OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "mojo/runner/host/linux_sandbox.h" | 5 #include "mojo/runner/host/linux_sandbox.h" |
6 | 6 |
7 #include <fcntl.h> | 7 #include <fcntl.h> |
8 #include <sys/syscall.h> | 8 #include <sys/syscall.h> |
9 #include <utility> | 9 #include <utility> |
10 | 10 |
11 #include "base/bind.h" | 11 #include "base/bind.h" |
12 #include "base/debug/leak_annotations.h" | 12 #include "base/debug/leak_annotations.h" |
| 13 #include "base/macros.h" |
13 #include "base/posix/eintr_wrapper.h" | 14 #include "base/posix/eintr_wrapper.h" |
14 #include "base/rand_util.h" | 15 #include "base/rand_util.h" |
15 #include "base/sys_info.h" | 16 #include "base/sys_info.h" |
16 #include "sandbox/linux/bpf_dsl/policy.h" | 17 #include "sandbox/linux/bpf_dsl/policy.h" |
17 #include "sandbox/linux/bpf_dsl/trap_registry.h" | 18 #include "sandbox/linux/bpf_dsl/trap_registry.h" |
18 #include "sandbox/linux/seccomp-bpf-helpers/baseline_policy.h" | 19 #include "sandbox/linux/seccomp-bpf-helpers/baseline_policy.h" |
19 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" | 20 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" |
20 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h" | 21 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h" |
21 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h" | 22 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h" |
22 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 23 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
154 ALLOW_UNUSED_LOCAL(leaked_broker); | 155 ALLOW_UNUSED_LOCAL(leaked_broker); |
155 ANNOTATE_LEAKING_OBJECT_PTR(leaked_broker); | 156 ANNOTATE_LEAKING_OBJECT_PTR(leaked_broker); |
156 } | 157 } |
157 | 158 |
158 void LinuxSandbox::Seal() { | 159 void LinuxSandbox::Seal() { |
159 proc_fd_.reset(); | 160 proc_fd_.reset(); |
160 } | 161 } |
161 | 162 |
162 } // namespace runner | 163 } // namespace runner |
163 } // namespace mojo | 164 } // namespace mojo |
OLD | NEW |