| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.h" | 5 #include "content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.h" |
| 6 | 6 |
| 7 #include <dlfcn.h> | 7 #include <dlfcn.h> |
| 8 #include <errno.h> | 8 #include <errno.h> |
| 9 #include <fcntl.h> | 9 #include <fcntl.h> |
| 10 #include <sys/socket.h> | 10 #include <sys/socket.h> |
| 11 #include <sys/stat.h> | 11 #include <sys/stat.h> |
| 12 #include <sys/types.h> | 12 #include <sys/types.h> |
| 13 #include <unistd.h> | 13 #include <unistd.h> |
| 14 | 14 |
| 15 #include <string> | 15 #include <string> |
| 16 #include <vector> | 16 #include <vector> |
| 17 | 17 |
| 18 #include "base/bind.h" | 18 #include "base/bind.h" |
| 19 #include "base/compiler_specific.h" | 19 #include "base/compiler_specific.h" |
| 20 #include "base/logging.h" | 20 #include "base/logging.h" |
| 21 #include "base/memory/scoped_ptr.h" | 21 #include "base/memory/scoped_ptr.h" |
| 22 #include "build/build_config.h" | 22 #include "build/build_config.h" |
| 23 #include "content/common/sandbox_linux/sandbox_bpf_base_policy_linux.h" | 23 #include "content/common/sandbox_linux/sandbox_bpf_base_policy_linux.h" |
| 24 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" | 24 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" |
| 25 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h" | 25 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h" |
| 26 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 26 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| 27 #include "sandbox/linux/services/linux_syscalls.h" | 27 #include "sandbox/linux/services/linux_syscalls.h" |
| 28 | 28 |
| 29 using sandbox::ErrorCode; | 29 using namespace sandbox::bpf_dsl; |
| 30 using sandbox::SandboxBPF; | |
| 31 using sandbox::SyscallSets; | 30 using sandbox::SyscallSets; |
| 32 | 31 |
| 33 namespace content { | 32 namespace content { |
| 34 | 33 |
| 35 namespace { | 34 namespace { |
| 36 | 35 |
| 37 inline bool IsChromeOS() { | 36 inline bool IsChromeOS() { |
| 38 #if defined(OS_CHROMEOS) | 37 #if defined(OS_CHROMEOS) |
| 39 return true; | 38 return true; |
| 40 #else | 39 #else |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 92 AddArmMaliGpuWhitelist(read_whitelist, write_whitelist); | 91 AddArmMaliGpuWhitelist(read_whitelist, write_whitelist); |
| 93 } | 92 } |
| 94 | 93 |
| 95 class CrosArmGpuBrokerProcessPolicy : public CrosArmGpuProcessPolicy { | 94 class CrosArmGpuBrokerProcessPolicy : public CrosArmGpuProcessPolicy { |
| 96 public: | 95 public: |
| 97 static sandbox::SandboxBPFPolicy* Create() { | 96 static sandbox::SandboxBPFPolicy* Create() { |
| 98 return new CrosArmGpuBrokerProcessPolicy(); | 97 return new CrosArmGpuBrokerProcessPolicy(); |
| 99 } | 98 } |
| 100 virtual ~CrosArmGpuBrokerProcessPolicy() {} | 99 virtual ~CrosArmGpuBrokerProcessPolicy() {} |
| 101 | 100 |
| 102 virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, | 101 virtual ResultExpr EvaluateSyscall(int system_call_number) const OVERRIDE; |
| 103 int system_call_number) const OVERRIDE; | |
| 104 | 102 |
| 105 private: | 103 private: |
| 106 CrosArmGpuBrokerProcessPolicy() : CrosArmGpuProcessPolicy(false) {} | 104 CrosArmGpuBrokerProcessPolicy() : CrosArmGpuProcessPolicy(false) {} |
| 107 DISALLOW_COPY_AND_ASSIGN(CrosArmGpuBrokerProcessPolicy); | 105 DISALLOW_COPY_AND_ASSIGN(CrosArmGpuBrokerProcessPolicy); |
| 108 }; | 106 }; |
| 109 | 107 |
| 110 // A GPU broker policy is the same as a GPU policy with open and | 108 // A GPU broker policy is the same as a GPU policy with open and |
| 111 // openat allowed. | 109 // openat allowed. |
| 112 ErrorCode CrosArmGpuBrokerProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox, | 110 ResultExpr CrosArmGpuBrokerProcessPolicy::EvaluateSyscall(int sysno) const { |
| 113 int sysno) const { | |
| 114 switch (sysno) { | 111 switch (sysno) { |
| 115 case __NR_access: | 112 case __NR_access: |
| 116 case __NR_open: | 113 case __NR_open: |
| 117 case __NR_openat: | 114 case __NR_openat: |
| 118 return ErrorCode(ErrorCode::ERR_ALLOWED); | 115 return Allow(); |
| 119 default: | 116 default: |
