OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // A mini-zygote specifically for Native Client. | 5 // A mini-zygote specifically for Native Client. |
6 | 6 |
7 #include "components/nacl/loader/nacl_helper_linux.h" | 7 #include "components/nacl/loader/nacl_helper_linux.h" |
8 | 8 |
9 #include <errno.h> | 9 #include <errno.h> |
10 #include <fcntl.h> | 10 #include <fcntl.h> |
(...skipping 23 matching lines...) Expand all Loading... | |
34 #include "components/nacl/common/nacl_switches.h" | 34 #include "components/nacl/common/nacl_switches.h" |
35 #include "components/nacl/loader/nacl_listener.h" | 35 #include "components/nacl/loader/nacl_listener.h" |
36 #include "components/nacl/loader/nonsfi/nonsfi_listener.h" | 36 #include "components/nacl/loader/nonsfi/nonsfi_listener.h" |
37 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" | 37 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" |
38 #include "content/public/common/content_descriptors.h" | 38 #include "content/public/common/content_descriptors.h" |
39 #include "content/public/common/send_zygote_child_ping_linux.h" | 39 #include "content/public/common/send_zygote_child_ping_linux.h" |
40 #include "content/public/common/zygote_fork_delegate_linux.h" | 40 #include "content/public/common/zygote_fork_delegate_linux.h" |
41 #include "crypto/nss_util.h" | 41 #include "crypto/nss_util.h" |
42 #include "ipc/ipc_descriptors.h" | 42 #include "ipc/ipc_descriptors.h" |
43 #include "ipc/ipc_switches.h" | 43 #include "ipc/ipc_switches.h" |
44 #include "sandbox/linux/services/credentials.h" | |
44 #include "sandbox/linux/services/libc_urandom_override.h" | 45 #include "sandbox/linux/services/libc_urandom_override.h" |
46 #include "sandbox/linux/services/namespace_sandbox.h" | |
45 | 47 |
46 #if defined(OS_NACL_NONSFI) | 48 #if defined(OS_NACL_NONSFI) |
47 #include "native_client/src/public/nonsfi/irt_exception_handling.h" | 49 #include "native_client/src/public/nonsfi/irt_exception_handling.h" |
48 #else | 50 #else |
49 #include <link.h> | 51 #include <link.h> |
50 #include "components/nacl/loader/nonsfi/irt_exception_handling.h" | 52 #include "components/nacl/loader/nonsfi/irt_exception_handling.h" |
51 #endif | 53 #endif |
52 | 54 |
53 namespace { | 55 namespace { |
54 | 56 |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
183 return false; | 185 return false; |
184 } | 186 } |
185 | 187 |
186 if (content::ZygoteForkDelegate::kNumPassedFDs != child_fds.size()) { | 188 if (content::ZygoteForkDelegate::kNumPassedFDs != child_fds.size()) { |
187 LOG(ERROR) << "nacl_helper: unexpected number of fds, got " | 189 LOG(ERROR) << "nacl_helper: unexpected number of fds, got " |
188 << child_fds.size(); | 190 << child_fds.size(); |
189 return false; | 191 return false; |
190 } | 192 } |
191 | 193 |
192 VLOG(1) << "nacl_helper: forking"; | 194 VLOG(1) << "nacl_helper: forking"; |
193 pid_t child_pid = fork(); | 195 pid_t child_pid; |
196 #if !defined(OS_NACL_NONSFI) | |
197 if (sandbox::NamespaceSandbox::InNewUserNamespace()) { | |
jln (very slow on Chromium)
2015/05/28 09:02:33
Hidehiko, Mark, what's missing for this to compile
hidehiko
2015/05/29 05:46:58
base::ForkWithFlags in base/process/launch_posix.c
hidehiko
2015/05/29 06:14:52
FYI: Like this https://codereview.chromium.org/116
rickyz (no longer on Chrome)
2015/05/29 23:16:39
Thanks for the comments, Hidehiko - it sounds like
| |
198 // The NaCl runtime will install signal handlers for SIGINT, SIGTERM, etc. | |
199 // so we do not need to install termination signal handlers ourselves. | |
200 child_pid = sandbox::NamespaceSandbox::ForkInNewPidNamespace( | |
201 /*drop_capabilities_in_child=*/true); | |
202 } else { | |
203 #endif | |
204 child_pid = fork(); | |
jln (very slow on Chromium)
2015/05/28 09:02:33
We never drop all capabilities in this codepath!
rickyz (no longer on Chrome)
2015/05/29 23:16:39
The combination of keeping CAP_SYS_ADMIN and hitti
| |
205 #if !defined(OS_NACL_NONSFI) | |
mdempsky
2015/05/28 21:23:23
nit: Having an #if block just for a } is kind of u
rickyz (no longer on Chrome)
2015/05/29 23:16:39
Done.
| |
206 } | |
207 #endif | |
208 | |
194 if (child_pid < 0) { | 209 if (child_pid < 0) { |
195 PLOG(ERROR) << "*** fork() failed."; | 210 PLOG(ERROR) << "*** fork() failed."; |
196 } | 211 } |
197 | 212 |
198 if (child_pid == 0) { | 213 if (child_pid == 0) { |
199 ChildNaClLoaderInit(child_fds.Pass(), | 214 ChildNaClLoaderInit(child_fds.Pass(), |
200 system_info, | 215 system_info, |
201 uses_nonsfi_mode, | 216 uses_nonsfi_mode, |
202 nacl_sandbox, | 217 nacl_sandbox, |
203 channel_id); | 218 channel_id); |
(...skipping 273 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
477 // Now handle requests from the Zygote. | 492 // Now handle requests from the Zygote. |
478 while (true) { | 493 while (true) { |
479 bool request_handled = HandleZygoteRequest( | 494 bool request_handled = HandleZygoteRequest( |
480 kNaClZygoteDescriptor, system_info, nacl_sandbox.get()); | 495 kNaClZygoteDescriptor, system_info, nacl_sandbox.get()); |
481 // Do not turn this into a CHECK() without thinking about robustness | 496 // Do not turn this into a CHECK() without thinking about robustness |
482 // against malicious IPC requests. | 497 // against malicious IPC requests. |
483 DCHECK(request_handled); | 498 DCHECK(request_handled); |
484 } | 499 } |
485 NOTREACHED(); | 500 NOTREACHED(); |
486 } | 501 } |
OLD | NEW |