OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.h" | 5 #include "components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.h" |
6 | 6 |
7 #include "build/build_config.h" | 7 #include "build/build_config.h" |
8 | 8 |
9 #if defined(USE_SECCOMP_BPF) | 9 #if defined(USE_SECCOMP_BPF) |
10 | 10 |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
46 | 46 |
47 private: | 47 private: |
48 scoped_ptr<sandbox::bpf_dsl::SandboxBPFDSLPolicy> baseline_policy_; | 48 scoped_ptr<sandbox::bpf_dsl::SandboxBPFDSLPolicy> baseline_policy_; |
49 | 49 |
50 DISALLOW_COPY_AND_ASSIGN(NaClBPFSandboxPolicy); | 50 DISALLOW_COPY_AND_ASSIGN(NaClBPFSandboxPolicy); |
51 }; | 51 }; |
52 | 52 |
53 ResultExpr NaClBPFSandboxPolicy::EvaluateSyscall(int sysno) const { | 53 ResultExpr NaClBPFSandboxPolicy::EvaluateSyscall(int sysno) const { |
54 DCHECK(baseline_policy_); | 54 DCHECK(baseline_policy_); |
55 switch (sysno) { | 55 switch (sysno) { |
56 // TODO(jln): NaCl's GDB debug stub uses the following socket system calls, | |
57 // see if it can be restricted a bit. | |
58 #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) | |
59 // transport_common.cc needs this. | |
60 case __NR_accept: | |
Mark Seaborn
2014/10/21 22:08:40
Could we conditionalise these based on whether the
rickyz (no longer on Chrome)
2014/10/22 03:25:05
Yeah, this sounds like a better approach, done.
| |
61 case __NR_setsockopt: | |
62 #elif defined(__i386__) | |
63 case __NR_socketcall: | |
64 #endif | |
65 // trusted/service_runtime/linux/thread_suspension.c needs sigwait() and is | |
Mark Seaborn
2014/10/21 22:08:40
We may end up using thread suspension outside of t
rickyz (no longer on Chrome)
2014/10/22 03:25:05
Ah, good to know - I left this one enabled by defa
| |
66 // used by NaCl's GDB debug stub. | |
67 case __NR_rt_sigtimedwait: | |
68 #if defined(__i386__) || defined(__mips__) | 56 #if defined(__i386__) || defined(__mips__) |
69 // Needed on i386 to set-up the custom segments. | 57 // Needed on i386 to set-up the custom segments. |
70 case __NR_modify_ldt: | 58 case __NR_modify_ldt: |
71 #endif | 59 #endif |
72 // NaClAddrSpaceBeforeAlloc needs prlimit64. | 60 // NaClAddrSpaceBeforeAlloc needs prlimit64. |
73 case __NR_prlimit64: | 61 case __NR_prlimit64: |
74 // NaCl uses custom signal stacks. | 62 // NaCl uses custom signal stacks. |
75 case __NR_sigaltstack: | 63 case __NR_sigaltstack: |
76 // Below is fairly similar to the policy for a Chromium renderer. | 64 // Below is fairly similar to the policy for a Chromium renderer. |
77 #if defined(__i386__) || defined(__x86_64__) || defined(__mips__) | 65 #if defined(__i386__) || defined(__x86_64__) || defined(__mips__) |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
134 new NaClBPFSandboxPolicy)); | 122 new NaClBPFSandboxPolicy)); |
135 if (sandbox_is_initialized) { | 123 if (sandbox_is_initialized) { |
136 RunSandboxSanityChecks(); | 124 RunSandboxSanityChecks(); |
137 return true; | 125 return true; |
138 } | 126 } |
139 #endif // defined(USE_SECCOMP_BPF) | 127 #endif // defined(USE_SECCOMP_BPF) |
140 return false; | 128 return false; |
141 } | 129 } |
142 | 130 |
143 } // namespace nacl | 131 } // namespace nacl |
OLD | NEW |