Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(28)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp/clone.cc

Issue 371047: Allow the seccomp sandbox to be enabled, even if the suid sandbox has... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 11 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/linux/seccomp/access.cc ('k') | sandbox/linux/seccomp/exit.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Property Changes:
Added: svn:eol-style
+ LF
OLDNEW
1 #include "debug.h" 1 #include "debug.h"
2 #include "sandbox_impl.h" 2 #include "sandbox_impl.h"
3 3
4 namespace playground { 4 namespace playground {
5 5
6 int Sandbox::sandbox_clone(int flags, void* stack, int* pid, int* ctid, 6 int Sandbox::sandbox_clone(int flags, void* stack, int* pid, int* ctid,
7 void* tls, void *wrapper_sp) { 7 void* tls, void *wrapper_sp) {
8 Debug::syscall(__NR_clone, "Executing handler"); 8 Debug::syscall(__NR_clone, "Executing handler");
9 struct { 9 struct {
10 int sysnum; 10 int sysnum;
(...skipping 24 matching lines...) Expand all
35 long rc; 35 long rc;
36 SysCalls sys; 36 SysCalls sys;
37 if (write(sys, processFdPub(), &request, sizeof(request)) != 37 if (write(sys, processFdPub(), &request, sizeof(request)) !=
38 sizeof(request) || 38 sizeof(request) ||
39 read(sys, threadFdPub(), &rc, sizeof(rc)) != sizeof(rc)) { 39 read(sys, threadFdPub(), &rc, sizeof(rc)) != sizeof(rc)) {
40 die("Failed to forward clone() request [sandbox]"); 40 die("Failed to forward clone() request [sandbox]");
41 } 41 }
42 return static_cast<int>(rc); 42 return static_cast<int>(rc);
43 } 43 }
44 44
45 bool Sandbox::process_clone(int parentProc, int sandboxFd, int threadFdPub, 45 bool Sandbox::process_clone(int parentMapsFd, int sandboxFd, int threadFdPub,
46 int threadFd, SecureMem::Args* mem) { 46 int threadFd, SecureMem::Args* mem) {
47 // Read request 47 // Read request
48 Clone clone_req; 48 Clone clone_req;
49 SysCalls sys; 49 SysCalls sys;
50 if (read(sys, sandboxFd, &clone_req, sizeof(clone_req)) !=sizeof(clone_req)){ 50 if (read(sys, sandboxFd, &clone_req, sizeof(clone_req)) !=sizeof(clone_req)){
51 die("Failed to read parameters for clone() [process]"); 51 die("Failed to read parameters for clone() [process]");
52 } 52 }
53 53
54 // TODO(markus): add policy restricting parameters for clone 54 // TODO(markus): add policy restricting parameters for clone
55 if ((clone_req.flags & ~CLONE_DETACHED) != (CLONE_VM|CLONE_FS|CLONE_FILES| 55 if ((clone_req.flags & ~CLONE_DETACHED) != (CLONE_VM|CLONE_FS|CLONE_FILES|
56 CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS| 56 CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|
57 CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID)) { 57 CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID)) {
58 SecureMem::abandonSystemCall(threadFd, -EPERM); 58 SecureMem::abandonSystemCall(threadFd, -EPERM);
59 return false; 59 return false;
60 } else { 60 } else {
61 SecureMem::Args* newMem = getSecureMem(); 61 SecureMem::Args* newMem = getSecureMem();
62 if (!newMem) { 62 if (!newMem) {
63 SecureMem::abandonSystemCall(threadFd, -ENOMEM); 63 SecureMem::abandonSystemCall(threadFd, -ENOMEM);
64 return false; 64 return false;
65 } else { 65 } else {
66 // clone() has unusual semantics. We don't want to return back into the 66 // clone() has unusual semantics. We don't want to return back into the
67 // trusted thread, but instead we need to continue execution at the IP 67 // trusted thread, but instead we need to continue execution at the IP
68 // where we got called initially. 68 // where we got called initially.
69 SecureMem::lockSystemCall(parentProc, mem); 69 SecureMem::lockSystemCall(parentMapsFd, mem);
70 mem->ret = clone_req.ret; 70 mem->ret = clone_req.ret;
71 #if defined(__x86_64__) 71 #if defined(__x86_64__)
72 mem->rbp = clone_req.regs64.rbp; 72 mem->rbp = clone_req.regs64.rbp;
73 mem->rbx = clone_req.regs64.rbx; 73 mem->rbx = clone_req.regs64.rbx;
74 mem->rcx = clone_req.regs64.rcx; 74 mem->rcx = clone_req.regs64.rcx;
75 mem->rdx = clone_req.regs64.rdx; 75 mem->rdx = clone_req.regs64.rdx;
76 mem->rsi = clone_req.regs64.rsi; 76 mem->rsi = clone_req.regs64.rsi;
77 mem->rdi = clone_req.regs64.rdi; 77 mem->rdi = clone_req.regs64.rdi;
78 mem->r8 = clone_req.regs64.r8; 78 mem->r8 = clone_req.regs64.r8;
79 mem->r9 = clone_req.regs64.r9; 79 mem->r9 = clone_req.regs64.r9;
(...skipping 13 matching lines...) Expand all
93 mem->ebx = clone_req.regs32.ebx; 93 mem->ebx = clone_req.regs32.ebx;
94 #else 94 #else
95 #error Unsupported target platform 95 #error Unsupported target platform
96 #endif 96 #endif
97 newMem->sequence = 0; 97 newMem->sequence = 0;
98 newMem->shmId = -1; 98 newMem->shmId = -1;
99 mem->newSecureMem = newMem; 99 mem->newSecureMem = newMem;
100 mem->processFdPub = processFdPub_; 100 mem->processFdPub = processFdPub_;
101 mem->cloneFdPub = cloneFdPub_; 101 mem->cloneFdPub = cloneFdPub_;
102 102
103 SecureMem::sendSystemCall(threadFdPub, true, parentProc, mem, __NR_clone, 103 SecureMem::sendSystemCall(threadFdPub, true, parentMapsFd, mem,
104 clone_req.flags, clone_req.stack, 104 __NR_clone, clone_req.flags, clone_req.stack,
105 clone_req.pid, clone_req.ctid, clone_req.tls); 105 clone_req.pid, clone_req.ctid, clone_req.tls);
106 return true; 106 return true;
107 } 107 }
108 } 108 }
109 } 109 }
110 110
111 } // namespace 111 } // namespace
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp/access.cc ('k') | sandbox/linux/seccomp/exit.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698