OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/linux/services/namespace_sandbox.h" | 5 #include "sandbox/linux/services/namespace_sandbox.h" |
6 | 6 |
7 #include <sched.h> | 7 #include <sched.h> |
8 #include <signal.h> | |
9 #include <stdlib.h> | 8 #include <stdlib.h> |
10 #include <sys/types.h> | 9 #include <sys/types.h> |
11 #include <unistd.h> | 10 #include <unistd.h> |
12 | 11 |
13 #include <string> | 12 #include <string> |
14 #include <utility> | 13 #include <utility> |
15 #include <vector> | 14 #include <vector> |
16 | 15 |
17 #include "base/command_line.h" | 16 #include "base/command_line.h" |
18 #include "base/environment.h" | 17 #include "base/environment.h" |
19 #include "base/files/scoped_file.h" | 18 #include "base/files/scoped_file.h" |
20 #include "base/logging.h" | 19 #include "base/logging.h" |
21 #include "base/macros.h" | |
22 #include "base/posix/eintr_wrapper.h" | 20 #include "base/posix/eintr_wrapper.h" |
23 #include "base/process/launch.h" | 21 #include "base/process/launch.h" |
24 #include "base/process/process.h" | 22 #include "base/process/process.h" |
25 #include "sandbox/linux/services/credentials.h" | |
26 #include "sandbox/linux/services/namespace_utils.h" | 23 #include "sandbox/linux/services/namespace_utils.h" |
27 | 24 |
28 namespace sandbox { | 25 namespace sandbox { |
29 | 26 |
30 namespace { | 27 namespace { |
31 | 28 |
32 class WriteUidGidMapDelegate : public base::LaunchOptions::PreExecDelegate { | 29 class WriteUidGidMapDelegate : public base::LaunchOptions::PreExecDelegate { |
33 public: | 30 public: |
34 WriteUidGidMapDelegate() | 31 WriteUidGidMapDelegate() |
35 : uid_(getuid()), | 32 : uid_(getuid()), |
(...skipping 22 matching lines...) Expand all Loading... |
58 base::NativeEnvironmentString env_var, | 55 base::NativeEnvironmentString env_var, |
59 bool value) { | 56 bool value) { |
60 // An empty string causes the env var to be unset in the child process. | 57 // An empty string causes the env var to be unset in the child process. |
61 (*environ)[env_var] = value ? "1" : ""; | 58 (*environ)[env_var] = value ? "1" : ""; |
62 } | 59 } |
63 | 60 |
64 const char kSandboxUSERNSEnvironmentVarName[] = "SBX_USER_NS"; | 61 const char kSandboxUSERNSEnvironmentVarName[] = "SBX_USER_NS"; |
65 const char kSandboxPIDNSEnvironmentVarName[] = "SBX_PID_NS"; | 62 const char kSandboxPIDNSEnvironmentVarName[] = "SBX_PID_NS"; |
66 const char kSandboxNETNSEnvironmentVarName[] = "SBX_NET_NS"; | 63 const char kSandboxNETNSEnvironmentVarName[] = "SBX_NET_NS"; |
67 | 64 |
68 // Linux supports up to 64 signals. This should be updated if that ever changes. | |
69 int g_signal_exit_codes[64]; | |
70 | |
71 void TerminationSignalHandler(int sig) { | |
72 // Return a special exit code so that the process is detected as terminated by | |
73 // a signal. | |
74 const size_t sig_idx = static_cast<size_t>(sig); | |
75 if (sig_idx < arraysize(g_signal_exit_codes)) { | |
76 _exit(g_signal_exit_codes[sig_idx]); | |
77 } | |
78 | |
79 _exit(NamespaceSandbox::kDefaultExitCode); | |
80 } | |
81 | |
82 } // namespace | 65 } // namespace |
83 | 66 |
84 // static | 67 // static |
85 base::Process NamespaceSandbox::LaunchProcess( | 68 base::Process NamespaceSandbox::LaunchProcess( |
86 const base::CommandLine& cmdline, | 69 const base::CommandLine& cmdline, |
87 const base::LaunchOptions& options) { | 70 const base::LaunchOptions& options) { |
88 return LaunchProcess(cmdline.argv(), options); | 71 return LaunchProcess(cmdline.argv(), options); |
