Chromium Code Reviews Chromium Code Reviews
Issue 784733002:
content: bpf: exclude the syscalls if arm64 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h" | 5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h" |
| 6 | 6 |
| 7 #include <dlfcn.h> | 7 #include <dlfcn.h> |
| 8 #include <errno.h> | 8 #include <errno.h> |
| 9 #include <fcntl.h> | 9 #include <fcntl.h> |
| 10 #include <sys/socket.h> | 10 #include <sys/socket.h> |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 87 return !command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode) || | 87 return !command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode) || |
| 88 accelerated_encode_enabled; | 88 accelerated_encode_enabled; |
| 89 } | 89 } |
| 90 | 90 |
| 91 intptr_t GpuSIGSYS_Handler(const struct arch_seccomp_data& args, | 91 intptr_t GpuSIGSYS_Handler(const struct arch_seccomp_data& args, |
| 92 void* aux_broker_process) { | 92 void* aux_broker_process) { |
| 93 RAW_CHECK(aux_broker_process); | 93 RAW_CHECK(aux_broker_process); |
| 94 BrokerProcess* broker_process = | 94 BrokerProcess* broker_process = |
| 95 static_cast<BrokerProcess*>(aux_broker_process); | 95 static_cast<BrokerProcess*>(aux_broker_process); |
| 96 switch (args.nr) { | 96 switch (args.nr) { |
| 97 #if !defined(__aarch64__) | |
| 97 case __NR_access: | 98 case __NR_access: |
| 98 return broker_process->Access(reinterpret_cast<const char*>(args.args[0]), | 99 return broker_process->Access(reinterpret_cast<const char*>(args.args[0]), |
| 99 static_cast<int>(args.args[1])); | 100 static_cast<int>(args.args[1])); |
| 100 case __NR_open: | 101 case __NR_open: |
| 101 #if defined(MEMORY_SANITIZER) | 102 #if defined(MEMORY_SANITIZER) |
| 102 // http://crbug.com/372840 | 103 // http://crbug.com/372840 |
| 103 __msan_unpoison_string(reinterpret_cast<const char*>(args.args[0])); | 104 __msan_unpoison_string(reinterpret_cast<const char*>(args.args[0])); |
| 104 #endif | 105 #endif |
| 105 return broker_process->Open(reinterpret_cast<const char*>(args.args[0]), | 106 return broker_process->Open(reinterpret_cast<const char*>(args.args[0]), |
| 106 static_cast<int>(args.args[1])); | 107 static_cast<int>(args.args[1])); |
| 108 #endif // !defined(__aarch64__) | |
| 107 case __NR_openat: | 109 case __NR_openat: |
| 108 // Allow using openat() as open(). | 110 // Allow using openat() as open(). |
| 109 if (static_cast<int>(args.args[0]) == AT_FDCWD) { | 111 if (static_cast<int>(args.args[0]) == AT_FDCWD) { |
| 110 return | 112 return |
| 111 broker_process->Open(reinterpret_cast<const char*>(args.args[1]), | 113 broker_process->Open(reinterpret_cast<const char*>(args.args[1]), |
| 112 static_cast<int>(args.args[2])); | 114 static_cast<int>(args.args[2])); |
| 113 } else { | 115 } else { |
| 114 return -EPERM; | 116 return -EPERM; |
| 115 } | 117 } |
| 116 default: | 118 default: |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 131 private: | 133 private: |
| 132 GpuBrokerProcessPolicy() {} | 134 GpuBrokerProcessPolicy() {} |
| 133 DISALLOW_COPY_AND_ASSIGN(GpuBrokerProcessPolicy); | 135 DISALLOW_COPY_AND_ASSIGN(GpuBrokerProcessPolicy); |
| 134 }; | 136 }; |
| 135 | 137 |
| 136 // x86_64/i386 or desktop ARM. | 138 // x86_64/i386 or desktop ARM. |
| 137 // A GPU broker policy is the same as a GPU policy with open and | 139 // A GPU broker policy is the same as a GPU policy with open and |
| 138 // openat allowed. | 140 // openat allowed. |
| 139 ResultExpr GpuBrokerProcessPolicy::EvaluateSyscall(int sysno) const { | 141 ResultExpr GpuBrokerProcessPolicy::EvaluateSyscall(int sysno) const { |
| 140 switch (sysno) { | 142 switch (sysno) { |
| 143 #if !defined(__aarch64__) | |
| 141 case __NR_access: | 144 case __NR_access: |
| 142 case __NR_open: | 145 case __NR_open: |
| 146 #endif // !defined(__aarch64__) | |
| 143 case __NR_openat: | 147 case __NR_openat: |
| 144 return Allow(); | 148 return Allow(); |
| 145 default: | 149 default: |
