if (socket_name.length() >= kMaxSocketNameLength) {
44 LOG(ERROR) << "Socket name too long: " << socket_name;
45 return -1;
48 // Create socket.
49 base::ScopedFD fd(socket(AF_UNIX, SOCK_STREAM, 0));
50 if (!fd.is_valid()) {
51 PLOG(ERROR) << "socket";
52 return -1;
55 // Make socket non-blocking
56 if (HANDLE_EINTR(fcntl(fd.get(), F_SETFL, O_NONBLOCK)) < 0) {
57 PLOG(ERROR) << "fcntl(O_NONBLOCK)";
58 return -1;
61 // Create unix_addr structure.
62 memset(unix_addr, 0, sizeof(struct sockaddr_un));
63 unix_addr->sun_family = AF_UNIX;
64 strncpy(unix_addr->sun_path, socket_name.c_str(), kMaxSocketNameLength);
65 *unix_addr_len =
66 offsetof(struct sockaddr_un, sun_path) + socket_name.length();
67 return fd.release();
70 } // namespace
72 bool CreateServerUnixDomainSocket(const base::FilePath& socket_path,
73 int* server_listen_fd) {
74 DCHECK(server_listen_fd);
76 std::string socket_name = socket_path.value();
77 base::FilePath socket_dir = socket_path.DirName();
79 struct sockaddr_un unix_addr;
80 size_t unix_addr_len;
81 base::ScopedFD fd(
82 MakeUnixAddrForPath(socket_name, &unix_addr, &unix_addr_len));
83 if (!fd.is_valid())
84 return false;
86 // Make sure the path we need exists.
87 if (!base::CreateDirectory(socket_dir)) {
88 LOG(ERROR) << "Couldn't create directory: " << socket_dir.value();
89 return false;
92 // Delete any old FS instances.
93 if (unlink(socket_name.c_str()) < 0 && errno != ENOENT) {
94 PLOG(ERROR) << "unlink " << socket_name;
95 return false;
98 // Bind the socket.
99 if (bind(fd.get(), reinterpret_cast<const sockaddr*>(&unix_addr),
100 unix_addr_len) < 0) {
101 PLOG(ERROR) << "bind " << socket_path.value();
102 return false;
105 // Start listening on the socket.
106 if (listen(fd.get(), SOMAXCONN) < 0) {
107 PLOG(ERROR) << "listen " << socket_path.value();
108 unlink(socket_name.c_str());
109 return false;
112 *server_listen_fd = fd.release();
113 return true;
116 bool CreateClientUnixDomainSocket(const base::FilePath& socket_path,
117 int* client_socket) {
118 DCHECK(client_socket);
120 std::string socket_name = socket_path.value();
121 base::FilePath socket_dir = socket_path.DirName();
123 struct sockaddr_un unix_addr;
124 size_t unix_addr_len;
125 base::ScopedFD fd(
126 MakeUnixAddrForPath(socket_name, &unix_addr, &unix_addr_len));
127 if (!fd.is_valid())
128 return false;
130 if (HANDLE_EINTR(connect(fd.get(), reinterpret_cast<sockaddr*>(&unix_addr),
131 unix_addr_len)) < 0) {
132 PLOG(ERROR) << "connect " << socket_path.value();
133 return false;
136 *client_socket = fd.release();
137 return true;
140 bool GetPeerEuid(int fd, uid_t* peer_euid) {
141 DCHECK(peer_euid);
142 #if defined(OS_MACOSX) || defined(OS_OPENBSD) || defined(OS_FREEBSD)
143 uid_t socket_euid;
144 gid_t socket_gid;
145 if (getpeereid(fd, &socket_euid, &socket_gid) < 0) {
146 PLOG(ERROR) << "getpeereid " << fd;
147 return false;
149 *peer_euid = socket_euid;
150 return true;
151 #else
152 struct ucred cred;
153 socklen_t cred_len = sizeof(cred);
154 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &cred, &cred_len) < 0) {
155 PLOG(ERROR) << "getsockopt " << fd;
156 return false;
158 if (static_cast<unsigned>(cred_len) < sizeof(cred)) {
159 NOTREACHED() << "Truncated ucred from SO_PEERCRED?";
160 return false;
162 *peer_euid = cred.uid;
163 return true;
164 #endif
167 bool IsPeerAuthorized(int peer_fd) {
168 uid_t peer_euid;
169 if (!GetPeerEuid(peer_fd, &peer_euid))
170 return false;
171 if (peer_euid != geteuid()) {
172 DLOG(ERROR) << "Client euid is not authorised";
173 return false;
175 return true;
178 bool IsRecoverableError(int err) {
179 return errno == ECONNABORTED || errno == EMFILE || errno == ENFILE ||
180 errno == ENOMEM || errno == ENOBUFS;
183 bool ServerAcceptConnection(int server_listen_fd, int* server_socket) {
184 DCHECK(server_socket);
185 *server_socket = -1;
187 base::ScopedFD accept_fd(HANDLE_EINTR(accept(server_listen_fd, NULL, 0)));
188 if (!accept_fd.is_valid())
189 return IsRecoverableError(errno);
190 if (HANDLE_EINTR(fcntl(accept_fd.get(), F_SETFL, O_NONBLOCK)) < 0) {
191 PLOG(ERROR) << "fcntl(O_NONBLOCK) " << accept_fd.get();
192 // It's safe to keep listening on |server_listen_fd| even if the attempt to
193 // set O_NONBLOCK failed on the client fd.
194 return true;
197 *server_socket = accept_fd.release();
198 return true;
201 } // namespace IPC