Revert of Linux Sandbox: split the GPU policies to their own file.

content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc

-// Copyright (c) 2013 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.h"
-
-#include <dlfcn.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-#include <string>
-#include <vector>
-
-#include "base/compiler_specific.h"
-#include "base/logging.h"
-#include "base/memory/scoped_ptr.h"
-#include "content/common/sandbox_linux/sandbox_bpf_base_policy_linux.h"
-#include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h"
-#include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h"
-#include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
-#include "sandbox/linux/services/linux_syscalls.h"
-
-using sandbox::ErrorCode;
-using sandbox::SandboxBPF;
-using sandbox::SyscallSets;
-
-namespace content {
-
-namespace {
-
-inline bool IsChromeOS() {
-#if defined(OS_CHROMEOS)
-  return true;
-#else
-  return false;
-#endif
-}
-
-inline bool IsArchitectureArm() {
-#if defined(__arm__)
-  return true;
-#else
-  return false;
-#endif
-}
-
-void AddArmMaliGpuWhitelist(std::vector<std::string>* read_whitelist,
-                            std::vector<std::string>* write_whitelist) {
-  // Device file needed by the ARM GPU userspace.
-  static const char kMali0Path[] = "/dev/mali0";
-
-  // Devices needed for video decode acceleration on ARM.
-  static const char kDevMfcDecPath[] = "/dev/mfc-dec";
-  static const char kDevGsc1Path[] = "/dev/gsc1";
-
-  // Devices needed for video encode acceleration on ARM.
-  static const char kDevMfcEncPath[] = "/dev/mfc-enc";
-
-  read_whitelist->push_back(kMali0Path);
-  read_whitelist->push_back(kDevMfcDecPath);
-  read_whitelist->push_back(kDevGsc1Path);
-  read_whitelist->push_back(kDevMfcEncPath);
-
-  write_whitelist->push_back(kMali0Path);
-  write_whitelist->push_back(kDevMfcDecPath);
-  write_whitelist->push_back(kDevGsc1Path);
-  write_whitelist->push_back(kDevMfcEncPath);
-}
-
-void AddArmTegraGpuWhitelist(std::vector<std::string>* read_whitelist,
-                             std::vector<std::string>* write_whitelist) {
-  // Device files needed by the Tegra GPU userspace.
-  static const char kDevNvhostCtrlPath[] = "/dev/nvhost-ctrl";
-  static const char kDevNvhostGr2dPath[] = "/dev/nvhost-gr2d";
-  static const char kDevNvhostGr3dPath[] = "/dev/nvhost-gr3d";
-  static const char kDevNvhostIspPath[] = "/dev/nvhost-isp";
-  static const char kDevNvhostViPath[] = "/dev/nvhost-vi";
-  static const char kDevNvmapPath[] = "/dev/nvmap";
-  static const char kDevTegraSemaPath[] = "/dev/tegra_sema";
-
-  read_whitelist->push_back(kDevNvhostCtrlPath);
-  read_whitelist->push_back(kDevNvhostGr2dPath);
-  read_whitelist->push_back(kDevNvhostGr3dPath);
-  read_whitelist->push_back(kDevNvhostIspPath);
-  read_whitelist->push_back(kDevNvhostViPath);
-  read_whitelist->push_back(kDevNvmapPath);
-  read_whitelist->push_back(kDevTegraSemaPath);
-
-  write_whitelist->push_back(kDevNvhostCtrlPath);
-  write_whitelist->push_back(kDevNvhostGr2dPath);
-  write_whitelist->push_back(kDevNvhostGr3dPath);
-  write_whitelist->push_back(kDevNvhostIspPath);
-  write_whitelist->push_back(kDevNvhostViPath);
-  write_whitelist->push_back(kDevNvmapPath);
-  write_whitelist->push_back(kDevTegraSemaPath);
-}
-
-void AddArmGpuWhitelist(std::vector<std::string>* read_whitelist,
-                        std::vector<std::string>* write_whitelist) {
-  // On ARM we're enabling the sandbox before the X connection is made,
-  // so we need to allow access to |.Xauthority|.
-  static const char kXAuthorityPath[] = "/home/chronos/.Xauthority";
-  static const char kLdSoCache[] = "/etc/ld.so.cache";
-
-  // Files needed by the ARM GPU userspace.
