components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc - Issue 570763002: Remove more dependencies on sandbox/linux/seccomp-bpf

Side by Side Diff: components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc

Issue 570763002: Remove more dependencies on sandbox/linux/seccomp-bpf (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fix Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « components/nacl/loader/nonsfi/nonsfi_sandbox.cc ('k') | content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.h"	5 #include "components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.h"

6	6

7 #include "build/build_config.h"	7 #include "build/build_config.h"

8	8

9 #if defined(USE_SECCOMP_BPF)	9 #if defined(USE_SECCOMP_BPF)

10	10

11 #include <errno.h>	11 #include <errno.h>

12 #include <signal.h>	12 #include <signal.h>

13 #include <sys/ptrace.h>	13 #include <sys/ptrace.h>

14	14

15 #include "base/basictypes.h"	15 #include "base/basictypes.h"

16 #include "base/callback.h"	16 #include "base/callback.h"

17 #include "base/compiler_specific.h"	17 #include "base/compiler_specific.h"

18 #include "base/logging.h"	18 #include "base/logging.h"

19	19

20 #include "content/public/common/sandbox_init.h"	20 #include "content/public/common/sandbox_init.h"

21 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"	21 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"

22 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h"

23 #include "sandbox/linux/services/linux_syscalls.h"	22 #include "sandbox/linux/services/linux_syscalls.h"

24	23

25 #endif // defined(USE_SECCOMP_BPF)	24 #endif // defined(USE_SECCOMP_BPF)

26	25

27 namespace nacl {	26 namespace nacl {

28	27

29 #if defined(USE_SECCOMP_BPF)	28 #if defined(USE_SECCOMP_BPF)

30	29

31 namespace {	30 namespace {

32	31

33 class NaClBPFSandboxPolicy : public sandbox::SandboxBPFPolicy {	32 using sandbox::bpf_dsl::Allow;

	33 using sandbox::bpf_dsl::Error;

	34 using sandbox::bpf_dsl::ResultExpr;

	35

	36 class NaClBPFSandboxPolicy : public sandbox::bpf_dsl::SandboxBPFDSLPolicy {

34 public:	37 public:

35 NaClBPFSandboxPolicy()	38 NaClBPFSandboxPolicy()

36 : baseline_policy_(content::GetBPFSandboxBaselinePolicy()) {}	39 : baseline_policy_(content::GetBPFSandboxBaselinePolicy()) {}

37 virtual ~NaClBPFSandboxPolicy() {}	40 virtual ~NaClBPFSandboxPolicy() {}

38	41

39 virtual sandbox::ErrorCode EvaluateSyscall(	42 virtual ResultExpr EvaluateSyscall(int system_call_number) const OVERRIDE;

40 sandbox::SandboxBPF* sandbox_compiler,	43 virtual ResultExpr InvalidSyscall() const OVERRIDE {

41 int system_call_number) const OVERRIDE;	44 return baseline_policy_->InvalidSyscall();

42 virtual sandbox::ErrorCode InvalidSyscall(

43 sandbox::SandboxBPF* sandbox_compiler) const OVERRIDE {

44 return baseline_policy_->InvalidSyscall(sandbox_compiler);

45 }	45 }

46	46

47 private:	47 private:

48 scoped_ptr<sandbox::SandboxBPFPolicy> baseline_policy_;	48 scoped_ptr<sandbox::bpf_dsl::SandboxBPFDSLPolicy> baseline_policy_;

	49

49 DISALLOW_COPY_AND_ASSIGN(NaClBPFSandboxPolicy);	50 DISALLOW_COPY_AND_ASSIGN(NaClBPFSandboxPolicy);

50 };	51 };

51	52

52 sandbox::ErrorCode NaClBPFSandboxPolicy::EvaluateSyscall(	53 ResultExpr NaClBPFSandboxPolicy::EvaluateSyscall(int sysno) const {

53 sandbox::SandboxBPF* sb, int sysno) const {

54 DCHECK(baseline_policy_);	54 DCHECK(baseline_policy_);

55 switch (sysno) {	55 switch (sysno) {

56 // TODO(jln): NaCl's GDB debug stub uses the following socket system calls,	56 // TODO(jln): NaCl's GDB debug stub uses the following socket system calls,

57 // see if it can be restricted a bit.	57 // see if it can be restricted a bit.

