components/nacl/loader/nonsfi/nonsfi_sandbox.cc - Issue 563043005: Linux sandbox: move RestrictClockID() to sandbox/

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/nacl/loader/nonsfi/nonsfi_sandbox.cc

Issue 563043005: Linux sandbox: move RestrictClockID() to sandbox/ (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Add header. Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: components/nacl/loader/nonsfi/nonsfi_sandbox.cc

diff --git a/components/nacl/loader/nonsfi/nonsfi_sandbox.cc b/components/nacl/loader/nonsfi/nonsfi_sandbox.cc

index c850347cad463f1bb7e0dfd2ddf81876913a1fbe..ee5e6d517815408cff31416a531eb4baf079da96 100644

--- a/components/nacl/loader/nonsfi/nonsfi_sandbox.cc

+++ b/components/nacl/loader/nonsfi/nonsfi_sandbox.cc

@@ -22,6 +22,7 @@

#include "content/public/common/sandbox_init.h"

#include "sandbox/linux/bpf_dsl/bpf_dsl.h"

#include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"

+#include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"

#include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h"

#include "sandbox/linux/services/linux_syscalls.h"

@@ -67,26 +68,6 @@ ResultExpr RestrictFcntlCommands() {

Allow()).Else(CrashSIGSYS());

}

-ResultExpr RestrictClockID() {

- // We allow accessing only CLOCK_MONOTONIC, CLOCK_PROCESS_CPUTIME_ID,

- // CLOCK_REALTIME, and CLOCK_THREAD_CPUTIME_ID. In particular, this disallows

- // access to arbitrary per-{process,thread} CPU-time clock IDs (such as those

- // returned by {clock,pthread}_getcpuclockid), which can leak information

- // about the state of the host OS.

- COMPILE_ASSERT(4 == sizeof(clockid_t), clockid_is_not_32bit);

- const Arg<clockid_t> clockid(0);

- return If(

-#if defined(OS_CHROMEOS)

- // Allow the special clock for Chrome OS used by Chrome tracing.

- clockid == base::TimeTicks::kClockSystemTrace ||

-#endif

- clockid == CLOCK_MONOTONIC ||

- clockid == CLOCK_PROCESS_CPUTIME_ID ||

- clockid == CLOCK_REALTIME ||

- clockid == CLOCK_THREAD_CPUTIME_ID,

- Allow()).Else(CrashSIGSYS());

ResultExpr RestrictClone() {

// We allow clone only for new thread creation.

const Arg<int> flags(0);

@@ -259,7 +240,7 @@ ResultExpr NaClNonSfiBPFSandboxPolicy::EvaluateSyscall(int sysno) const {

case __NR_clock_getres:

case __NR_clock_gettime:

- return RestrictClockID();

+ return sandbox::RestrictClockID();

case __NR_clone:

return RestrictClone();

« no previous file with comments | « no previous file | components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc » ('j') | no next file with comments »