// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef SANDBOX_MAC_MACH_MESSAGE_SERVER_H_
#define SANDBOX_MAC_MACH_MESSAGE_SERVER_H_
#include <dispatch/dispatch.h>
#include <mach/mach.h>
#include "base/mac/scoped_mach_port.h"
#include "base/mac/scoped_mach_vm.h"
namespace sandbox {
// A delegate interface for MachMessageServer that handles processing of
// incoming intercepted IPC messages.
class MessageDemuxer {
public:
// Handle a |request| message and optionally create a |reply|. Both message
// objects are owned by the server. Use the server's methods to send a
// reply message.
virtual void DemuxMessage(mach_msg_header_t* request,
mach_msg_header_t* reply) = 0;
protected:
virtual ~MessageDemuxer() {}
};
// A Mach message server that operates a receive port. Messages are received
// and then passed to the MessageDemuxer for handling. The Demuxer
// can use the server class to send a reply, forward the message to a
// different port, or reply to the message with a MIG error.
class MachMessageServer {
public:
// Creates a new Mach message server that will send messages to |demuxer|
// for handling. If the |server_receive_right| is non-NULL, this class will
// take ownership of the port and it will be used to receive messages.
// Otherwise the server will create a new receive right.
// The maximum size of messages is specified by |buffer_size|.
MachMessageServer(MessageDemuxer* demuxer,
mach_port_t server_receive_right,
mach_msg_size_t buffer_size);
~MachMessageServer();
// Initializes the class and starts running the message server. If this
// returns false, no other methods may be called on this class.
bool Initialize();
// Given a received request message, returns the PID of the sending process.
pid_t GetMessageSenderPID(mach_msg_header_t* request);
// Sends a reply message. Returns true if the message was sent successfully.
bool SendReply(mach_msg_header_t* reply);
// Forwards the original |request| to the |destination| for handling.
void ForwardMessage(mach_msg_header_t* request, mach_port_t destination);
// Replies to the message with the specified |error_code| as a MIG
// error_reply RetCode.
void RejectMessage(mach_msg_header_t* reply, int error_code);
mach_port_t server_port() const { return server_port_.get(); }
private:
// Event handler for the |server_source_| that reads a message from the queue
// and processes it.
void ReceiveMessage();
// The demuxer delegate. Weak.
MessageDemuxer* demuxer_;
// The Mach port on which the server is receiving requests.
base::mac::ScopedMachReceiveRight server_port_;
// The dispatch queue used to service the server_source_.
dispatch_queue_t server_queue_;
// A MACH_RECV dispatch source for the server_port_.
dispatch_source_t server_source_;
// The size of the two message buffers below.
const mach_msg_size_t buffer_size_;
// Request and reply buffers used in ReceiveMessage.
base::mac::ScopedMachVM request_buffer_;
base::mac::ScopedMachVM reply_buffer_;
// Whether or not ForwardMessage() was called during ReceiveMessage().
bool did_forward_message_;
};
} // namespace sandbox
#endif // SANDBOX_MAC_MACH_MESSAGE_SERVER_H_