sandbox/linux/services/namespace_sandbox.cc - Issue 1176413003: Build ForkWithFlags and part of NamespaceSandbox under nonsfi newlib.

Side by Side Diff: sandbox/linux/services/namespace_sandbox.cc

Issue 1176413003: Build ForkWithFlags and part of NamespaceSandbox under nonsfi newlib. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "sandbox/linux/services/namespace_sandbox.h"	5 #include "sandbox/linux/services/namespace_sandbox.h"

6	6

7 #include <sched.h>	7 #include <sched.h>

8 #include <signal.h>	8 #include <signal.h>

9 #include <stdlib.h>	9 #include <stdlib.h>

10 #include <sys/types.h>	10 #include <sys/types.h>

11 #include <unistd.h>	11 #include <unistd.h>

12	12

13 #include <string>	13 #include <string>

14 #include <utility>	14 #include <utility>

15 #include <vector>	15 #include <vector>

16	16

17 #include "base/command_line.h"	17 #include "base/command_line.h"

18 #include "base/environment.h"	18 #include "base/environment.h"

19 #include "base/files/scoped_file.h"	19 #include "base/files/scoped_file.h"

20 #include "base/logging.h"	20 #include "base/logging.h"

21 #include "base/macros.h"	21 #include "base/macros.h"

22 #include "base/posix/eintr_wrapper.h"	22 #include "base/posix/eintr_wrapper.h"

23 #include "base/process/launch.h"	23 #include "base/process/launch.h"

24 #include "base/process/process.h"	24 #include "base/process/process.h"

25 #include "sandbox/linux/services/credentials.h"	25 #include "sandbox/linux/services/credentials.h"

26 #include "sandbox/linux/services/namespace_utils.h"	26 #include "sandbox/linux/services/namespace_utils.h"

	27 #include "sandbox/linux/system_headers/linux_signal.h"

27	28

28 namespace sandbox {	29 namespace sandbox {

29	30

30 namespace {	31 namespace {

31	32

32 const char kSandboxUSERNSEnvironmentVarName[] = "SBX_USER_NS";	33 const char kSandboxUSERNSEnvironmentVarName[] = "SBX_USER_NS";

33 const char kSandboxPIDNSEnvironmentVarName[] = "SBX_PID_NS";	34 const char kSandboxPIDNSEnvironmentVarName[] = "SBX_PID_NS";

34 const char kSandboxNETNSEnvironmentVarName[] = "SBX_NET_NS";	35 const char kSandboxNETNSEnvironmentVarName[] = "SBX_NET_NS";

35	36

36 #if !defined(OS_NACL_NONSFI)	37 #if !defined(OS_NACL_NONSFI)

(...skipping 21 matching lines...) Expand all Loading...
58 const bool supports_deny_setgroups_;	59 const bool supports_deny_setgroups_;

59 DISALLOW_COPY_AND_ASSIGN(WriteUidGidMapDelegate);	60 DISALLOW_COPY_AND_ASSIGN(WriteUidGidMapDelegate);

60 };	61 };

61	62

62 void SetEnvironForNamespaceType(base::EnvironmentMap* environ,	63 void SetEnvironForNamespaceType(base::EnvironmentMap* environ,

63 base::NativeEnvironmentString env_var,	64 base::NativeEnvironmentString env_var,

64 bool value) {	65 bool value) {

65 // An empty string causes the env var to be unset in the child process.	66 // An empty string causes the env var to be unset in the child process.

66 (*environ)[env_var] = value ? "1" : "";	67 (*environ)[env_var] = value ? "1" : "";

67 }	68 }

	69 #endif // !defined(OS_NACL_NONSFI)

68	70

69 // Linux supports up to 64 signals. This should be updated if that ever changes.	71 // Linux supports up to 64 signals. This should be updated if that ever changes.

70 int g_signal_exit_codes[64];	72 int g_signal_exit_codes[64];

71	73

72 void TerminationSignalHandler(int sig) {	74 void TerminationSignalHandler(int sig) {

73 // Return a special exit code so that the process is detected as terminated by	75 // Return a special exit code so that the process is detected as terminated by

74 // a signal.	76 // a signal.

