| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h" | 5 #include "content/common/sandbox_linux/bpf_gpu_policy_linux.h" |
| 6 | 6 |
| 7 #include <dlfcn.h> | 7 #include <dlfcn.h> |
| 8 #include <errno.h> | 8 #include <errno.h> |
| 9 #include <fcntl.h> | 9 #include <fcntl.h> |
| 10 #include <sys/socket.h> | 10 #include <sys/socket.h> |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 87 return !command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode) || | 87 return !command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode) || |
| 88 accelerated_encode_enabled; | 88 accelerated_encode_enabled; |
| 89 } | 89 } |
| 90 | 90 |
| 91 intptr_t GpuSIGSYS_Handler(const struct arch_seccomp_data& args, | 91 intptr_t GpuSIGSYS_Handler(const struct arch_seccomp_data& args, |
| 92 void* aux_broker_process) { | 92 void* aux_broker_process) { |
| 93 RAW_CHECK(aux_broker_process); | 93 RAW_CHECK(aux_broker_process); |
| 94 BrokerProcess* broker_process = | 94 BrokerProcess* broker_process = |
| 95 static_cast<BrokerProcess*>(aux_broker_process); | 95 static_cast<BrokerProcess*>(aux_broker_process); |
| 96 switch (args.nr) { | 96 switch (args.nr) { |
| 97 #if !defined(__aarch64__) |
| 97 case __NR_access: | 98 case __NR_access: |
| 98 return broker_process->Access(reinterpret_cast<const char*>(args.args[0]), | 99 return broker_process->Access(reinterpret_cast<const char*>(args.args[0]), |
| 99 static_cast<int>(args.args[1])); | 100 static_cast<int>(args.args[1])); |
| 100 case __NR_open: | 101 case __NR_open: |
| 101 #if defined(MEMORY_SANITIZER) | 102 #if defined(MEMORY_SANITIZER) |
| 102 // http://crbug.com/372840 | 103 // http://crbug.com/372840 |
| 103 __msan_unpoison_string(reinterpret_cast<const char*>(args.args[0])); | 104 __msan_unpoison_string(reinterpret_cast<const char*>(args.args[0])); |
| 104 #endif | 105 #endif |
| 105 return broker_process->Open(reinterpret_cast<const char*>(args.args[0]), | 106 return broker_process->Open(reinterpret_cast<const char*>(args.args[0]), |
| 106 static_cast<int>(args.args[1])); | 107 static_cast<int>(args.args[1])); |
| 108 #endif // !defined(__aarch64__) |
| 109 case __NR_faccessat: |
| 110 if (static_cast<int>(args.args[0]) == AT_FDCWD) { |
| 111 return |
| 112 broker_process->Access(reinterpret_cast<const char*>(args.args[1]), |
| 113 static_cast<int>(args.args[2])); |
| 114 } else { |
| 115 return -EPERM; |
| 116 } |
| 107 case __NR_openat: | 117 case __NR_openat: |
| 108 // Allow using openat() as open(). | 118 // Allow using openat() as open(). |
| 109 if (static_cast<int>(args.args[0]) == AT_FDCWD) { | 119 if (static_cast<int>(args.args[0]) == AT_FDCWD) { |
| 110 return | 120 return |
| 111 broker_process->Open(reinterpret_cast<const char*>(args.args[1]), | 121 broker_process->Open(reinterpret_cast<const char*>(args.args[1]), |
| 112 static_cast<int>(args.args[2])); | 122 static_cast<int>(args.args[2])); |
| 113 } else { | 123 } else { |
| 114 return -EPERM; | 124 return -EPERM; |
| 115 } | 125 } |
| 116 default: | 126 default: |
| (...skipping 14 matching lines...) Expand all Loading... |
| 131 private: | 141 private: |
| 132 GpuBrokerProcessPolicy() {} | 142 GpuBrokerProcessPolicy() {} |
| 133 DISALLOW_COPY_AND_ASSIGN(GpuBrokerProcessPolicy); | 143 DISALLOW_COPY_AND_ASSIGN(GpuBrokerProcessPolicy); |
| 134 }; | 144 }; |
| 135 | 145 |
| 136 // x86_64/i386 or desktop ARM. | 146 // x86_64/i386 or desktop ARM. |
| 137 // A GPU broker policy is the same as a GPU policy with open and | 147 // A GPU broker policy is the same as a GPU policy with open and |
| 138 // openat allowed. | 148 // openat allowed. |
