1 // Copyright 2017 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sql/vfs_wrapper.h"
11 #include "base/check_op.h"
12 #include "base/debug/leak_annotations.h"
13 #include "base/files/file_path.h"
14 #include "base/memory/ptr_util.h"
15 #include "base/metrics/histogram_macros.h"
16 #include "base/notreached.h"
17 #include "base/strings/string_piece.h"
18 #include "build/build_config.h"
20 #if BUILDFLAG(IS_APPLE)
21 #include "base/apple/backup_util.h"
24 #if BUILDFLAG(IS_FUCHSIA)
25 #include "sql/vfs_wrapper_fuchsia.h"
31 // https://www.sqlite.org/vfs.html - documents the overall VFS system.
33 // https://www.sqlite.org/c3ref/vfs.html - VFS methods. This code tucks the
34 // wrapped VFS pointer into the wrapper's pAppData pointer.
36 // https://www.sqlite.org/c3ref/file.html - instance of an open file. This code
37 // allocates a VfsFile for this, which contains a pointer to the wrapped file.
38 // Idiomatic SQLite would take the wrapped VFS szOsFile and increase it to store
39 // additional data as a prefix.
41 sqlite3_vfs* GetWrappedVfs(sqlite3_vfs* wrapped_vfs) {
42 return static_cast<sqlite3_vfs*>(wrapped_vfs->pAppData);
45 VfsFile* AsVfsFile(sqlite3_file* wrapper_file) {
46 return reinterpret_cast<VfsFile*>(wrapper_file);
49 sqlite3_file* GetWrappedFile(sqlite3_file* wrapper_file) {
50 return AsVfsFile(wrapper_file)->wrapped_file;
53 int Close(sqlite3_file* sqlite_file) {
54 #if BUILDFLAG(IS_FUCHSIA)
55 // Other platforms automatically unlock when the file descriptor is closed,
56 // but the fuchsia virtual implementation doesn't have that so it needs an
57 // explicit unlock on close.
58 Unlock(sqlite_file, SQLITE_LOCK_NONE);
61 VfsFile* file = AsVfsFile(sqlite_file);
62 int r = file->wrapped_file->pMethods->xClose(file->wrapped_file);
63 sqlite3_free(file->wrapped_file);
65 // Memory will be freed with sqlite3_free(), so the destructor needs to be
68 memset(file, '\0', sizeof(*file));
72 int Read(sqlite3_file* sqlite_file, void* buf, int amt, sqlite3_int64 ofs)
74 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
75 return wrapped_file->pMethods->xRead(wrapped_file, buf, amt, ofs);
78 int Write(sqlite3_file* sqlite_file, const void* buf, int amt,
81 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
82 return wrapped_file->pMethods->xWrite(wrapped_file, buf, amt, ofs);
85 int Truncate(sqlite3_file* sqlite_file, sqlite3_int64 size)
87 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
88 return wrapped_file->pMethods->xTruncate(wrapped_file, size);
91 int Sync(sqlite3_file* sqlite_file, int flags)
93 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
94 return wrapped_file->pMethods->xSync(wrapped_file, flags);
97 int FileSize(sqlite3_file* sqlite_file, sqlite3_int64* size)
99 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
100 return wrapped_file->pMethods->xFileSize(wrapped_file, size);
103 #if !BUILDFLAG(IS_FUCHSIA)
105 int Lock(sqlite3_file* sqlite_file, int file_lock)
107 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
108 return wrapped_file->pMethods->xLock(wrapped_file, file_lock);
111 int Unlock(sqlite3_file* sqlite_file, int file_lock)
113 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
114 return wrapped_file->pMethods->xUnlock(wrapped_file, file_lock);
117 int CheckReservedLock(sqlite3_file* sqlite_file, int* result)
119 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
120 return wrapped_file->pMethods->xCheckReservedLock(wrapped_file, result);
123 #endif // !BUILDFLAG(IS_FUCHSIA)
124 // Else these functions are imported via vfs_wrapper_fuchsia.h.
