| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <dirent.h> | 5 #include <dirent.h> |
| 6 #include <fcntl.h> | 6 #include <fcntl.h> |
| 7 #include <sys/resource.h> | 7 #include <sys/resource.h> |
| 8 #include <sys/stat.h> | 8 #include <sys/stat.h> |
| 9 #include <sys/time.h> | 9 #include <sys/time.h> |
| 10 #include <sys/types.h> | 10 #include <sys/types.h> |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 133 seccomp_bpf_supported_ = false; | 133 seccomp_bpf_supported_ = false; |
| 134 #if defined(ADDRESS_SANITIZER) && defined(OS_LINUX) | 134 #if defined(ADDRESS_SANITIZER) && defined(OS_LINUX) |
| 135 // ASan needs to open some resources before the sandbox is enabled. | 135 // ASan needs to open some resources before the sandbox is enabled. |
| 136 // This should not fork, not launch threads, not open a directory. | 136 // This should not fork, not launch threads, not open a directory. |
| 137 __sanitizer_sandbox_on_notify(/*reserved*/ NULL); | 137 __sanitizer_sandbox_on_notify(/*reserved*/ NULL); |
| 138 #endif | 138 #endif |
| 139 | 139 |
| 140 #if !defined(NDEBUG) | 140 #if !defined(NDEBUG) |
| 141 // Open proc_fd_ only in Debug mode so that forgetting to close it doesn't | 141 // Open proc_fd_ only in Debug mode so that forgetting to close it doesn't |
| 142 // produce a sandbox escape in Release mode. | 142 // produce a sandbox escape in Release mode. |
| 143 proc_fd_ = open("/proc", O_DIRECTORY | O_RDONLY); | 143 proc_fd_ = open("/proc", O_DIRECTORY | O_RDONLY | O_CLOEXEC); |
| 144 CHECK_GE(proc_fd_, 0); | 144 CHECK_GE(proc_fd_, 0); |
| 145 #endif // !defined(NDEBUG) | 145 #endif // !defined(NDEBUG) |
| 146 // We "pre-warm" the code that detects supports for seccomp BPF. | 146 // We "pre-warm" the code that detects supports for seccomp BPF. |
| 147 if (SandboxSeccompBPF::IsSeccompBPFDesired()) { | 147 if (SandboxSeccompBPF::IsSeccompBPFDesired()) { |
| 148 if (!SandboxSeccompBPF::SupportsSandbox()) { | 148 if (!SandboxSeccompBPF::SupportsSandbox()) { |
| 149 VLOG(1) << "Lacking support for seccomp-bpf sandbox."; | 149 VLOG(1) << "Lacking support for seccomp-bpf sandbox."; |
| 150 } else { | 150 } else { |
| 151 seccomp_bpf_supported_ = true; | 151 seccomp_bpf_supported_ = true; |
| 152 } | 152 } |
| 153 } | 153 } |
| (...skipping 226 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 380 void LinuxSandbox::StopThreadAndEnsureNotCounted(base::Thread* thread) const { | 380 void LinuxSandbox::StopThreadAndEnsureNotCounted(base::Thread* thread) const { |
| 381 DCHECK(thread); | 381 DCHECK(thread); |
| 382 int proc_self_task = OpenProcTaskFd(proc_fd_); | 382 int proc_self_task = OpenProcTaskFd(proc_fd_); |
| 383 PCHECK(proc_self_task >= 0); | 383 PCHECK(proc_self_task >= 0); |
| 384 SafeScopedFD task_closer(&proc_self_task); | 384 SafeScopedFD task_closer(&proc_self_task); |
| 385 CHECK( | 385 CHECK( |
| 386 sandbox::ThreadHelpers::StopThreadAndWatchProcFS(proc_self_task, thread)); | 386 sandbox::ThreadHelpers::StopThreadAndWatchProcFS(proc_self_task, thread)); |
| 387 } | 387 } |
| 388 | 388 |
| 389 } // namespace content | 389 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 189113009:
Linux sandbox: open /proc with O_CLOEXEC (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src