Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(957)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc

Issue 317193004: Linux sandbox: EPERM ioctl in NaCl's outer sandbox (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.h" 5 #include "components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <signal.h> 8 #include <signal.h>
9 #include <sys/ptrace.h> 9 #include <sys/ptrace.h>
10 10
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
60 case __NR_rt_sigtimedwait: 60 case __NR_rt_sigtimedwait:
61 #if defined(__i386__) 61 #if defined(__i386__)
62 // Needed on i386 to set-up the custom segments. 62 // Needed on i386 to set-up the custom segments.
63 case __NR_modify_ldt: 63 case __NR_modify_ldt:
64 #endif 64 #endif
65 // NaClAddrSpaceBeforeAlloc needs prlimit64. 65 // NaClAddrSpaceBeforeAlloc needs prlimit64.
66 case __NR_prlimit64: 66 case __NR_prlimit64:
67 // NaCl uses custom signal stacks. 67 // NaCl uses custom signal stacks.
68 case __NR_sigaltstack: 68 case __NR_sigaltstack:
69 // Below is fairly similar to the policy for a Chromium renderer. 69 // Below is fairly similar to the policy for a Chromium renderer.
70 // TODO(jln): restrict ioctl() and prctl().
71 case __NR_ioctl:
72 #if defined(__i386__) || defined(__x86_64__) 70 #if defined(__i386__) || defined(__x86_64__)
73 case __NR_getrlimit: 71 case __NR_getrlimit:
74 #endif 72 #endif
75 #if defined(__i386__) || defined(__arm__) 73 #if defined(__i386__) || defined(__arm__)
76 case __NR_ugetrlimit: 74 case __NR_ugetrlimit:
77 #endif 75 #endif
78 // NaCl runtime exposes clock_getres to untrusted code. 76 // NaCl runtime exposes clock_getres to untrusted code.
79 case __NR_clock_getres: 77 case __NR_clock_getres:
80 // NaCl runtime uses flock to simulate POSIX behavior for pwrite. 78 // NaCl runtime uses flock to simulate POSIX behavior for pwrite.
81 case __NR_flock: 79 case __NR_flock:
82 case __NR_pread64: 80 case __NR_pread64:
83 case __NR_pwrite64: 81 case __NR_pwrite64:
84 case __NR_sched_get_priority_max: 82 case __NR_sched_get_priority_max:
85 case __NR_sched_get_priority_min: 83 case __NR_sched_get_priority_min:
86 case __NR_sched_getaffinity: 84 case __NR_sched_getaffinity:
87 case __NR_sched_getparam: 85 case __NR_sched_getparam:
88 case __NR_sched_getscheduler: 86 case __NR_sched_getscheduler:
89 case __NR_sched_setscheduler: 87 case __NR_sched_setscheduler:
90 case __NR_setpriority: 88 case __NR_setpriority:
91 case __NR_sysinfo: 89 case __NR_sysinfo:
92 // __NR_times needed as clock() is called by CommandBufferHelper, which is 90 // __NR_times needed as clock() is called by CommandBufferHelper, which is
93 // used by NaCl applications that use Pepper's 3D interfaces. 91 // used by NaCl applications that use Pepper's 3D interfaces.
94 // See crbug.com/264856 for details. 92 // See crbug.com/264856 for details.
95 case __NR_times: 93 case __NR_times:
96 case __NR_uname: 94 case __NR_uname:
97 return ErrorCode(ErrorCode::ERR_ALLOWED); 95 return ErrorCode(ErrorCode::ERR_ALLOWED);
96 case __NR_ioctl:
98 case __NR_ptrace: 97 case __NR_ptrace:
99 return ErrorCode(EPERM); 98 return ErrorCode(EPERM);
100 default: 99 default:
101 return baseline_policy_->EvaluateSyscall(sb, sysno); 100 return baseline_policy_->EvaluateSyscall(sb, sysno);
102 } 101 }
103 NOTREACHED(); 102 NOTREACHED();
104 // GCC wants this. 103 // GCC wants this.
105 return ErrorCode(EPERM); 104 return ErrorCode(EPERM);
106 } 105 }
107 106
(...skipping 22 matching lines...) Expand all
130 scoped_ptr<SandboxBPFPolicy>(new NaClBPFSandboxPolicy())); 129 scoped_ptr<SandboxBPFPolicy>(new NaClBPFSandboxPolicy()));
131 if (sandbox_is_initialized) { 130 if (sandbox_is_initialized) {
132 RunSandboxSanityChecks(); 131 RunSandboxSanityChecks();
133 return true; 132 return true;
134 } 133 }
135 #endif // defined(USE_SECCOMP_BPF) 134 #endif // defined(USE_SECCOMP_BPF)
136 return false; 135 return false;
137 } 136 }
138 137
139 } // namespace nacl 138 } // namespace nacl
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698