Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(344)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/bpf_dsl/bpf_dsl.cc

Issue 628823003: sandbox_bpf: rework how unsafe traps are compiled/verified (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@policies
Patch Set: Sync Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/linux/bpf_dsl/bpf_dsl.h ('k') | sandbox/linux/seccomp-bpf/sandbox_bpf.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/bpf_dsl/bpf_dsl.h" 5 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 8
9 #include <limits> 9 #include <limits>
10 10
11 #include "base/logging.h" 11 #include "base/logging.h"
12 #include "base/memory/ref_counted.h" 12 #include "base/memory/ref_counted.h"
13 #include "sandbox/linux/seccomp-bpf/errorcode.h" 13 #include "sandbox/linux/seccomp-bpf/errorcode.h"
14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" 14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
15 #include "sandbox/linux/seccomp-bpf/syscall_iterator.h"
15 16
16 namespace sandbox { 17 namespace sandbox {
17 namespace bpf_dsl { 18 namespace bpf_dsl {
18 namespace { 19 namespace {
19 20
20 class AllowResultExprImpl : public internal::ResultExprImpl { 21 class AllowResultExprImpl : public internal::ResultExprImpl {
21 public: 22 public:
22 AllowResultExprImpl() {} 23 AllowResultExprImpl() {}
23 24
24 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { 25 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE {
25 return ErrorCode(ErrorCode::ERR_ALLOWED); 26 return ErrorCode(ErrorCode::ERR_ALLOWED);
26 } 27 }
27 28
28 private: 29 private:
29 virtual ~AllowResultExprImpl() {} 30 virtual ~AllowResultExprImpl() {}
30 31
31 DISALLOW_COPY_AND_ASSIGN(AllowResultExprImpl); 32 DISALLOW_COPY_AND_ASSIGN(AllowResultExprImpl);
32 }; 33 };
33 34
34 class ErrorResultExprImpl : public internal::ResultExprImpl { 35 class ErrorResultExprImpl : public internal::ResultExprImpl {
35 public: 36 public:
36 explicit ErrorResultExprImpl(int err) : err_(err) { 37 explicit ErrorResultExprImpl(int err) : err_(err) {
37 CHECK(err_ >= ErrorCode::ERR_MIN_ERRNO && err_ <= ErrorCode::ERR_MAX_ERRNO); 38 CHECK(err_ >= ErrorCode::ERR_MIN_ERRNO && err_ <= ErrorCode::ERR_MAX_ERRNO);
38 } 39 }
39 40
40 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { 41 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE {
41 return ErrorCode(err_); 42 return sb->Error(err_);
42 } 43 }
43 44
44 private: 45 private:
45 virtual ~ErrorResultExprImpl() {} 46 virtual ~ErrorResultExprImpl() {}
46 47
47 int err_; 48 int err_;
48 49
49 DISALLOW_COPY_AND_ASSIGN(ErrorResultExprImpl); 50 DISALLOW_COPY_AND_ASSIGN(ErrorResultExprImpl);
50 }; 51 };
51 52
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
105 public: 106 public:
106 UnsafeTrapResultExprImpl(Trap::TrapFnc func, const void* arg) 107 UnsafeTrapResultExprImpl(Trap::TrapFnc func, const void* arg)
107 : func_(func), arg_(arg) { 108 : func_(func), arg_(arg) {
108 DCHECK(func_); 109 DCHECK(func_);
109 } 110 }
110 111
111 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { 112 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE {
112 return sb->UnsafeTrap(func_, arg_); 113 return sb->UnsafeTrap(func_, arg_);
113 } 114 }
114 115
116 virtual bool HasUnsafeTraps() const OVERRIDE { return true; }
117
115 private: 118 private:
116 virtual ~UnsafeTrapResultExprImpl() {} 119 virtual ~UnsafeTrapResultExprImpl() {}
117 120
118 Trap::TrapFnc func_; 121 Trap::TrapFnc func_;
119 const void* arg_; 122 const void* arg_;
120 123
121 DISALLOW_COPY_AND_ASSIGN(UnsafeTrapResultExprImpl); 124 DISALLOW_COPY_AND_ASSIGN(UnsafeTrapResultExprImpl);
122 }; 125 };
123 126
124 class IfThenResultExprImpl : public internal::ResultExprImpl { 127 class IfThenResultExprImpl : public internal::ResultExprImpl {
125 public: 128 public:
