Chromium Code Reviews Chromium Code Reviews
Issue 669056:
Support running NaCl in Chromium's Linux SUID sandbox (Closed)
| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright 2008 The Native Client Authors. All rights reserved. | 2 * Copyright 2008 The Native Client Authors. All rights reserved. |
| 3 * Use of this source code is governed by a BSD-style license that can | 3 * Use of this source code is governed by a BSD-style license that can |
| 4 * be found in the LICENSE file. | 4 * be found in the LICENSE file. |
| 5 */ | 5 */ |
| 6 | 6 |
| 7 | 7 |
| 8 // NaCl inter-module communication primitives. | 8 // NaCl inter-module communication primitives. |
| 9 // | 9 // |
| 10 // This file implements common parts of IMC for "unix like systems" (i.e. not | 10 // This file implements common parts of IMC for "unix like systems" (i.e. not |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 25 #include <unistd.h> | 25 #include <unistd.h> |
| 26 #include <sys/mman.h> | 26 #include <sys/mman.h> |
| 27 #include <sys/types.h> | 27 #include <sys/types.h> |
| 28 | 28 |
| 29 #include <algorithm> | 29 #include <algorithm> |
| 30 | 30 |
| 31 #include "native_client/src/include/atomic_ops.h" | 31 #include "native_client/src/include/atomic_ops.h" |
| 32 | 32 |
| 33 #include "native_client/src/shared/imc/nacl_imc.h" | 33 #include "native_client/src/shared/imc/nacl_imc.h" |
| 34 | 34 |
| 35 #if defined(CHROMIUM_BUILD) && NACL_LINUX | |
| 36 #include "chrome/renderer/renderer_sandbox_support_linux.h" | |
| 37 #endif | |
| 38 | |
| 35 namespace nacl { | 39 namespace nacl { |
| 36 | 40 |
| 37 namespace { | 41 namespace { |
| 38 | 42 |
| 39 // The pathname prefix for memory objects created by CreateMemoryObject(). | 43 // The pathname prefix for memory objects created by CreateMemoryObject(). |
| 40 const char kShmPrefix[] = "/google-nacl-shm-"; | 44 const char kShmPrefix[] = "/google-nacl-shm-"; |
| 41 | 45 |
| 42 } // namespace | 46 } // namespace |
| 43 | 47 |
| 44 bool WouldBlock() { | 48 bool WouldBlock() { |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 79 int m = shm_open(name, O_RDWR | O_CREAT | O_EXCL, 0600); | 83 int m = shm_open(name, O_RDWR | O_CREAT | O_EXCL, 0600); |
| 80 if (0 <= m) { | 84 if (0 <= m) { |
| 81 if (ftruncate(m, length) == -1) { | 85 if (ftruncate(m, length) == -1) { |
| 82 close(m); | 86 close(m); |
| 83 m = -1; | 87 m = -1; |
| 84 } | 88 } |
| 85 shm_unlink(name); | 89 shm_unlink(name); |
| 86 return m; | 90 return m; |
| 87 } | 91 } |
| 88 if (errno != EEXIST) { | 92 if (errno != EEXIST) { |
| 93 #if defined(CHROMIUM_BUILD) && NACL_LINUX | |
| 94 return MakeSharedMemorySegmentViaIPC(length); | |
|
gregoryd
2010/03/04 17:37:45
Do we know that shm_open will fail in the sandbox?
| |
| 95 #endif | |
| 89 return -1; | 96 return -1; |
| 90 } | 97 } |
| 91 } | 98 } |
| 92 } | 99 } |
| 93 | 100 |
| 94 void* Map(void* start, size_t length, int prot, int flags, | 101 void* Map(void* start, size_t length, int prot, int flags, |
| 95 Handle memory, off_t offset) { | 102 Handle memory, off_t offset) { |
| 96 static const int kPosixProt[] = { | 103 static const int kPosixProt[] = { |
| 97 PROT_NONE, | 104 PROT_NONE, |
| 98 PROT_READ, | 105 PROT_READ, |
| (...skipping 16 matching lines...) Expand all Loading... | |
| 115 adjusted |= MAP_FIXED; | 122 adjusted |= MAP_FIXED; |
| 116 } | 123 } |
| 117 return mmap(start, length, kPosixProt[prot & 7], adjusted, memory, offset); | 124 return mmap(start, length, kPosixProt[prot & 7], adjusted, memory, offset); |
| 118 } | 125 } |
| 119 | 126 |
| 120 int Unmap(void* start, size_t length) { | 127 int Unmap(void* start, size_t length) { |
| 121 return munmap(start, length); | 128 return munmap(start, length); |
| 122 } | 129 } |
| 123 | 130 |
| 124 } // namespace nacl | 131 } // namespace nacl |
| OLD | NEW |
