OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/android/seccomp_support_detector.h" | 5 #include "chrome/browser/android/seccomp_support_detector.h" |
6 | 6 |
7 #include <stdio.h> | 7 #include <stdio.h> |
8 #include <sys/utsname.h> | 8 #include <sys/utsname.h> |
9 | 9 |
10 #include "base/metrics/histogram_macros.h" | 10 #include "base/metrics/histogram_macros.h" |
11 #include "base/metrics/sparse_histogram.h" | 11 #include "base/metrics/sparse_histogram.h" |
12 #include "content/public/browser/browser_thread.h" | 12 #include "content/public/browser/browser_thread.h" |
| 13 #include "sandbox/sandbox_features.h" |
13 | 14 |
14 #if defined(USE_SECCOMP_BPF) | 15 #if BUILDFLAG(USE_SECCOMP_BPF) |
15 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 16 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
16 #endif | 17 #endif |
17 | 18 |
18 using content::BrowserThread; | 19 using content::BrowserThread; |
19 | 20 |
20 enum AndroidSeccompStatus { | 21 enum AndroidSeccompStatus { |
21 // DETECTION_FAILED was formerly used when probing for seccomp was done | 22 // DETECTION_FAILED was formerly used when probing for seccomp was done |
22 // out-of-process. There does not appear to be a gain in doing so, as | 23 // out-of-process. There does not appear to be a gain in doing so, as |
23 // explained in the comment in DetectSeccomp(). This enum remains for | 24 // explained in the comment in DetectSeccomp(). This enum remains for |
24 // historical reasons. | 25 // historical reasons. |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
60 if (sscanf(uts.release, "%d.%d", &major, &minor) == 2) { | 61 if (sscanf(uts.release, "%d.%d", &major, &minor) == 2) { |
61 int version = ((major & 0xFFFF) << 16) | (minor & 0xFFFF); | 62 int version = ((major & 0xFFFF) << 16) | (minor & 0xFFFF); |
62 UMA_HISTOGRAM_SPARSE_SLOWLY("Android.KernelVersion", version); | 63 UMA_HISTOGRAM_SPARSE_SLOWLY("Android.KernelVersion", version); |
63 } | 64 } |
64 } | 65 } |
65 } | 66 } |
66 | 67 |
67 void SeccompSupportDetector::DetectSeccomp() { | 68 void SeccompSupportDetector::DetectSeccomp() { |
68 DCHECK(BrowserThread::GetBlockingPool()->RunsTasksOnCurrentThread()); | 69 DCHECK(BrowserThread::GetBlockingPool()->RunsTasksOnCurrentThread()); |
69 | 70 |
70 #if defined(USE_SECCOMP_BPF) | 71 #if BUILDFLAG(USE_SECCOMP_BPF) |
71 bool prctl_supported = sandbox::SandboxBPF::SupportsSeccompSandbox( | 72 bool prctl_supported = sandbox::SandboxBPF::SupportsSeccompSandbox( |
72 sandbox::SandboxBPF::SeccompLevel::SINGLE_THREADED); | 73 sandbox::SandboxBPF::SeccompLevel::SINGLE_THREADED); |
73 #else | 74 #else |
74 bool prctl_supported = false; | 75 bool prctl_supported = false; |
75 #endif | 76 #endif |
76 | 77 |
77 UMA_HISTOGRAM_ENUMERATION("Android.SeccompStatus.Prctl", | 78 UMA_HISTOGRAM_ENUMERATION("Android.SeccompStatus.Prctl", |
78 prctl_supported ? SUPPORTED : NOT_SUPPORTED, | 79 prctl_supported ? SUPPORTED : NOT_SUPPORTED, |
79 LAST_STATUS); | 80 LAST_STATUS); |
80 | 81 |
81 // Probing for the seccomp syscall can provoke kernel panics in certain LGE | 82 // Probing for the seccomp syscall can provoke kernel panics in certain LGE |
82 // devices. For now, this data will not be collected. In the future, this | 83 // devices. For now, this data will not be collected. In the future, this |
83 // should detect SeccompLevel::MULTI_THREADED. http://crbug.com/478478 | 84 // should detect SeccompLevel::MULTI_THREADED. http://crbug.com/478478 |
84 } | 85 } |
OLD | NEW |