75 const size_t sig_idx = static_cast<size_t>(sig);	77 const size_t sig_idx = static_cast<size_t>(sig);

76 if (sig_idx < arraysize(g_signal_exit_codes)) {	78 if (sig_idx < arraysize(g_signal_exit_codes)) {

77 _exit(g_signal_exit_codes[sig_idx]);	79 _exit(g_signal_exit_codes[sig_idx]);

78 }	80 }

79	81

80 _exit(NamespaceSandbox::kDefaultExitCode);	82 _exit(NamespaceSandbox::kDefaultExitCode);

81 }	83 }

82 #endif // !defined(OS_NACL_NONSFI)

83	84

84 } // namespace	85 } // namespace

85	86

86 #if !defined(OS_NACL_NONSFI)	87 #if !defined(OS_NACL_NONSFI)

87 // static	88 // static

88 base::Process NamespaceSandbox::LaunchProcess(	89 base::Process NamespaceSandbox::LaunchProcess(

89 const base::CommandLine& cmdline,	90 const base::CommandLine& cmdline,

90 const base::LaunchOptions& options) {	91 const base::LaunchOptions& options) {

91 return LaunchProcess(cmdline.argv(), options);	92 return LaunchProcess(cmdline.argv(), options);

92 }	93 }

(...skipping 29 matching lines...) Expand all Loading...
122	123

123 base::EnvironmentMap* environ = &launch_options.environ;	124 base::EnvironmentMap* environ = &launch_options.environ;

124 for (const auto& entry : clone_flag_environ) {	125 for (const auto& entry : clone_flag_environ) {

125 const int flag = entry.first;	126 const int flag = entry.first;

126 const char* environ_name = entry.second;	127 const char* environ_name = entry.second;

127 SetEnvironForNamespaceType(environ, environ_name, clone_flags & flag);	128 SetEnvironForNamespaceType(environ, environ_name, clone_flags & flag);

128 }	129 }

129	130

130 return base::LaunchProcess(argv, launch_options);	131 return base::LaunchProcess(argv, launch_options);

131 }	132 }

	133 #endif // !defined(OS_NACL_NONSFI)

132	134

133 // static	135 // static

134 pid_t NamespaceSandbox::ForkInNewPidNamespace(bool drop_capabilities_in_child) {	136 pid_t NamespaceSandbox::ForkInNewPidNamespace(bool drop_capabilities_in_child) {

135 const pid_t pid =	137 const pid_t pid =

136 base::ForkWithFlags(CLONE_NEWPID \| SIGCHLD, nullptr, nullptr);	138 base::ForkWithFlags(CLONE_NEWPID \| LINUX_SIGCHLD, nullptr, nullptr);

137 if (pid < 0) {	139 if (pid < 0) {

138 return pid;	140 return pid;

139 }	141 }

140	142

141 if (pid == 0) {	143 if (pid == 0) {

142 DCHECK_EQ(1, getpid());	144 DCHECK_EQ(1, getpid());

143 if (drop_capabilities_in_child) {	145 if (drop_capabilities_in_child) {

144 // Since we just forked, we are single-threaded, so this should be safe.	146 // Since we just forked, we are single-threaded, so this should be safe.

145 CHECK(Credentials::DropAllCapabilitiesOnCurrentThread());	147 CHECK(Credentials::DropAllCapabilitiesOnCurrentThread());

146 }	148 }

147 return 0;	149 return 0;

148 }	150 }

149	151

150 return pid;	152 return pid;

151 }	153 }

152	154

153 // static	155 // static

154 void NamespaceSandbox::InstallDefaultTerminationSignalHandlers() {	156 void NamespaceSandbox::InstallDefaultTerminationSignalHandlers() {

155 static const int kDefaultTermSignals[] = {	157 static const int kDefaultTermSignals[] = {

156 SIGHUP, SIGINT, SIGABRT, SIGQUIT, SIGPIPE, SIGTERM, SIGUSR1, SIGUSR2,	158 SIGHUP, SIGINT, SIGABRT, SIGQUIT, SIGPIPE, SIGTERM, SIGUSR1, SIGUSR2,
	hidehiko 2015/06/16 05:41:53 These values are incompatible with Linux ABIs unde These values are incompatible with Linux ABIs under OS_NACL_NONSFI build. Could you take a look at linux_signal.h? rickyz (no longer on Chrome) 2015/06/16 20:57:06 Oops, thanks! Show quoted text On 2015/06/16 05:41:53, hidehiko wrote: > These values are incompatible with Linux ABIs under OS_NACL_NONSFI build. Could > you take a look at linux_signal.h? Oops, thanks!
157 };	159 };

158	160

159 for (const int sig : kDefaultTermSignals) {	161 for (const int sig : kDefaultTermSignals) {

160 InstallTerminationSignalHandler(sig, kDefaultExitCode);	162 InstallTerminationSignalHandler(sig, kDefaultExitCode);

161 }	163 }

162 }	164 }

163	165

164 // static	166 // static

165 bool NamespaceSandbox::InstallTerminationSignalHandler(	167 bool NamespaceSandbox::InstallTerminationSignalHandler(

