| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // A mini-zygote specifically for Native Client. | 5 // A mini-zygote specifically for Native Client. |
| 6 | 6 |
| 7 #include "components/nacl/loader/nacl_helper_linux.h" | 7 #include "components/nacl/loader/nacl_helper_linux.h" |
| 8 | 8 |
| 9 #include <errno.h> | 9 #include <errno.h> |
| 10 #include <fcntl.h> | 10 #include <fcntl.h> |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 #include "components/nacl/common/nacl_switches.h" | 34 #include "components/nacl/common/nacl_switches.h" |
| 35 #include "components/nacl/loader/nacl_listener.h" | 35 #include "components/nacl/loader/nacl_listener.h" |
| 36 #include "components/nacl/loader/nonsfi/nonsfi_listener.h" | 36 #include "components/nacl/loader/nonsfi/nonsfi_listener.h" |
| 37 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" | 37 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" |
| 38 #include "content/public/common/content_descriptors.h" | 38 #include "content/public/common/content_descriptors.h" |
| 39 #include "content/public/common/send_zygote_child_ping_linux.h" | 39 #include "content/public/common/send_zygote_child_ping_linux.h" |
| 40 #include "content/public/common/zygote_fork_delegate_linux.h" | 40 #include "content/public/common/zygote_fork_delegate_linux.h" |
| 41 #include "crypto/nss_util.h" | 41 #include "crypto/nss_util.h" |
| 42 #include "ipc/ipc_descriptors.h" | 42 #include "ipc/ipc_descriptors.h" |
| 43 #include "ipc/ipc_switches.h" | 43 #include "ipc/ipc_switches.h" |
| 44 #include "sandbox/linux/services/credentials.h" |
| 44 #include "sandbox/linux/services/libc_urandom_override.h" | 45 #include "sandbox/linux/services/libc_urandom_override.h" |
| 46 #include "sandbox/linux/services/namespace_sandbox.h" |
| 45 | 47 |
| 46 #if defined(OS_NACL_NONSFI) | 48 #if defined(OS_NACL_NONSFI) |
| 47 #include "native_client/src/public/nonsfi/irt_exception_handling.h" | 49 #include "native_client/src/public/nonsfi/irt_exception_handling.h" |
| 48 #else | 50 #else |
| 49 #include <link.h> | 51 #include <link.h> |
| 50 #include "components/nacl/loader/nonsfi/irt_exception_handling.h" | 52 #include "components/nacl/loader/nonsfi/irt_exception_handling.h" |
| 51 #endif | 53 #endif |
| 52 | 54 |
| 53 namespace { | 55 namespace { |
| 54 | 56 |
| (...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 183 return false; | 185 return false; |
| 184 } | 186 } |
| 185 | 187 |
| 186 if (content::ZygoteForkDelegate::kNumPassedFDs != child_fds.size()) { | 188 if (content::ZygoteForkDelegate::kNumPassedFDs != child_fds.size()) { |
| 187 LOG(ERROR) << "nacl_helper: unexpected number of fds, got " | 189 LOG(ERROR) << "nacl_helper: unexpected number of fds, got " |
| 188 << child_fds.size(); | 190 << child_fds.size(); |
| 189 return false; | 191 return false; |
| 190 } | 192 } |
| 191 | 193 |
| 192 VLOG(1) << "nacl_helper: forking"; | 194 VLOG(1) << "nacl_helper: forking"; |
| 193 pid_t child_pid = fork(); | 195 pid_t child_pid; |
| 196 if (sandbox::NamespaceSandbox::InNewUserNamespace()) { |
| 197 child_pid = sandbox::NamespaceSandbox::ForkInNewPidNamespace( |
| 198 /*drop_capabilities_in_child=*/true); |
| 199 } else { |
| 200 child_pid = sandbox::Credentials::ForkAndDropCapabilitiesInChild(); |
| 201 } |
| 202 |
| 194 if (child_pid < 0) { | 203 if (child_pid < 0) { |
| 195 PLOG(ERROR) << "*** fork() failed."; | 204 PLOG(ERROR) << "*** fork() failed."; |
| 196 } | 205 } |
| 197 | 206 |
| 198 if (child_pid == 0) { | 207 if (child_pid == 0) { |
| 208 // Install termiantion signal handlers for nonsfi NaCl. The SFI NaCl runtime |
| 209 // will install signal handlers for SIGINT, SIGTERM, etc. so we do not need |
| 210 // to install termination signal handlers ourselves (in fact, it will crash |
| 211 // if signal handlers for these are present). |
| 212 if (uses_nonsfi_mode && getpid() == 1) { |
| 213 // Note that nonsfi NaCl may override some of these signal handlers, which |
| 214 // is fine. |
| 215 sandbox::NamespaceSandbox::InstallDefaultTerminationSignalHandlers(); |
| 216 } |
| 199 ChildNaClLoaderInit(child_fds.Pass(), | 217 ChildNaClLoaderInit(child_fds.Pass(), |
| 200 system_info, | 218 system_info, |
| 201 uses_nonsfi_mode, | 219 uses_nonsfi_mode, |
| 202 nacl_sandbox, | 220 nacl_sandbox, |
| 203 channel_id); | 221 channel_id); |
| 204 NOTREACHED(); | 222 NOTREACHED(); |
| 205 } | 223 } |
| 206 | 224 |
| 207 // I am the parent. | 225 // I am the parent. |
| 208 // First, close the dummy_fd so the sandbox won't find me when | 226 // First, close the dummy_fd so the sandbox won't find me when |
| (...skipping 268 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 477 // Now handle requests from the Zygote. | 495 // Now handle requests from the Zygote. |
| 478 while (true) { | 496 while (true) { |
| 479 bool request_handled = HandleZygoteRequest( | 497 bool request_handled = HandleZygoteRequest( |
| 480 kNaClZygoteDescriptor, system_info, nacl_sandbox.get()); | 498 kNaClZygoteDescriptor, system_info, nacl_sandbox.get()); |
| 481 // Do not turn this into a CHECK() without thinking about robustness | 499 // Do not turn this into a CHECK() without thinking about robustness |
| 482 // against malicious IPC requests. | 500 // against malicious IPC requests. |
| 483 DCHECK(request_handled); | 501 DCHECK(request_handled); |
| 484 } | 502 } |
| 485 NOTREACHED(); | 503 NOTREACHED(); |
| 486 } | 504 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1158793003:
Enable one PID namespace per process for NaCl processes. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master