| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // A mini-zygote specifically for Native Client. | 5 // A mini-zygote specifically for Native Client. |
| 6 | 6 |
| 7 #include "components/nacl/loader/nacl_helper_linux.h" | 7 #include "components/nacl/loader/nacl_helper_linux.h" |
| 8 | 8 |
| 9 #include <errno.h> | 9 #include <errno.h> |
| 10 #include <fcntl.h> | 10 #include <fcntl.h> |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 101 #endif | 101 #endif |
| 102 } | 102 } |
| 103 | 103 |
| 104 // Always ignore SIGPIPE, for consistency with other Chrome processes and | 104 // Always ignore SIGPIPE, for consistency with other Chrome processes and |
| 105 // because some IPC code, such as sync_socket_posix.cc, requires this. | 105 // because some IPC code, such as sync_socket_posix.cc, requires this. |
| 106 // We do this before seccomp-bpf is initialized. | 106 // We do this before seccomp-bpf is initialized. |
| 107 PCHECK(signal(SIGPIPE, SIG_IGN) != SIG_ERR); | 107 PCHECK(signal(SIGPIPE, SIG_IGN) != SIG_ERR); |
| 108 | 108 |
| 109 // Finish layer-1 sandbox initialization and initialize the layer-2 sandbox. | 109 // Finish layer-1 sandbox initialization and initialize the layer-2 sandbox. |
| 110 CHECK(!nacl_sandbox->HasOpenDirectory()); | 110 CHECK(!nacl_sandbox->HasOpenDirectory()); |
| 111 #if !defined(OS_NACL_NONSFI) | |
| 112 // Currently Layer-two sandbox is not yet supported on nacl_helper_nonsfi. | |
| 113 // TODO(hidehiko): Enable the sandbox. | |
| 114 nacl_sandbox->InitializeLayerTwoSandbox(uses_nonsfi_mode); | 111 nacl_sandbox->InitializeLayerTwoSandbox(uses_nonsfi_mode); |
| 115 #endif | |
| 116 nacl_sandbox->SealLayerOneSandbox(); | 112 nacl_sandbox->SealLayerOneSandbox(); |
| 117 nacl_sandbox->CheckSandboxingStateWithPolicy(); | 113 nacl_sandbox->CheckSandboxingStateWithPolicy(); |
| 118 | 114 |
| 119 base::GlobalDescriptors::GetInstance()->Set(kPrimaryIPCChannel, | 115 base::GlobalDescriptors::GetInstance()->Set(kPrimaryIPCChannel, |
| 120 browser_fd.release()); | 116 browser_fd.release()); |
| 121 | 117 |
| 122 base::MessageLoopForIO main_message_loop; | 118 base::MessageLoopForIO main_message_loop; |
| 123 #if defined(OS_NACL_NONSFI) | 119 #if defined(OS_NACL_NONSFI) |
| 124 CHECK(uses_nonsfi_mode); | 120 CHECK(uses_nonsfi_mode); |
| 125 nacl::nonsfi::NonSfiListener listener; | 121 nacl::nonsfi::NonSfiListener listener; |
| (...skipping 353 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 479 // Now handle requests from the Zygote. | 475 // Now handle requests from the Zygote. |
| 480 while (true) { | 476 while (true) { |
| 481 bool request_handled = HandleZygoteRequest( | 477 bool request_handled = HandleZygoteRequest( |
| 482 kNaClZygoteDescriptor, system_info, nacl_sandbox.get()); | 478 kNaClZygoteDescriptor, system_info, nacl_sandbox.get()); |
| 483 // Do not turn this into a CHECK() without thinking about robustness | 479 // Do not turn this into a CHECK() without thinking about robustness |
| 484 // against malicious IPC requests. | 480 // against malicious IPC requests. |
| 485 DCHECK(request_handled); | 481 DCHECK(request_handled); |
| 486 } | 482 } |
| 487 NOTREACHED(); | 483 NOTREACHED(); |
| 488 } | 484 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1029283003:
WIP: Implement seccomp-bpf sandbox for nacl_helper_nonsfi.
Base URL: https://chromium.googlesource.com/chromium/src.git@master