Chromium Code Reviews Chromium Code Reviews
Issue 196793023:
Add seccomp sandbox for non-SFI NaCl (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/nacl/loader/nonsfi/nonsfi_main.h" | 5 #include "components/nacl/loader/nonsfi/nonsfi_main.h" |
| 6 | 6 |
| 7 #include "base/debug/leak_annotations.h" | 7 #include "base/debug/leak_annotations.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/threading/platform_thread.h" | 10 #include "base/threading/platform_thread.h" |
| (...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 171 LOG(ERROR) << "ServiceAccept: Failed to accept " << status; | 171 LOG(ERROR) << "ServiceAccept: Failed to accept " << status; |
| 172 return; | 172 return; |
| 173 } | 173 } |
| 174 | 174 |
| 175 NaClSrpcServerLoop(connected_desc, kNonSfiServiceHandlers, NULL); | 175 NaClSrpcServerLoop(connected_desc, kNonSfiServiceHandlers, NULL); |
| 176 } | 176 } |
| 177 | 177 |
| 178 } // namespace | 178 } // namespace |
| 179 | 179 |
| 180 void MainStart(NaClHandle imc_bootstrap_handle) { | 180 void MainStart(NaClHandle imc_bootstrap_handle) { |
| 181 NaClSrpcModuleInit(); | |
|
hamaji
2014/03/24 16:25:43
This was called from here for historical reason, I
Mark Seaborn
2014/03/28 01:38:25
Calling NaClChromeMainInit() for the non-SFI code
hamaji
2014/03/28 12:06:10
I'll send a patch after https://codereview.chromiu
| |
| 182 | |
| 183 struct NaClDesc* secure_pair[2] = { NULL, NULL }; | 181 struct NaClDesc* secure_pair[2] = { NULL, NULL }; |
| 184 struct NaClDesc* pair[2] = { NULL, NULL }; | 182 struct NaClDesc* pair[2] = { NULL, NULL }; |
| 185 CreateSecureSocketPair(secure_pair, pair); | 183 CreateSecureSocketPair(secure_pair, pair); |
| 186 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> secure_port(secure_pair[0]); | 184 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> secure_port(secure_pair[0]); |
| 187 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> secure_address( | 185 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> secure_address( |
| 188 secure_pair[1]); | 186 secure_pair[1]); |
| 189 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> service_port(pair[0]); | 187 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> service_port(pair[0]); |
| 190 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> service_address(pair[1]); | 188 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> service_address(pair[1]); |
| 191 | 189 |
| 192 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> channel( | 190 ::scoped_ptr<struct NaClDesc, NaClDescUnrefer> channel( |
| 193 SetUpBootstrapChannel(imc_bootstrap_handle, | 191 SetUpBootstrapChannel(imc_bootstrap_handle, |
| 194 secure_address.get(), service_address.get())); | 192 secure_address.get(), service_address.get())); |
| 195 if (!channel) { | 193 if (!channel) { |
| 196 LOG(ERROR) << "MainStart: Failed to set up bootstrap channel."; | 194 LOG(ERROR) << "MainStart: Failed to set up bootstrap channel."; |
| 197 return; | 195 return; |
| 198 } | 196 } |
| 199 | 197 |
| 200 // Start the SRPC server loop. | 198 // Start the SRPC server loop. |
| 201 ServiceAccept(secure_port.get()); | 199 ServiceAccept(secure_port.get()); |
| 202 } | 200 } |
| 203 | 201 |
| 204 } // namespace nonsfi | 202 } // namespace nonsfi |
| 205 } // namespace nacl | 203 } // namespace nacl |
| OLD | NEW |
