OLD | NEW |
---|---|
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h" | 5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h" |
6 | 6 |
7 #include <dlfcn.h> | 7 #include <dlfcn.h> |
8 #include <errno.h> | 8 #include <errno.h> |
9 #include <fcntl.h> | 9 #include <fcntl.h> |
10 #include <sys/socket.h> | 10 #include <sys/socket.h> |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
87 return !command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode) || | 87 return !command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode) || |
88 accelerated_encode_enabled; | 88 accelerated_encode_enabled; |
89 } | 89 } |
90 | 90 |
91 intptr_t GpuSIGSYS_Handler(const struct arch_seccomp_data& args, | 91 intptr_t GpuSIGSYS_Handler(const struct arch_seccomp_data& args, |
92 void* aux_broker_process) { | 92 void* aux_broker_process) { |
93 RAW_CHECK(aux_broker_process); | 93 RAW_CHECK(aux_broker_process); |
94 BrokerProcess* broker_process = | 94 BrokerProcess* broker_process = |
95 static_cast<BrokerProcess*>(aux_broker_process); | 95 static_cast<BrokerProcess*>(aux_broker_process); |
96 switch (args.nr) { | 96 switch (args.nr) { |
97 #if !defined(__aarch64__) | |
97 case __NR_access: | 98 case __NR_access: |
98 return broker_process->Access(reinterpret_cast<const char*>(args.args[0]), | 99 return broker_process->Access(reinterpret_cast<const char*>(args.args[0]), |
99 static_cast<int>(args.args[1])); | 100 static_cast<int>(args.args[1])); |
100 case __NR_open: | 101 case __NR_open: |
101 #if defined(MEMORY_SANITIZER) | 102 #if defined(MEMORY_SANITIZER) |
102 // http://crbug.com/372840 | 103 // http://crbug.com/372840 |
103 __msan_unpoison_string(reinterpret_cast<const char*>(args.args[0])); | 104 __msan_unpoison_string(reinterpret_cast<const char*>(args.args[0])); |
104 #endif | 105 #endif |
105 return broker_process->Open(reinterpret_cast<const char*>(args.args[0]), | 106 return broker_process->Open(reinterpret_cast<const char*>(args.args[0]), |
106 static_cast<int>(args.args[1])); | 107 static_cast<int>(args.args[1])); |
108 #endif // !defined(__aarch64__) | |
107 case __NR_openat: | 109 case __NR_openat: |
108 // Allow using openat() as open(). | 110 // Allow using openat() as open(). |
109 if (static_cast<int>(args.args[0]) == AT_FDCWD) { | 111 if (static_cast<int>(args.args[0]) == AT_FDCWD) { |
110 return | 112 return |
111 broker_process->Open(reinterpret_cast<const char*>(args.args[1]), | 113 broker_process->Open(reinterpret_cast<const char*>(args.args[1]), |
112 static_cast<int>(args.args[2])); | 114 static_cast<int>(args.args[2])); |
113 } else { | 115 } else { |
114 return -EPERM; | 116 return -EPERM; |
115 } | 117 } |
116 default: | 118 default: |
(...skipping 14 matching lines...) Expand all Loading... | |
131 private: | 133 private: |
132 GpuBrokerProcessPolicy() {} | 134 GpuBrokerProcessPolicy() {} |
133 DISALLOW_COPY_AND_ASSIGN(GpuBrokerProcessPolicy); | 135 DISALLOW_COPY_AND_ASSIGN(GpuBrokerProcessPolicy); |
134 }; | 136 }; |
135 | 137 |
136 // x86_64/i386 or desktop ARM. | 138 // x86_64/i386 or desktop ARM. |
137 // A GPU broker policy is the same as a GPU policy with open and | 139 // A GPU broker policy is the same as a GPU policy with open and |
138 // openat allowed. | 140 // openat allowed. |
139 ResultExpr GpuBrokerProcessPolicy::EvaluateSyscall(int sysno) const { | 141 ResultExpr GpuBrokerProcessPolicy::EvaluateSyscall(int sysno) const { |
140 switch (sysno) { | 142 switch (sysno) { |
143 #if !defined(__aarch64__) | |
141 case __NR_access: | 144 case __NR_access: |
142 case __NR_open: | 145 case __NR_open: |
146 #endif // !defined(__aarch64__) | |
143 case __NR_openat: | 147 case __NR_openat: |
144 return Allow(); | 148 return Allow(); |
145 default: | 149 default: |
146 return GpuProcessPolicy::EvaluateSyscall(sysno); | 150 return GpuProcessPolicy::EvaluateSyscall(sysno); |
