Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(446)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc

Issue 317373003: Merge 274934 "Linux sandbox: restrict futex operations." (Closed) Base URL: svn://svn.chromium.org/chrome/branches/1985/src/
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h ('k') | sandbox/linux/seccomp-bpf-helpers/syscall_sets.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h" 5 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <fcntl.h> 8 #include <fcntl.h>
9 #include <fcntl.h> 9 #include <fcntl.h>
10 #include <linux/futex.h>
10 #include <linux/net.h> 11 #include <linux/net.h>
11 #include <sched.h> 12 #include <sched.h>
12 #include <signal.h> 13 #include <signal.h>
13 #include <sys/ioctl.h> 14 #include <sys/ioctl.h>
14 #include <sys/mman.h> 15 #include <sys/mman.h>
15 #include <sys/prctl.h> 16 #include <sys/prctl.h>
16 #include <sys/stat.h> 17 #include <sys/stat.h>
17 #include <sys/types.h> 18 #include <sys/types.h>
18 #include <unistd.h> 19 #include <unistd.h>
19 20
20 #include "base/basictypes.h" 21 #include "base/basictypes.h"
21 #include "base/logging.h" 22 #include "base/logging.h"
23 #include "base/macros.h"
22 #include "build/build_config.h" 24 #include "build/build_config.h"
23 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" 25 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
24 #include "sandbox/linux/seccomp-bpf/linux_seccomp.h" 26 #include "sandbox/linux/seccomp-bpf/linux_seccomp.h"
25 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" 27 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
28 #include "sandbox/linux/services/android_futex.h"
26 29
27 #if defined(OS_ANDROID) 30 #if defined(OS_ANDROID)
28 #if !defined(F_DUPFD_CLOEXEC) 31 #if !defined(F_DUPFD_CLOEXEC)
29 #define F_DUPFD_CLOEXEC (F_LINUX_SPECIFIC_BASE + 6) 32 #define F_DUPFD_CLOEXEC (F_LINUX_SPECIFIC_BASE + 6)
30 #endif 33 #endif
31 #endif 34 #endif
32 35
33 #if defined(__arm__) && !defined(MAP_STACK) 36 #if defined(__arm__) && !defined(MAP_STACK)
34 #define MAP_STACK 0x20000 // Daisy build environment has old headers. 37 #define MAP_STACK 0x20000 // Daisy build environment has old headers.
35 #endif 38 #endif
(...skipping 203 matching lines...) Expand 10 before | Expand all | Expand 10 after
239 ErrorCode(ErrorCode::ERR_ALLOWED), 242 ErrorCode(ErrorCode::ERR_ALLOWED),
240 sandbox->Trap(SIGSYSKillFailure, NULL)); 243 sandbox->Trap(SIGSYSKillFailure, NULL));
241 case __NR_tkill: 244 case __NR_tkill:
242 return sandbox->Trap(SIGSYSKillFailure, NULL); 245 return sandbox->Trap(SIGSYSKillFailure, NULL);
243 default: 246 default:
244 NOTREACHED(); 247 NOTREACHED();
245 return sandbox->Trap(CrashSIGSYS_Handler, NULL); 248 return sandbox->Trap(CrashSIGSYS_Handler, NULL);
246 } 249 }
247 } 250 }
248 251
252 ErrorCode RestrictFutex(SandboxBPF* sandbox) {
253 // In futex.c, the kernel does "int cmd = op & FUTEX_CMD_MASK;". We need to
254 // make sure that the combination below will cover every way to get
255 // FUTEX_CMP_REQUEUE_PI.
256 const int kBannedFutexBits =
257 ~(FUTEX_CMD_MASK | FUTEX_PRIVATE_FLAG | FUTEX_CLOCK_REALTIME);
258 COMPILE_ASSERT(0 == kBannedFutexBits,
259 need_to_explicitly_blacklist_more_bits);
260
261 return sandbox->Cond(1, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL,
262 FUTEX_CMP_REQUEUE_PI,
263 sandbox->Trap(SIGSYSFutexFailure, NULL),
264 sandbox->Cond(1, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL,
265 FUTEX_CMP_REQUEUE_PI_PRIVATE,
266 sandbox->Trap(SIGSYSFutexFailure, NULL),
267 sandbox->Cond(1, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL,
268 FUTEX_CMP_REQUEUE_PI | FUTEX_CLOCK_REALTIME,
269 sandbox->Trap(SIGSYSFutexFailure, NULL),
270 sandbox->Cond(1, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL,
271 FUTEX_CMP_REQUEUE_PI_PRIVATE | FUTEX_CLOCK_REALTIME,
272 sandbox->Trap(SIGSYSFutexFailure, NULL),
273 ErrorCode(ErrorCode::ERR_ALLOWED)))));
274 }
275
249 } // namespace sandbox. 276 } // namespace sandbox.
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h ('k') | sandbox/linux/seccomp-bpf-helpers/syscall_sets.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698