OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" | 5 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <fcntl.h> | 8 #include <fcntl.h> |
9 #include <sys/socket.h> | 9 #include <sys/socket.h> |
10 #include <sys/stat.h> | 10 #include <sys/stat.h> |
(...skipping 25 matching lines...) Expand all Loading... |
36 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 36 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
37 #include "sandbox/linux/services/linux_syscalls.h" | 37 #include "sandbox/linux/services/linux_syscalls.h" |
38 | 38 |
39 using sandbox::BaselinePolicy; | 39 using sandbox::BaselinePolicy; |
40 using sandbox::SyscallSets; | 40 using sandbox::SyscallSets; |
41 | 41 |
42 #else | 42 #else |
43 | 43 |
44 // Make sure that seccomp-bpf does not get disabled by mistake. Also make sure | 44 // Make sure that seccomp-bpf does not get disabled by mistake. Also make sure |
45 // that we think twice about this when adding a new architecture. | 45 // that we think twice about this when adding a new architecture. |
46 #if !defined(ARCH_CPU_MIPS_FAMILY) && !defined(ARCH_CPU_ARM64) | 46 #if !defined(ARCH_CPU_ARM64) |
47 #error "Seccomp-bpf disabled on supported architecture!" | 47 #error "Seccomp-bpf disabled on supported architecture!" |
48 #endif // !defined(ARCH_CPU_MIPS_FAMILY) && !defined(ARCH_CPU_ARM64) | 48 #endif // !defined(ARCH_CPU_ARM64) |
49 | 49 |
50 #endif // | 50 #endif // |
51 | 51 |
52 namespace content { | 52 namespace content { |
53 | 53 |
54 #if defined(USE_SECCOMP_BPF) | 54 #if defined(USE_SECCOMP_BPF) |
55 namespace { | 55 namespace { |
56 | 56 |
57 void StartSandboxWithPolicy(sandbox::SandboxBPFPolicy* policy); | 57 void StartSandboxWithPolicy(sandbox::SandboxBPFPolicy* policy); |
58 | 58 |
(...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
295 scoped_ptr<sandbox::SandboxBPFPolicy> | 295 scoped_ptr<sandbox::SandboxBPFPolicy> |
296 SandboxSeccompBPF::GetBaselinePolicy() { | 296 SandboxSeccompBPF::GetBaselinePolicy() { |
297 #if defined(USE_SECCOMP_BPF) | 297 #if defined(USE_SECCOMP_BPF) |
298 return scoped_ptr<sandbox::SandboxBPFPolicy>(new BaselinePolicy); | 298 return scoped_ptr<sandbox::SandboxBPFPolicy>(new BaselinePolicy); |
299 #else | 299 #else |
300 return scoped_ptr<sandbox::SandboxBPFPolicy>(); | 300 return scoped_ptr<sandbox::SandboxBPFPolicy>(); |
301 #endif // defined(USE_SECCOMP_BPF) | 301 #endif // defined(USE_SECCOMP_BPF) |
302 } | 302 } |
303 | 303 |
304 } // namespace content | 304 } // namespace content |
OLD | NEW |