Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(830)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp-bpf/sandbox_bpf.cc

Issue 1302043002: sandbox/linux: refactor bpf_dsl dependency on die.h (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Change default panic behavior to simply Kill Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/linux/seccomp-bpf/errorcode.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" 5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <sys/prctl.h> 8 #include <sys/prctl.h>
9 #include <sys/types.h> 9 #include <sys/types.h>
10 #include <unistd.h> 10 #include <unistd.h>
11 11
12 #include "base/compiler_specific.h" 12 #include "base/compiler_specific.h"
13 #include "base/files/scoped_file.h" 13 #include "base/files/scoped_file.h"
14 #include "base/logging.h" 14 #include "base/logging.h"
15 #include "base/macros.h" 15 #include "base/macros.h"
16 #include "base/memory/scoped_ptr.h" 16 #include "base/memory/scoped_ptr.h"
17 #include "base/posix/eintr_wrapper.h" 17 #include "base/posix/eintr_wrapper.h"
18 #include "base/third_party/valgrind/valgrind.h" 18 #include "base/third_party/valgrind/valgrind.h"
19 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
19 #include "sandbox/linux/bpf_dsl/codegen.h" 20 #include "sandbox/linux/bpf_dsl/codegen.h"
20 #include "sandbox/linux/bpf_dsl/policy.h" 21 #include "sandbox/linux/bpf_dsl/policy.h"
21 #include "sandbox/linux/bpf_dsl/policy_compiler.h" 22 #include "sandbox/linux/bpf_dsl/policy_compiler.h"
22 #include "sandbox/linux/bpf_dsl/seccomp_macros.h" 23 #include "sandbox/linux/bpf_dsl/seccomp_macros.h"
23 #include "sandbox/linux/bpf_dsl/syscall_set.h" 24 #include "sandbox/linux/bpf_dsl/syscall_set.h"
24 #include "sandbox/linux/seccomp-bpf/die.h" 25 #include "sandbox/linux/seccomp-bpf/die.h"
25 #include "sandbox/linux/seccomp-bpf/syscall.h" 26 #include "sandbox/linux/seccomp-bpf/syscall.h"
26 #include "sandbox/linux/seccomp-bpf/trap.h" 27 #include "sandbox/linux/seccomp-bpf/trap.h"
27 #include "sandbox/linux/services/proc_util.h" 28 #include "sandbox/linux/services/proc_util.h"
28 #include "sandbox/linux/services/syscall_wrappers.h" 29 #include "sandbox/linux/services/syscall_wrappers.h"
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after
102 } 103 }
103 104
104 uint64_t EscapePC() { 105 uint64_t EscapePC() {
105 intptr_t rv = Syscall::Call(-1); 106 intptr_t rv = Syscall::Call(-1);
106 if (rv == -1 && errno == ENOSYS) { 107 if (rv == -1 && errno == ENOSYS) {
107 return 0; 108 return 0;
108 } 109 }
109 return static_cast<uint64_t>(static_cast<uintptr_t>(rv)); 110 return static_cast<uint64_t>(static_cast<uintptr_t>(rv));
110 } 111 }
111 112
113 intptr_t SandboxPanicTrap(const struct arch_seccomp_data&, void* aux) {
114 SANDBOX_DIE(static_cast<const char*>(aux));
115 }
116
117 bpf_dsl::ResultExpr SandboxPanic(const char* error) {
118 return bpf_dsl::Trap(SandboxPanicTrap, error);
119 }
120
112 } // namespace 121 } // namespace
113 122
114 SandboxBPF::SandboxBPF(bpf_dsl::Policy* policy) 123 SandboxBPF::SandboxBPF(bpf_dsl::Policy* policy)
115 : proc_fd_(), sandbox_has_started_(false), policy_(policy) { 124 : proc_fd_(), sandbox_has_started_(false), policy_(policy) {
116 } 125 }
117 126
118 SandboxBPF::~SandboxBPF() { 127 SandboxBPF::~SandboxBPF() {
119 } 128 }
120 129
121 // static 130 // static
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after
212 bool force_verification) { 221 bool force_verification) {
213 #if !defined(NDEBUG) 222 #if !defined(NDEBUG)
214 force_verification = true; 223 force_verification = true;
215 #endif 224 #endif
216 DCHECK(policy_); 225 DCHECK(policy_);
217 226
218 bpf_dsl::PolicyCompiler compiler(policy_.get(), Trap::Registry()); 227 bpf_dsl::PolicyCompiler compiler(policy_.get(), Trap::Registry());
219 if (Trap::SandboxDebuggingAllowedByUser()) { 228 if (Trap::SandboxDebuggingAllowedByUser()) {
220 compiler.DangerousSetEscapePC(EscapePC()); 229 compiler.DangerousSetEscapePC(EscapePC());
221 } 230 }
231 compiler.SetPanicFunc(SandboxPanic);
222 return compiler.Compile(force_verification); 232 return compiler.Compile(force_verification);
223 } 233 }
224 234
225 void SandboxBPF::InstallFilter(bool must_sync_threads) { 235 void SandboxBPF::InstallFilter(bool must_sync_threads) {
226 // We want to be very careful in not imposing any requirements on the 236 // We want to be very careful in not imposing any requirements on the
227 // policies that are set with SetSandboxPolicy(). This means, as soon as 237 // policies that are set with SetSandboxPolicy(). This means, as soon as
228 // the sandbox is active, we shouldn't be relying on libraries that could 238 // the sandbox is active, we shouldn't be relying on libraries that could
229 // be making system calls. This, for example, means we should avoid 239 // be making system calls. This, for example, means we should avoid
230 // using the heap and we should avoid using STL functions. 240 // using the heap and we should avoid using STL functions.
231 // Temporarily copy the contents of the "program" vector into a 241 // Temporarily copy the contents of the "program" vector into a
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
264 } else { 274 } else {
265 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { 275 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) {
266 SANDBOX_DIE("Kernel refuses to turn on BPF filters"); 276 SANDBOX_DIE("Kernel refuses to turn on BPF filters");
267 } 277 }
268 } 278 }
269 279
270 sandbox_has_started_ = true; 280 sandbox_has_started_ = true;
271 } 281 }
272 282
273 } // namespace sandbox 283 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp-bpf/errorcode.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698