Chromium Code Reviews Chromium Code Reviews
Issue 1161053004:
Move the SeccompSupportDetector to be in-process. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/android/seccomp_support_detector.h" | 5 #include "chrome/browser/android/seccomp_support_detector.h" |
| 6 | 6 |
| 7 #include <stdio.h> | 7 #include <stdio.h> |
| 8 #include <sys/utsname.h> | 8 #include <sys/utsname.h> |
| 9 | 9 |
| 10 #include "base/message_loop/message_loop_proxy.h" | 10 #include "base/message_loop/message_loop_proxy.h" |
| 11 #include "base/metrics/histogram_macros.h" | 11 #include "base/metrics/histogram_macros.h" |
| 12 #include "base/metrics/sparse_histogram.h" | 12 #include "base/metrics/sparse_histogram.h" |
| 13 #include "chrome/common/chrome_utility_messages.h" | |
| 14 #include "chrome/grit/generated_resources.h" | |
| 15 #include "content/public/browser/browser_thread.h" | 13 #include "content/public/browser/browser_thread.h" |
| 16 #include "content/public/browser/utility_process_host.h" | 14 |
| 17 #include "ui/base/l10n/l10n_util.h" | 15 #if defined(USE_SECCOMP_BPF) |
| 16 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | |
| 17 #endif | |
| 18 | 18 |
| 19 using content::BrowserThread; | 19 using content::BrowserThread; |
| 20 | 20 |
| 21 enum AndroidSeccompStatus { | 21 enum AndroidSeccompStatus { |
| 22 // DETECTION_FAILED was formerly used when probing for seccomp was done | |
| 23 // out-of-process. There does not appear to be a gain in doing so, as | |
| 24 // explained in the comment in DetectSeccomp(). This enum remains for | |
| 25 // historical reasons. | |
| 22 DETECTION_FAILED, // The process crashed during detection. | 26 DETECTION_FAILED, // The process crashed during detection. |
|
Lei Zhang
2015/06/05 19:00:28
DETECTION_FAILED_OBSOLETE?
Robert Sesek
2015/06/08 21:16:26
Done.
| |
| 27 | |
| 23 NOT_SUPPORTED, // Kernel has no seccomp support. | 28 NOT_SUPPORTED, // Kernel has no seccomp support. |
| 24 SUPPORTED, // Kernel has seccomp support. | 29 SUPPORTED, // Kernel has seccomp support. |
| 25 LAST_STATUS | 30 LAST_STATUS |
| 26 }; | 31 }; |
| 27 | 32 |
| 28 // static | 33 // static |
| 29 void SeccompSupportDetector::StartDetection() { | 34 void SeccompSupportDetector::StartDetection() { |
| 30 // This is instantiated here, and then ownership is maintained by the | 35 // This is instantiated here, and then ownership is maintained by the |
| 31 // Closure objects when the object is being passed between threads. A | 36 // Closure objects when the object is being passed between threads. When |
| 32 // reference is also taken by the UtilityProcessHost, which will release | 37 // the last Closure runs, it will delete this. |
| 33 // it when the process exits. | |
| 34 scoped_refptr<SeccompSupportDetector> detector(new SeccompSupportDetector()); | 38 scoped_refptr<SeccompSupportDetector> detector(new SeccompSupportDetector()); |
| 35 BrowserThread::PostBlockingPoolTask(FROM_HERE, | 39 BrowserThread::PostBlockingPoolTask(FROM_HERE, |
| 36 base::Bind(&SeccompSupportDetector::DetectKernelVersion, detector)); | 40 base::Bind(&SeccompSupportDetector::DetectKernelVersion, detector)); |
| 41 BrowserThread::PostBlockingPoolTask(FROM_HERE, | |
| 42 base::Bind(&SeccompSupportDetector::DetectSeccomp, detector)); | |
| 37 } | 43 } |
| 38 | 44 |
| 39 SeccompSupportDetector::SeccompSupportDetector() { | 45 SeccompSupportDetector::SeccompSupportDetector() { |
| 40 } | 46 } |
| 41 | 47 |
| 42 SeccompSupportDetector::~SeccompSupportDetector() { | 48 SeccompSupportDetector::~SeccompSupportDetector() { |
| 43 } | 49 } |
| 44 | 50 |
| 45 void SeccompSupportDetector::DetectKernelVersion() { | 51 void SeccompSupportDetector::DetectKernelVersion() { |
| 46 DCHECK(BrowserThread::GetBlockingPool()->RunsTasksOnCurrentThread()); | 52 DCHECK(BrowserThread::GetBlockingPool()->RunsTasksOnCurrentThread()); |
