Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(243)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/nacl/loader/nacl_helper_linux.cc

Issue 1158793003: Enable one PID namespace per process for NaCl processes. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Split out nonSFI bits. Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc » ('j') | components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/nacl/loader/nacl_helper_linux.cc
diff --git a/components/nacl/loader/nacl_helper_linux.cc b/components/nacl/loader/nacl_helper_linux.cc
index 5b92b5c1023388451d16c9ef96b7d97af97e14ef..f1a647f037389dc20795e391a2d242825b1a73b3 100644
--- a/components/nacl/loader/nacl_helper_linux.cc
+++ b/components/nacl/loader/nacl_helper_linux.cc
@@ -41,7 +41,9 @@
#include "crypto/nss_util.h"
#include "ipc/ipc_descriptors.h"
#include "ipc/ipc_switches.h"
+#include "sandbox/linux/services/credentials.h"
#include "sandbox/linux/services/libc_urandom_override.h"
+#include "sandbox/linux/services/namespace_sandbox.h"
#if defined(OS_NACL_NONSFI)
#include "native_client/src/public/nonsfi/irt_exception_handling.h"
@@ -190,7 +192,19 @@ bool HandleForkRequest(ScopedVector<base::ScopedFD> child_fds,
}
VLOG(1) << "nacl_helper: forking";
- pid_t child_pid = fork();
+ pid_t child_pid;
+#if !defined(OS_NACL_NONSFI)
Mark Seaborn 2015/06/09 23:44:19 Should this instead be "if (!uses_nonsfi_mode)"?
rickyz (no longer on Chrome) 2015/06/10 01:31:43 Ah, I didn't realize that non-SFI without newlib w
+ if (sandbox::NamespaceSandbox::InNewUserNamespace()) {
+ // The NaCl runtime will install signal handlers for SIGINT, SIGTERM, etc.
Mark Seaborn 2015/06/09 23:44:19 Should this say "SFI NaCl's trusted runtime" to be
rickyz (no longer on Chrome) 2015/06/10 01:31:43 See above.
+ // so we do not need to install termination signal handlers ourselves.
Mark Seaborn 2015/06/09 23:44:19 As an aside: also, SFI NaCl complains if they are
rickyz (no longer on Chrome) 2015/06/10 01:31:43 Done.
+ child_pid = sandbox::NamespaceSandbox::ForkInNewPidNamespace(
+ /*drop_capabilities_in_child=*/true);
+ } else
+#endif
+ {
+ child_pid = sandbox::Credentials::ForkAndDropCapabilitiesInChild();
+ }
+
if (child_pid < 0) {
PLOG(ERROR) << "*** fork() failed.";
}
« no previous file with comments | « no previous file | components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc » ('j') | components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698