content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc - Issue 775943004: [Android] Get renderers working again under seccomp-bpf.

Side by Side Diff: content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc

Issue 775943004: [Android] Get renderers working again under seccomp-bpf. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Alternate approach Created 6 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « no previous file | sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc » ('j') | sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.h "	5 #include "content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.h "

6	6

7 #include <sys/syscall.h>	7 #include <sys/syscall.h>

8 #include <sys/types.h>	8 #include <sys/types.h>

9	9

10 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"	10 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"

11	11

12 using sandbox::bpf_dsl::Allow;	12 using sandbox::bpf_dsl::Allow;

13 using sandbox::bpf_dsl::ResultExpr;	13 using sandbox::bpf_dsl::ResultExpr;

14	14

15 namespace content {	15 namespace content {

16	16

17 SandboxBPFBasePolicyAndroid::SandboxBPFBasePolicyAndroid()	17 SandboxBPFBasePolicyAndroid::SandboxBPFBasePolicyAndroid()

18 : SandboxBPFBasePolicy() {}	18 : SandboxBPFBasePolicy() {}

19	19

20 SandboxBPFBasePolicyAndroid::~SandboxBPFBasePolicyAndroid() {}	20 SandboxBPFBasePolicyAndroid::~SandboxBPFBasePolicyAndroid() {}

21	21

22 ResultExpr SandboxBPFBasePolicyAndroid::EvaluateSyscall(int sysno) const {	22 ResultExpr SandboxBPFBasePolicyAndroid::EvaluateSyscall(int sysno) const {

23 bool override_and_allow = false;	23 bool override_and_allow = false;

24	24

25 switch (sysno) {	25 switch (sysno) {

26 // TODO(rsesek): restrict clone parameters.	26 // TODO(rsesek): restrict clone parameters.

27 case __NR_clone:	27 case __NR_clone:

28 case __NR_epoll_pwait:	28 case __NR_epoll_pwait:

29 case __NR_flock:	29 case __NR_flock:

	30 #if defined(__x86_64__) \|\| defined(__aarch64__)

	31 case __NR_newfstatat:

	32 #elif defined(__i386__) \|\| defined(__arm__) \|\| defined(__mips__)

	33 case __NR_fstatat64:

	34 #endif

30 case __NR_getpriority:	35 case __NR_getpriority:

31 case __NR_ioctl:	36 case __NR_ioctl:

32 case __NR_mremap:	37 case __NR_mremap:

33 // File system access cannot be restricted with seccomp-bpf on Android,	38 // File system access cannot be restricted with seccomp-bpf on Android,

34 // since the JVM classloader and other Framework features require file	39 // since the JVM classloader and other Framework features require file

35 // access. It may be possible to restrict the filesystem with SELinux.	40 // access. It may be possible to restrict the filesystem with SELinux.

36 // Currently we rely on the app/service UID isolation to create a	41 // Currently we rely on the app/service UID isolation to create a

37 // filesystem "sandbox".	42 // filesystem "sandbox".

38 #if !ARCH_CPU_ARM64	43 #if !ARCH_CPU_ARM64
	jln (very slow on Chromium) 2014/12/04 01:35:38 Do you mind fixing this (to #if !defined()) as dri Do you mind fixing this (to #if !defined()) as drive-by? Robert Sesek 2014/12/04 17:56:59 Done. Show quoted text On 2014/12/04 01:35:38, jln wrote: > Do you mind fixing this (to #if !defined()) as drive-by? Done.
39 case __NR_open:	44 case __NR_open:

40 #endif	45 #endif

41 case __NR_openat:	46 case __NR_openat:

42 case __NR_pread64:	47 case __NR_pread64:

43 case __NR_rt_sigtimedwait:	48 case __NR_rt_sigtimedwait:

44 case __NR_setpriority:	49 case __NR_setpriority:

	50 case __NR_set_tid_address:

45 case __NR_sigaltstack:	51 case __NR_sigaltstack:

46 #if defined(__i386__) \|\| defined(__arm__)	52 #if defined(__i386__) \|\| defined(__arm__)

47 case __NR_ugetrlimit:	53 case __NR_ugetrlimit:

48 #else	54 #else

49 case __NR_getrlimit:	55 case __NR_getrlimit:

50 #endif	56 #endif

51 case __NR_uname:	57 case __NR_uname:

52 override_and_allow = true;	58 override_and_allow = true;

53 break;	59 break;

54 }	60 }

55	61

56 if (override_and_allow)	62 if (override_and_allow)

57 return Allow();	63 return Allow();

58	64

59 return SandboxBPFBasePolicy::EvaluateSyscall(sysno);	65 return SandboxBPFBasePolicy::EvaluateSyscall(sysno);

60 }	66 }

61	67

62 } // namespace content	68 } // namespace content

OLD	NEW