147 } | 151 } |
148 } | 152 } |
149 | 153 |
150 void UpdateProcessTypeToGpuBroker() { | 154 void UpdateProcessTypeToGpuBroker() { |
151 base::CommandLine::StringVector exec = | 155 base::CommandLine::StringVector exec = |
152 base::CommandLine::ForCurrentProcess()->GetArgs(); | 156 base::CommandLine::ForCurrentProcess()->GetArgs(); |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
185 ResultExpr GpuProcessPolicy::EvaluateSyscall(int sysno) const { | 189 ResultExpr GpuProcessPolicy::EvaluateSyscall(int sysno) const { |
186 switch (sysno) { | 190 switch (sysno) { |
187 case __NR_ioctl: | 191 case __NR_ioctl: |
188 return Allow(); | 192 return Allow(); |
189 case __NR_mincore: | 193 case __NR_mincore: |
190 if (allow_mincore_) { | 194 if (allow_mincore_) { |
191 return Allow(); | 195 return Allow(); |
192 } else { | 196 } else { |
193 return SandboxBPFBasePolicy::EvaluateSyscall(sysno); | 197 return SandboxBPFBasePolicy::EvaluateSyscall(sysno); |
194 } | 198 } |
195 #if defined(__i386__) || defined(__x86_64__) || defined(__mips__) | 199 #if defined(__i386__) || defined(__x86_64__) || defined(__mips__) \ |
200 || defined(__aarch64__) | |
mdempsky
2014/12/07 03:46:40
Is this actually required? The comment suggests t
cometzero
2014/12/07 06:47:38
You're right. I'll remove this inclusion on aarch6
| |
196 // The Nvidia driver uses flags not in the baseline policy | 201 // The Nvidia driver uses flags not in the baseline policy |
197 // (MAP_LOCKED | MAP_EXECUTABLE | MAP_32BIT) | 202 // (MAP_LOCKED | MAP_EXECUTABLE | MAP_32BIT) |
198 case __NR_mmap: | 203 case __NR_mmap: |
199 #endif | 204 #endif |
200 // We also hit this on the linux_chromeos bot but don't yet know what | 205 // We also hit this on the linux_chromeos bot but don't yet know what |
201 // weird flags were involved. | 206 // weird flags were involved. |
202 case __NR_mprotect: | 207 case __NR_mprotect: |
203 // TODO(jln): restrict prctl. | 208 // TODO(jln): restrict prctl. |
204 case __NR_prctl: | 209 case __NR_prctl: |
205 return Allow(); | 210 return Allow(); |
211 #if !defined(__aarch64__) | |
206 case __NR_access: | 212 case __NR_access: |
207 case __NR_open: | 213 case __NR_open: |
214 #endif // !defined(__aarch64__) | |
208 case __NR_openat: | 215 case __NR_openat: |
209 DCHECK(broker_process_); | 216 DCHECK(broker_process_); |
210 return Trap(GpuSIGSYS_Handler, broker_process_); | 217 return Trap(GpuSIGSYS_Handler, broker_process_); |
211 case __NR_setpriority: | 218 case __NR_setpriority: |
212 return sandbox::RestrictGetSetpriority(GetPolicyPid()); | 219 return sandbox::RestrictGetSetpriority(GetPolicyPid()); |
213 case __NR_sched_getaffinity: | 220 case __NR_sched_getaffinity: |
214 case __NR_sched_setaffinity: | 221 case __NR_sched_setaffinity: |
215 return sandbox::RestrictSchedTarget(GetPolicyPid(), sysno); | 222 return sandbox::RestrictSchedTarget(GetPolicyPid(), sysno); |
216 default: | 223 default: |
217 if (SyscallSets::IsEventFd(sysno)) | 224 if (SyscallSets::IsEventFd(sysno)) |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
275 } | 282 } |
276 | 283 |
277 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), permissions); | 284 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), permissions); |
278 // The initialization callback will perform generic initialization and then | 285 // The initialization callback will perform generic initialization and then |
279 // call broker_sandboxer_callback. | 286 // call broker_sandboxer_callback. |
280 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox, | 287 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox, |
281 broker_sandboxer_allocator))); | 288 broker_sandboxer_allocator))); |
282 } | 289 } |
283 | 290 |
284 } // namespace content | 291 } // namespace content |
OLD | NEW |