• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef BASE_FILES_FILE_H_
6 #define BASE_FILES_FILE_H_
7 
8 #include <stdint.h>
9 
10 #include <string>
11 
12 #include "base/base_export.h"
13 #include "base/files/file_path.h"
14 #include "base/files/file_tracing.h"
15 #include "base/files/platform_file.h"
16 #include "base/files/scoped_file.h"
17 #include "base/macros.h"
18 #include "base/time/time.h"
19 #include "build/build_config.h"
20 
21 #if defined(OS_POSIX) || defined(OS_FUCHSIA)
22 #include <sys/stat.h>
23 #endif
24 
25 namespace base {
26 
27 #if defined(OS_BSD) || defined(OS_MACOSX) || defined(OS_NACL) || \
28   defined(OS_FUCHSIA) || (defined(OS_ANDROID) && __ANDROID_API__ < 21)
29 typedef struct stat stat_wrapper_t;
30 #elif defined(OS_POSIX)
31 typedef struct stat64 stat_wrapper_t;
32 #endif
33 
34 // Thin wrapper around an OS-level file.
35 // Note that this class does not provide any support for asynchronous IO, other
36 // than the ability to create asynchronous handles on Windows.
37 //
38 // Note about const: this class does not attempt to determine if the underlying
39 // file system object is affected by a particular method in order to consider
40 // that method const or not. Only methods that deal with member variables in an
41 // obvious non-modifying way are marked as const. Any method that forward calls
42 // to the OS is not considered const, even if there is no apparent change to
43 // member variables.
44 class BASE_EXPORT File {
45  public:
46   // FLAG_(OPEN|CREATE).* are mutually exclusive. You should specify exactly one
47   // of the five (possibly combining with other flags) when opening or creating
48   // a file.
49   // FLAG_(WRITE|APPEND) are mutually exclusive. This is so that APPEND behavior
50   // will be consistent with O_APPEND on POSIX.
51   // FLAG_EXCLUSIVE_(READ|WRITE) only grant exclusive access to the file on
52   // creation on POSIX; for existing files, consider using Lock().
53   enum Flags {
54     FLAG_OPEN = 1 << 0,            // Opens a file, only if it exists.
55     FLAG_CREATE = 1 << 1,          // Creates a new file, only if it does not
56                                    // already exist.
57     FLAG_OPEN_ALWAYS = 1 << 2,     // May create a new file.
58     FLAG_CREATE_ALWAYS = 1 << 3,   // May overwrite an old file.
59     FLAG_OPEN_TRUNCATED = 1 << 4,  // Opens a file and truncates it, only if it
60                                    // exists.
61     FLAG_READ = 1 << 5,
62     FLAG_WRITE = 1 << 6,
63     FLAG_APPEND = 1 << 7,
64     FLAG_EXCLUSIVE_READ = 1 << 8,  // EXCLUSIVE is opposite of Windows SHARE.
65     FLAG_EXCLUSIVE_WRITE = 1 << 9,
66     FLAG_ASYNC = 1 << 10,
67     FLAG_TEMPORARY = 1 << 11,  // Used on Windows only.
68     FLAG_HIDDEN = 1 << 12,     // Used on Windows only.
69     FLAG_DELETE_ON_CLOSE = 1 << 13,
70     FLAG_WRITE_ATTRIBUTES = 1 << 14,     // Used on Windows only.
71     FLAG_SHARE_DELETE = 1 << 15,         // Used on Windows only.
72     FLAG_TERMINAL_DEVICE = 1 << 16,      // Serial port flags.
73     FLAG_BACKUP_SEMANTICS = 1 << 17,     // Used on Windows only.
74     FLAG_EXECUTE = 1 << 18,              // Used on Windows only.
75     FLAG_SEQUENTIAL_SCAN = 1 << 19,      // Used on Windows only.
76     FLAG_CAN_DELETE_ON_CLOSE = 1 << 20,  // Requests permission to delete a file
77                                          // via DeleteOnClose() (Windows only).
78                                          // See DeleteOnClose() for details.
79   };
80 
81   // This enum has been recorded in multiple histograms using PlatformFileError
82   // enum. If the order of the fields needs to change, please ensure that those
83   // histograms are obsolete or have been moved to a different enum.