| 120 return CrosArmGpuProcessPolicy::EvaluateSyscall(sandbox, sysno); | 117 return CrosArmGpuProcessPolicy::EvaluateSyscall(sysno); |
| 121 } | 118 } |
| 122 } | 119 } |
| 123 | 120 |
| 124 } // namespace | 121 } // namespace |
| 125 | 122 |
| 126 CrosArmGpuProcessPolicy::CrosArmGpuProcessPolicy(bool allow_shmat) | 123 CrosArmGpuProcessPolicy::CrosArmGpuProcessPolicy(bool allow_shmat) |
| 127 : allow_shmat_(allow_shmat) {} | 124 : allow_shmat_(allow_shmat) {} |
| 128 | 125 |
| 129 CrosArmGpuProcessPolicy::~CrosArmGpuProcessPolicy() {} | 126 CrosArmGpuProcessPolicy::~CrosArmGpuProcessPolicy() {} |
| 130 | 127 |
| 131 ErrorCode CrosArmGpuProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox, | 128 ResultExpr CrosArmGpuProcessPolicy::EvaluateSyscall(int sysno) const { |
| 132 int sysno) const { | |
| 133 #if defined(__arm__) | 129 #if defined(__arm__) |
| 134 if (allow_shmat_ && sysno == __NR_shmat) | 130 if (allow_shmat_ && sysno == __NR_shmat) |
| 135 return ErrorCode(ErrorCode::ERR_ALLOWED); | 131 return Allow(); |
| 136 #endif // defined(__arm__) | 132 #endif // defined(__arm__) |
| 137 | 133 |
| 138 switch (sysno) { | 134 switch (sysno) { |
| 139 #if defined(__arm__) | 135 #if defined(__arm__) |
| 140 // ARM GPU sandbox is started earlier so we need to allow networking | 136 // ARM GPU sandbox is started earlier so we need to allow networking |
| 141 // in the sandbox. | 137 // in the sandbox. |
| 142 case __NR_connect: | 138 case __NR_connect: |
| 143 case __NR_getpeername: | 139 case __NR_getpeername: |
| 144 case __NR_getsockname: | 140 case __NR_getsockname: |
| 145 case __NR_sysinfo: | 141 case __NR_sysinfo: |
| 146 case __NR_uname: | 142 case __NR_uname: |
| 147 return ErrorCode(ErrorCode::ERR_ALLOWED); | 143 return Allow(); |
| 148 // Allow only AF_UNIX for |domain|. | 144 // Allow only AF_UNIX for |domain|. |
| 149 case __NR_socket: | 145 case __NR_socket: |
| 150 case __NR_socketpair: | 146 case __NR_socketpair: |
| 151 return sandbox->Cond(0, ErrorCode::TP_32BIT, | 147 return If(Arg<int>(0) == AF_UNIX).Then(Allow()).Else(Error(EPERM)); |
| 152 ErrorCode::OP_EQUAL, AF_UNIX, | |
| 153 ErrorCode(ErrorCode::ERR_ALLOWED), | |
| 154 ErrorCode(EPERM)); | |
| 155 #endif // defined(__arm__) | 148 #endif // defined(__arm__) |
| 156 default: | 149 default: |
| 157 if (SyscallSets::IsAdvancedScheduler(sysno)) | 150 if (SyscallSets::IsAdvancedScheduler(sysno)) |
| 158 return ErrorCode(ErrorCode::ERR_ALLOWED); | 151 return Allow(); |
| 159 | 152 |
| 160 // Default to the generic GPU policy. | 153 // Default to the generic GPU policy. |
| 161 return GpuProcessPolicy::EvaluateSyscall(sandbox, sysno); | 154 return GpuProcessPolicy::EvaluateSyscall(sysno); |
| 162 } | 155 } |
| 163 } | 156 } |
| 164 | 157 |
| 165 bool CrosArmGpuProcessPolicy::PreSandboxHook() { | 158 bool CrosArmGpuProcessPolicy::PreSandboxHook() { |
| 166 DCHECK(IsChromeOS() && IsArchitectureArm()); | 159 DCHECK(IsChromeOS() && IsArchitectureArm()); |
| 167 // Create a new broker process. | 160 // Create a new broker process. |
| 168 DCHECK(!broker_process()); | 161 DCHECK(!broker_process()); |
| 169 | 162 |
| 170 std::vector<std::string> read_whitelist_extra; | 163 std::vector<std::string> read_whitelist_extra; |
| 171 std::vector<std::string> write_whitelist_extra; | 164 std::vector<std::string> write_whitelist_extra; |
| (...skipping 11 matching lines...) Expand all Loading... |
| 183 // Preload the Tegra V4L2 (video decode acceleration) library. | 176 // Preload the Tegra V4L2 (video decode acceleration) library. |
| 184 dlopen("/usr/lib/libtegrav4l2.so", dlopen_flag); | 177 dlopen("/usr/lib/libtegrav4l2.so", dlopen_flag); |
| 185 // Resetting errno since platform-specific libraries will fail on other | 178 // Resetting errno since platform-specific libraries will fail on other |
| 186 // platforms. | 179 // platforms. |
| 187 errno = 0; | 180 errno = 0; |
| 188 | 181 |
| 189 return true; | 182 return true; |
| 190 } | 183 } |
| 191 | 184 |
| 192 } // namespace content | 185 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 299683004:
Rewrite all BPF policies to use DSL API
Base URL: svn://svn.chromium.org/chrome/trunk/src