Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp/securemem.cc

Issue 371047: Allow the seccomp sandbox to be enabled, even if the suid sandbox has... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 11 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/linux/seccomp/sandbox_impl.h ('k') | sandbox/linux/seccomp/socketcall.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Property Changes:
Added: svn:eol-style
+ LF
OLDNEW
1 #include "debug.h" 1 #include "debug.h"
2 #include "mutex.h" 2 #include "mutex.h"
3 #include "sandbox_impl.h" 3 #include "sandbox_impl.h"
4 #include "securemem.h" 4 #include "securemem.h"
5 5
6 namespace playground { 6 namespace playground {
7 7
8 void SecureMem::abandonSystemCall(int fd, int err) { 8 void SecureMem::abandonSystemCall(int fd, int err) {
9 void* rc = reinterpret_cast<void *>(err); 9 void* rc = reinterpret_cast<void *>(err);
10 if (err) { 10 if (err) {
11 Debug::message("System call failed\n"); 11 Debug::message("System call failed\n");
12 } 12 }
13 Sandbox::SysCalls sys; 13 Sandbox::SysCalls sys;
14 if (Sandbox::write(sys, fd, &rc, sizeof(rc)) != sizeof(rc)) { 14 if (Sandbox::write(sys, fd, &rc, sizeof(rc)) != sizeof(rc)) {
15 Sandbox::die("Failed to send system call"); 15 Sandbox::die("Failed to send system call");
16 } 16 }
17 } 17 }
18 18
19 void SecureMem::dieIfParentDied(int parentProc) { 19 void SecureMem::dieIfParentDied(int parentMapsFd) {
20 // The syscall_mutex_ should not be contended. If it is, we are either 20 // The syscall_mutex_ should not be contended. If it is, we are either
21 // experiencing a very unusual load of system calls that the sandbox is not 21 // experiencing a very unusual load of system calls that the sandbox is not
22 // optimized for; or, more likely, the sandboxed process terminated while the 22 // optimized for; or, more likely, the sandboxed process terminated while the
23 // trusted process was in the middle of waiting for the mutex. We detect 23 // trusted process was in the middle of waiting for the mutex. We detect
24 // this situation and terminate the trusted process. 24 // this situation and terminate the trusted process.
25 char proc[80]; 25 int alive = !lseek(parentMapsFd, 0, SEEK_SET);
26 sprintf(proc, "/proc/self/fd/%d/status", parentProc); 26 if (alive) {
27 struct stat sb; 27 char buf;
28 if (stat(proc, &sb)) { 28 do {
29 Sandbox::die(); 29 alive = read(parentMapsFd, &buf, 1);
30 } while (alive < 0 && errno == EINTR);
31 }
32 if (!alive) {
33 Sandbox::die();
30 } 34 }
31 } 35 }
32 36
33 void SecureMem::lockSystemCall(int parentProc, Args* mem) { 37 void SecureMem::lockSystemCall(int parentMapsFd, Args* mem) {
34 while (!Mutex::lockMutex(&Sandbox::syscall_mutex_, 500)) { 38 while (!Mutex::lockMutex(&Sandbox::syscall_mutex_, 500)) {
35 dieIfParentDied(parentProc); 39 dieIfParentDied(parentMapsFd);
36 } 40 }
37 asm volatile( 41 asm volatile(
38 #if defined(__x86_64__) 42 #if defined(__x86_64__)
39 "lock; incq (%0)\n" 43 "lock; incq (%0)\n"
40 #elif defined(__i386__) 44 #elif defined(__i386__)
41 "lock; incl (%0)\n" 45 "lock; incl (%0)\n"
42 #else 46 #else
43 #error Unsupported target platform 47 #error Unsupported target platform
44 #endif 48 #endif
45 : 49 :
46 : "q"(&mem->sequence) 50 : "q"(&mem->sequence)
47 : "memory"); 51 : "memory");
48 } 52 }
49 53
50 void SecureMem::sendSystemCallInternal(int fd, bool locked, int parentProc, 54 void SecureMem::sendSystemCallInternal(int fd, bool locked, int parentMapsFd,
51 Args* mem, int syscallNum, void* arg1, 55 Args* mem, int syscallNum, void* arg1,
52 void* arg2, void* arg3, void* arg4, 56 void* arg2, void* arg3, void* arg4,
53 void* arg5, void* arg6) { 57 void* arg5, void* arg6) {
54 if (!locked) { 58 if (!locked) {
55 asm volatile( 59 asm volatile(
56 #if defined(__x86_64__) 60 #if defined(__x86_64__)
57 "lock; incq (%0)\n" 61 "lock; incq (%0)\n"
58 #elif defined(__i386__) 62 #elif defined(__i386__)
59 "lock; incl (%0)\n" 63 "lock; incl (%0)\n"
60 #else 64 #else
(...skipping 19 matching lines...) Expand all
80 #error Unsupported target platform 84 #error Unsupported target platform
81 #endif 85 #endif
82 : 86 :
83 : "q"(&mem->sequence) 87 : "q"(&mem->sequence)
84 : "memory"); 88 : "memory");
85 int data = locked ? -2 : -1; 89 int data = locked ? -2 : -1;
86 Sandbox::SysCalls sys; 90 Sandbox::SysCalls sys;
87 if (Sandbox::write(sys, fd, &data, sizeof(data)) != sizeof(data)) { 91 if (Sandbox::write(sys, fd, &data, sizeof(data)) != sizeof(data)) {
88 Sandbox::die("Failed to send system call"); 92 Sandbox::die("Failed to send system call");
89 } 93 }
90 if (parentProc >= 0) { 94 if (parentMapsFd >= 0) {
91 while (!Mutex::waitForUnlock(&Sandbox::syscall_mutex_, 500)) { 95 while (!Mutex::waitForUnlock(&Sandbox::syscall_mutex_, 500)) {
92 dieIfParentDied(parentProc); 96 dieIfParentDied(parentMapsFd);
93 } 97 }
94 } 98 }
95 } 99 }
96 100
97 } // namespace 101 } // namespace
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp/sandbox_impl.h ('k') | sandbox/linux/seccomp/socketcall.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698