| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" | 5 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <sys/prctl.h> | 9 #include <sys/prctl.h> |
| 10 #include <sys/stat.h> | 10 #include <sys/stat.h> |
| (...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 178 // have a single thread running here. | 178 // have a single thread running here. |
| 179 DCHECK(!layer_one_sealed_); | 179 DCHECK(!layer_one_sealed_); |
| 180 CHECK(IsSingleThreaded()); | 180 CHECK(IsSingleThreaded()); |
| 181 CheckForExpectedNumberOfOpenFds(); | 181 CheckForExpectedNumberOfOpenFds(); |
| 182 | 182 |
| 183 RestrictAddressSpaceUsage(); | 183 RestrictAddressSpaceUsage(); |
| 184 | 184 |
| 185 // Pass proc_fd_ ownership to the BPF sandbox, which guarantees it will | 185 // Pass proc_fd_ ownership to the BPF sandbox, which guarantees it will |
| 186 // be closed. There is no point in keeping it around since the BPF policy | 186 // be closed. There is no point in keeping it around since the BPF policy |
| 187 // will prevent its usage. | 187 // will prevent its usage. |
| 188 if (uses_nonsfi_mode) { | |
| 189 layer_two_enabled_ = nacl::nonsfi::InitializeBPFSandbox(proc_fd_.Pass()); | |
| 190 layer_two_is_nonsfi_ = true; | |
| 191 } else { | |
| 192 #if defined(OS_NACL_NONSFI) | 188 #if defined(OS_NACL_NONSFI) |
| 193 LOG(FATAL) << "nacl_helper_nonsfi can run only Non-SFI plugin."; | 189 CHECK(uses_nonsfi_mode); |
| 190 layer_two_enabled_ = nacl::nonsfi::InitializeBPFSandbox(proc_fd_.Pass()); |
| 191 layer_two_is_nonsfi_ = true; |
| 194 #else | 192 #else |
| 195 layer_two_enabled_ = nacl::InitializeBPFSandbox(proc_fd_.Pass()); | 193 CHECK(!uses_nonsfi_mode); |
| 194 layer_two_enabled_ = nacl::InitializeBPFSandbox(proc_fd_.Pass()); |
| 196 #endif | 195 #endif |
| 197 } | |
| 198 } | 196 } |
| 199 | 197 |
| 200 void NaClSandbox::SealLayerOneSandbox() { | 198 void NaClSandbox::SealLayerOneSandbox() { |
| 201 if (proc_fd_.is_valid() && !layer_two_enabled_) { | 199 if (proc_fd_.is_valid() && !layer_two_enabled_) { |
| 202 // If nothing prevents us, check that there is no superfluous directory | 200 // If nothing prevents us, check that there is no superfluous directory |
| 203 // open. | 201 // open. |
| 204 CHECK(!HasOpenDirectory()); | 202 CHECK(!HasOpenDirectory()); |
| 205 } | 203 } |
| 206 proc_fd_.reset(); | 204 proc_fd_.reset(); |
| 207 layer_one_sealed_ = true; | 205 layer_one_sealed_ = true; |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 239 static const char kNoBpfMsg[] = | 237 static const char kNoBpfMsg[] = |
| 240 "The seccomp-bpf sandbox is not engaged for NaCl:"; | 238 "The seccomp-bpf sandbox is not engaged for NaCl:"; |
| 241 if (can_be_no_sandbox) | 239 if (can_be_no_sandbox) |
| 242 LOG(ERROR) << kNoBpfMsg << kItIsDangerousMsg; | 240 LOG(ERROR) << kNoBpfMsg << kItIsDangerousMsg; |
| 243 else | 241 else |
| 244 LOG(FATAL) << kNoBpfMsg << kItIsNotAllowedMsg; | 242 LOG(FATAL) << kNoBpfMsg << kItIsNotAllowedMsg; |
| 245 } | 243 } |
| 246 } | 244 } |
| 247 | 245 |
| 248 } // namespace nacl | 246 } // namespace nacl |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1409633002:
Non-SFI mode: Remove old Non-SFI code. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master