58 #if defined(__x86_64__) \|\| defined(__arm__) \|\| defined(__mips__)	58 #if defined(__x86_64__) \|\| defined(__arm__) \|\| defined(__mips__)

59 // transport_common.cc needs this.	59 // transport_common.cc needs this.

60 case __NR_accept:	60 case __NR_accept:

61 case __NR_setsockopt:	61 case __NR_setsockopt:

62 #elif defined(__i386__)	62 #elif defined(__i386__)

63 case __NR_socketcall:	63 case __NR_socketcall:

(...skipping 27 matching lines...) Expand all Loading...
91 case __NR_sched_getaffinity:	91 case __NR_sched_getaffinity:

92 case __NR_sched_getparam:	92 case __NR_sched_getparam:

93 case __NR_sched_getscheduler:	93 case __NR_sched_getscheduler:

94 case __NR_sched_setscheduler:	94 case __NR_sched_setscheduler:

95 case __NR_sysinfo:	95 case __NR_sysinfo:

96 // __NR_times needed as clock() is called by CommandBufferHelper, which is	96 // __NR_times needed as clock() is called by CommandBufferHelper, which is

97 // used by NaCl applications that use Pepper's 3D interfaces.	97 // used by NaCl applications that use Pepper's 3D interfaces.

98 // See crbug.com/264856 for details.	98 // See crbug.com/264856 for details.

99 case __NR_times:	99 case __NR_times:

100 case __NR_uname:	100 case __NR_uname:

101 return sandbox::ErrorCode(sandbox::ErrorCode::ERR_ALLOWED);	101 return Allow();

102 case __NR_ioctl:	102 case __NR_ioctl:

103 case __NR_ptrace:	103 case __NR_ptrace:

104 return sandbox::ErrorCode(EPERM);	104 return Error(EPERM);

105 default:	105 default:

106 return baseline_policy_->EvaluateSyscall(sb, sysno);	106 return baseline_policy_->EvaluateSyscall(sysno);

107 }	107 }

108 NOTREACHED();	108 NOTREACHED();

109 // GCC wants this.	109 // GCC wants this.

110 return sandbox::ErrorCode(EPERM);	110 return Error(EPERM);

111 }	111 }

112	112

113 void RunSandboxSanityChecks() {	113 void RunSandboxSanityChecks() {

114 errno = 0;	114 errno = 0;

115 // Make a ptrace request with an invalid PID.	115 // Make a ptrace request with an invalid PID.

116 long ptrace_ret = ptrace(PTRACE_PEEKUSER, -1 /* pid */, NULL, NULL);	116 long ptrace_ret = ptrace(PTRACE_PEEKUSER, -1 /* pid */, NULL, NULL);

117 CHECK_EQ(-1, ptrace_ret);	117 CHECK_EQ(-1, ptrace_ret);

118 // Without the sandbox on, this ptrace call would ESRCH instead.	118 // Without the sandbox on, this ptrace call would ESRCH instead.

119 CHECK_EQ(EPERM, errno);	119 CHECK_EQ(EPERM, errno);

120 }	120 }

121	121

122 } // namespace	122 } // namespace

123	123

124 #else	124 #else

125	125

126 #error "Seccomp-bpf disabled on supported architecture!"	126 #error "Seccomp-bpf disabled on supported architecture!"

127	127

128 #endif // defined(USE_SECCOMP_BPF)	128 #endif // defined(USE_SECCOMP_BPF)

129	129

130 bool InitializeBPFSandbox() {	130 bool InitializeBPFSandbox() {

131 #if defined(USE_SECCOMP_BPF)	131 #if defined(USE_SECCOMP_BPF)

132 bool sandbox_is_initialized = content::InitializeSandbox(	132 bool sandbox_is_initialized = content::InitializeSandbox(

133 scoped_ptr<sandbox::SandboxBPFPolicy>(new NaClBPFSandboxPolicy));	133 scoped_ptr<sandbox::bpf_dsl::SandboxBPFDSLPolicy>(

	134 new NaClBPFSandboxPolicy));

134 if (sandbox_is_initialized) {	135 if (sandbox_is_initialized) {

135 RunSandboxSanityChecks();	136 RunSandboxSanityChecks();

136 return true;	137 return true;

137 }	138 }

138 #endif // defined(USE_SECCOMP_BPF)	139 #endif // defined(USE_SECCOMP_BPF)

139 return false;	140 return false;

140 }	141 }

141	142

142 } // namespace nacl	143 } // namespace nacl

OLD	NEW