| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <dirent.h> | 5 #include <dirent.h> |
| 6 #include <fcntl.h> | 6 #include <fcntl.h> |
| 7 #include <sys/resource.h> | 7 #include <sys/resource.h> |
| 8 #include <sys/stat.h> | 8 #include <sys/stat.h> |
| 9 #include <sys/time.h> | 9 #include <sys/time.h> |
| 10 #include <sys/types.h> | 10 #include <sys/types.h> |
| (...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 105 } // namespace | 105 } // namespace |
| 106 | 106 |
| 107 namespace content { | 107 namespace content { |
| 108 | 108 |
| 109 LinuxSandbox::LinuxSandbox() | 109 LinuxSandbox::LinuxSandbox() |
| 110 : proc_fd_(-1), | 110 : proc_fd_(-1), |
| 111 seccomp_bpf_started_(false), | 111 seccomp_bpf_started_(false), |
| 112 sandbox_status_flags_(kSandboxLinuxInvalid), | 112 sandbox_status_flags_(kSandboxLinuxInvalid), |
| 113 pre_initialized_(false), | 113 pre_initialized_(false), |
| 114 seccomp_bpf_supported_(false), | 114 seccomp_bpf_supported_(false), |
| 115 seccomp_bpf_with_tsync_supported_(false), |
| 115 yama_is_enforcing_(false), | 116 yama_is_enforcing_(false), |
| 116 initialize_sandbox_ran_(false), | 117 initialize_sandbox_ran_(false), |
| 117 setuid_sandbox_client_(sandbox::SetuidSandboxClient::Create()) | 118 setuid_sandbox_client_(sandbox::SetuidSandboxClient::Create()) |
| 118 { | 119 { |
| 119 if (setuid_sandbox_client_ == NULL) { | 120 if (setuid_sandbox_client_ == NULL) { |
| 120 LOG(FATAL) << "Failed to instantiate the setuid sandbox client."; | 121 LOG(FATAL) << "Failed to instantiate the setuid sandbox client."; |
| 121 } | 122 } |
| 122 #if defined(ANY_OF_AMTLU_SANITIZER) | 123 #if defined(ANY_OF_AMTLU_SANITIZER) |
| 123 sanitizer_args_ = make_scoped_ptr(new __sanitizer_sandbox_arguments); | 124 sanitizer_args_ = make_scoped_ptr(new __sanitizer_sandbox_arguments); |
| 124 *sanitizer_args_ = {0}; | 125 *sanitizer_args_ = {0}; |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 160 // as well. | 161 // as well. |
| 161 proc_fd_ = open("/proc", O_DIRECTORY | O_RDONLY | O_CLOEXEC); | 162 proc_fd_ = open("/proc", O_DIRECTORY | O_RDONLY | O_CLOEXEC); |
| 162 CHECK_GE(proc_fd_, 0); | 163 CHECK_GE(proc_fd_, 0); |
| 163 // We "pre-warm" the code that detects supports for seccomp BPF. | 164 // We "pre-warm" the code that detects supports for seccomp BPF. |
| 164 if (SandboxSeccompBPF::IsSeccompBPFDesired()) { | 165 if (SandboxSeccompBPF::IsSeccompBPFDesired()) { |
| 165 if (!SandboxSeccompBPF::SupportsSandbox()) { | 166 if (!SandboxSeccompBPF::SupportsSandbox()) { |
| 166 VLOG(1) << "Lacking support for seccomp-bpf sandbox."; | 167 VLOG(1) << "Lacking support for seccomp-bpf sandbox."; |
| 167 } else { | 168 } else { |
| 168 seccomp_bpf_supported_ = true; | 169 seccomp_bpf_supported_ = true; |
| 169 } | 170 } |
| 171 |
| 172 if (SandboxSeccompBPF::SupportsSandboxWithTsync()) { |
| 173 seccomp_bpf_with_tsync_supported_ = true; |
| 174 } |
| 170 } | 175 } |
| 171 | 176 |
| 172 // Yama is a "global", system-level status. We assume it will not regress | 177 // Yama is a "global", system-level status. We assume it will not regress |
| 173 // after startup. | 178 // after startup. |
| 174 const int yama_status = Yama::GetStatus(); | 179 const int yama_status = Yama::GetStatus(); |
| 175 yama_is_enforcing_ = (yama_status & Yama::STATUS_PRESENT) && | 180 yama_is_enforcing_ = (yama_status & Yama::STATUS_PRESENT) && |
| 176 (yama_status & Yama::STATUS_ENFORCING); | 181 (yama_status & Yama::STATUS_ENFORCING); |
| 177 pre_initialized_ = true; | 182 pre_initialized_ = true; |
| 178 } | 183 } |
| 179 | 184 |
| (...skipping 24 matching lines...) Expand all Loading... |
| 204 sandbox_status_flags_ |= kSandboxLinuxNetNS; | 209 sandbox_status_flags_ |= kSandboxLinuxNetNS; |
| 205 } | 210 } |
| 206 | 211 |
| 207 // We report whether the sandbox will be activated when renderers, workers | 212 // We report whether the sandbox will be activated when renderers, workers |
