OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <dirent.h> | 5 #include <dirent.h> |
6 #include <fcntl.h> | 6 #include <fcntl.h> |
7 #include <sys/resource.h> | 7 #include <sys/resource.h> |
8 #include <sys/stat.h> | 8 #include <sys/stat.h> |
9 #include <sys/time.h> | 9 #include <sys/time.h> |
10 #include <sys/types.h> | 10 #include <sys/types.h> |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
133 void LinuxSandbox::PreinitializeSandbox() { | 133 void LinuxSandbox::PreinitializeSandbox() { |
134 CHECK(!pre_initialized_); | 134 CHECK(!pre_initialized_); |
135 seccomp_bpf_supported_ = false; | 135 seccomp_bpf_supported_ = false; |
136 #if defined(ANY_OF_AMTLU_SANITIZER) | 136 #if defined(ANY_OF_AMTLU_SANITIZER) |
137 // Sanitizers need to open some resources before the sandbox is enabled. | 137 // Sanitizers need to open some resources before the sandbox is enabled. |
138 // This should not fork, not launch threads, not open a directory. | 138 // This should not fork, not launch threads, not open a directory. |
139 __sanitizer_sandbox_on_notify(sanitizer_args()); | 139 __sanitizer_sandbox_on_notify(sanitizer_args()); |
140 sanitizer_args_.reset(); | 140 sanitizer_args_.reset(); |
141 #endif | 141 #endif |
142 | 142 |
143 #if !defined(NDEBUG) || (defined(CFI_ENFORCEMENT) && !defined(OFFICIAL_BUILD)) | |
144 // The in-process stack dumping needs to open /proc/self/maps and cache | |
145 // its contents before the sandbox is enabled. It also pre-opens the | |
146 // object files that are already loaded in the process address space. | |
147 base::debug::EnableInProcessStackDumpingForSandbox(); | |
148 #endif // !defined(NDEBUG) | |
149 | |
150 // Open proc_fd_. It would break the security of the setuid sandbox if it was | 143 // Open proc_fd_. It would break the security of the setuid sandbox if it was |
151 // not closed. | 144 // not closed. |
152 // If LinuxSandbox::PreinitializeSandbox() runs, InitializeSandbox() must run | 145 // If LinuxSandbox::PreinitializeSandbox() runs, InitializeSandbox() must run |
153 // as well. | 146 // as well. |
154 proc_fd_ = HANDLE_EINTR(open("/proc", O_DIRECTORY | O_RDONLY | O_CLOEXEC)); | 147 proc_fd_ = HANDLE_EINTR(open("/proc", O_DIRECTORY | O_RDONLY | O_CLOEXEC)); |
155 CHECK_GE(proc_fd_, 0); | 148 CHECK_GE(proc_fd_, 0); |
156 // We "pre-warm" the code that detects supports for seccomp BPF. | 149 // We "pre-warm" the code that detects supports for seccomp BPF. |
157 if (SandboxSeccompBPF::IsSeccompBPFDesired()) { | 150 if (SandboxSeccompBPF::IsSeccompBPFDesired()) { |
158 if (!SandboxSeccompBPF::SupportsSandbox()) { | 151 if (!SandboxSeccompBPF::SupportsSandbox()) { |
159 VLOG(1) << "Lacking support for seccomp-bpf sandbox."; | 152 VLOG(1) << "Lacking support for seccomp-bpf sandbox."; |
(...skipping 294 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
454 | 447 |
455 void LinuxSandbox::StopThreadAndEnsureNotCounted(base::Thread* thread) const { | 448 void LinuxSandbox::StopThreadAndEnsureNotCounted(base::Thread* thread) const { |
456 DCHECK(thread); | 449 DCHECK(thread); |
457 base::ScopedFD proc_fd(OpenProc(proc_fd_)); | 450 base::ScopedFD proc_fd(OpenProc(proc_fd_)); |
458 PCHECK(proc_fd.is_valid()); | 451 PCHECK(proc_fd.is_valid()); |
459 CHECK( | 452 CHECK( |
460 sandbox::ThreadHelpers::StopThreadAndWatchProcFS(proc_fd.get(), thread)); | 453 sandbox::ThreadHelpers::StopThreadAndWatchProcFS(proc_fd.get(), thread)); |
461 } | 454 } |
462 | 455 |
463 } // namespace content | 456 } // namespace content |
OLD | NEW |