diff options
| author | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-04-26 00:34:54 +0000 |
|---|---|---|
| committer | jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-04-26 00:34:54 +0000 |
| commit | b09841583aae58d4bc8c244835915d964b044622 (patch) | |
| tree | 659da6d253abb56efd12aba4c306e91349f11f89 /base/posix/unix_domain_socket_linux.h | |
| parent | 7e7b513a69e603275434c1247b0d4897435ecf96 (diff) | |
| download | chromium_src-b09841583aae58d4bc8c244835915d964b044622.zip chromium_src-b09841583aae58d4bc8c244835915d964b044622.tar.gz chromium_src-b09841583aae58d4bc8c244835915d964b044622.tar.bz2 | |
Linux sandbox: allow non racy use of O_CLOEXEC
The current support of O_CLOEXEC in Open() in the broker process is racy.
We make it non racy by using MSG_CMSG_CLOEXEC in recvmsg when getting the
new file descriptor over the Unix socket.
BUG=232077, 232068
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/14407005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@196554 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'base/posix/unix_domain_socket_linux.h')
| -rw-r--r-- | base/posix/unix_domain_socket_linux.h | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/base/posix/unix_domain_socket_linux.h b/base/posix/unix_domain_socket_linux.h index b8ba460..66fb8bb 100644 --- a/base/posix/unix_domain_socket_linux.h +++ b/base/posix/unix_domain_socket_linux.h @@ -55,6 +55,22 @@ class BASE_EXPORT UnixDomainSocket { unsigned reply_len, int* result_fd, const Pickle& request); + + // Similar to SendRecvMsg(), but |recvmsg_flags| allows to control the flags + // of the recvmsg(2) call. + static ssize_t SendRecvMsgWithFlags(int fd, + uint8_t* reply, + unsigned reply_len, + int recvmsg_flags, + int* result_fd, + const Pickle& request); + private: + // Similar to RecvMsg, but allows to specify |flags| for recvmsg(2). + static ssize_t RecvMsgWithFlags(int fd, + void* msg, + size_t length, + int flags, + std::vector<int>* fds); }; #endif // BASE_POSIX_UNIX_DOMAIN_SOCKET_LINUX_H_ |