84   //
85   // FILE_ERROR_ACCESS_DENIED is returned when a call fails because of a
86   // filesystem restriction. FILE_ERROR_SECURITY is returned when a browser
87   // policy doesn't allow the operation to be executed.
88   enum Error {
89     FILE_OK = 0,
90     FILE_ERROR_FAILED = -1,
91     FILE_ERROR_IN_USE = -2,
92     FILE_ERROR_EXISTS = -3,
93     FILE_ERROR_NOT_FOUND = -4,
94     FILE_ERROR_ACCESS_DENIED = -5,
95     FILE_ERROR_TOO_MANY_OPENED = -6,
96     FILE_ERROR_NO_MEMORY = -7,
97     FILE_ERROR_NO_SPACE = -8,
98     FILE_ERROR_NOT_A_DIRECTORY = -9,
99     FILE_ERROR_INVALID_OPERATION = -10,
100     FILE_ERROR_SECURITY = -11,
101     FILE_ERROR_ABORT = -12,
102     FILE_ERROR_NOT_A_FILE = -13,
103     FILE_ERROR_NOT_EMPTY = -14,
104     FILE_ERROR_INVALID_URL = -15,
105     FILE_ERROR_IO = -16,
106     // Put new entries here and increment FILE_ERROR_MAX.
107     FILE_ERROR_MAX = -17
108   };
109 
110   // This explicit mapping matches both FILE_ on Windows and SEEK_ on Linux.
111   enum Whence {
112     FROM_BEGIN   = 0,
113     FROM_CURRENT = 1,
114     FROM_END     = 2
115   };
116 
117   // Used to hold information about a given file.
118   // If you add more fields to this structure (platform-specific fields are OK),
119   // make sure to update all functions that use it in file_util_{win|posix}.cc,
120   // too, and the ParamTraits<base::File::Info> implementation in
121   // ipc/ipc_message_utils.cc.
122   struct BASE_EXPORT Info {
123     Info();
124     ~Info();
125 #if defined(OS_POSIX) || defined(OS_FUCHSIA)
126     // Fills this struct with values from |stat_info|.
127     void FromStat(const stat_wrapper_t& stat_info);
128 #endif
129 
130     // The size of the file in bytes.  Undefined when is_directory is true.
131     int64_t size;
132 
133     // True if the file corresponds to a directory.
134     bool is_directory;
135 
136     // True if the file corresponds to a symbolic link.  For Windows currently
137     // not supported and thus always false.
138     bool is_symbolic_link;
139 
140     // The last modified time of a file.
141     Time last_modified;
142 
143     // The last accessed time of a file.
144     Time last_accessed;
145 
146     // The creation time of a file.
147     Time creation_time;
148   };
149 
150   File();
151 
152   // Creates or opens the given file. This will fail with 'access denied' if the
153   // |path| contains path traversal ('..') components.
154   File(const FilePath& path, uint32_t flags);
155 
156   // Takes ownership of |platform_file| and sets async to false.
157   explicit File(PlatformFile platform_file);
158 
159   // Takes ownership of |platform_file| and sets async to the given value.
160   // This constructor exists because on Windows you can't check if platform_file
161   // is async or not.
162   File(PlatformFile platform_file, bool async);
163 
164   // Creates an object with a specific error_details code.
165   explicit File(Error error_details);
166 
167   File(File&& other);
168 
169   ~File();
170 
171   File& operator=(File&& other);
172 
173   // Creates or opens the given file.
174   void Initialize(const FilePath& path, uint32_t flags);
175 
176   // Returns |true| if the handle / fd wrapped by this object is valid.  This
177   // method doesn't interact with the file system (and is safe to be called from
178   // ThreadRestrictions::SetIOAllowed(false) threads).
179   bool IsValid() const;
180 
181   // Returns true if a new file was created (or an old one truncated to zero
182   // length to simulate a new file, which can happen with
183   // FLAG_CREATE_ALWAYS), and false otherwise.
created()184   bool created() const { return created_; }
185 
186   // Returns the OS result of opening this file. Note that the way to verify
187   // the success of the operation is to use IsValid(), not this method:
188   //   File file(path, flags);
189   //   if (!file.IsValid())
190   //     return;
error_details()191   Error error_details() const { return error_details_; }
192 
193   PlatformFile GetPlatformFile() const;
194   PlatformFile TakePlatformFile();
195 
196   // Destroying this object closes the file automatically.
