| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/services/namespace_sandbox.h" | 5 #include "sandbox/linux/services/namespace_sandbox.h" |
| 6 | 6 |
| 7 #include <sched.h> | 7 #include <sched.h> |
| 8 #include <signal.h> | 8 #include <signal.h> |
| 9 #include <stdlib.h> | 9 #include <stdlib.h> |
| 10 #include <sys/types.h> | 10 #include <sys/types.h> |
| 11 #include <unistd.h> | 11 #include <unistd.h> |
| 12 | 12 |
| 13 #include <string> | 13 #include <string> |
| 14 #include <utility> | 14 #include <utility> |
| 15 #include <vector> | 15 #include <vector> |
| 16 | 16 |
| 17 #include "base/command_line.h" | 17 #include "base/command_line.h" |
| 18 #include "base/environment.h" | 18 #include "base/environment.h" |
| 19 #include "base/files/scoped_file.h" | 19 #include "base/files/scoped_file.h" |
| 20 #include "base/logging.h" | 20 #include "base/logging.h" |
| 21 #include "base/macros.h" | 21 #include "base/macros.h" |
| 22 #include "base/posix/eintr_wrapper.h" | 22 #include "base/posix/eintr_wrapper.h" |
| 23 #include "base/process/launch.h" | 23 #include "base/process/launch.h" |
| 24 #include "base/process/process.h" | 24 #include "base/process/process.h" |
| 25 #include "sandbox/linux/services/credentials.h" | 25 #include "sandbox/linux/services/credentials.h" |
| 26 #include "sandbox/linux/services/namespace_utils.h" | 26 #include "sandbox/linux/services/namespace_utils.h" |
| 27 #include "sandbox/linux/services/syscall_wrappers.h" |
| 28 #include "sandbox/linux/system_headers/linux_signal.h" |
| 27 | 29 |
| 28 namespace sandbox { | 30 namespace sandbox { |
| 29 | 31 |
| 30 namespace { | 32 namespace { |
| 31 | 33 |
| 32 const char kSandboxUSERNSEnvironmentVarName[] = "SBX_USER_NS"; | 34 const char kSandboxUSERNSEnvironmentVarName[] = "SBX_USER_NS"; |
| 33 const char kSandboxPIDNSEnvironmentVarName[] = "SBX_PID_NS"; | 35 const char kSandboxPIDNSEnvironmentVarName[] = "SBX_PID_NS"; |
| 34 const char kSandboxNETNSEnvironmentVarName[] = "SBX_NET_NS"; | 36 const char kSandboxNETNSEnvironmentVarName[] = "SBX_NET_NS"; |
| 35 | 37 |
| 36 #if !defined(OS_NACL_NONSFI) | 38 #if !defined(OS_NACL_NONSFI) |
| (...skipping 21 matching lines...) Expand all Loading... |
| 58 const bool supports_deny_setgroups_; | 60 const bool supports_deny_setgroups_; |
| 59 DISALLOW_COPY_AND_ASSIGN(WriteUidGidMapDelegate); | 61 DISALLOW_COPY_AND_ASSIGN(WriteUidGidMapDelegate); |
| 60 }; | 62 }; |
| 61 | 63 |
| 62 void SetEnvironForNamespaceType(base::EnvironmentMap* environ, | 64 void SetEnvironForNamespaceType(base::EnvironmentMap* environ, |
| 63 base::NativeEnvironmentString env_var, | 65 base::NativeEnvironmentString env_var, |
| 64 bool value) { | 66 bool value) { |
| 65 // An empty string causes the env var to be unset in the child process. | 67 // An empty string causes the env var to be unset in the child process. |
| 66 (*environ)[env_var] = value ? "1" : ""; | 68 (*environ)[env_var] = value ? "1" : ""; |
| 67 } | 69 } |
| 70 #endif // !defined(OS_NACL_NONSFI) |
| 68 | 71 |
| 69 // Linux supports up to 64 signals. This should be updated if that ever changes. | 72 // Linux supports up to 64 signals. This should be updated if that ever changes. |
| 70 int g_signal_exit_codes[64]; | 73 int g_signal_exit_codes[64]; |
| 71 | 74 |
| 72 void TerminationSignalHandler(int sig) { | 75 void TerminationSignalHandler(int sig) { |
| 73 // Return a special exit code so that the process is detected as terminated by | 76 // Return a special exit code so that the process is detected as terminated by |