126 int FileControl(sqlite3_file* sqlite_file, int op, void* arg)
128 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
129 return wrapped_file->pMethods->xFileControl(wrapped_file, op, arg);
132 int SectorSize(sqlite3_file* sqlite_file)
134 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
135 return wrapped_file->pMethods->xSectorSize(wrapped_file);
138 int DeviceCharacteristics(sqlite3_file* sqlite_file)
140 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
141 return wrapped_file->pMethods->xDeviceCharacteristics(wrapped_file);
144 int ShmMap(sqlite3_file *sqlite_file, int region, int size,
145 int extend, void volatile **pp) {
146 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
147 return wrapped_file->pMethods->xShmMap(
148 wrapped_file, region, size, extend, pp);
151 int ShmLock(sqlite3_file *sqlite_file, int ofst, int n, int flags) {
152 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
153 return wrapped_file->pMethods->xShmLock(wrapped_file, ofst, n, flags);
156 void ShmBarrier(sqlite3_file *sqlite_file) {
157 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
158 wrapped_file->pMethods->xShmBarrier(wrapped_file);
161 int ShmUnmap(sqlite3_file *sqlite_file, int del) {
162 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
163 return wrapped_file->pMethods->xShmUnmap(wrapped_file, del);
166 int Fetch(sqlite3_file *sqlite_file, sqlite3_int64 off, int amt, void **pp) {
167 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
168 return wrapped_file->pMethods->xFetch(wrapped_file, off, amt, pp);
171 int Unfetch(sqlite3_file *sqlite_file, sqlite3_int64 off, void *p) {
172 sqlite3_file* wrapped_file = GetWrappedFile(sqlite_file);
173 return wrapped_file->pMethods->xUnfetch(wrapped_file, off, p);
176 int Open(sqlite3_vfs* vfs, const char* file_name, sqlite3_file* wrapper_file,
177 int desired_flags, int* used_flags) {
178 sqlite3_vfs* wrapped_vfs = GetWrappedVfs(vfs);
180 sqlite3_file* wrapped_file = static_cast<sqlite3_file*>(
181 sqlite3_malloc(wrapped_vfs->szOsFile));
185 // NOTE(shess): SQLite's unixOpen() makes assumptions about the structure of
186 // |file_name|. Do not pass a local copy, here, only the passed-in value.
187 int rc = wrapped_vfs->xOpen(wrapped_vfs,
188 file_name, wrapped_file,
189 desired_flags, used_flags);
190 if (rc != SQLITE_OK) {
191 sqlite3_free(wrapped_file);
194 // NOTE(shess): Any early exit from here needs to call xClose() on
197 #if BUILDFLAG(IS_APPLE)
198 // When opening journal files, propagate backup exclusion from db.
199 static int kJournalFlags =
200 SQLITE_OPEN_MAIN_JOURNAL | SQLITE_OPEN_TEMP_JOURNAL |
201 SQLITE_OPEN_SUBJOURNAL | SQLITE_OPEN_MASTER_JOURNAL;
202 if (file_name && (desired_flags & kJournalFlags)) {
203 // https://www.sqlite.org/c3ref/vfs.html indicates that the journal path
204 // will have a suffix separated by "-" from the main database file name.
205 base::StringPiece file_name_string_piece(file_name);
206 size_t dash_index = file_name_string_piece.rfind('-');
207 if (dash_index != base::StringPiece::npos) {
208 base::StringPiece db_name(file_name, dash_index);
209 if (base::apple::GetBackupExclusion(base::FilePath(db_name))) {
210 base::apple::SetBackupExclusion(base::FilePath(file_name_string_piece));
216 // |iVersion| determines what methods SQLite may call on the instance.
217 // Having the methods which can't be proxied return an error may cause SQLite
218 // to operate differently than if it didn't call those methods at all. To be
219 // on the safe side, the wrapper sqlite3_io_methods version perfectly matches
220 // the version of the wrapped files.
222 // At a first glance, it might be tempting to simplify the code by
223 // restricting wrapping support to VFS version 3. However, this might fail on
226 // On Mac, SQLite built with SQLITE_ENABLE_LOCKING_STYLE ends up using a VFS
227 // that dynamically dispatches between a few variants of sqlite3_io_methods,
228 // based on whether the opened database is on a local or on a remote (AFS,
229 // NFS) filesystem. Some variants return a VFS version 1 structure.
230 VfsFile* file = AsVfsFile(wrapper_file);
232 // Call constructor explicitly since the memory is already allocated.
233 new (file) VfsFile();
235 file->wrapped_file = wrapped_file;
237 #if BUILDFLAG(IS_FUCHSIA)
238 file->file_name = file_name;
241 if (wrapped_file->pMethods->iVersion == 1) {
242 static const sqlite3_io_methods io_methods = {
255 DeviceCharacteristics,
257 file->methods = &io_methods;
258 } else if (wrapped_file->pMethods->iVersion == 2) {
259 static const sqlite3_io_methods io_methods = {
272 DeviceCharacteristics,
273 // Methods above are valid for version 1.
279 file->methods = &io_methods;
281 static const sqlite3_io_methods io_methods = {
294 DeviceCharacteristics,
295 // Methods above are valid for version 1.
300 // Methods above are valid for version 2.