197   void Close();
198 
199   // Changes current position in the file to an |offset| relative to an origin
200   // defined by |whence|. Returns the resultant current position in the file
201   // (relative to the start) or -1 in case of error.
202   int64_t Seek(Whence whence, int64_t offset);
203 
204   // Reads the given number of bytes (or until EOF is reached) starting with the
205   // given offset. Returns the number of bytes read, or -1 on error. Note that
206   // this function makes a best effort to read all data on all platforms, so it
207   // is not intended for stream oriented files but instead for cases when the
208   // normal expectation is that actually |size| bytes are read unless there is
209   // an error.
210   int Read(int64_t offset, char* data, int size);
211 
212   // Same as above but without seek.
213   int ReadAtCurrentPos(char* data, int size);
214 
215   // Reads the given number of bytes (or until EOF is reached) starting with the
216   // given offset, but does not make any effort to read all data on all
217   // platforms. Returns the number of bytes read, or -1 on error.
218   int ReadNoBestEffort(int64_t offset, char* data, int size);
219 
220   // Same as above but without seek.
221   int ReadAtCurrentPosNoBestEffort(char* data, int size);
222 
223   // Writes the given buffer into the file at the given offset, overwritting any
224   // data that was previously there. Returns the number of bytes written, or -1
225   // on error. Note that this function makes a best effort to write all data on
226   // all platforms. |data| can be nullptr when |size| is 0.
227   // Ignores the offset and writes to the end of the file if the file was opened
228   // with FLAG_APPEND.
229   int Write(int64_t offset, const char* data, int size);
230 
231   // Save as above but without seek.
232   int WriteAtCurrentPos(const char* data, int size);
233 
234   // Save as above but does not make any effort to write all data on all
235   // platforms. Returns the number of bytes written, or -1 on error.
236   int WriteAtCurrentPosNoBestEffort(const char* data, int size);
237 
238   // Returns the current size of this file, or a negative number on failure.
239   int64_t GetLength();
240 
241   // Truncates the file to the given length. If |length| is greater than the
242   // current size of the file, the file is extended with zeros. If the file
243   // doesn't exist, |false| is returned.
244   bool SetLength(int64_t length);
245 
246   // Instructs the filesystem to flush the file to disk. (POSIX: fsync, Windows:
247   // FlushFileBuffers).
248   // Calling Flush() does not guarantee file integrity and thus is not a valid
249   // substitute for file integrity checks and recovery codepaths for malformed
250   // files. It can also be *really* slow, so avoid blocking on Flush(),
251   // especially please don't block shutdown on Flush().
252   // Latency percentiles of Flush() across all platforms as of July 2016:
253   // 50 %     > 5 ms
254   // 10 %     > 58 ms
255   //  1 %     > 357 ms
256   //  0.1 %   > 1.8 seconds
257   //  0.01 %  > 7.6 seconds
258   bool Flush();
259 
260   // Updates the file times.
261   bool SetTimes(Time last_access_time, Time last_modified_time);
262 
263   // Returns some basic information for the given file.
264   bool GetInfo(Info* info);
265 
266 #if !defined(OS_FUCHSIA)  // Fuchsia's POSIX API does not support file locking.
267 
268   // Attempts to take an exclusive write lock on the file. Returns immediately
269   // (i.e. does not wait for another process to unlock the file). If the lock
270   // was obtained, the result will be FILE_OK. A lock only guarantees
271   // that other processes may not also take a lock on the same file with the
272   // same API - it may still be opened, renamed, unlinked, etc.
273   //
274   // Common semantics:
275   //  * Locks are held by processes, but not inherited by child processes.
276   //  * Locks are released by the OS on file close or process termination.
277   //  * Locks are reliable only on local filesystems.
278   //  * Duplicated file handles may also write to locked files.
279   // Windows-specific semantics:
280   //  * Locks are mandatory for read/write APIs, advisory for mapping APIs.
281   //  * Within a process, locking the same file (by the same or new handle)
282   //    will fail.
283   // POSIX-specific semantics:
284   //  * Locks are advisory only.
