Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(919)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp-bpf/sandbox_bpf.cc

Issue 1310773006: Update sandbox/linux from upstream (Closed) Base URL: ssh://ssh.github.com/domokit/mojo.git@master
Patch Set: Update to 3909ebfa69566f7374a6900e63cd4d3c73a35378 Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/linux/seccomp-bpf/errorcode_unittest.cc ('k') | sandbox/linux/services/credentials.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" 5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
6 6
7 // Some headers on Android are missing cdefs: crbug.com/172337.
8 // (We can't use OS_ANDROID here since build_config.h is not included).
9 #if defined(ANDROID)
10 #include <sys/cdefs.h>
11 #endif
12
13 #include <errno.h> 7 #include <errno.h>
14 #include <sys/prctl.h> 8 #include <sys/prctl.h>
15 #include <sys/types.h> 9 #include <sys/types.h>
16 #include <unistd.h> 10 #include <unistd.h>
17 11
18 #include "base/compiler_specific.h" 12 #include "base/compiler_specific.h"
19 #include "base/files/scoped_file.h" 13 #include "base/files/scoped_file.h"
20 #include "base/logging.h" 14 #include "base/logging.h"
21 #include "base/macros.h" 15 #include "base/macros.h"
22 #include "base/memory/scoped_ptr.h" 16 #include "base/memory/scoped_ptr.h"
23 #include "base/posix/eintr_wrapper.h" 17 #include "base/posix/eintr_wrapper.h"
24 #include "base/third_party/valgrind/valgrind.h" 18 #include "base/third_party/valgrind/valgrind.h"
19 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
25 #include "sandbox/linux/bpf_dsl/codegen.h" 20 #include "sandbox/linux/bpf_dsl/codegen.h"
26 #include "sandbox/linux/bpf_dsl/policy.h" 21 #include "sandbox/linux/bpf_dsl/policy.h"
27 #include "sandbox/linux/bpf_dsl/policy_compiler.h" 22 #include "sandbox/linux/bpf_dsl/policy_compiler.h"
28 #include "sandbox/linux/bpf_dsl/seccomp_macros.h" 23 #include "sandbox/linux/bpf_dsl/seccomp_macros.h"
29 #include "sandbox/linux/bpf_dsl/syscall_set.h" 24 #include "sandbox/linux/bpf_dsl/syscall_set.h"
30 #include "sandbox/linux/seccomp-bpf/die.h" 25 #include "sandbox/linux/seccomp-bpf/die.h"
31 #include "sandbox/linux/seccomp-bpf/syscall.h" 26 #include "sandbox/linux/seccomp-bpf/syscall.h"
32 #include "sandbox/linux/seccomp-bpf/trap.h" 27 #include "sandbox/linux/seccomp-bpf/trap.h"
33 #include "sandbox/linux/services/proc_util.h" 28 #include "sandbox/linux/services/proc_util.h"
34 #include "sandbox/linux/services/syscall_wrappers.h" 29 #include "sandbox/linux/services/syscall_wrappers.h"
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after
108 } 103 }
109 104
110 uint64_t EscapePC() { 105 uint64_t EscapePC() {
111 intptr_t rv = Syscall::Call(-1); 106 intptr_t rv = Syscall::Call(-1);
112 if (rv == -1 && errno == ENOSYS) { 107 if (rv == -1 && errno == ENOSYS) {
113 return 0; 108 return 0;
114 } 109 }
115 return static_cast<uint64_t>(static_cast<uintptr_t>(rv)); 110 return static_cast<uint64_t>(static_cast<uintptr_t>(rv));
116 } 111 }
117 112
113 intptr_t SandboxPanicTrap(const struct arch_seccomp_data&, void* aux) {
114 SANDBOX_DIE(static_cast<const char*>(aux));
115 }
116
117 bpf_dsl::ResultExpr SandboxPanic(const char* error) {
118 return bpf_dsl::Trap(SandboxPanicTrap, error);
119 }
120
118 } // namespace 121 } // namespace
119 122
120 SandboxBPF::SandboxBPF(bpf_dsl::Policy* policy) 123 SandboxBPF::SandboxBPF(bpf_dsl::Policy* policy)
121 : proc_fd_(), sandbox_has_started_(false), policy_(policy) { 124 : proc_fd_(), sandbox_has_started_(false), policy_(policy) {
122 } 125 }
123 126
124 SandboxBPF::~SandboxBPF() { 127 SandboxBPF::~SandboxBPF() {
125 } 128 }
126 129
127 // static 130 // static
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after
218 bool force_verification) { 221 bool force_verification) {
219 #if !defined(NDEBUG) 222 #if !defined(NDEBUG)
220 force_verification = true; 223 force_verification = true;
221 #endif 224 #endif
222 DCHECK(policy_); 225 DCHECK(policy_);
223 226
224 bpf_dsl::PolicyCompiler compiler(policy_.get(), Trap::Registry()); 227 bpf_dsl::PolicyCompiler compiler(policy_.get(), Trap::Registry());
225 if (Trap::SandboxDebuggingAllowedByUser()) { 228 if (Trap::SandboxDebuggingAllowedByUser()) {
226 compiler.DangerousSetEscapePC(EscapePC()); 229 compiler.DangerousSetEscapePC(EscapePC());
227 } 230 }
231 compiler.SetPanicFunc(SandboxPanic);
228 return compiler.Compile(force_verification); 232 return compiler.Compile(force_verification);
229 } 233 }
230 234
231 void SandboxBPF::InstallFilter(bool must_sync_threads) { 235 void SandboxBPF::InstallFilter(bool must_sync_threads) {
232 // We want to be very careful in not imposing any requirements on the 236 // We want to be very careful in not imposing any requirements on the
233 // policies that are set with SetSandboxPolicy(). This means, as soon as 237 // policies that are set with SetSandboxPolicy(). This means, as soon as
234 // the sandbox is active, we shouldn't be relying on libraries that could 238 // the sandbox is active, we shouldn't be relying on libraries that could
235 // be making system calls. This, for example, means we should avoid 239 // be making system calls. This, for example, means we should avoid
236 // using the heap and we should avoid using STL functions. 240 // using the heap and we should avoid using STL functions.
237 // Temporarily copy the contents of the "program" vector into a 241 // Temporarily copy the contents of the "program" vector into a
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
270 } else { 274 } else {
271 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { 275 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) {
272 SANDBOX_DIE("Kernel refuses to turn on BPF filters"); 276 SANDBOX_DIE("Kernel refuses to turn on BPF filters");
273 } 277 }
274 } 278 }
275 279
276 sandbox_has_started_ = true; 280 sandbox_has_started_ = true;
277 } 281 }
278 282
279 } // namespace sandbox 283 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp-bpf/errorcode_unittest.cc ('k') | sandbox/linux/services/credentials.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698