components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc - Issue 1133303005: Non-SFI mode: Open primary IPC::Channel before seccomp-sandbox enabled.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc

Issue 1133303005: Non-SFI mode: Open primary IPC::Channel before seccomp-sandbox enabled. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc

diff --git a/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc b/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc

index 869658f9f8b4eddec6efdd545b89c966626b0440..2e002184d16142c8fdce8620fcd9937ce9170f5a 100644

--- a/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc

+++ b/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc

@@ -148,18 +148,24 @@ void NaClSandbox::InitializeLayerOneSandbox() {

}

-void NaClSandbox::CheckForExpectedNumberOfOpenFds() {

+void NaClSandbox::CheckForExpectedNumberOfOpenFds(bool uses_nonsfi_mode) {

// We expect to have the following FDs open:

// 1-3) stdin, stdout, stderr.

// 4) The /dev/urandom FD used by base::GetUrandomFD().

// 5) A dummy pipe FD used to overwrite kSandboxIPCChannel.

// 6) The socket for the Chrome IPC channel that's connected to the

// browser process, kPrimaryIPCChannel.

+ //

+ // In addition, in Non-SFI mode,

+ // 7-8) The socketpair dedicated for FD passing over 6)'s Chrome IPC

+ // channel. CLIENT_MODE IPC channel needs to open them. One for the NaCl

+ // loader side. The other will be sent to the browser process, after the

+ // sandbox is engaged.

// We also have an fd for /proc (proc_fd_), but CountOpenFds excludes this.

// This sanity check ensures that dynamically loaded libraries don't

// leave any FDs open before we enable the sandbox.

- int expected_num_fds = 6;

+ int expected_num_fds = uses_nonsfi_mode ? 8 : 6;

if (setuid_sandbox_client_->IsSuidSandboxChild()) {

// When using the setuid sandbox, there is one additional socket used for

// ChrootMe(). After ChrootMe(), it is no longer connected to anything.

@@ -174,7 +180,7 @@ void NaClSandbox::InitializeLayerTwoSandbox(bool uses_nonsfi_mode) {

// have a single thread running here.

DCHECK(!layer_one_sealed_);

CHECK(IsSingleThreaded());

- CheckForExpectedNumberOfOpenFds();

+ CheckForExpectedNumberOfOpenFds(uses_nonsfi_mode);

RestrictAddressSpaceUsage();

« components/nacl/loader/nacl_helper_linux.cc ('K') | « components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h ('k') | no next file » | no next file with comments »