// Copyright 2019 The Crashpad Authors. All rights reserved.
|
//
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
// you may not use this file except in compliance with the License.
|
// You may obtain a copy of the License at
|
//
|
// http://www.apache.org/licenses/LICENSE-2.0
|
//
|
// Unless required by applicable law or agreed to in writing, software
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
// See the License for the specific language governing permissions and
|
// limitations under the License.
|
|
#ifndef CRASHPAD_UTIL_LINUX_SOCKET_H_
|
#define CRASHPAD_UTIL_LINUX_SOCKET_H_
|
|
#include <sys/socket.h>
|
#include <sys/types.h>
|
|
#include <vector>
|
|
#include "base/macros.h"
|
#include "util/file/file_io.h"
|
|
namespace crashpad {
|
|
//! \brief Utilities for communicating over `SO_PASSCRED` enabled `AF_UNIX`
|
//! sockets.
|
class UnixCredentialSocket {
|
public:
|
//! \brief Creates an `AF_UNIX` family socket pair with `SO_PASSCRED` set on
|
//! each socket.
|
//!
|
//! \param[out] s1 One end of the connected pair.
|
//! \param[out] s2 The other end of the connected pair.
|
//! \return `true` on success. Otherwise, `false` with a message logged.
|
static bool CreateCredentialSocketpair(ScopedFileHandle* s1,
|
ScopedFileHandle* s2);
|
|
//! \brief The maximum number of file descriptors that may be sent/received
|
//! with `SendMsg()` or `RecvMsg()`.
|
static constexpr size_t kMaxSendRecvMsgFDs = 4;
|
|
//! \brief Wraps `sendmsg()` to send a message with file descriptors.
|
//!
|
//! This function is intended for use with `AF_UNIX` family sockets and
|
//! passes file descriptors with `SCM_RIGHTS`.
|
//!
|
//! This function may be used in a compromised context.
|
//!
|
//! \param[in] fd The file descriptor to write the message to.
|
//! \param[in] buf The buffer containing the message.
|
//! \param[in] buf_size The size of the message.
|
//! \param[in] fds An array of at most `kMaxSendRecvMsgFDs` file descriptors.
|
//! Optional.
|
//! \param[in] fd_count The number of file descriptors in \a fds. Required
|
//! only if \a fds was set.
|
//! \return 0 on success or an error code on failure.
|
static int SendMsg(int fd,
|
const void* buf,
|
size_t buf_size,
|
const int* fds = nullptr,
|
size_t fd_count = 0);
|
|
//! \brief Wraps `recvmsg()` to receive a message with file descriptors and
|
//! credentials.
|
//!
|
//! This function is intended to be used with `AF_UNIX` family sockets. Up to
|
//! `kMaxSendRecvMsgFDs` file descriptors may be received (via `SCM_RIGHTS`).
|
//! The socket must have `SO_PASSCRED` set.
|
//!
|
//! \param[in] fd The file descriptor to receive the message on.
|
//! \param[out] buf The buffer to fill with the message.
|
//! \param[in] buf_size The size of the message.
|
//! \param[out] creds The credentials of the sender.
|
//! \param[out] fds The recieved file descriptors. Optional. If `nullptr`, all
|
//! received file descriptors will be closed.
|
//! \return `true` on success. Otherwise, `false`, with a message logged. No
|
//! message will be logged if the message was detected to be an EOF
|
//! condition triggered by all clients disconnecting. This case is
|
//! indistinguishable from misuses of this interface that haven't set
|
//! `SO_PASSCRED` on \a fd.
|
static bool RecvMsg(int fd,
|
void* buf,
|
size_t buf_size,
|
ucred* creds,
|
std::vector<ScopedFileHandle>* fds = nullptr);
|
|
private:
|
DISALLOW_IMPLICIT_CONSTRUCTORS(UnixCredentialSocket);
|
};
|
|
} // namespace crashpad
|
|
#endif // CRASHPAD_UTIL_LINUX_SOCKET_H_
|
