OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_PARAMETERS_RESTRICTIONS_H_ | 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_PARAMETERS_RESTRICTIONS_H_ |
6 #define SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_PARAMETERS_RESTRICTIONS_H_ | 6 #define SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_PARAMETERS_RESTRICTIONS_H_ |
7 | 7 |
8 #include <unistd.h> | 8 #include <unistd.h> |
9 | 9 |
10 #include "build/build_config.h" | 10 #include "build/build_config.h" |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
68 | 68 |
69 // Restrict |clk_id| for clock_getres(), clock_gettime() and clock_settime(). | 69 // Restrict |clk_id| for clock_getres(), clock_gettime() and clock_settime(). |
70 // We allow accessing only CLOCK_MONOTONIC, CLOCK_PROCESS_CPUTIME_ID, | 70 // We allow accessing only CLOCK_MONOTONIC, CLOCK_PROCESS_CPUTIME_ID, |
71 // CLOCK_REALTIME, and CLOCK_THREAD_CPUTIME_ID. In particular, this disallows | 71 // CLOCK_REALTIME, and CLOCK_THREAD_CPUTIME_ID. In particular, this disallows |
72 // access to arbitrary per-{process,thread} CPU-time clock IDs (such as those | 72 // access to arbitrary per-{process,thread} CPU-time clock IDs (such as those |
73 // returned by {clock,pthread}_getcpuclockid), which can leak information | 73 // returned by {clock,pthread}_getcpuclockid), which can leak information |
74 // about the state of the host OS. | 74 // about the state of the host OS. |
75 // On Chrome OS, base::TimeTicks::kClockSystemTrace is also allowed. | 75 // On Chrome OS, base::TimeTicks::kClockSystemTrace is also allowed. |
76 SANDBOX_EXPORT bpf_dsl::ResultExpr RestrictClockID(); | 76 SANDBOX_EXPORT bpf_dsl::ResultExpr RestrictClockID(); |
77 | 77 |
| 78 // Restricts |pid| for sched_* syscalls which take a pid as the first argument. |
| 79 // We only allow calling these syscalls if the pid argument is equal to the pid |
| 80 // of the sandboxed process or 0 (indicating the current thread). The following |
| 81 // syscalls are supported: |
| 82 // |
| 83 // sched_getaffinity(), sched_getattr(), sched_getparam(), sched_getscheduler(), |
| 84 // sched_rr_get_interval(), sched_setaffinity(), sched_setattr(), |
| 85 // sched_setparam(), sched_setscheduler() |
| 86 SANDBOX_EXPORT bpf_dsl::ResultExpr RestrictSchedTarget(pid_t target_pid, |
| 87 int sysno); |
| 88 |
78 } // namespace sandbox. | 89 } // namespace sandbox. |
79 | 90 |
80 #endif // SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_PARAMETERS_RESTRICTIONS_H_ | 91 #endif // SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_PARAMETERS_RESTRICTIONS_H_ |
OLD | NEW |