| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" | 5 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <sys/socket.h> | 9 #include <sys/socket.h> |
| 10 #include <sys/stat.h> | 10 #include <sys/stat.h> |
| (...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 151 base::ScopedFD proc_task_fd) { | 151 base::ScopedFD proc_task_fd) { |
| 152 // Starting the sandbox is a one-way operation. The kernel doesn't allow | 152 // Starting the sandbox is a one-way operation. The kernel doesn't allow |
| 153 // us to unload a sandbox policy after it has been started. Nonetheless, | 153 // us to unload a sandbox policy after it has been started. Nonetheless, |
| 154 // in order to make the use of the "Sandbox" object easier, we allow for | 154 // in order to make the use of the "Sandbox" object easier, we allow for |
| 155 // the object to be destroyed after the sandbox has been started. Note that | 155 // the object to be destroyed after the sandbox has been started. Note that |
| 156 // doing so does not stop the sandbox. | 156 // doing so does not stop the sandbox. |
| 157 SandboxBPF sandbox; | 157 SandboxBPF sandbox; |
| 158 sandbox.SetSandboxPolicy(policy); | 158 sandbox.SetSandboxPolicy(policy); |
| 159 | 159 |
| 160 sandbox.set_proc_task_fd(proc_task_fd.release()); | 160 sandbox.set_proc_task_fd(proc_task_fd.release()); |
| 161 CHECK(sandbox.StartSandbox(SandboxBPF::PROCESS_SINGLE_THREADED)); | 161 CHECK(sandbox.StartSandbox(SandboxBPF::SeccompLevel::SINGLE_THREADED)); |
| 162 } | 162 } |
| 163 | 163 |
| 164 // nacl_helper needs to be tiny and includes only part of content/ | 164 // nacl_helper needs to be tiny and includes only part of content/ |
| 165 // in its dependencies. Make sure to not link things that are not needed. | 165 // in its dependencies. Make sure to not link things that are not needed. |
| 166 #if !defined(IN_NACL_HELPER) | 166 #if !defined(IN_NACL_HELPER) |
| 167 scoped_ptr<SandboxBPFBasePolicy> GetGpuProcessSandbox() { | 167 scoped_ptr<SandboxBPFBasePolicy> GetGpuProcessSandbox() { |
| 168 const base::CommandLine& command_line = | 168 const base::CommandLine& command_line = |
| 169 *base::CommandLine::ForCurrentProcess(); | 169 *base::CommandLine::ForCurrentProcess(); |
| 170 bool allow_sysv_shm = false; | 170 bool allow_sysv_shm = false; |
| 171 if (command_line.HasSwitch(switches::kGpuSandboxAllowSysVShm)) { | 171 if (command_line.HasSwitch(switches::kGpuSandboxAllowSysVShm)) { |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 246 if (process_type == switches::kGpuProcess) | 246 if (process_type == switches::kGpuProcess) |
| 247 return !command_line.HasSwitch(switches::kDisableGpuSandbox); | 247 return !command_line.HasSwitch(switches::kDisableGpuSandbox); |
| 248 | 248 |
| 249 return true; | 249 return true; |
| 250 #endif // USE_SECCOMP_BPF | 250 #endif // USE_SECCOMP_BPF |
| 251 return false; | 251 return false; |
| 252 } | 252 } |
| 253 | 253 |
| 254 bool SandboxSeccompBPF::SupportsSandbox() { | 254 bool SandboxSeccompBPF::SupportsSandbox() { |
| 255 #if defined(USE_SECCOMP_BPF) | 255 #if defined(USE_SECCOMP_BPF) |
| 256 SandboxBPF::SandboxStatus bpf_sandbox_status = | 256 return SandboxBPF::SupportsSeccompSandbox( |
| 257 SandboxBPF::SupportsSeccompSandbox(); | 257 SandboxBPF::SeccompLevel::SINGLE_THREADED); |
| 258 if (bpf_sandbox_status == SandboxBPF::STATUS_AVAILABLE) { | |
| 259 return true; | |
| 260 } | |
| 261 #endif | 258 #endif |
| 262 return false; | 259 return false; |
| 263 } | 260 } |
| 264 | 261 |
| 265 bool SandboxSeccompBPF::StartSandbox(const std::string& process_type, | 262 bool SandboxSeccompBPF::StartSandbox(const std::string& process_type, |
| 266 base::ScopedFD proc_task_fd) { | 263 base::ScopedFD proc_task_fd) { |
| 267 #if defined(USE_SECCOMP_BPF) | 264 #if defined(USE_SECCOMP_BPF) |
| 268 const base::CommandLine& command_line = | 265 const base::CommandLine& command_line = |
| 269 *base::CommandLine::ForCurrentProcess(); | 266 *base::CommandLine::ForCurrentProcess(); |
| 270 | 267 |
| (...skipping 26 matching lines...) Expand all Loading... |
| 297 | 294 |
| 298 scoped_ptr<sandbox::bpf_dsl::Policy> SandboxSeccompBPF::GetBaselinePolicy() { | 295 scoped_ptr<sandbox::bpf_dsl::Policy> SandboxSeccompBPF::GetBaselinePolicy() { |
| 299 #if defined(USE_SECCOMP_BPF) | 296 #if defined(USE_SECCOMP_BPF) |
| 300 return scoped_ptr<sandbox::bpf_dsl::Policy>(new BaselinePolicy); | 297 return scoped_ptr<sandbox::bpf_dsl::Policy>(new BaselinePolicy); |
| 301 #else | 298 #else |
| 302 return scoped_ptr<sandbox::bpf_dsl::Policy>(); | 299 return scoped_ptr<sandbox::bpf_dsl::Policy>(); |
| 303 #endif // defined(USE_SECCOMP_BPF) | 300 #endif // defined(USE_SECCOMP_BPF) |
| 304 } | 301 } |
| 305 | 302 |
| 306 } // namespace content | 303 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 759473002:
Linux sandbox: change seccomp detection and initialization. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@refactor_startsandbox