levin@chromium.org | 5c52868 | 2011-03-28 10:54:15 +0900 | [diff] [blame] | 1 | // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #ifndef IPC_FILE_DESCRIPTOR_SET_POSIX_H_ |
| 6 | #define IPC_FILE_DESCRIPTOR_SET_POSIX_H_ |
| 7 | |
| 8 | #include <vector> |
| 9 | |
| 10 | #include "base/basictypes.h" |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 11 | #include "base/files/file.h" |
levin@chromium.org | 5c52868 | 2011-03-28 10:54:15 +0900 | [diff] [blame] | 12 | #include "base/memory/ref_counted.h" |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 13 | #include "base/memory/scoped_vector.h" |
darin@chromium.org | 80e4c5e | 2011-08-16 05:41:46 +0900 | [diff] [blame] | 14 | #include "ipc/ipc_export.h" |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 15 | |
| 16 | // ----------------------------------------------------------------------------- |
| 17 | // A FileDescriptorSet is an ordered set of POSIX file descriptors. These are |
| 18 | // associated with IPC messages so that descriptors can be transmitted over a |
| 19 | // UNIX domain socket. |
| 20 | // ----------------------------------------------------------------------------- |
darin@chromium.org | 80e4c5e | 2011-08-16 05:41:46 +0900 | [diff] [blame] | 21 | class IPC_EXPORT FileDescriptorSet |
| 22 | : public base::RefCountedThreadSafe<FileDescriptorSet> { |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 23 | public: |
| 24 | FileDescriptorSet(); |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 25 | |
| 26 | // This is the maximum number of descriptors per message. We need to know this |
| 27 | // because the control message kernel interface has to be given a buffer which |
| 28 | // is large enough to store all the descriptor numbers. Otherwise the kernel |
| 29 | // tells us that it truncated the control data and the extra descriptors are |
| 30 | // lost. |
| 31 | // |
| 32 | // In debugging mode, it's a fatal error to try and add more than this number |
| 33 | // of descriptors to a FileDescriptorSet. |
tommycli@chromium.org | c44bb2f | 2013-08-30 06:15:44 +0900 | [diff] [blame] | 34 | static const size_t kMaxDescriptorsPerMessage = 7; |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 35 | |
| 36 | // --------------------------------------------------------------------------- |
| 37 | // Interfaces for building during message serialisation... |
| 38 | |
| 39 | // Add a descriptor to the end of the set. Returns false iff the set is full. |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 40 | bool AddToBorrow(base::PlatformFile fd); |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 41 | // Add a descriptor to the end of the set and automatically close it after |
| 42 | // transmission. Returns false iff the set is full. |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 43 | bool AddToOwn(base::ScopedFD fd); |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 44 | |
| 45 | // --------------------------------------------------------------------------- |
| 46 | |
| 47 | |
| 48 | // --------------------------------------------------------------------------- |
| 49 | // Interfaces for accessing during message deserialisation... |
| 50 | |
| 51 | // Return the number of descriptors |
| 52 | unsigned size() const { return descriptors_.size(); } |
| 53 | // Return true if no unconsumed descriptors remain |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 54 | bool empty() const { return 0 == size(); } |
| 55 | // Take the nth descriptor from the beginning of the set, |
| 56 | // transferring the ownership of the descriptor taken. Code using this |
| 57 | // /must/ access the descriptors in order, and must do it at most once. |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 58 | // |
| 59 | // This interface is designed for the deserialising code as it doesn't |
| 60 | // support close flags. |
| 61 | // returns: file descriptor, or -1 on error |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 62 | base::PlatformFile TakeDescriptorAt(unsigned n); |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 63 | |
| 64 | // --------------------------------------------------------------------------- |
| 65 | |
| 66 | |
| 67 | // --------------------------------------------------------------------------- |
| 68 | // Interfaces for transmission... |
| 69 | |
| 70 | // Fill an array with file descriptors without 'consuming' them. CommitAll |
| 71 | // must be called after these descriptors have been transmitted. |
| 72 | // buffer: (output) a buffer of, at least, size() integers. |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 73 | void PeekDescriptors(base::PlatformFile* buffer) const; |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 74 | // This must be called after transmitting the descriptors returned by |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 75 | // PeekDescriptors. It marks all the descriptors as consumed and closes those |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 76 | // which are auto-close. |
| 77 | void CommitAll(); |
agl@chromium.org | c1e93ea | 2010-06-11 06:39:04 +0900 | [diff] [blame] | 78 | // Returns true if any contained file descriptors appear to be handles to a |
| 79 | // directory. |
| 80 | bool ContainsDirectoryDescriptor() const; |
hubbe@chromium.org | 683920d | 2013-10-15 09:07:00 +0900 | [diff] [blame] | 81 | // Fetch all filedescriptors with the "auto close" property. |
| 82 | // Used instead of CommitAll() when closing must be handled manually. |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 83 | void ReleaseFDsToClose(std::vector<base::PlatformFile>* fds); |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 84 | |
| 85 | // --------------------------------------------------------------------------- |
| 86 | |
| 87 | |
| 88 | // --------------------------------------------------------------------------- |
| 89 | // Interfaces for receiving... |
| 90 | |
| 91 | // Set the contents of the set from the given buffer. This set must be empty |
| 92 | // before calling. The auto-close flag is set on all the descriptors so that |
| 93 | // unconsumed descriptors are closed on destruction. |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 94 | void AddDescriptorsToOwn(const base::PlatformFile* buffer, unsigned count); |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 95 | |
| 96 | // --------------------------------------------------------------------------- |
| 97 | |
| 98 | private: |
jam@chromium.org | b1f47b2 | 2009-11-06 06:53:08 +0900 | [diff] [blame] | 99 | friend class base::RefCountedThreadSafe<FileDescriptorSet>; |
| 100 | |
| 101 | ~FileDescriptorSet(); |
| 102 | |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 103 | // A vector of descriptors and close flags. If this message is sent, then |
| 104 | // these descriptors are sent as control data. After sending, any descriptors |
| 105 | // with a true flag are closed. If this message has been received, then these |
| 106 | // are the descriptors which were received and all close flags are true. |
morrita | ab20725 | 2014-09-25 05:11:45 +0900 | [diff] [blame] | 107 | std::vector<base::PlatformFile> descriptors_; |
| 108 | ScopedVector<base::ScopedFD> owned_descriptors_; |
agl@chromium.org | 1c6dcf2 | 2009-07-23 08:57:21 +0900 | [diff] [blame] | 109 | |
| 110 | // This contains the index of the next descriptor which should be consumed. |
| 111 | // It's used in a couple of ways. Firstly, at destruction we can check that |
| 112 | // all the descriptors have been read (with GetNthDescriptor). Secondly, we |
| 113 | // can check that they are read in order. |
| 114 | mutable unsigned consumed_descriptor_highwater_; |
| 115 | |
| 116 | DISALLOW_COPY_AND_ASSIGN(FileDescriptorSet); |
| 117 | }; |
| 118 | |
| 119 | #endif // IPC_FILE_DESCRIPTOR_SET_POSIX_H_ |