OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ | 5 #ifndef CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ |
6 #define CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ | 6 #define CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
110 private: | 110 private: |
111 friend struct DefaultSingletonTraits<LinuxSandbox>; | 111 friend struct DefaultSingletonTraits<LinuxSandbox>; |
112 | 112 |
113 LinuxSandbox(); | 113 LinuxSandbox(); |
114 ~LinuxSandbox(); | 114 ~LinuxSandbox(); |
115 | 115 |
116 // Some methods are static and get an instance of the Singleton. These | 116 // Some methods are static and get an instance of the Singleton. These |
117 // are the non-static implementations. | 117 // are the non-static implementations. |
118 bool InitializeSandboxImpl(); | 118 bool InitializeSandboxImpl(); |
119 void StopThreadImpl(base::Thread* thread); | 119 void StopThreadImpl(base::Thread* thread); |
120 // We must have been pre_initialized_ before using this. | 120 // We must have been pre_initialized_ before using these. |
121 bool seccomp_bpf_supported() const; | 121 bool seccomp_bpf_supported() const; |
| 122 bool seccomp_bpf_with_tsync_supported() const; |
122 // Returns true if it can be determined that the current process has open | 123 // Returns true if it can be determined that the current process has open |
123 // directories that are not managed by the LinuxSandbox class. This would | 124 // directories that are not managed by the LinuxSandbox class. This would |
124 // be a vulnerability as it would allow to bypass the setuid sandbox. | 125 // be a vulnerability as it would allow to bypass the setuid sandbox. |
125 bool HasOpenDirectories() const; | 126 bool HasOpenDirectories() const; |
126 // The last part of the initialization is to make sure any temporary "hole" | 127 // The last part of the initialization is to make sure any temporary "hole" |
127 // in the sandbox is closed. For now, this consists of closing proc_fd_. | 128 // in the sandbox is closed. For now, this consists of closing proc_fd_. |
128 void SealSandbox(); | 129 void SealSandbox(); |
129 // GetStatus() makes promises as to how the sandbox will behave. This | 130 // GetStatus() makes promises as to how the sandbox will behave. This |
130 // checks that no promises have been broken. | 131 // checks that no promises have been broken. |
131 void CheckForBrokenPromises(const std::string& process_type); | 132 void CheckForBrokenPromises(const std::string& process_type); |
132 // Stop |thread| and make sure it does not appear in /proc/self/tasks/ | 133 // Stop |thread| and make sure it does not appear in /proc/self/tasks/ |
133 // anymore. | 134 // anymore. |
134 void StopThreadAndEnsureNotCounted(base::Thread* thread) const; | 135 void StopThreadAndEnsureNotCounted(base::Thread* thread) const; |
135 | 136 |
136 // A file descriptor to /proc. It's dangerous to have it around as it could | 137 // A file descriptor to /proc. It's dangerous to have it around as it could |
137 // allow for sandbox bypasses. It needs to be closed before we consider | 138 // allow for sandbox bypasses. It needs to be closed before we consider |
138 // ourselves sandboxed. | 139 // ourselves sandboxed. |
139 int proc_fd_; | 140 int proc_fd_; |
140 bool seccomp_bpf_started_; | 141 bool seccomp_bpf_started_; |
141 // The value returned by GetStatus(). Gets computed once and then cached. | 142 // The value returned by GetStatus(). Gets computed once and then cached. |
142 int sandbox_status_flags_; | 143 int sandbox_status_flags_; |
143 // Did PreinitializeSandbox() run? | 144 // Did PreinitializeSandbox() run? |
144 bool pre_initialized_; | 145 bool pre_initialized_; |
145 bool seccomp_bpf_supported_; // Accurate if pre_initialized_. | 146 bool seccomp_bpf_supported_; // Accurate if pre_initialized_. |
| 147 bool seccomp_bpf_with_tsync_supported_; // Accurate if pre_initialized_. |
146 bool yama_is_enforcing_; // Accurate if pre_initialized_. | 148 bool yama_is_enforcing_; // Accurate if pre_initialized_. |
147 bool initialize_sandbox_ran_; // InitializeSandbox() was called. | 149 bool initialize_sandbox_ran_; // InitializeSandbox() was called. |
148 scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_; | 150 scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_; |
149 #if defined(ANY_OF_AMTLU_SANITIZER) | 151 #if defined(ANY_OF_AMTLU_SANITIZER) |
150 scoped_ptr<__sanitizer_sandbox_arguments> sanitizer_args_; | 152 scoped_ptr<__sanitizer_sandbox_arguments> sanitizer_args_; |
151 #endif | 153 #endif |
152 | 154 |
153 DISALLOW_COPY_AND_ASSIGN(LinuxSandbox); | 155 DISALLOW_COPY_AND_ASSIGN(LinuxSandbox); |
154 }; | 156 }; |
155 | 157 |
156 } // namespace content | 158 } // namespace content |
157 | 159 |
158 #endif // CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ | 160 #endif // CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ |
OLD | NEW |