304 file->methods = &io_methods;
309 int Delete(sqlite3_vfs* vfs, const char* file_name, int sync_dir) {
310 sqlite3_vfs* wrapped_vfs = GetWrappedVfs(vfs);
311 return wrapped_vfs->xDelete(wrapped_vfs, file_name, sync_dir);
314 int Access(sqlite3_vfs* vfs, const char* file_name, int flag, int* res) {
315 sqlite3_vfs* wrapped_vfs = GetWrappedVfs(vfs);
316 return wrapped_vfs->xAccess(wrapped_vfs, file_name, flag, res);
319 int FullPathname(sqlite3_vfs* vfs, const char* relative_path,
320 int buf_size, char* absolute_path) {
321 sqlite3_vfs* wrapped_vfs = GetWrappedVfs(vfs);
322 return wrapped_vfs->xFullPathname(
323 wrapped_vfs, relative_path, buf_size, absolute_path);
326 int Randomness(sqlite3_vfs* vfs, int buf_size, char* buffer) {
327 sqlite3_vfs* wrapped_vfs = GetWrappedVfs(vfs);
328 return wrapped_vfs->xRandomness(wrapped_vfs, buf_size, buffer);
331 int Sleep(sqlite3_vfs* vfs, int microseconds) {
332 sqlite3_vfs* wrapped_vfs = GetWrappedVfs(vfs);
333 return wrapped_vfs->xSleep(wrapped_vfs, microseconds);
336 int GetLastError(sqlite3_vfs* vfs, int e, char* s) {
337 sqlite3_vfs* wrapped_vfs = GetWrappedVfs(vfs);
338 return wrapped_vfs->xGetLastError(wrapped_vfs, e, s);
341 int CurrentTimeInt64(sqlite3_vfs* vfs, sqlite3_int64* now) {
342 sqlite3_vfs* wrapped_vfs = GetWrappedVfs(vfs);
343 return wrapped_vfs->xCurrentTimeInt64(wrapped_vfs, now);
348 sqlite3_vfs* VFSWrapper() {
349 static constexpr char kVFSName[] = "VFSWrapper";
351 // Return existing version if already registered.
353 sqlite3_vfs* vfs = sqlite3_vfs_find(kVFSName);
358 // Get the default VFS on all platforms except Fuchsia.
359 static constexpr const char* kBaseVfsName =
360 #if BUILDFLAG(IS_FUCHSIA)
365 sqlite3_vfs* wrapped_vfs = sqlite3_vfs_find(kBaseVfsName);
367 // Give up if there is no VFS implementation for the current platform.
373 std::unique_ptr<sqlite3_vfs, std::function<void(sqlite3_vfs*)>> wrapper_vfs(
374 static_cast<sqlite3_vfs*>(sqlite3_malloc(sizeof(sqlite3_vfs))),
378 memset(wrapper_vfs.get(), '\0', sizeof(sqlite3_vfs));
380 // VFS implementations should always work with a SQLite that only knows about
382 constexpr int kSqliteVfsApiVersion = 3;
383 wrapper_vfs->iVersion = kSqliteVfsApiVersion;
385 // All the SQLite VFS implementations used by Chrome should support the
386 // version proxied here.
387 DCHECK_GE(wrapped_vfs->iVersion, kSqliteVfsApiVersion);
389 // Caller of xOpen() allocates this much space.
390 wrapper_vfs->szOsFile = sizeof(VfsFile);
392 wrapper_vfs->mxPathname = wrapped_vfs->mxPathname;
393 wrapper_vfs->pNext = nullptr; // Field used by SQLite.
394 wrapper_vfs->zName = kVFSName;
396 // Keep a reference to the wrapped vfs for use in methods.
397 wrapper_vfs->pAppData = wrapped_vfs;
400 wrapper_vfs->xOpen = &Open;
401 wrapper_vfs->xDelete = &Delete;
402 wrapper_vfs->xAccess = &Access;
403 wrapper_vfs->xFullPathname = &FullPathname;
405 // SQLite's dynamic extension loading is disabled in Chrome. Not proxying
406 // these methods lets us ship less logic and provides a tiny bit of extra
407 // security, as we know for sure that SQLite will not dynamically load code.
408 wrapper_vfs->xDlOpen = nullptr;
409 wrapper_vfs->xDlError = nullptr;
410 wrapper_vfs->xDlSym = nullptr;
411 wrapper_vfs->xDlClose = nullptr;
413 wrapper_vfs->xRandomness = &Randomness;
414 wrapper_vfs->xSleep = &Sleep;
416 // |xCurrentTime| is null when SQLite is built with SQLITE_OMIT_DEPRECATED, so
417 // it does not need to be proxied.
418 wrapper_vfs->xCurrentTime = nullptr;
420 wrapper_vfs->xGetLastError = &GetLastError;
422 // The methods above are in version 1 of SQLite's VFS API.
424 DCHECK(wrapped_vfs->xCurrentTimeInt64 != nullptr);
425 wrapper_vfs->xCurrentTimeInt64 = &CurrentTimeInt64;
427 // The methods above are in version 2 of SQLite's VFS API.
429 // The VFS system call interception API is intended for very low-level SQLite
430 // testing and tweaks. Proxying these methods is not necessary because Chrome
431 // does not do very low-level SQLite testing, and the VFS wrapper supports all
432 // the needed tweaks.
433 wrapper_vfs->xSetSystemCall = nullptr;
434 wrapper_vfs->xGetSystemCall = nullptr;
435 wrapper_vfs->xNextSystemCall = nullptr;
437 // The methods above are in version 3 of sqlite_vfs.
439 if (SQLITE_OK == sqlite3_vfs_register(wrapper_vfs.get(), 0)) {
440 ANNOTATE_LEAKING_OBJECT_PTR(wrapper_vfs.get());
441 wrapper_vfs.release();
444 return sqlite3_vfs_find(kVFSName);