Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(295)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp/mmap.cc

Issue 371047: Allow the seccomp sandbox to be enabled, even if the suid sandbox has... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 11 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/linux/seccomp/maps.cc ('k') | sandbox/linux/seccomp/mprotect.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Property Changes:
Added: svn:eol-style
+ LF
OLDNEW
1 #include "debug.h" 1 #include "debug.h"
2 #include "sandbox_impl.h" 2 #include "sandbox_impl.h"
3 3
4 namespace playground { 4 namespace playground {
5 5
6 void* Sandbox::sandbox_mmap(void *start, size_t length, int prot, int flags, 6 void* Sandbox::sandbox_mmap(void *start, size_t length, int prot, int flags,
7 int fd, off_t offset) { 7 int fd, off_t offset) {
8 Debug::syscall(__NR_mmap, "Executing handler"); 8 Debug::syscall(__NR_mmap, "Executing handler");
9 struct { 9 struct {
10 int sysnum; 10 int sysnum;
(...skipping 12 matching lines...) Expand all
23 void* rc; 23 void* rc;
24 SysCalls sys; 24 SysCalls sys;
25 if (write(sys, processFdPub(), &request, sizeof(request)) != 25 if (write(sys, processFdPub(), &request, sizeof(request)) !=
26 sizeof(request) || 26 sizeof(request) ||
27 read(sys, threadFdPub(), &rc, sizeof(rc)) != sizeof(rc)) { 27 read(sys, threadFdPub(), &rc, sizeof(rc)) != sizeof(rc)) {
28 die("Failed to forward mmap() request [sandbox]"); 28 die("Failed to forward mmap() request [sandbox]");
29 } 29 }
30 return rc; 30 return rc;
31 } 31 }
32 32
33 bool Sandbox::process_mmap(int parentProc, int sandboxFd, int threadFdPub, 33 bool Sandbox::process_mmap(int parentMapsFd, int sandboxFd, int threadFdPub,
34 int threadFd, SecureMem::Args* mem) { 34 int threadFd, SecureMem::Args* mem) {
35 // Read request 35 // Read request
36 SysCalls sys; 36 SysCalls sys;
37 MMap mmap_req; 37 MMap mmap_req;
38 if (read(sys, sandboxFd, &mmap_req, sizeof(mmap_req)) != sizeof(mmap_req)) { 38 if (read(sys, sandboxFd, &mmap_req, sizeof(mmap_req)) != sizeof(mmap_req)) {
39 die("Failed to read parameters for mmap() [process]"); 39 die("Failed to read parameters for mmap() [process]");
40 } 40 }
41 41
42 if (mmap_req.flags & MAP_FIXED) { 42 if (mmap_req.flags & MAP_FIXED) {
43 // Cannot map a memory area that was part of the original memory mappings. 43 // Cannot map a memory area that was part of the original memory mappings.
(...skipping 16 matching lines...) Expand all
60 } 60 }
61 61
62 // All other mmap() requests are OK 62 // All other mmap() requests are OK
63 SecureMem::sendSystemCall(threadFdPub, false, -1, mem, __NR_MMAP, 63 SecureMem::sendSystemCall(threadFdPub, false, -1, mem, __NR_MMAP,
64 mmap_req.start, mmap_req.length, mmap_req.prot, 64 mmap_req.start, mmap_req.length, mmap_req.prot,
65 mmap_req.flags, mmap_req.fd, mmap_req.offset); 65 mmap_req.flags, mmap_req.fd, mmap_req.offset);
66 return true; 66 return true;
67 } 67 }
68 68
69 } // namespace 69 } // namespace
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp/maps.cc ('k') | sandbox/linux/seccomp/mprotect.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698