-  static const char kLibGlesPath[] = "/usr/lib/libGLESv2.so.2";
-  static const char kLibEglPath[] = "/usr/lib/libEGL.so.1";
-
-  read_whitelist->push_back(kXAuthorityPath);
-  read_whitelist->push_back(kLdSoCache);
-  read_whitelist->push_back(kLibGlesPath);
-  read_whitelist->push_back(kLibEglPath);
-
-  AddArmMaliGpuWhitelist(read_whitelist, write_whitelist);
-  AddArmTegraGpuWhitelist(read_whitelist, write_whitelist);
-}
-
-class CrosArmGpuBrokerProcessPolicy : public CrosArmGpuProcessPolicy {
- public:
-  CrosArmGpuBrokerProcessPolicy() : CrosArmGpuProcessPolicy(false) {}
-  virtual ~CrosArmGpuBrokerProcessPolicy() {}
-
-  virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler,
-                                    int system_call_number) const OVERRIDE;
-
- private:
-  DISALLOW_COPY_AND_ASSIGN(CrosArmGpuBrokerProcessPolicy);
-};
-
-// A GPU broker policy is the same as a GPU policy with open and
-// openat allowed.
-ErrorCode CrosArmGpuBrokerProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox,
-    int sysno) const {
-  switch (sysno) {
-    case __NR_access:
-    case __NR_open:
-    case __NR_openat:
-      return ErrorCode(ErrorCode::ERR_ALLOWED);
-    default:
-      return CrosArmGpuProcessPolicy::EvaluateSyscall(sandbox, sysno);
-  }
-}
-
-bool EnableArmGpuBrokerPolicyCallback() {
-  return SandboxSeccompBPF::StartSandboxWithExternalPolicy(
-      scoped_ptr<sandbox::SandboxBPFPolicy>(new CrosArmGpuBrokerProcessPolicy));
-}
-
-}  // namespace
-
-CrosArmGpuProcessPolicy::CrosArmGpuProcessPolicy(bool allow_shmat)
-    : allow_shmat_(allow_shmat) {}
-
-CrosArmGpuProcessPolicy::~CrosArmGpuProcessPolicy() {}
-
-ErrorCode CrosArmGpuProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox,
-                                                   int sysno) const {
-#if defined(__arm__)
-  if (allow_shmat_ && sysno == __NR_shmat)
-    return ErrorCode(ErrorCode::ERR_ALLOWED);
-#endif  // defined(__arm__)
-
-  switch (sysno) {
-#if defined(__arm__)
-    // ARM GPU sandbox is started earlier so we need to allow networking
-    // in the sandbox.
-    case __NR_connect:
-    case __NR_getpeername:
-    case __NR_getsockname:
-    case __NR_sysinfo:
-    case __NR_uname:
-      return ErrorCode(ErrorCode::ERR_ALLOWED);
-    // Allow only AF_UNIX for |domain|.
-    case __NR_socket:
-    case __NR_socketpair:
-      return sandbox->Cond(0, ErrorCode::TP_32BIT,
-                           ErrorCode::OP_EQUAL, AF_UNIX,
-                           ErrorCode(ErrorCode::ERR_ALLOWED),
-                           ErrorCode(EPERM));
-#endif  // defined(__arm__)
-    default:
-      if (SyscallSets::IsAdvancedScheduler(sysno))
-        return ErrorCode(ErrorCode::ERR_ALLOWED);
-
-      // Default to the generic GPU policy.
-      return GpuProcessPolicy::EvaluateSyscall(sandbox, sysno);
-  }
-}
-
-bool CrosArmGpuProcessPolicy::PreSandboxHook() {
-  DCHECK(IsChromeOS() && IsArchitectureArm());
-  // Create a new broker process.
-  DCHECK(!broker_process());
-
-  std::vector<std::string> read_whitelist_extra;
-  std::vector<std::string> write_whitelist_extra;
-  // Add ARM-specific files to whitelist in the broker.
-
-  AddArmGpuWhitelist(&read_whitelist_extra, &write_whitelist_extra);
-  InitGpuBrokerProcess(EnableArmGpuBrokerPolicyCallback,
-                       read_whitelist_extra,
-                       write_whitelist_extra);
-
-  const int dlopen_flag = RTLD_NOW | RTLD_GLOBAL | RTLD_NODELETE;
-
-  // Preload the Mali library.
-  dlopen("/usr/lib/libmali.so", dlopen_flag);
-
-  // Preload the Tegra libraries.
-  dlopen("/usr/lib/libnvrm.so", dlopen_flag);
-  dlopen("/usr/lib/libnvrm_graphics.so", dlopen_flag);
-  dlopen("/usr/lib/libnvos.so", dlopen_flag);
-  dlopen("/usr/lib/libnvddk_2d.so", dlopen_flag);
-  dlopen("/usr/lib/libardrv_dynamic.so", dlopen_flag);
-  dlopen("/usr/lib/libnvwsi.so", dlopen_flag);
-  dlopen("/usr/lib/libnvglsi.so", dlopen_flag);
-  dlopen("/usr/lib/libcgdrv.so", dlopen_flag);
-
-  return true;
-}
-
-}  // namespace content