| 74 // a signal. | 77 // a signal. |
| 75 const size_t sig_idx = static_cast<size_t>(sig); | 78 const size_t sig_idx = static_cast<size_t>(sig); |
| 76 if (sig_idx < arraysize(g_signal_exit_codes)) { | 79 if (sig_idx < arraysize(g_signal_exit_codes)) { |
| 77 _exit(g_signal_exit_codes[sig_idx]); | 80 _exit(g_signal_exit_codes[sig_idx]); |
| 78 } | 81 } |
| 79 | 82 |
| 80 _exit(NamespaceSandbox::kDefaultExitCode); | 83 _exit(NamespaceSandbox::kDefaultExitCode); |
| 81 } | 84 } |
| 82 #endif // !defined(OS_NACL_NONSFI) | |
| 83 | 85 |
| 84 } // namespace | 86 } // namespace |
| 85 | 87 |
| 86 #if !defined(OS_NACL_NONSFI) | 88 #if !defined(OS_NACL_NONSFI) |
| 87 // static | 89 // static |
| 88 base::Process NamespaceSandbox::LaunchProcess( | 90 base::Process NamespaceSandbox::LaunchProcess( |
| 89 const base::CommandLine& cmdline, | 91 const base::CommandLine& cmdline, |
| 90 const base::LaunchOptions& options) { | 92 const base::LaunchOptions& options) { |
| 91 return LaunchProcess(cmdline.argv(), options); | 93 return LaunchProcess(cmdline.argv(), options); |
| 92 } | 94 } |
| (...skipping 29 matching lines...) Expand all Loading... |
| 122 | 124 |
| 123 base::EnvironmentMap* environ = &launch_options.environ; | 125 base::EnvironmentMap* environ = &launch_options.environ; |
| 124 for (const auto& entry : clone_flag_environ) { | 126 for (const auto& entry : clone_flag_environ) { |
| 125 const int flag = entry.first; | 127 const int flag = entry.first; |
| 126 const char* environ_name = entry.second; | 128 const char* environ_name = entry.second; |
| 127 SetEnvironForNamespaceType(environ, environ_name, clone_flags & flag); | 129 SetEnvironForNamespaceType(environ, environ_name, clone_flags & flag); |
| 128 } | 130 } |
| 129 | 131 |
| 130 return base::LaunchProcess(argv, launch_options); | 132 return base::LaunchProcess(argv, launch_options); |
| 131 } | 133 } |
| 134 #endif // !defined(OS_NACL_NONSFI) |
| 132 | 135 |
| 133 // static | 136 // static |
| 134 pid_t NamespaceSandbox::ForkInNewPidNamespace(bool drop_capabilities_in_child) { | 137 pid_t NamespaceSandbox::ForkInNewPidNamespace(bool drop_capabilities_in_child) { |
| 135 const pid_t pid = | 138 const pid_t pid = |
| 136 base::ForkWithFlags(CLONE_NEWPID | SIGCHLD, nullptr, nullptr); | 139 base::ForkWithFlags(CLONE_NEWPID | LINUX_SIGCHLD, nullptr, nullptr); |
| 137 if (pid < 0) { | 140 if (pid < 0) { |
| 138 return pid; | 141 return pid; |
| 139 } | 142 } |
| 140 | 143 |
| 141 if (pid == 0) { | 144 if (pid == 0) { |
| 142 DCHECK_EQ(1, getpid()); | 145 DCHECK_EQ(1, getpid()); |
| 143 if (drop_capabilities_in_child) { | 146 if (drop_capabilities_in_child) { |
| 144 // Since we just forked, we are single-threaded, so this should be safe. | 147 // Since we just forked, we are single-threaded, so this should be safe. |
| 145 CHECK(Credentials::DropAllCapabilitiesOnCurrentThread()); | 148 CHECK(Credentials::DropAllCapabilitiesOnCurrentThread()); |
| 146 } | 149 } |
| 147 return 0; | 150 return 0; |
| 148 } | 151 } |
| 149 | 152 |
| 150 return pid; | 153 return pid; |
| 151 } | 154 } |
| 152 | 155 |
| 153 // static | 156 // static |
| 154 void NamespaceSandbox::InstallDefaultTerminationSignalHandlers() { | 157 void NamespaceSandbox::InstallDefaultTerminationSignalHandlers() { |
| 155 static const int kDefaultTermSignals[] = { | 158 static const int kDefaultTermSignals[] = { |
