| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/bpf_dsl/bpf_dsl.h" | 5 #include "sandbox/linux/bpf_dsl/bpf_dsl.h" |
| 6 | 6 |
| 7 #include <limits> | 7 #include <limits> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
| 11 #include "sandbox/linux/bpf_dsl/bpf_dsl_impl.h" | 11 #include "sandbox/linux/bpf_dsl/bpf_dsl_impl.h" |
| 12 #include "sandbox/linux/bpf_dsl/policy_compiler.h" | 12 #include "sandbox/linux/bpf_dsl/policy_compiler.h" |
| 13 #include "sandbox/linux/seccomp-bpf/die.h" |
| 13 #include "sandbox/linux/seccomp-bpf/errorcode.h" | 14 #include "sandbox/linux/seccomp-bpf/errorcode.h" |
| 14 | 15 |
| 15 namespace sandbox { | 16 namespace sandbox { |
| 16 namespace bpf_dsl { | 17 namespace bpf_dsl { |
| 17 namespace { | 18 namespace { |
| 18 | 19 |
| 20 intptr_t BPFFailure(const struct arch_seccomp_data&, void* aux) { |
| 21 SANDBOX_DIE(static_cast<char*>(aux)); |
| 22 } |
| 23 |
| 19 class AllowResultExprImpl : public internal::ResultExprImpl { | 24 class AllowResultExprImpl : public internal::ResultExprImpl { |
| 20 public: | 25 public: |
| 21 AllowResultExprImpl() {} | 26 AllowResultExprImpl() {} |
| 22 | 27 |
| 23 ErrorCode Compile(PolicyCompiler* pc) const override { | 28 ErrorCode Compile(PolicyCompiler* pc) const override { |
| 24 return ErrorCode(ErrorCode::ERR_ALLOWED); | 29 return ErrorCode(ErrorCode::ERR_ALLOWED); |
| 25 } | 30 } |
| 26 | 31 |
| 32 bool IsAllow() const override { return true; } |
| 33 |
| 27 private: | 34 private: |
| 28 ~AllowResultExprImpl() override {} | 35 ~AllowResultExprImpl() override {} |
| 29 | 36 |
| 30 DISALLOW_COPY_AND_ASSIGN(AllowResultExprImpl); | 37 DISALLOW_COPY_AND_ASSIGN(AllowResultExprImpl); |
| 31 }; | 38 }; |
| 32 | 39 |
| 33 class ErrorResultExprImpl : public internal::ResultExprImpl { | 40 class ErrorResultExprImpl : public internal::ResultExprImpl { |
| 34 public: | 41 public: |
| 35 explicit ErrorResultExprImpl(int err) : err_(err) { | 42 explicit ErrorResultExprImpl(int err) : err_(err) { |
| 36 CHECK(err_ >= ErrorCode::ERR_MIN_ERRNO && err_ <= ErrorCode::ERR_MAX_ERRNO); | 43 CHECK(err_ >= ErrorCode::ERR_MIN_ERRNO && err_ <= ErrorCode::ERR_MAX_ERRNO); |
| 37 } | 44 } |
| 38 | 45 |
| 39 ErrorCode Compile(PolicyCompiler* pc) const override { | 46 ErrorCode Compile(PolicyCompiler* pc) const override { |
| 40 return pc->Error(err_); | 47 return pc->Error(err_); |
| 41 } | 48 } |
| 42 | 49 |
| 50 bool IsDeny() const override { return true; } |
| 51 |
| 43 private: | 52 private: |
| 44 ~ErrorResultExprImpl() override {} | 53 ~ErrorResultExprImpl() override {} |
| 45 | 54 |
| 46 int err_; | 55 int err_; |
| 47 | 56 |
| 48 DISALLOW_COPY_AND_ASSIGN(ErrorResultExprImpl); | 57 DISALLOW_COPY_AND_ASSIGN(ErrorResultExprImpl); |
| 49 }; | 58 }; |
| 50 | 59 |
| 51 class KillResultExprImpl : public internal::ResultExprImpl { | |
| 52 public: | |
| 53 explicit KillResultExprImpl(const char* msg) : msg_(msg) { DCHECK(msg_); } | |
| 54 | |
| 55 ErrorCode Compile(PolicyCompiler* pc) const override { | |
| 56 return pc->Kill(msg_); | |
| 57 } | |
| 58 | |
| 59 private: | |
| 60 ~KillResultExprImpl() override {} | |
| 61 | |
| 62 const char* msg_; | |
| 63 | |
| 64 DISALLOW_COPY_AND_ASSIGN(KillResultExprImpl); | |
| 65 }; | |
| 66 | |
| 67 class TraceResultExprImpl : public internal::ResultExprImpl { | 60 class TraceResultExprImpl : public internal::ResultExprImpl { |
| 68 public: | 61 public: |
| 69 TraceResultExprImpl(uint16_t aux) : aux_(aux) {} | 62 TraceResultExprImpl(uint16_t aux) : aux_(aux) {} |
| 70 | 63 |
| 71 ErrorCode Compile(PolicyCompiler* pc) const override { | 64 ErrorCode Compile(PolicyCompiler* pc) const override { |
| 72 return ErrorCode(ErrorCode::ERR_TRACE + aux_); | 65 return ErrorCode(ErrorCode::ERR_TRACE + aux_); |