166 int sig,	168 int sig,

167 int exit_code) {	169 int exit_code) {

168 struct sigaction old_action;	170 struct sigaction old_action;

169 PCHECK(sigaction(sig, nullptr, &old_action) == 0);	171 PCHECK(sigaction(sig, nullptr, &old_action) == 0);
	hidehiko 2015/06/16 05:41:53 Youl'll need to call sys_sigaction instead. Ditto Youl'll need to call sys_sigaction instead. Ditto for below. rickyz (no longer on Chrome) 2015/06/16 20:57:07 Oops, done - do you know whether we need our own d Show quoted text On 2015/06/16 05:41:53, hidehiko wrote: > Youl'll need to call sys_sigaction instead. Ditto for below. Oops, done - do you know whether we need our own definition of struct sigaction as well then? I remember you saying something about sigset_t having a different size before. I wonder how much work it'd be to make our unit tests compile under newlib nonsfi NaCl. Seems like there's a decent risk of bugs in these things slipping through :-
170	172

	173 #if !defined(OS_NACL_NONSFI)

171 if (old_action.sa_flags & SA_SIGINFO &&	174 if (old_action.sa_flags & SA_SIGINFO &&

172 old_action.sa_sigaction != nullptr) {	175 old_action.sa_sigaction != nullptr) {

173 return false;	176 return false;

174 } else if (old_action.sa_handler != SIG_DFL) {	177 } else
	hidehiko 2015/06/16 05:41:53 nit: you don't need "else" nit: you don't need "else" rickyz (no longer on Chrome) 2015/06/16 20:57:06 Done. Show quoted text On 2015/06/16 05:41:53, hidehiko wrote: > nit: you don't need "else" Done.
	178 #endif

	179 if (old_action.sa_handler != SIG_DFL) {
	hidehiko 2015/06/16 05:41:53 SIG_DFL needs to be LINUX_SIG_DFL. SIG_DFL needs to be LINUX_SIG_DFL. rickyz (no longer on Chrome) 2015/06/16 20:57:06 Done. Show quoted text On 2015/06/16 05:41:53, hidehiko wrote: > SIG_DFL needs to be LINUX_SIG_DFL. Done.
175 return false;	180 return false;

176 }	181 }

177	182

178 const size_t sig_idx = static_cast<size_t>(sig);	183 const size_t sig_idx = static_cast<size_t>(sig);

179 CHECK_LT(sig_idx, arraysize(g_signal_exit_codes));	184 CHECK_LT(sig_idx, arraysize(g_signal_exit_codes));

180	185

181 DCHECK_GE(exit_code, 0);	186 DCHECK_GE(exit_code, 0);

182 DCHECK_LT(exit_code, 256);	187 DCHECK_LT(exit_code, 256);

183	188

184 g_signal_exit_codes[sig_idx] = exit_code;	189 g_signal_exit_codes[sig_idx] = exit_code;

185	190

186 struct sigaction action = {};	191 struct sigaction action = {};

187 action.sa_handler = &TerminationSignalHandler;	192 action.sa_handler = &TerminationSignalHandler;

188 PCHECK(sigaction(sig, &action, nullptr) == 0);	193 PCHECK(sigaction(sig, &action, nullptr) == 0);

189 return true;	194 return true;

190 }	195 }

191 #endif // !defined(OS_NACL_NONSFI)

192	196

193 // static	197 // static

194 bool NamespaceSandbox::InNewUserNamespace() {	198 bool NamespaceSandbox::InNewUserNamespace() {

195 return getenv(kSandboxUSERNSEnvironmentVarName) != nullptr;	199 return getenv(kSandboxUSERNSEnvironmentVarName) != nullptr;

196 }	200 }

197	201

198 // static	202 // static

199 bool NamespaceSandbox::InNewPidNamespace() {	203 bool NamespaceSandbox::InNewPidNamespace() {

200 return getenv(kSandboxPIDNSEnvironmentVarName) != nullptr;	204 return getenv(kSandboxPIDNSEnvironmentVarName) != nullptr;

201 }	205 }

202	206

203 // static	207 // static

204 bool NamespaceSandbox::InNewNetNamespace() {	208 bool NamespaceSandbox::InNewNetNamespace() {

205 return getenv(kSandboxNETNSEnvironmentVarName) != nullptr;	209 return getenv(kSandboxNETNSEnvironmentVarName) != nullptr;

206 }	210 }

207	211

208 } // namespace sandbox	212 } // namespace sandbox

OLD	NEW

« no previous file with comments | « sandbox/linux/services/namespace_sandbox.h ('k') | no next file » | no next file with comments »