| 146 return GpuProcessPolicy::EvaluateSyscall(sysno); | 150 return GpuProcessPolicy::EvaluateSyscall(sysno); |
| 147 } | 151 } |
| 148 } | 152 } |
| 149 | 153 |
| 150 void UpdateProcessTypeToGpuBroker() { | 154 void UpdateProcessTypeToGpuBroker() { |
| 151 base::CommandLine::StringVector exec = | 155 base::CommandLine::StringVector exec = |
| 152 base::CommandLine::ForCurrentProcess()->GetArgs(); | 156 base::CommandLine::ForCurrentProcess()->GetArgs(); |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 185 ResultExpr GpuProcessPolicy::EvaluateSyscall(int sysno) const { | 189 ResultExpr GpuProcessPolicy::EvaluateSyscall(int sysno) const { |
| 186 switch (sysno) { | 190 switch (sysno) { |
| 187 case __NR_ioctl: | 191 case __NR_ioctl: |
| 188 return Allow(); | 192 return Allow(); |
| 189 case __NR_mincore: | 193 case __NR_mincore: |
| 190 if (allow_mincore_) { | 194 if (allow_mincore_) { |
| 191 return Allow(); | 195 return Allow(); |
| 192 } else { | 196 } else { |
| 193 return SandboxBPFBasePolicy::EvaluateSyscall(sysno); | 197 return SandboxBPFBasePolicy::EvaluateSyscall(sysno); |
| 194 } | 198 } |
| 195 #if defined(__i386__) || defined(__x86_64__) || defined(__mips__) | 199 #if defined(__i386__) || defined(__x86_64__) || defined(__mips__) \ |
| 200 || defined(__aarch64__) | |
|
mdempsky
2014/12/07 03:46:40
Is this actually required? The comment suggests t
cometzero
2014/12/07 06:47:38
You're right. I'll remove this inclusion on aarch6
| |
| 196 // The Nvidia driver uses flags not in the baseline policy | 201 // The Nvidia driver uses flags not in the baseline policy |
| 197 // (MAP_LOCKED | MAP_EXECUTABLE | MAP_32BIT) | 202 // (MAP_LOCKED | MAP_EXECUTABLE | MAP_32BIT) |
| 198 case __NR_mmap: | 203 case __NR_mmap: |
| 199 #endif | 204 #endif |
| 200 // We also hit this on the linux_chromeos bot but don't yet know what | 205 // We also hit this on the linux_chromeos bot but don't yet know what |
| 201 // weird flags were involved. | 206 // weird flags were involved. |
| 202 case __NR_mprotect: | 207 case __NR_mprotect: |
| 203 // TODO(jln): restrict prctl. | 208 // TODO(jln): restrict prctl. |
| 204 case __NR_prctl: | 209 case __NR_prctl: |
| 205 return Allow(); | 210 return Allow(); |
| 211 #if !defined(__aarch64__) | |
| 206 case __NR_access: | 212 case __NR_access: |
| 207 case __NR_open: | 213 case __NR_open: |
| 214 #endif // !defined(__aarch64__) | |
| 208 case __NR_openat: | 215 case __NR_openat: |
| 209 DCHECK(broker_process_); | 216 DCHECK(broker_process_); |
| 210 return Trap(GpuSIGSYS_Handler, broker_process_); | 217 return Trap(GpuSIGSYS_Handler, broker_process_); |
| 211 case __NR_setpriority: | 218 case __NR_setpriority: |
| 212 return sandbox::RestrictGetSetpriority(GetPolicyPid()); | 219 return sandbox::RestrictGetSetpriority(GetPolicyPid()); |
| 213 case __NR_sched_getaffinity: | 220 case __NR_sched_getaffinity: |
| 214 case __NR_sched_setaffinity: | 221 case __NR_sched_setaffinity: |
| 215 return sandbox::RestrictSchedTarget(GetPolicyPid(), sysno); | 222 return sandbox::RestrictSchedTarget(GetPolicyPid(), sysno); |
| 216 default: | 223 default: |
| 217 if (SyscallSets::IsEventFd(sysno)) | 224 if (SyscallSets::IsEventFd(sysno)) |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 275 } | 282 } |
| 276 | 283 |
| 277 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), permissions); | 284 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), permissions); |
| 278 // The initialization callback will perform generic initialization and then | 285 // The initialization callback will perform generic initialization and then |
| 279 // call broker_sandboxer_callback. | 286 // call broker_sandboxer_callback. |
| 280 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox, | 287 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox, |
| 281 broker_sandboxer_allocator))); | 288 broker_sandboxer_allocator))); |
| 282 } | 289 } |
| 283 | 290 |
| 284 } // namespace content | 291 } // namespace content |
| OLD | NEW |