| 73 } | 66 } |
| 74 | 67 |
| 75 private: | 68 private: |
| 76 ~TraceResultExprImpl() override {} | 69 ~TraceResultExprImpl() override {} |
| 77 | 70 |
| 78 uint16_t aux_; | 71 uint16_t aux_; |
| 79 | 72 |
| 80 DISALLOW_COPY_AND_ASSIGN(TraceResultExprImpl); | 73 DISALLOW_COPY_AND_ASSIGN(TraceResultExprImpl); |
| 81 }; | 74 }; |
| 82 | 75 |
| 83 class TrapResultExprImpl : public internal::ResultExprImpl { | 76 class TrapResultExprImpl : public internal::ResultExprImpl { |
| 84 public: | 77 public: |
| 85 TrapResultExprImpl(TrapRegistry::TrapFnc func, const void* arg) | 78 TrapResultExprImpl(TrapRegistry::TrapFnc func, const void* arg, bool safe) |
| 86 : func_(func), arg_(arg) { | 79 : func_(func), arg_(arg), safe_(safe) { |
| 87 DCHECK(func_); | 80 DCHECK(func_); |
| 88 } | 81 } |
| 89 | 82 |
| 90 ErrorCode Compile(PolicyCompiler* pc) const override { | 83 ErrorCode Compile(PolicyCompiler* pc) const override { |
| 91 return pc->Trap(func_, arg_); | 84 return pc->Trap(func_, arg_, safe_); |
| 92 } | 85 } |
| 93 | 86 |
| 87 bool HasUnsafeTraps() const override { return safe_ == false; } |
| 88 |
| 89 bool IsDeny() const override { return true; } |
| 90 |
| 94 private: | 91 private: |
| 95 ~TrapResultExprImpl() override {} | 92 ~TrapResultExprImpl() override {} |
| 96 | 93 |
| 97 TrapRegistry::TrapFnc func_; | 94 TrapRegistry::TrapFnc func_; |
| 98 const void* arg_; | 95 const void* arg_; |
| 96 bool safe_; |
| 99 | 97 |
| 100 DISALLOW_COPY_AND_ASSIGN(TrapResultExprImpl); | 98 DISALLOW_COPY_AND_ASSIGN(TrapResultExprImpl); |
| 101 }; | 99 }; |
| 102 | 100 |
| 103 class UnsafeTrapResultExprImpl : public internal::ResultExprImpl { | |
| 104 public: | |
| 105 UnsafeTrapResultExprImpl(TrapRegistry::TrapFnc func, const void* arg) | |
| 106 : func_(func), arg_(arg) { | |
| 107 DCHECK(func_); | |
| 108 } | |
| 109 | |
| 110 ErrorCode Compile(PolicyCompiler* pc) const override { | |
| 111 return pc->UnsafeTrap(func_, arg_); | |
| 112 } | |
| 113 | |
| 114 bool HasUnsafeTraps() const override { return true; } | |
| 115 | |
| 116 private: | |
| 117 ~UnsafeTrapResultExprImpl() override {} | |
| 118 | |
| 119 TrapRegistry::TrapFnc func_; | |
| 120 const void* arg_; | |
| 121 | |
| 122 DISALLOW_COPY_AND_ASSIGN(UnsafeTrapResultExprImpl); | |
| 123 }; | |
| 124 | |
| 125 class IfThenResultExprImpl : public internal::ResultExprImpl { | 101 class IfThenResultExprImpl : public internal::ResultExprImpl { |
| 126 public: | 102 public: |
| 127 IfThenResultExprImpl(const BoolExpr& cond, | 103 IfThenResultExprImpl(const BoolExpr& cond, |
| 128 const ResultExpr& then_result, | 104 const ResultExpr& then_result, |
| 129 const ResultExpr& else_result) | 105 const ResultExpr& else_result) |
| 130 : cond_(cond), then_result_(then_result), else_result_(else_result) {} | 106 : cond_(cond), then_result_(then_result), else_result_(else_result) {} |
| 131 | 107 |
| 132 ErrorCode Compile(PolicyCompiler* pc) const override { | 108 ErrorCode Compile(PolicyCompiler* pc) const override { |
| 133 return cond_->Compile( | 109 return cond_->Compile( |
| 134 pc, then_result_->Compile(pc), else_result_->Compile(pc)); | 110 pc, then_result_->Compile(pc), else_result_->Compile(pc)); |
| (...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 251 }; | 227 }; |
| 252 | 228 |
| 253 } // namespace | 229 } // namespace |
| 254 | 230 |
| 255 namespace internal { | 231 namespace internal { |
| 256 | 232 |
| 257 bool ResultExprImpl::HasUnsafeTraps() const { | 233 bool ResultExprImpl::HasUnsafeTraps() const { |
| 258 return false; | 234 return false; |
| 259 } | 235 } |
| 260 | 236 |
| 237 bool ResultExprImpl::IsAllow() const { |
| 238 return false; |
| 239 } |
| 240 |
| 241 bool ResultExprImpl::IsDeny() const { |