| 139 ResultExpr GpuBrokerProcessPolicy::EvaluateSyscall(int sysno) const { | 149 ResultExpr GpuBrokerProcessPolicy::EvaluateSyscall(int sysno) const { |
| 140 switch (sysno) { | 150 switch (sysno) { |
| 151 #if !defined(__aarch64__) |
| 141 case __NR_access: | 152 case __NR_access: |
| 142 case __NR_open: | 153 case __NR_open: |
| 154 #endif // !defined(__aarch64__) |
| 155 case __NR_faccessat: |
| 143 case __NR_openat: | 156 case __NR_openat: |
| 144 return Allow(); | 157 return Allow(); |
| 145 default: | 158 default: |
| 146 return GpuProcessPolicy::EvaluateSyscall(sysno); | 159 return GpuProcessPolicy::EvaluateSyscall(sysno); |
| 147 } | 160 } |
| 148 } | 161 } |
| 149 | 162 |
| 150 void UpdateProcessTypeToGpuBroker() { | 163 void UpdateProcessTypeToGpuBroker() { |
| 151 base::CommandLine::StringVector exec = | 164 base::CommandLine::StringVector exec = |
| 152 base::CommandLine::ForCurrentProcess()->GetArgs(); | 165 base::CommandLine::ForCurrentProcess()->GetArgs(); |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 196 // The Nvidia driver uses flags not in the baseline policy | 209 // The Nvidia driver uses flags not in the baseline policy |
| 197 // (MAP_LOCKED | MAP_EXECUTABLE | MAP_32BIT) | 210 // (MAP_LOCKED | MAP_EXECUTABLE | MAP_32BIT) |
| 198 case __NR_mmap: | 211 case __NR_mmap: |
| 199 #endif | 212 #endif |
| 200 // We also hit this on the linux_chromeos bot but don't yet know what | 213 // We also hit this on the linux_chromeos bot but don't yet know what |
| 201 // weird flags were involved. | 214 // weird flags were involved. |
| 202 case __NR_mprotect: | 215 case __NR_mprotect: |
| 203 // TODO(jln): restrict prctl. | 216 // TODO(jln): restrict prctl. |
| 204 case __NR_prctl: | 217 case __NR_prctl: |
| 205 return Allow(); | 218 return Allow(); |
| 219 #if !defined(__aarch64__) |
| 206 case __NR_access: | 220 case __NR_access: |
| 207 case __NR_open: | 221 case __NR_open: |
| 222 #endif // !defined(__aarch64__) |
| 223 case __NR_faccessat: |
| 208 case __NR_openat: | 224 case __NR_openat: |
| 209 DCHECK(broker_process_); | 225 DCHECK(broker_process_); |
| 210 return Trap(GpuSIGSYS_Handler, broker_process_); | 226 return Trap(GpuSIGSYS_Handler, broker_process_); |
| 211 case __NR_setpriority: | 227 case __NR_setpriority: |
| 212 return sandbox::RestrictGetSetpriority(GetPolicyPid()); | 228 return sandbox::RestrictGetSetpriority(GetPolicyPid()); |
| 213 case __NR_sched_getaffinity: | 229 case __NR_sched_getaffinity: |
| 214 case __NR_sched_setaffinity: | 230 case __NR_sched_setaffinity: |
| 215 return sandbox::RestrictSchedTarget(GetPolicyPid(), sysno); | 231 return sandbox::RestrictSchedTarget(GetPolicyPid(), sysno); |
| 216 default: | 232 default: |
| 217 if (SyscallSets::IsEventFd(sysno)) | 233 if (SyscallSets::IsEventFd(sysno)) |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 275 } | 291 } |
| 276 | 292 |
| 277 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), permissions); | 293 broker_process_ = new BrokerProcess(GetFSDeniedErrno(), permissions); |
| 278 // The initialization callback will perform generic initialization and then | 294 // The initialization callback will perform generic initialization and then |
| 279 // call broker_sandboxer_callback. | 295 // call broker_sandboxer_callback. |
| 280 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox, | 296 CHECK(broker_process_->Init(base::Bind(&UpdateProcessTypeAndEnableSandbox, |
| 281 broker_sandboxer_allocator))); | 297 broker_sandboxer_allocator))); |
| 282 } | 298 } |
| 283 | 299 |
| 284 } // namespace content | 300 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 784733002:
content: bpf: exclude the syscalls if arm64 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master