Chromium Code Reviews Chromium Code Reviews
Issue 1409633002:
Non-SFI mode: Remove old Non-SFI code. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: components/nacl/loader/nonsfi/nonsfi_sandbox.cc |
| diff --git a/components/nacl/loader/nonsfi/nonsfi_sandbox.cc b/components/nacl/loader/nonsfi/nonsfi_sandbox.cc |
| index 504560ebc1927863f8e5120bb4c789fdf30f25b4..7d0189de98391734ff6597a05b6dc15559f2caea 100644 |
| --- a/components/nacl/loader/nonsfi/nonsfi_sandbox.cc |
| +++ b/components/nacl/loader/nonsfi/nonsfi_sandbox.cc |
| @@ -2,6 +2,7 @@ |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| + |
|
Mark Seaborn
2015/10/15 18:10:11
Nit: don't add empty line here
hidehiko
2015/10/19 04:39:17
Done.
|
| #include "components/nacl/loader/nonsfi/nonsfi_sandbox.h" |
| #include <errno.h> |
| @@ -25,6 +26,10 @@ |
| #include "sandbox/linux/system_headers/linux_signal.h" |
| #include "sandbox/linux/system_headers/linux_syscalls.h" |
| +#if !defined(OS_NACL_NONSFI) |
| +#error "nonsfi_sandbox.cc must be built for nacl_helper_nonsfi." |
| +#endif |
| + |
| // Chrome OS Daisy (ARM) build environment and PNaCl toolchain do not define |
| // MAP_STACK. |
| #if !defined(MAP_STACK) |
| @@ -78,14 +83,11 @@ ResultExpr RestrictFcntlCommands() { |
| ResultExpr RestrictClone() { |
| // We allow clone only for new thread creation. |
| - int clone_flags = |
| + const int kCloneFlags = |
| CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | |
| CLONE_THREAD | CLONE_SYSVSEM | CLONE_SETTLS | CLONE_PARENT_SETTID; |
| -#if !defined(OS_NACL_NONSFI) |
| - clone_flags |= CLONE_CHILD_CLEARTID; |
| -#endif |
| const Arg<int> flags(0); |
| - return If(flags == clone_flags, Allow()).Else(CrashSIGSYSClone()); |
| + return If(flags == kCloneFlags, Allow()).Else(CrashSIGSYSClone()); |
| } |
| ResultExpr RestrictFutexOperation() { |
| @@ -116,13 +118,6 @@ ResultExpr RestrictSocketcall() { |
| // We only allow socketpair, sendmsg, and recvmsg. |
| const Arg<int> call(0); |
| return If( |
| -#if !defined(OS_NACL_NONSFI) |
| - // nacl_helper in Non-SFI mode still uses socketpair() internally |
| - // via libevent. |
| - // TODO(hidehiko): Remove this when the switching to nacl_helper_nonsfi |
| - // is completed. |
| - call == SYS_SOCKETPAIR || |
| -#endif |
| call == SYS_SHUTDOWN || call == SYS_SENDMSG || call == SYS_RECVMSG, |
| Allow()).Else(CrashSIGSYS()); |
| } |
| @@ -160,15 +155,6 @@ ResultExpr RestrictTgkill(int policy_pid) { |
| Allow()).Else(CrashSIGSYS()); |
| } |
| -#if !defined(OS_NACL_NONSFI) && (defined(__x86_64__) || defined(__arm__)) |
| -ResultExpr RestrictSocketpair() { |
| - // Only allow AF_UNIX, PF_UNIX. Crash if anything else is seen. |
| - static_assert(AF_UNIX == PF_UNIX, "AF_UNIX must equal PF_UNIX."); |
| - const Arg<int> domain(0); |
| - return If(domain == AF_UNIX, Allow()).Else(CrashSIGSYS()); |
| -} |
| -#endif |
| - |
| bool IsGracefullyDenied(int sysno) { |
| switch (sysno) { |
| // libevent tries this first and then falls back to poll if |
| @@ -318,14 +304,6 @@ ResultExpr NaClNonSfiBPFSandboxPolicy::EvaluateSyscall(int sysno) const { |
| case __NR_sendmsg: |
| case __NR_shutdown: |
| return Allow(); |
| -#if !defined(OS_NACL_NONSFI) |
| - // nacl_helper in Non-SFI mode still uses socketpair() internally |
| - // via libevent. |
| - // TODO(hidehiko): Remove this when the switching to nacl_helper_nonsfi |
| - // is completed. |
| - case __NR_socketpair: |
| - return RestrictSocketpair(); |
| -#endif |
| #endif |
| case __NR_tgkill: |