285   //  * Within a process, locking the same file (by the same or new handle)
286   //    will succeed.
287   //  * Closing any descriptor on a given file releases the lock.
288   Error Lock();
289 
290   // Unlock a file previously locked.
291   Error Unlock();
292 
293 #endif  // !defined(OS_FUCHSIA)
294 
295   // Returns a new object referencing this file for use within the current
296   // process. Handling of FLAG_DELETE_ON_CLOSE varies by OS. On POSIX, the File
297   // object that was created or initialized with this flag will have unlinked
298   // the underlying file when it was created or opened. On Windows, the
299   // underlying file is deleted when the last handle to it is closed.
300   File Duplicate() const;
301 
async()302   bool async() const { return async_; }
303 
304 #if defined(OS_WIN)
305   // Sets or clears the DeleteFile disposition on the file. Returns true if
306   // the disposition was set or cleared, as indicated by |delete_on_close|.
307   //
308   // Microsoft Windows deletes a file only when the DeleteFile disposition is
309   // set on a file when the last handle to the last underlying kernel File
310   // object is closed. This disposition is be set by:
311   // - Calling the Win32 DeleteFile function with the path to a file.
312   // - Opening/creating a file with FLAG_DELETE_ON_CLOSE and then closing all
313   //   handles to that File object.
314   // - Opening/creating a file with FLAG_CAN_DELETE_ON_CLOSE and subsequently
315   //   calling DeleteOnClose(true).
316   //
317   // In all cases, all pre-existing handles to the file must have been opened
318   // with FLAG_SHARE_DELETE. Once the disposition has been set by any of the
319   // above means, no new File objects can be created for the file.
320   //
321   // So:
322   // - Use FLAG_SHARE_DELETE when creating/opening a file to allow another
323   //   entity on the system to cause it to be deleted when it is closed. (Note:
324   //   another entity can delete the file the moment after it is closed, so not
325   //   using this permission doesn't provide any protections.)
326   // - Use FLAG_DELETE_ON_CLOSE for any file that is to be deleted after use.
327   //   The OS will ensure it is deleted even in the face of process termination.
328   //   Note that it's possible for deletion to be cancelled via another File
329   //   object referencing the same file using DeleteOnClose(false) to clear the
330   //   DeleteFile disposition after the original File is closed.
331   // - Use FLAG_CAN_DELETE_ON_CLOSE in conjunction with DeleteOnClose() to alter
332   //   the DeleteFile disposition on an open handle. This fine-grained control
333   //   allows for marking a file for deletion during processing so that it is
334   //   deleted in the event of untimely process termination, and then clearing
335   //   this state once the file is suitable for persistence.
336   bool DeleteOnClose(bool delete_on_close);
337 #endif
338 
339 #if defined(OS_WIN)
340   static Error OSErrorToFileError(DWORD last_error);
341 #elif defined(OS_POSIX) || defined(OS_FUCHSIA)
342   static Error OSErrorToFileError(int saved_errno);
343 #endif
344 
345   // Gets the last global error (errno or GetLastError()) and converts it to the
346   // closest base::File::Error equivalent via OSErrorToFileError(). The returned
347   // value is only trustworthy immediately after another base::File method
348   // fails. base::File never resets the global error to zero.
349   static Error GetLastFileError();
350 
351   // Converts an error value to a human-readable form. Used for logging.
352   static std::string ErrorToString(Error error);
353 
354  private:
355   friend class FileTracing::ScopedTrace;
356 
357   // Creates or opens the given file. Only called if |path| has no
358   // traversal ('..') components.
359   void DoInitialize(const FilePath& path, uint32_t flags);
360 
361   void SetPlatformFile(PlatformFile file);
362 
363   ScopedPlatformFile file_;
364 
365   // A path to use for tracing purposes. Set if file tracing is enabled during
366   // |Initialize()|.
367   FilePath tracing_path_;
368 
369   // Object tied to the lifetime of |this| that enables/disables tracing.
370   FileTracing::ScopedEnabler trace_enabler_;
371 
372   Error error_details_;
373   bool created_;
374   bool async_;
375 
376   DISALLOW_COPY_AND_ASSIGN(File);
377 };
378 
379 }  // namespace base
380 
381 #endif  // BASE_FILES_FILE_H_
382