| 242 return false; |
| 243 } |
| 244 |
| 261 uint64_t DefaultMask(size_t size) { | 245 uint64_t DefaultMask(size_t size) { |
| 262 switch (size) { | 246 switch (size) { |
| 263 case 4: | 247 case 4: |
| 264 return std::numeric_limits<uint32_t>::max(); | 248 return std::numeric_limits<uint32_t>::max(); |
| 265 case 8: | 249 case 8: |
| 266 return std::numeric_limits<uint64_t>::max(); | 250 return std::numeric_limits<uint64_t>::max(); |
| 267 default: | 251 default: |
| 268 CHECK(false) << "Unimplemented DefaultMask case"; | 252 CHECK(false) << "Unimplemented DefaultMask case"; |
| 269 return 0; | 253 return 0; |
| 270 } | 254 } |
| (...skipping 13 matching lines...) Expand all Loading... |
| 284 | 268 |
| 285 ResultExpr Allow() { | 269 ResultExpr Allow() { |
| 286 return ResultExpr(new const AllowResultExprImpl()); | 270 return ResultExpr(new const AllowResultExprImpl()); |
| 287 } | 271 } |
| 288 | 272 |
| 289 ResultExpr Error(int err) { | 273 ResultExpr Error(int err) { |
| 290 return ResultExpr(new const ErrorResultExprImpl(err)); | 274 return ResultExpr(new const ErrorResultExprImpl(err)); |
| 291 } | 275 } |
| 292 | 276 |
| 293 ResultExpr Kill(const char* msg) { | 277 ResultExpr Kill(const char* msg) { |
| 294 return ResultExpr(new const KillResultExprImpl(msg)); | 278 return Trap(BPFFailure, msg); |
| 295 } | 279 } |
| 296 | 280 |
| 297 ResultExpr Trace(uint16_t aux) { | 281 ResultExpr Trace(uint16_t aux) { |
| 298 return ResultExpr(new const TraceResultExprImpl(aux)); | 282 return ResultExpr(new const TraceResultExprImpl(aux)); |
| 299 } | 283 } |
| 300 | 284 |
| 301 ResultExpr Trap(TrapRegistry::TrapFnc trap_func, const void* aux) { | 285 ResultExpr Trap(TrapRegistry::TrapFnc trap_func, const void* aux) { |
| 302 return ResultExpr(new const TrapResultExprImpl(trap_func, aux)); | 286 return ResultExpr( |
| 287 new const TrapResultExprImpl(trap_func, aux, true /* safe */)); |
| 303 } | 288 } |
| 304 | 289 |
| 305 ResultExpr UnsafeTrap(TrapRegistry::TrapFnc trap_func, const void* aux) { | 290 ResultExpr UnsafeTrap(TrapRegistry::TrapFnc trap_func, const void* aux) { |
| 306 return ResultExpr(new const UnsafeTrapResultExprImpl(trap_func, aux)); | 291 return ResultExpr( |
| 292 new const TrapResultExprImpl(trap_func, aux, false /* unsafe */)); |
| 307 } | 293 } |
| 308 | 294 |
| 309 BoolExpr BoolConst(bool value) { | 295 BoolExpr BoolConst(bool value) { |
| 310 return BoolExpr(new const ConstBoolExprImpl(value)); | 296 return BoolExpr(new const ConstBoolExprImpl(value)); |
| 311 } | 297 } |
| 312 | 298 |
| 313 BoolExpr operator!(const BoolExpr& cond) { | 299 BoolExpr operator!(const BoolExpr& cond) { |
| 314 return BoolExpr(new const NegateBoolExprImpl(cond)); | 300 return BoolExpr(new const NegateBoolExprImpl(cond)); |
| 315 } | 301 } |
| 316 | 302 |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 368 new const IfThenResultExprImpl(clause.first, clause.second, expr)); | 354 new const IfThenResultExprImpl(clause.first, clause.second, expr)); |
| 369 } | 355 } |
| 370 return expr; | 356 return expr; |
| 371 } | 357 } |
| 372 | 358 |
| 373 } // namespace bpf_dsl | 359 } // namespace bpf_dsl |
| 374 } // namespace sandbox | 360 } // namespace sandbox |
| 375 | 361 |
| 376 template class scoped_refptr<const sandbox::bpf_dsl::internal::BoolExprImpl>; | 362 template class scoped_refptr<const sandbox::bpf_dsl::internal::BoolExprImpl>; |
| 377 template class scoped_refptr<const sandbox::bpf_dsl::internal::ResultExprImpl>; | 363 template class scoped_refptr<const sandbox::bpf_dsl::internal::ResultExprImpl>; |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 761903003:
Update from https://crrev.com/306655 (Closed)
Base URL: git@github.com:domokit/mojo.git@master