1 files changed, 0 insertions, 144 deletions
diff --git a/sandbox/linux/syscall_broker/broker_client.cc b/sandbox/linux/syscall_broker/broker_client.cc
deleted file mode 100644
index 760cf59b3c..0000000000
--- a/sandbox/linux/syscall_broker/broker_client.cc
+++ /dev/null
@@ -1,144 +0,0 @@
-// Copyright 2014 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "sandbox/linux/syscall_broker/broker_client.h"
-
-#include <errno.h>
-#include <fcntl.h>
-#include <sys/stat.h>
-#include <sys/socket.h>
-#include <sys/types.h>
-
-#include "build/build_config.h"
-#include "base/logging.h"
-#include "base/pickle.h"
-#include "base/posix/unix_domain_socket_linux.h"
-#include "sandbox/linux/syscall_broker/broker_channel.h"
-#include "sandbox/linux/syscall_broker/broker_common.h"
-#include "sandbox/linux/syscall_broker/broker_policy.h"
-
-#if defined(OS_ANDROID) && !defined(MSG_CMSG_CLOEXEC)
-#define MSG_CMSG_CLOEXEC 0x40000000
-#endif
-
-namespace sandbox {
-
-namespace syscall_broker {
-
-// Make a remote system call over IPC for syscalls that take a path and flags
-// as arguments, currently open() and access().
-// Will return -errno like a real system call.
-// This function needs to be async signal safe.
-int BrokerClient::PathAndFlagsSyscall(IPCCommand syscall_type,
-                                      const char* pathname,
-                                      int flags) const {
-  int recvmsg_flags = 0;
-  RAW_CHECK(syscall_type == COMMAND_OPEN || syscall_type == COMMAND_ACCESS);
-  if (!pathname)
-    return -EFAULT;
-
-  // For this "remote system call" to work, we need to handle any flag that
-  // cannot be sent over a Unix socket in a special way.
-  // See the comments around kCurrentProcessOpenFlagsMask.
-  if (syscall_type == COMMAND_OPEN && (flags & kCurrentProcessOpenFlagsMask)) {
-    // This implementation only knows about O_CLOEXEC, someone needs to look at
-    // this code if other flags are added.
-    RAW_CHECK(kCurrentProcessOpenFlagsMask == O_CLOEXEC);
-    recvmsg_flags |= MSG_CMSG_CLOEXEC;
-    flags &= ~O_CLOEXEC;
-  }
-
-  // There is no point in forwarding a request that we know will be denied.
-  // Of course, the real security check needs to be on the other side of the
-  // IPC.
-  if (fast_check_in_client_) {
-    if (syscall_type == COMMAND_OPEN &&
-        !broker_policy_.GetFileNameIfAllowedToOpen(
-            pathname, flags, NULL /* file_to_open */,
-            NULL /* unlink_after_open */)) {
-      return -broker_policy_.denied_errno();
-    }
-    if (syscall_type == COMMAND_ACCESS &&
-        !broker_policy_.GetFileNameIfAllowedToAccess(pathname, flags, NULL)) {
-      return -broker_policy_.denied_errno();
-    }
-  }
-
-  base::Pickle write_pickle;
-  write_pickle.WriteInt(syscall_type);
-  write_pickle.WriteString(pathname);
-  write_pickle.WriteInt(flags);
-  RAW_CHECK(write_pickle.size() <= kMaxMessageLength);
-
-  int returned_fd = -1;
-  uint8_t reply_buf[kMaxMessageLength];
-
-  // Send a request (in write_pickle) as well that will include a new
-  // temporary socketpair (created internally by SendRecvMsg()).
-  // Then read the reply on this new socketpair in reply_buf and put an
-  // eventual attached file descriptor in |returned_fd|.
-  ssize_t msg_len = base::UnixDomainSocket::SendRecvMsgWithFlags(
-      ipc_channel_.get(), reply_buf, sizeof(reply_buf), recvmsg_flags,
-      &returned_fd, write_pickle);
-  if (msg_len <= 0) {
-    if (!quiet_failures_for_tests_)
-      RAW_LOG(ERROR, "Could not make request to broker process");
-    return -ENOMEM;
-  }
-
-  base::Pickle read_pickle(reinterpret_cast<char*>(reply_buf), msg_len);
-  base::PickleIterator iter(read_pickle);
-  int return_value = -1;
-  // Now deserialize the return value and eventually return the file
-  // descriptor.
-  if (iter.ReadInt(&return_value)) {
-    switch (syscall_type) {
-      case COMMAND_ACCESS:
-        // We should never have a fd to return.
-        RAW_CHECK(returned_fd == -1);
-        return return_value;
-      case COMMAND_OPEN:
-        if (return_value < 0) {
-          RAW_CHECK(returned_fd == -1);
-          return return_value;
-        } else {
-          // We have a real file descriptor to return.
-          RAW_CHECK(returned_fd >= 0);
-          return returned_fd;
-        }
-      default:
-        RAW_LOG(ERROR, "Unsupported command");
-        return -ENOSYS;
-    }
-  } else {
-    RAW_LOG(ERROR, "Could not read pickle");
-    NOTREACHED();
-    return -ENOMEM;
-  }
-}
-
-BrokerClient::BrokerClient(const BrokerPolicy& broker_policy,
-                           BrokerChannel::EndPoint ipc_channel,
-                           bool fast_check_in_client,
-                           bool quiet_failures_for_tests)
-    : broker_policy_(broker_policy),
-      ipc_channel_(ipc_channel.Pass()),
-      fast_check_in_client_(fast_check_in_client),
-      quiet_failures_for_tests_(quiet_failures_for_tests) {
-}
-
-BrokerClient::~BrokerClient() {
-}
-
-int BrokerClient::Access(const char* pathname, int mode) const {
-  return PathAndFlagsSyscall(COMMAND_ACCESS, pathname, mode);
-}
-
-int BrokerClient::Open(const char* pathname, int flags) const {
-  return PathAndFlagsSyscall(COMMAND_OPEN, pathname, flags);
-}
-
-}  // namespace syscall_broker
-
-}  // namespace sandbox