89 } | 72 } |
90 | 73 |
91 // static | 74 // static |
(...skipping 29 matching lines...) Expand all Loading... |
121 for (const auto& entry : clone_flag_environ) { | 104 for (const auto& entry : clone_flag_environ) { |
122 const int flag = entry.first; | 105 const int flag = entry.first; |
123 const char* environ_name = entry.second; | 106 const char* environ_name = entry.second; |
124 SetEnvironForNamespaceType(environ, environ_name, clone_flags & flag); | 107 SetEnvironForNamespaceType(environ, environ_name, clone_flags & flag); |
125 } | 108 } |
126 | 109 |
127 return base::LaunchProcess(argv, launch_options); | 110 return base::LaunchProcess(argv, launch_options); |
128 } | 111 } |
129 | 112 |
130 // static | 113 // static |
131 pid_t NamespaceSandbox::ForkInNewPidNamespace(bool drop_capabilities_in_child) { | |
132 const pid_t pid = | |
133 base::ForkWithFlags(CLONE_NEWPID | SIGCHLD, nullptr, nullptr); | |
134 if (pid < 0) { | |
135 return pid; | |
136 } | |
137 | |
138 if (pid == 0) { | |
139 DCHECK_EQ(1, getpid()); | |
140 if (drop_capabilities_in_child) { | |
141 // Since we just forked, we are single-threaded, so this should be safe. | |
142 CHECK(Credentials::DropAllCapabilitiesOnCurrentThread()); | |
143 } | |
144 return 0; | |
145 } | |
146 | |
147 return pid; | |
148 } | |
149 | |
150 // static | |
151 void NamespaceSandbox::InstallDefaultTerminationSignalHandlers() { | |
152 static const int kDefaultTermSignals[] = { | |
153 SIGHUP, SIGINT, SIGABRT, SIGQUIT, SIGPIPE, SIGTERM, SIGUSR1, SIGUSR2, | |
154 }; | |
155 | |
156 for (const int sig : kDefaultTermSignals) { | |
157 InstallTerminationSignalHandler(sig, kDefaultExitCode); | |
158 } | |
159 } | |
160 | |
161 // static | |
162 bool NamespaceSandbox::InstallTerminationSignalHandler( | |
163 int sig, | |
164 int exit_code) { | |
165 struct sigaction old_action; | |
166 PCHECK(sigaction(sig, nullptr, &old_action) == 0); | |
167 | |
168 if (old_action.sa_flags & SA_SIGINFO && | |
169 old_action.sa_sigaction != nullptr) { | |
170 return false; | |
171 } else if (old_action.sa_handler != SIG_DFL) { | |
172 return false; | |
173 } | |
174 | |
175 const size_t sig_idx = static_cast<size_t>(sig); | |
176 CHECK_LT(sig_idx, arraysize(g_signal_exit_codes)); | |
177 | |
178 DCHECK_GE(exit_code, 0); | |
179 DCHECK_LT(exit_code, 256); | |
180 | |
181 g_signal_exit_codes[sig_idx] = exit_code; | |
182 | |
183 struct sigaction action = {}; | |
184 action.sa_handler = &TerminationSignalHandler; | |
185 PCHECK(sigaction(sig, &action, nullptr) == 0); | |
186 return true; | |
187 } | |
188 | |
189 // static | |
190 bool NamespaceSandbox::InNewUserNamespace() { | 114 bool NamespaceSandbox::InNewUserNamespace() { |
191 return getenv(kSandboxUSERNSEnvironmentVarName) != nullptr; | 115 return getenv(kSandboxUSERNSEnvironmentVarName) != nullptr; |
192 } | 116 } |
193 | 117 |
194 // static | 118 // static |
195 bool NamespaceSandbox::InNewPidNamespace() { | 119 bool NamespaceSandbox::InNewPidNamespace() { |
196 return getenv(kSandboxPIDNSEnvironmentVarName) != nullptr; | 120 return getenv(kSandboxPIDNSEnvironmentVarName) != nullptr; |
197 } | 121 } |
198 | 122 |
199 // static | 123 // static |
200 bool NamespaceSandbox::InNewNetNamespace() { | 124 bool NamespaceSandbox::InNewNetNamespace() { |
201 return getenv(kSandboxNETNSEnvironmentVarName) != nullptr; | 125 return getenv(kSandboxNETNSEnvironmentVarName) != nullptr; |
202 } | 126 } |
203 | 127 |
204 } // namespace sandbox | 128 } // namespace sandbox |
OLD | NEW |