| // Copyright 2019 The Chromium Authors |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef SQL_SANDBOXED_VFS_H_ |
| #define SQL_SANDBOXED_VFS_H_ |
| |
| #include<memory> |
| #include<optional> |
| |
| #include"base/component_export.h" |
| #include"base/files/file.h" |
| #include"base/files/file_path.h" |
| #include"base/time/time.h" |
| #include"sql/sandboxed_vfs_file.h" |
| #include"third_party/sqlite/sqlite3.h" |
| |
| namespace sql{ |
| |
| // The file types associated with a SQLite database. |
| enumclassSandboxedVfsFileType{ |
| // The main file, which stores the database pages. |
| kDatabase, |
| // The transaction rollback journal file. Used when WAL is off. |
| // This file has the same path as the database, plus the "-journal" suffix. |
| kJournal, |
| // The Write-Ahead Log (WAL) file. |
| // This file has the same path as the database, plus the "-wal" suffix. |
| kWal, |
| }; |
| |
| // SQLite VFS file implementation that works in a sandboxed process. |
| // |
| // Instances are thread-friendly. |
| class COMPONENT_EXPORT(SQL)SandboxedVfs{ |
| public: |
| // Describes access rights for a path, used by Delegate::GetPathAccess below. |
| structPathAccessInfo{ |
| bool can_read=false; |
| bool can_write=false; |
| }; |
| |
| // Environment-specific SandboxedVfs implementation details. |
| // |
| // This abstracts a handful of operations that don't typically work in a |
| // sandbox environment given a typical naive implementation. Instances must be |
| // thread-safe. |
| classDelegate{ |
| public: |
| virtual~Delegate()=default; |
| |
| // Retrieve a sandboxed file associated to `file`. |
| // |
| // Returns the sandboxed file for a given file. Do not take ownership of the |
| // returned instance. The VFS is responsible for the liveness of this |
| // object. |
| virtualSandboxedVfsFile*RetrieveSandboxedVfsFile( |
| base::File file, |
| base::FilePath file_path, |
| SandboxedVfsFileType file_type, |
| SandboxedVfs* vfs)=0; |
| |
| // Opens a file. |
| // |
| // `file_path` is the parsed version of a path passed by SQLite to Open(). |
| // `sqlite_requested_flags` is a bitwise combination SQLite flags used when |
| // opening files. Returns the opened File on success, or an invalid File on |
| // failure. |
| virtualbase::FileOpenFile(constbase::FilePath& file_path, |
| int sqlite_requested_flags)=0; |
| |
| // Deletes a file. |
| // |
| // `file_path` is the parsed version of a path passed by SQLite to Delete(). |
| // If `sync_dir` is true, the implementation should attempt to flush to disk |
| // the changes to the file's directory, to ensure that the deletion is |
| // reflected after a power failure. Returns an SQLite error code indicating |
| // the status of the operation. |
| virtualintDeleteFile(constbase::FilePath& file_path,bool sync_dir)=0; |
| |
| // Queries path access information for `file_path`. Returns null if the |
| // given path does not exist. |
| virtual std::optional<PathAccessInfo>GetPathAccess( |
| constbase::FilePath& file_path)=0; |
| }; |
| |
| // We don't allow SandboxedVfs instances to be destroyed. Once created, they |
| // are permanently registered in the calling process. |
| ~SandboxedVfs()=delete; |
| |
| // Constructs a new instance of ths object using `delegate` to support various |
| // operations from within the sandbox. The VFS is registered with SQLite under |
| // `name` and if `make_default` is true then the VFS is also set as the global |
| // default for new database instances within the calling process. |
| // |
| // Note that `name` must be globally unique to the calling process. |
| staticvoidRegister(constchar* name, |
| std::unique_ptr<Delegate>delegate, |
| bool make_default); |
| |
| Delegate*delegate()const{return delegate_.get();} |
| |
| // sqlite3_vfs implementation. |
| intOpen(constchar* full_path, |
| sqlite3_file& result_file, |
| int requested_flags, |
| int* granted_flags); |
| intDelete(constchar* full_path,int sync_dir); |
| intAccess(constchar* full_path,int flags,int& result); |
| intFullPathname(constchar* file_path,int result_size,char* result); |
| intRandomness(int result_size,char* result); |
| intSleep(int microseconds); |
| intGetLastError(int message_size,char* message)const; |
| intCurrentTimeInt64(sqlite3_int64* result_ms); |
| |
| // Used by SandboxedVfsFile. |
| voidSetLastError(base::File::Error error){this->last_error_= error;} |
| |
| private: |
| SandboxedVfs(constchar* name, |
| std::unique_ptr<Delegate>delegate, |
| bool make_default); |
| |
| sqlite3_vfs sandboxed_vfs_; |
| constbase::Time sqlite_epoch_; |
| const std::unique_ptr<Delegate> delegate_; |
| base::File::Error last_error_; |
| }; |
| |
| }// namespace sql |
| |
| #endif// SQL_SANDBOXED_VFS_H_ |
