| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <asm/unistd.h> | 5 #include <asm/unistd.h> |
| 6 #include <dlfcn.h> | 6 #include <dlfcn.h> |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <linux/net.h> | 9 #include <linux/net.h> |
| 10 #include <signal.h> | 10 #include <signal.h> |
| (...skipping 12 matching lines...) Expand all Loading... |
| 23 #if defined(__arm__) && !defined(MAP_STACK) | 23 #if defined(__arm__) && !defined(MAP_STACK) |
| 24 #define MAP_STACK 0x20000 // Daisy build environment has old headers. | 24 #define MAP_STACK 0x20000 // Daisy build environment has old headers. |
| 25 #endif | 25 #endif |
| 26 | 26 |
| 27 #include "base/basictypes.h" | 27 #include "base/basictypes.h" |
| 28 #include "base/bind.h" | 28 #include "base/bind.h" |
| 29 #include "base/callback.h" | 29 #include "base/callback.h" |
| 30 #include "base/command_line.h" | 30 #include "base/command_line.h" |
| 31 #include "base/logging.h" | 31 #include "base/logging.h" |
| 32 #include "build/build_config.h" | 32 #include "build/build_config.h" |
| 33 #include "build/build_config_functions.h" |
| 33 #include "content/common/sandbox_linux.h" | 34 #include "content/common/sandbox_linux.h" |
| 34 #include "content/common/sandbox_seccomp_bpf_linux.h" | 35 #include "content/common/sandbox_seccomp_bpf_linux.h" |
| 35 #include "content/public/common/content_switches.h" | 36 #include "content/public/common/content_switches.h" |
| 36 #include "sandbox/linux/services/broker_process.h" | 37 #include "sandbox/linux/services/broker_process.h" |
| 37 | 38 |
| 38 // These are the only architectures supported for now. | 39 // These are the only architectures supported for now. |
| 39 #if defined(__i386__) || defined(__x86_64__) || \ | 40 #if defined(__i386__) || defined(__x86_64__) || \ |
| 40 (defined(__arm__) && (defined(__thumb__) || defined(__ARM_EABI__))) | 41 (defined(__arm__) && (defined(__thumb__) || defined(__ARM_EABI__))) |
| 41 #define SECCOMP_BPF_SANDBOX | 42 #define SECCOMP_BPF_SANDBOX |
| 42 #endif | 43 #endif |
| 43 | 44 |
| 44 #if defined(SECCOMP_BPF_SANDBOX) | 45 #if defined(SECCOMP_BPF_SANDBOX) |
| 45 #include "base/posix/eintr_wrapper.h" | 46 #include "base/posix/eintr_wrapper.h" |
| 46 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 47 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| 47 #include "sandbox/linux/services/linux_syscalls.h" | 48 #include "sandbox/linux/services/linux_syscalls.h" |
| 48 | 49 |
| 49 using playground2::arch_seccomp_data; | 50 using playground2::arch_seccomp_data; |
| 50 using playground2::ErrorCode; | 51 using playground2::ErrorCode; |
| 51 using playground2::Sandbox; | 52 using playground2::Sandbox; |
| 52 using sandbox::BrokerProcess; | 53 using sandbox::BrokerProcess; |
| 53 | 54 |
| 54 namespace { | 55 namespace { |
| 55 | 56 |
| 56 void StartSandboxWithPolicy(Sandbox::EvaluateSyscall syscall_policy, | 57 void StartSandboxWithPolicy(Sandbox::EvaluateSyscall syscall_policy, |
| 57 BrokerProcess* broker_process); | 58 BrokerProcess* broker_process); |
| 58 | 59 |
| 59 inline bool RunningOnASAN() { | |
| 60 #if defined(ADDRESS_SANITIZER) | |
| 61 return true; | |
| 62 #else | |
| 63 return false; | |
| 64 #endif | |
| 65 } | |
| 66 | |
| 67 inline bool IsChromeOS() { | |
| 68 #if defined(OS_CHROMEOS) | |
| 69 return true; | |
| 70 #else | |
| 71 return false; | |
| 72 #endif | |
| 73 } | |
| 74 | |
| 75 inline bool IsArchitectureX86_64() { | |
| 76 #if defined(__x86_64__) | |
| 77 return true; | |
| 78 #else | |
| 79 return false; | |
| 80 #endif | |
| 81 } | |
| 82 | |
| 83 inline bool IsArchitectureI386() { | |
| 84 #if defined(__i386__) | |
| 85 return true; | |
| 86 #else | |
| 87 return false; | |
| 88 #endif | |
| 89 } | |
| 90 | |
| 91 inline bool IsArchitectureArm() { | |
| 92 #if defined(__arm__) | |
| 93 return true; | |
| 94 #else | |
| 95 return false; | |
| 96 #endif | |
| 97 } | |
| 98 | |
| 99 inline bool IsUsingToolKitGtk() { | |
| 100 #if defined(TOOLKIT_GTK) | |
| 101 return true; | |