| 156 SIGHUP, SIGINT, SIGABRT, SIGQUIT, SIGPIPE, SIGTERM, SIGUSR1, SIGUSR2, | 159 LINUX_SIGHUP, LINUX_SIGINT, LINUX_SIGABRT, LINUX_SIGQUIT, |
| 160 LINUX_SIGPIPE, LINUX_SIGTERM, LINUX_SIGUSR1, LINUX_SIGUSR2, |
| 157 }; | 161 }; |
| 158 | 162 |
| 159 for (const int sig : kDefaultTermSignals) { | 163 for (const int sig : kDefaultTermSignals) { |
| 160 InstallTerminationSignalHandler(sig, kDefaultExitCode); | 164 InstallTerminationSignalHandler(sig, kDefaultExitCode); |
| 161 } | 165 } |
| 162 } | 166 } |
| 163 | 167 |
| 164 // static | 168 // static |
| 165 bool NamespaceSandbox::InstallTerminationSignalHandler( | 169 bool NamespaceSandbox::InstallTerminationSignalHandler( |
| 166 int sig, | 170 int sig, |
| 167 int exit_code) { | 171 int exit_code) { |
| 168 struct sigaction old_action; | 172 struct sigaction old_action; |
| 169 PCHECK(sigaction(sig, nullptr, &old_action) == 0); | 173 PCHECK(sys_sigaction(sig, nullptr, &old_action) == 0); |
| 170 | 174 |
| 175 #if !defined(OS_NACL_NONSFI) |
| 171 if (old_action.sa_flags & SA_SIGINFO && | 176 if (old_action.sa_flags & SA_SIGINFO && |
| 172 old_action.sa_sigaction != nullptr) { | 177 old_action.sa_sigaction != nullptr) { |
| 173 return false; | 178 return false; |
| 174 } else if (old_action.sa_handler != SIG_DFL) { | 179 } |
| 180 #endif |
| 181 |
| 182 if (old_action.sa_handler != LINUX_SIG_DFL) { |
| 175 return false; | 183 return false; |
| 176 } | 184 } |
| 177 | 185 |
| 178 const size_t sig_idx = static_cast<size_t>(sig); | 186 const size_t sig_idx = static_cast<size_t>(sig); |
| 179 CHECK_LT(sig_idx, arraysize(g_signal_exit_codes)); | 187 CHECK_LT(sig_idx, arraysize(g_signal_exit_codes)); |
| 180 | 188 |
| 181 DCHECK_GE(exit_code, 0); | 189 DCHECK_GE(exit_code, 0); |
| 182 DCHECK_LT(exit_code, 256); | 190 DCHECK_LT(exit_code, 256); |
| 183 | 191 |
| 184 g_signal_exit_codes[sig_idx] = exit_code; | 192 g_signal_exit_codes[sig_idx] = exit_code; |
| 185 | 193 |
| 186 struct sigaction action = {}; | 194 struct sigaction action = {}; |
| 187 action.sa_handler = &TerminationSignalHandler; | 195 action.sa_handler = &TerminationSignalHandler; |
| 188 PCHECK(sigaction(sig, &action, nullptr) == 0); | 196 PCHECK(sys_sigaction(sig, &action, nullptr) == 0); |
| 189 return true; | 197 return true; |
| 190 } | 198 } |
| 191 #endif // !defined(OS_NACL_NONSFI) | |
| 192 | 199 |
| 193 // static | 200 // static |
| 194 bool NamespaceSandbox::InNewUserNamespace() { | 201 bool NamespaceSandbox::InNewUserNamespace() { |
| 195 return getenv(kSandboxUSERNSEnvironmentVarName) != nullptr; | 202 return getenv(kSandboxUSERNSEnvironmentVarName) != nullptr; |
| 196 } | 203 } |
| 197 | 204 |
| 198 // static | 205 // static |
| 199 bool NamespaceSandbox::InNewPidNamespace() { | 206 bool NamespaceSandbox::InNewPidNamespace() { |
| 200 return getenv(kSandboxPIDNSEnvironmentVarName) != nullptr; | 207 return getenv(kSandboxPIDNSEnvironmentVarName) != nullptr; |
| 201 } | 208 } |
| 202 | 209 |
| 203 // static | 210 // static |
| 204 bool NamespaceSandbox::InNewNetNamespace() { | 211 bool NamespaceSandbox::InNewNetNamespace() { |
| 205 return getenv(kSandboxNETNSEnvironmentVarName) != nullptr; | 212 return getenv(kSandboxNETNSEnvironmentVarName) != nullptr; |
| 206 } | 213 } |
| 207 | 214 |
| 208 } // namespace sandbox | 215 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1176413003:
Build ForkWithFlags and part of NamespaceSandbox under nonsfi newlib. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master