| 47 | 53 |
| 48 // This method will report the kernel major and minor versions by | 54 // This method will report the kernel major and minor versions by |
| 49 // taking the lower 16 bits of each version number and combining | 55 // taking the lower 16 bits of each version number and combining |
| 50 // the two into a 32-bit number. | 56 // the two into a 32-bit number. |
| 51 | 57 |
| 52 utsname uts; | 58 utsname uts; |
| 53 if (uname(&uts) == 0) { | 59 if (uname(&uts) == 0) { |
| 54 int major, minor; | 60 int major, minor; |
| 55 if (sscanf(uts.release, "%d.%d", &major, &minor) == 2) { | 61 if (sscanf(uts.release, "%d.%d", &major, &minor) == 2) { |
| 56 int version = ((major & 0xFFFF) << 16) | (minor & 0xFFFF); | 62 int version = ((major & 0xFFFF) << 16) | (minor & 0xFFFF); |
| 57 UMA_HISTOGRAM_SPARSE_SLOWLY("Android.KernelVersion", version); | 63 UMA_HISTOGRAM_SPARSE_SLOWLY("Android.KernelVersion", version); |
| 58 } | 64 } |
| 59 } | 65 } |
| 60 | |
| 61 #if defined(USE_SECCOMP_BPF) | |
| 62 BrowserThread::PostTask(BrowserThread::IO, FROM_HERE, | |
| 63 base::Bind(&SeccompSupportDetector::DetectSeccomp, this)); | |
| 64 #else | |
| 65 BrowserThread::PostTask(BrowserThread::IO, FROM_HERE, | |
| 66 base::Bind(&SeccompSupportDetector::OnDetectPrctl, this, false)); | |
| 67 #endif | |
| 68 } | 66 } |
| 69 | 67 |
| 70 void SeccompSupportDetector::DetectSeccomp() { | 68 void SeccompSupportDetector::DetectSeccomp() { |
| 71 DCHECK_CURRENTLY_ON(BrowserThread::IO); | 69 DCHECK(BrowserThread::GetBlockingPool()->RunsTasksOnCurrentThread()); |
| 72 | 70 |
| 73 content::UtilityProcessHost* utility_process_host = | 71 #if defined(USE_SECCOMP_BPF) |
| 74 content::UtilityProcessHost::Create( | 72 bool prctl_supported = sandbox::SandboxBPF::SupportsSeccompSandbox( |
| 75 this, base::MessageLoopProxy::current()); | 73 sandbox::SandboxBPF::SeccompLevel::SINGLE_THREADED); |
| 76 utility_process_host->SetName(l10n_util::GetStringUTF16( | 74 #else |
| 77 IDS_UTILITY_PROCESS_SECCOMP_DETECTOR_NAME)); | 75 prctl_supported = false; |
|
Lei Zhang
2015/06/05 19:00:28
bool prctl_supported
Robert Sesek
2015/06/08 21:16:26
Good catch, thanks!
| |
| 78 utility_process_host->Send(new ChromeUtilityMsg_DetectSeccompSupport()); | 76 #endif |
| 79 } | |
| 80 | |
| 81 void SeccompSupportDetector::OnProcessCrashed(int exit_code) { | |
| 82 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
| 83 UMA_HISTOGRAM_ENUMERATION("Android.SeccompStatus.Prctl", | |
| 84 DETECTION_FAILED, | |
| 85 LAST_STATUS); | |
| 86 } | |
| 87 | |
| 88 bool SeccompSupportDetector::OnMessageReceived(const IPC::Message& message) { | |
| 89 bool handled = false; | |
| 90 IPC_BEGIN_MESSAGE_MAP(SeccompSupportDetector, message) | |
| 91 IPC_MESSAGE_HANDLER(ChromeUtilityHostMsg_DetectSeccompSupport_ResultPrctl, | |
| 92 OnDetectPrctl) | |
| 93 IPC_MESSAGE_UNHANDLED(handled = false) | |
| 94 IPC_END_MESSAGE_MAP() | |
| 95 return handled; | |
| 96 } | |
| 97 | |
| 98 void SeccompSupportDetector::OnDetectPrctl(bool prctl_supported) { | |
| 99 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
| 100 | 77 |
| 101 UMA_HISTOGRAM_ENUMERATION("Android.SeccompStatus.Prctl", | 78 UMA_HISTOGRAM_ENUMERATION("Android.SeccompStatus.Prctl", |
| 102 prctl_supported ? SUPPORTED : NOT_SUPPORTED, | 79 prctl_supported ? SUPPORTED : NOT_SUPPORTED, |
| 103 LAST_STATUS); | 80 LAST_STATUS); |
| 104 | 81 |
| 105 // The utility process will shutdown after this, and this object will | 82 // Probing for the seccomp syscall can provoke kernel panics in certain LGE |
| 106 // be deleted when the UtilityProcessHost releases its reference. | 83 // devices. For now, this data will not be collected. In the future, this |
| 84 // should detect SeccompLevel::MULTI_THREADED. http://crbug.com/478478 | |
| 107 } | 85 } |
| OLD | NEW |
