| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "mandoline/app/desktop/linux_sandbox.h" | 5 #include "mojo/runner/linux_sandbox.h" |
| 6 | 6 |
| 7 #include <fcntl.h> | 7 #include <fcntl.h> |
| 8 #include <sys/syscall.h> | 8 #include <sys/syscall.h> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/debug/leak_annotations.h" | 11 #include "base/debug/leak_annotations.h" |
| 12 #include "base/posix/eintr_wrapper.h" | 12 #include "base/posix/eintr_wrapper.h" |
| 13 #include "base/rand_util.h" | 13 #include "base/rand_util.h" |
| 14 #include "base/sys_info.h" | 14 #include "base/sys_info.h" |
| 15 #include "sandbox/linux/bpf_dsl/policy.h" | 15 #include "sandbox/linux/bpf_dsl/policy.h" |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 91 | 91 |
| 92 LinuxSandbox::LinuxSandbox(const std::vector<BrokerFilePermission>& permissions) | 92 LinuxSandbox::LinuxSandbox(const std::vector<BrokerFilePermission>& permissions) |
| 93 : broker_(new sandbox::syscall_broker::BrokerProcess(EPERM, permissions)) { | 93 : broker_(new sandbox::syscall_broker::BrokerProcess(EPERM, permissions)) { |
| 94 broker_->Init( | 94 broker_->Init( |
| 95 base::Bind<bool (*)()>(&sandbox::Credentials::DropAllCapabilities)); | 95 base::Bind<bool (*)()>(&sandbox::Credentials::DropAllCapabilities)); |
| 96 policy_.reset(new SandboxPolicy(broker_.get())); | 96 policy_.reset(new SandboxPolicy(broker_.get())); |
| 97 } | 97 } |
| 98 | 98 |
| 99 LinuxSandbox::~LinuxSandbox() {} | 99 LinuxSandbox::~LinuxSandbox() {} |
| 100 | 100 |
| 101 // static | |
| 102 std::vector<BrokerFilePermission> LinuxSandbox::GetPermissions() { | |
| 103 std::vector<BrokerFilePermission> permissions; | |
| 104 permissions.push_back(BrokerFilePermission::ReadOnly("/dev/urandom")); | |
| 105 permissions.push_back(BrokerFilePermission::ReadOnly("/etc/ld.so.cache")); | |
| 106 permissions.push_back(BrokerFilePermission::ReadOnlyRecursive("/lib/")); | |
| 107 permissions.push_back(BrokerFilePermission::ReadOnlyRecursive("/usr/lib/")); | |
| 108 return permissions; | |
| 109 } | |
| 110 | |
| 111 void LinuxSandbox::Warmup() { | 101 void LinuxSandbox::Warmup() { |
| 112 proc_fd_ = sandbox::ProcUtil::OpenProc(); | 102 proc_fd_ = sandbox::ProcUtil::OpenProc(); |
| 113 warmed_up_ = true; | 103 warmed_up_ = true; |
| 114 } | 104 } |
| 115 | 105 |
| 116 void LinuxSandbox::EngageNamespaceSandbox() { | 106 void LinuxSandbox::EngageNamespaceSandbox() { |
| 117 CHECK(warmed_up_); | 107 CHECK(warmed_up_); |
| 118 CHECK_EQ(1, getpid()); | 108 CHECK_EQ(1, getpid()); |
| 119 CHECK(sandbox::NamespaceSandbox::InNewPidNamespace()); | 109 CHECK(sandbox::NamespaceSandbox::InNewPidNamespace()); |
| 120 CHECK(sandbox::Credentials::MoveToNewUserNS()); | 110 CHECK(sandbox::Credentials::MoveToNewUserNS()); |
| (...skipping 15 matching lines...) Expand all Loading... |
| 136 // The Broker is now bound to this process and should only be destroyed when | 126 // The Broker is now bound to this process and should only be destroyed when |
| 137 // the process exits or is killed. | 127 // the process exits or is killed. |
| 138 ANNOTATE_LEAKING_OBJECT_PTR(broker_.release()); | 128 ANNOTATE_LEAKING_OBJECT_PTR(broker_.release()); |
| 139 } | 129 } |
| 140 | 130 |
| 141 void LinuxSandbox::Seal() { | 131 void LinuxSandbox::Seal() { |
| 142 proc_fd_.reset(); | 132 proc_fd_.reset(); |
| 143 } | 133 } |
| 144 | 134 |
| 145 } // namespace mandoline | 135 } // namespace mandoline |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1264463005:
mandoline sandbox: prewarm libraries before we raise the sandbox. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master