126 IfThenResultExprImpl(const BoolExpr& cond, 129 IfThenResultExprImpl(const BoolExpr& cond,
127 const ResultExpr& then_result, 130 const ResultExpr& then_result,
128 const ResultExpr& else_result) 131 const ResultExpr& else_result)
129 : cond_(cond), then_result_(then_result), else_result_(else_result) {} 132 : cond_(cond), then_result_(then_result), else_result_(else_result) {}
130 133
131 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE { 134 virtual ErrorCode Compile(SandboxBPF* sb) const OVERRIDE {
132 return cond_->Compile( 135 return cond_->Compile(
133 sb, then_result_->Compile(sb), else_result_->Compile(sb)); 136 sb, then_result_->Compile(sb), else_result_->Compile(sb));
134 } 137 }
135 138
139 virtual bool HasUnsafeTraps() const OVERRIDE {
140 return then_result_->HasUnsafeTraps() || else_result_->HasUnsafeTraps();
141 }
142
136 private: 143 private:
137 virtual ~IfThenResultExprImpl() {} 144 virtual ~IfThenResultExprImpl() {}
138 145
139 BoolExpr cond_; 146 BoolExpr cond_;
140 ResultExpr then_result_; 147 ResultExpr then_result_;
141 ResultExpr else_result_; 148 ResultExpr else_result_;
142 149
143 DISALLOW_COPY_AND_ASSIGN(IfThenResultExprImpl); 150 DISALLOW_COPY_AND_ASSIGN(IfThenResultExprImpl);
144 }; 151 };
145 152
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after
242 BoolExpr lhs_; 249 BoolExpr lhs_;
243 BoolExpr rhs_; 250 BoolExpr rhs_;
244 251
245 DISALLOW_COPY_AND_ASSIGN(OrBoolExprImpl); 252 DISALLOW_COPY_AND_ASSIGN(OrBoolExprImpl);
246 }; 253 };
247 254
248 } // namespace 255 } // namespace
249 256
250 namespace internal { 257 namespace internal {
251 258
259 bool ResultExprImpl::HasUnsafeTraps() const {
260 return false;
261 }
262
252 uint64_t DefaultMask(size_t size) { 263 uint64_t DefaultMask(size_t size) {
253 switch (size) { 264 switch (size) {
254 case 4: 265 case 4:
255 return std::numeric_limits<uint32_t>::max(); 266 return std::numeric_limits<uint32_t>::max();
256 case 8: 267 case 8:
257 return std::numeric_limits<uint64_t>::max(); 268 return std::numeric_limits<uint64_t>::max();
258 default: 269 default:
259 CHECK(false) << "Unimplemented DefaultMask case"; 270 CHECK(false) << "Unimplemented DefaultMask case";
260 return 0; 271 return 0;
261 } 272 }
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after
369 380
370 ErrorCode SandboxBPFDSLPolicy::EvaluateSyscall(SandboxBPF* sb, 381 ErrorCode SandboxBPFDSLPolicy::EvaluateSyscall(SandboxBPF* sb,
371 int sysno) const { 382 int sysno) const {
372 return EvaluateSyscall(sysno)->Compile(sb); 383 return EvaluateSyscall(sysno)->Compile(sb);
373 } 384 }
374 385
375 ErrorCode SandboxBPFDSLPolicy::InvalidSyscall(SandboxBPF* sb) const { 386 ErrorCode SandboxBPFDSLPolicy::InvalidSyscall(SandboxBPF* sb) const {
376 return InvalidSyscall()->Compile(sb); 387 return InvalidSyscall()->Compile(sb);
377 } 388 }
378 389
390 bool SandboxBPFDSLPolicy::HasUnsafeTraps() const {
391 for (SyscallIterator iter(false); !iter.Done();) {
392 uint32_t sysnum = iter.Next();
393 if (SyscallIterator::IsValid(sysnum) &&
394 EvaluateSyscall(sysnum)->HasUnsafeTraps())
jln (very slow on Chromium) 2014/10/08 17:31:32 Nit: {}
mdempsky 2014/10/08 17:34:19 Done.
395 return true;
396 }
397 return InvalidSyscall()->HasUnsafeTraps();
398 }
399
379 ResultExpr SandboxBPFDSLPolicy::Trap(Trap::TrapFnc trap_func, const void* aux) { 400 ResultExpr SandboxBPFDSLPolicy::Trap(Trap::TrapFnc trap_func, const void* aux) {
380 return bpf_dsl::Trap(trap_func, aux); 401 return bpf_dsl::Trap(trap_func, aux);
381 } 402 }
382 403
383 } // namespace bpf_dsl 404 } // namespace bpf_dsl
384 } // namespace sandbox 405 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/linux/bpf_dsl/bpf_dsl.h ('k') | sandbox/linux/seccomp-bpf/sandbox_bpf.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698