| OLD | NEW |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "services/service_manager/runner/host/linux_sandbox.h" | 5 #include "services/service_manager/runner/host/linux_sandbox.h" |
| 6 | 6 |
| 7 #include <fcntl.h> | 7 #include <fcntl.h> |
| 8 #include <sys/syscall.h> | 8 #include <sys/syscall.h> |
| 9 #include <utility> | 9 #include <utility> |
| 10 | 10 |
| (...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 144 CHECK(sandbox::Credentials::DropAllCapabilities(proc_fd_.get())); | 144 CHECK(sandbox::Credentials::DropAllCapabilities(proc_fd_.get())); |
| 145 } | 145 } |
| 146 | 146 |
| 147 void LinuxSandbox::EngageSeccompSandbox() { | 147 void LinuxSandbox::EngageSeccompSandbox() { |
| 148 CHECK(warmed_up_); | 148 CHECK(warmed_up_); |
| 149 sandbox::SandboxBPF sandbox(policy_.release()); | 149 sandbox::SandboxBPF sandbox(policy_.release()); |
| 150 base::ScopedFD proc_fd(HANDLE_EINTR( | 150 base::ScopedFD proc_fd(HANDLE_EINTR( |
| 151 openat(proc_fd_.get(), ".", O_RDONLY | O_DIRECTORY | O_CLOEXEC))); | 151 openat(proc_fd_.get(), ".", O_RDONLY | O_DIRECTORY | O_CLOEXEC))); |
| 152 CHECK(proc_fd.is_valid()); | 152 CHECK(proc_fd.is_valid()); |
| 153 sandbox.SetProcFd(std::move(proc_fd)); | 153 sandbox.SetProcFd(std::move(proc_fd)); |
| 154 // Starting the process with a sandbox failed. Missing kernel support. |
| 154 CHECK( | 155 CHECK( |
| 155 sandbox.StartSandbox(sandbox::SandboxBPF::SeccompLevel::SINGLE_THREADED)) | 156 sandbox.StartSandbox(sandbox::SandboxBPF::SeccompLevel::SINGLE_THREADED)); |
| 156 << "Starting the process with a sandbox failed. Missing kernel support."; | |
| 157 | 157 |
| 158 // The Broker is now bound to this process and should only be destroyed when | 158 // The Broker is now bound to this process and should only be destroyed when |
| 159 // the process exits or is killed. | 159 // the process exits or is killed. |
| 160 sandbox::syscall_broker::BrokerProcess* leaked_broker = broker_.release(); | 160 sandbox::syscall_broker::BrokerProcess* leaked_broker = broker_.release(); |
| 161 ALLOW_UNUSED_LOCAL(leaked_broker); | 161 ALLOW_UNUSED_LOCAL(leaked_broker); |
| 162 ANNOTATE_LEAKING_OBJECT_PTR(leaked_broker); | 162 ANNOTATE_LEAKING_OBJECT_PTR(leaked_broker); |
| 163 } | 163 } |
| 164 | 164 |
| 165 void LinuxSandbox::Seal() { | 165 void LinuxSandbox::Seal() { |
| 166 proc_fd_.reset(); | 166 proc_fd_.reset(); |
| 167 } | 167 } |
| 168 | 168 |
| 169 } // namespace service_manager | 169 } // namespace service_manager |
| OLD | NEW |