| 208 // and PPAPI plugins go through sandbox initialization. | 213 // and PPAPI plugins go through sandbox initialization. |
| 209 if (seccomp_bpf_supported() && | 214 if (seccomp_bpf_supported() && |
| 210 SandboxSeccompBPF::ShouldEnableSeccompBPF(switches::kRendererProcess)) { | 215 SandboxSeccompBPF::ShouldEnableSeccompBPF(switches::kRendererProcess)) { |
| 211 sandbox_status_flags_ |= kSandboxLinuxSeccompBPF; | 216 sandbox_status_flags_ |= kSandboxLinuxSeccompBPF; |
| 212 } | 217 } |
| 213 | 218 |
| 219 if (seccomp_bpf_with_tsync_supported() && |
| 220 SandboxSeccompBPF::ShouldEnableSeccompBPF(switches::kRendererProcess)) { |
| 221 sandbox_status_flags_ |= kSandboxLinuxSeccompTSYNC; |
| 222 } |
| 223 |
| 214 if (yama_is_enforcing_) { | 224 if (yama_is_enforcing_) { |
| 215 sandbox_status_flags_ |= kSandboxLinuxYama; | 225 sandbox_status_flags_ |= kSandboxLinuxYama; |
| 216 } | 226 } |
| 217 } | 227 } |
| 218 | 228 |
| 219 return sandbox_status_flags_; | 229 return sandbox_status_flags_; |
| 220 } | 230 } |
| 221 | 231 |
| 222 // Threads are counted via /proc/self/task. This is a little hairy because of | 232 // Threads are counted via /proc/self/task. This is a little hairy because of |
| 223 // PID namespaces and existing sandboxes, so "self" must really be used instead | 233 // PID namespaces and existing sandboxes, so "self" must really be used instead |
| (...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 330 void LinuxSandbox::StopThreadImpl(base::Thread* thread) { | 340 void LinuxSandbox::StopThreadImpl(base::Thread* thread) { |
| 331 DCHECK(thread); | 341 DCHECK(thread); |
| 332 StopThreadAndEnsureNotCounted(thread); | 342 StopThreadAndEnsureNotCounted(thread); |
| 333 } | 343 } |
| 334 | 344 |
| 335 bool LinuxSandbox::seccomp_bpf_supported() const { | 345 bool LinuxSandbox::seccomp_bpf_supported() const { |
| 336 CHECK(pre_initialized_); | 346 CHECK(pre_initialized_); |
| 337 return seccomp_bpf_supported_; | 347 return seccomp_bpf_supported_; |
| 338 } | 348 } |
| 339 | 349 |
| 350 bool LinuxSandbox::seccomp_bpf_with_tsync_supported() const { |
| 351 CHECK(pre_initialized_); |
| 352 return seccomp_bpf_with_tsync_supported_; |
| 353 } |
| 354 |
| 340 bool LinuxSandbox::LimitAddressSpace(const std::string& process_type) { | 355 bool LinuxSandbox::LimitAddressSpace(const std::string& process_type) { |
| 341 (void) process_type; | 356 (void) process_type; |
| 342 #if !defined(ADDRESS_SANITIZER) && !defined(MEMORY_SANITIZER) && \ | 357 #if !defined(ADDRESS_SANITIZER) && !defined(MEMORY_SANITIZER) && \ |
| 343 !defined(THREAD_SANITIZER) | 358 !defined(THREAD_SANITIZER) |
| 344 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); | 359 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); |
| 345 if (command_line->HasSwitch(switches::kNoSandbox)) { | 360 if (command_line->HasSwitch(switches::kNoSandbox)) { |
| 346 return false; | 361 return false; |
| 347 } | 362 } |
| 348 | 363 |
| 349 // Limit the address space to 4GB. | 364 // Limit the address space to 4GB. |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 414 | 429 |
| 415 void LinuxSandbox::StopThreadAndEnsureNotCounted(base::Thread* thread) const { | 430 void LinuxSandbox::StopThreadAndEnsureNotCounted(base::Thread* thread) const { |
| 416 DCHECK(thread); | 431 DCHECK(thread); |
| 417 base::ScopedFD proc_self_task(OpenProcTaskFd(proc_fd_)); | 432 base::ScopedFD proc_self_task(OpenProcTaskFd(proc_fd_)); |
| 418 PCHECK(proc_self_task.is_valid()); | 433 PCHECK(proc_self_task.is_valid()); |
| 419 CHECK(sandbox::ThreadHelpers::StopThreadAndWatchProcFS(proc_self_task.get(), | 434 CHECK(sandbox::ThreadHelpers::StopThreadAndWatchProcFS(proc_self_task.get(), |
| 420 thread)); | 435 thread)); |
| 421 } | 436 } |
| 422 | 437 |
| 423 } // namespace content | 438 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 758063005:
Linux sandbox: report TSYNC status in chrome://sandbox (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master