// Copyright 2014 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/351564777): Remove this and convert code to safer constructs. #pragma allow_unsafe_buffers #endif #include "sandbox/linux/syscall_broker/broker_client.h" #include <errno.h> #include <fcntl.h> #include <stddef.h> #include <stdint.h> #include <string.h> #include <sys/socket.h> #include <sys/stat.h> #include <utility> #include "base/check.h" #include "build/build_config.h" #include "sandbox/linux/syscall_broker/broker_channel.h" #include "sandbox/linux/syscall_broker/broker_command.h" #include "sandbox/linux/syscall_broker/broker_permission_list.h" #include "sandbox/linux/syscall_broker/broker_simple_message.h" #if BUILDFLAG(IS_ANDROID) && !defined(MSG_CMSG_CLOEXEC) #define MSG_CMSG_CLOEXEC … #endif namespace sandbox { namespace syscall_broker { BrokerClient::BrokerClient(const BrokerSandboxConfig& policy, BrokerChannel::EndPoint ipc_channel, bool fast_check_in_client) : … { … } BrokerClient::~BrokerClient() = default; int BrokerClient::Access(const char* pathname, int mode) const { … } int BrokerClient::Mkdir(const char* pathname, int mode) const { … } int BrokerClient::Open(const char* pathname, int flags) const { … } int BrokerClient::Readlink(const char* path, char* buf, size_t bufsize) const { … } int BrokerClient::Rename(const char* oldpath, const char* newpath) const { … } int BrokerClient::Rmdir(const char* path) const { … } int BrokerClient::Stat(const char* pathname, bool follow_links, struct kernel_stat* sb) const { … } int BrokerClient::Stat64(const char* pathname, bool follow_links, struct kernel_stat64* sb) const { … } int BrokerClient::Unlink(const char* path) const { … } int BrokerClient::InotifyAddWatch(int fd, const char* pathname, uint32_t mask) const { … } int BrokerClient::PathOnlySyscall(BrokerCommand syscall_type, const char* pathname) const { … } // Make a remote system call over IPC for syscalls that take a path and // flags (currently access() and mkdir()) but do not return a FD. // Will return -errno like a real system call. // This function needs to be async signal safe. int BrokerClient::PathAndFlagsSyscall(BrokerCommand syscall_type, const char* pathname, int flags) const { … } // Make a remote system call over IPC for syscalls that take a path and flags // as arguments and return FDs (currently open()). // Will return -errno like a real system call. // This function needs to be async signal safe. int BrokerClient::PathAndFlagsSyscallReturningFD(BrokerCommand syscall_type, const char* pathname, int flags) const { … } // Make a remote system call over IPC for syscalls that take a path // and return stat buffers (currently stat() and stat64()). // Will return -errno like a real system call. // This function needs to be async signal safe. int BrokerClient::StatFamilySyscall(BrokerCommand syscall_type, const char* pathname, bool follow_links, void* result_ptr, size_t expected_result_size) const { … } // static intptr_t BrokerClient::SIGSYS_Handler(const arch_seccomp_data& args, void* aux_broker_client) { … } } // namespace syscall_broker } // namespace sandbox
Codebase Browser
chromium