| 102 #else | |
| 103 return false; | |
| 104 #endif | |
| 105 } | |
| 106 | |
| 107 // Write |error_message| to stderr. Similar to RawLog(), but a bit more careful | 60 // Write |error_message| to stderr. Similar to RawLog(), but a bit more careful |
| 108 // about async-signal safety. |size| is the size to write and should typically | 61 // about async-signal safety. |size| is the size to write and should typically |
| 109 // not include a terminating \0. | 62 // not include a terminating \0. |
| 110 void WriteToStdErr(const char* error_message, size_t size) { | 63 void WriteToStdErr(const char* error_message, size_t size) { |
| 111 while (size > 0) { | 64 while (size > 0) { |
| 112 // TODO(jln): query the current policy to check if send() is available and | 65 // TODO(jln): query the current policy to check if send() is available and |
| 113 // use it to perform a non blocking write. | 66 // use it to perform a non blocking write. |
| 114 const int ret = HANDLE_EINTR(write(STDERR_FILENO, error_message, size)); | 67 const int ret = HANDLE_EINTR(write(STDERR_FILENO, error_message, size)); |
| 115 // We can't handle any type of error here. | 68 // We can't handle any type of error here. |
| 116 if (ret <= 0 || static_cast<size_t>(ret) > size) break; | 69 if (ret <= 0 || static_cast<size_t>(ret) > size) break; |
| (...skipping 1469 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1586 return ArmGpuProcessPolicy(sandbox, sysno, aux); | 1539 return ArmGpuProcessPolicy(sandbox, sysno, aux); |
| 1587 } | 1540 } |
| 1588 } | 1541 } |
| 1589 | 1542 |
| 1590 // Allow clone(2) for threads. | 1543 // Allow clone(2) for threads. |
| 1591 // Reject fork(2) attempts with EPERM. | 1544 // Reject fork(2) attempts with EPERM. |
| 1592 // Crash if anything else is attempted. | 1545 // Crash if anything else is attempted. |
| 1593 // Don't restrict on ASAN. | 1546 // Don't restrict on ASAN. |
| 1594 ErrorCode RestrictCloneToThreadsAndEPERMFork(Sandbox* sandbox) { | 1547 ErrorCode RestrictCloneToThreadsAndEPERMFork(Sandbox* sandbox) { |
| 1595 // Glibc's pthread. | 1548 // Glibc's pthread. |
| 1596 if (!RunningOnASAN()) { | 1549 if (!IsASANBuild()) { |
| 1597 return sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, | 1550 return sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, |
| 1598 CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | | 1551 CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | |
| 1599 CLONE_THREAD | CLONE_SYSVSEM | CLONE_SETTLS | | 1552 CLONE_THREAD | CLONE_SYSVSEM | CLONE_SETTLS | |
| 1600 CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID, | 1553 CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID, |
| 1601 ErrorCode(ErrorCode::ERR_ALLOWED), | 1554 ErrorCode(ErrorCode::ERR_ALLOWED), |
| 1602 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, | 1555 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, |
| 1603 CLONE_PARENT_SETTID | SIGCHLD, | 1556 CLONE_PARENT_SETTID | SIGCHLD, |
| 1604 ErrorCode(EPERM), | 1557 ErrorCode(EPERM), |
| 1605 // ARM | 1558 // ARM |
| 1606 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, | 1559 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, |
| (...skipping 473 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2080 return false; | 2033 return false; |
| 2081 } | 2034 } |
| 2082 | 2035 |
| 2083 #if defined(SECCOMP_BPF_SANDBOX) | 2036 #if defined(SECCOMP_BPF_SANDBOX) |
| 2084 playground2::BpfSandboxPolicyCallback SandboxSeccompBpf::GetBaselinePolicy() { | 2037 playground2::BpfSandboxPolicyCallback SandboxSeccompBpf::GetBaselinePolicy() { |
| 2085 return base::Bind(&BaselinePolicyWithAux); | 2038 return base::Bind(&BaselinePolicyWithAux); |
| 2086 } | 2039 } |
| 2087 #endif // defined(SECCOMP_BPF_SANDBOX) | 2040 #endif // defined(SECCOMP_BPF_SANDBOX) |
| 2088 | 2041 |
| 2089 } // namespace content | 2042 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 103293003:
Add build_config_functions.h to avoid #ifdef (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src