OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
6 | 6 |
7 // Some headers on Android are missing cdefs: crbug.com/172337. | 7 // Some headers on Android are missing cdefs: crbug.com/172337. |
8 // (We can't use OS_ANDROID here since build_config.h is not included). | 8 // (We can't use OS_ANDROID here since build_config.h is not included). |
9 #if defined(ANDROID) | 9 #if defined(ANDROID) |
10 #include <sys/cdefs.h> | 10 #include <sys/cdefs.h> |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
88 time_t current_time; | 88 time_t current_time; |
89 // time() is implemented as a vsyscall. With an older glibc, with | 89 // time() is implemented as a vsyscall. With an older glibc, with |
90 // vsyscall=emulate and some versions of the seccomp BPF patch | 90 // vsyscall=emulate and some versions of the seccomp BPF patch |
91 // we may get SIGKILL-ed. Detect this! | 91 // we may get SIGKILL-ed. Detect this! |
92 if (time(¤t_time) != static_cast<time_t>(-1)) { | 92 if (time(¤t_time) != static_cast<time_t>(-1)) { |
93 syscall(__NR_exit_group, static_cast<intptr_t>(kExpectedExitCode)); | 93 syscall(__NR_exit_group, static_cast<intptr_t>(kExpectedExitCode)); |
94 } | 94 } |
95 } | 95 } |
96 | 96 |
97 bool IsSingleThreaded(int proc_fd) { | 97 bool IsSingleThreaded(int proc_fd) { |
98 return true; | |
Robert Sesek
2014/03/05 18:27:54
Obviously these cannot go in as-is. I can see thre
jln (very slow on Chromium)
2014/03/07 01:30:30
Yes, the sandbox:: seccomp-bpf class should suppor
Robert Sesek
2014/03/25 21:57:17
OK I'll work on that, then. How do you think Suppo
jln (very slow on Chromium)
2014/03/31 19:22:32
We could have StartSandboxWithThreads() return a b
Robert Sesek
2014/03/31 19:45:50
OK, that's also what I was thinking, though probab
| |
98 if (proc_fd < 0) { | 99 if (proc_fd < 0) { |
99 // Cannot determine whether program is single-threaded. Hope for | 100 // Cannot determine whether program is single-threaded. Hope for |
100 // the best... | 101 // the best... |
101 return true; | 102 return true; |
102 } | 103 } |
103 | 104 |
104 struct stat sb; | 105 struct stat sb; |
105 int task = -1; | 106 int task = -1; |
106 if ((task = openat(proc_fd, "self/task", O_RDONLY | O_DIRECTORY)) < 0 || | 107 if ((task = openat(proc_fd, "self/task", O_RDONLY | O_DIRECTORY)) < 0 || |
107 fstat(task, &sb) != 0 || sb.st_nlink != 3 || IGNORE_EINTR(close(task))) { | 108 fstat(task, &sb) != 0 || sb.st_nlink != 3 || IGNORE_EINTR(close(task))) { |
(...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
246 } | 247 } |
247 } | 248 } |
248 | 249 |
249 bool SandboxBPF::IsValidSyscallNumber(int sysnum) { | 250 bool SandboxBPF::IsValidSyscallNumber(int sysnum) { |
250 return SyscallIterator::IsValid(sysnum); | 251 return SyscallIterator::IsValid(sysnum); |
251 } | 252 } |
252 | 253 |
253 bool SandboxBPF::RunFunctionInPolicy(void (*code_in_sandbox)(), | 254 bool SandboxBPF::RunFunctionInPolicy(void (*code_in_sandbox)(), |
254 EvaluateSyscall syscall_evaluator, | 255 EvaluateSyscall syscall_evaluator, |
255 void* aux) { | 256 void* aux) { |
257 return true; | |
256 // Block all signals before forking a child process. This prevents an | 258 // Block all signals before forking a child process. This prevents an |
257 // attacker from manipulating our test by sending us an unexpected signal. | 259 // attacker from manipulating our test by sending us an unexpected signal. |
258 sigset_t old_mask, new_mask; | 260 sigset_t old_mask, new_mask; |
259 if (sigfillset(&new_mask) || sigprocmask(SIG_BLOCK, &new_mask, &old_mask)) { | 261 if (sigfillset(&new_mask) || sigprocmask(SIG_BLOCK, &new_mask, &old_mask)) { |
260 SANDBOX_DIE("sigprocmask() failed"); | 262 SANDBOX_DIE("sigprocmask() failed"); |
261 } | 263 } |
262 int fds[2]; | 264 int fds[2]; |
263 if (pipe2(fds, O_NONBLOCK | O_CLOEXEC)) { | 265 if (pipe2(fds, O_NONBLOCK | O_CLOEXEC)) { |
264 SANDBOX_DIE("pipe() failed"); | 266 SANDBOX_DIE("pipe() failed"); |
265 } | 267 } |
(...skipping 747 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1013 &*conds_->insert(failed).first); | 1015 &*conds_->insert(failed).first); |
1014 } | 1016 } |
1015 | 1017 |
1016 ErrorCode SandboxBPF::Kill(const char* msg) { | 1018 ErrorCode SandboxBPF::Kill(const char* msg) { |
1017 return Trap(BPFFailure, const_cast<char*>(msg)); | 1019 return Trap(BPFFailure, const_cast<char*>(msg)); |
1018 } | 1020 } |
1019 | 1021 |
1020 SandboxBPF::SandboxStatus SandboxBPF::status_ = STATUS_UNKNOWN; | 1022 SandboxBPF::SandboxStatus SandboxBPF::status_ = STATUS_UNKNOWN; |
1021 | 1023 |
1022 } // namespace sandbox | 1024 } // namespace sandbox |
OLD | NEW |