| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/services/credentials.h" | 5 #include "sandbox/linux/services/credentials.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <sched.h> |
| 9 #include <stdio.h> | 10 #include <stdio.h> |
| 10 #include <sys/stat.h> | 11 #include <sys/stat.h> |
| 11 #include <sys/types.h> | 12 #include <sys/types.h> |
| 12 #include <unistd.h> | 13 #include <unistd.h> |
| 13 | 14 |
| 14 #include "base/files/file_util.h" | 15 #include "base/files/file_util.h" |
| 15 #include "base/files/scoped_file.h" | 16 #include "base/files/scoped_file.h" |
| 16 #include "base/logging.h" | 17 #include "base/logging.h" |
| 17 #include "base/memory/scoped_ptr.h" | 18 #include "base/memory/scoped_ptr.h" |
| 19 #include "base/process/process.h" |
| 18 #include "sandbox/linux/tests/unit_tests.h" | 20 #include "sandbox/linux/tests/unit_tests.h" |
| 19 #include "testing/gtest/include/gtest/gtest.h" | 21 #include "testing/gtest/include/gtest/gtest.h" |
| 20 | 22 |
| 21 namespace sandbox { | 23 namespace sandbox { |
| 22 | 24 |
| 23 namespace { | 25 namespace { |
| 24 | 26 |
| 25 bool DirectoryExists(const char* path) { | 27 bool DirectoryExists(const char* path) { |
| 26 struct stat dir; | 28 struct stat dir; |
| 27 errno = 0; | 29 errno = 0; |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 70 fprintf(stdout, "This kernel does not support unprivileged namespaces. " | 72 fprintf(stdout, "This kernel does not support unprivileged namespaces. " |
| 71 "USERNS tests will succeed without running.\n"); | 73 "USERNS tests will succeed without running.\n"); |
| 72 fflush(stdout); | 74 fflush(stdout); |
| 73 return; | 75 return; |
| 74 } | 76 } |
| 75 CHECK(Credentials::HasAnyCapability()); | 77 CHECK(Credentials::HasAnyCapability()); |
| 76 CHECK(Credentials::DropAllCapabilities()); | 78 CHECK(Credentials::DropAllCapabilities()); |
| 77 CHECK(!Credentials::HasAnyCapability()); | 79 CHECK(!Credentials::HasAnyCapability()); |
| 78 } | 80 } |
| 79 | 81 |
| 80 SANDBOX_TEST(Credentials, SupportsUserNS) { | |
| 81 CHECK(Credentials::DropAllCapabilities()); | |
| 82 bool user_ns_supported = Credentials::SupportsNewUserNS(); | |
| 83 bool moved_to_new_ns = Credentials::MoveToNewUserNS(); | |
| 84 CHECK_EQ(user_ns_supported, moved_to_new_ns); | |
| 85 } | |
| 86 | |
| 87 SANDBOX_TEST(Credentials, UidIsPreserved) { | 82 SANDBOX_TEST(Credentials, UidIsPreserved) { |
| 88 CHECK(Credentials::DropAllCapabilities()); | 83 CHECK(Credentials::DropAllCapabilities()); |
| 89 uid_t old_ruid, old_euid, old_suid; | 84 uid_t old_ruid, old_euid, old_suid; |
| 90 gid_t old_rgid, old_egid, old_sgid; | 85 gid_t old_rgid, old_egid, old_sgid; |
| 91 PCHECK(0 == getresuid(&old_ruid, &old_euid, &old_suid)); | 86 PCHECK(0 == getresuid(&old_ruid, &old_euid, &old_suid)); |
| 92 PCHECK(0 == getresgid(&old_rgid, &old_egid, &old_sgid)); | 87 PCHECK(0 == getresgid(&old_rgid, &old_egid, &old_sgid)); |
| 93 // Probably missing kernel support. | 88 // Probably missing kernel support. |
| 94 if (!Credentials::MoveToNewUserNS()) return; | 89 if (!Credentials::MoveToNewUserNS()) return; |
| 95 uid_t new_ruid, new_euid, new_suid; | 90 uid_t new_ruid, new_euid, new_suid; |
| 96 PCHECK(0 == getresuid(&new_ruid, &new_euid, &new_suid)); | 91 PCHECK(0 == getresuid(&new_ruid, &new_euid, &new_suid)); |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 152 // it is not possible to regain capabilities. | 147 // it is not possible to regain capabilities. |
| 153 SANDBOX_TEST(Credentials, DISABLE_ON_LSAN(CannotRegainPrivileges)) { | 148 SANDBOX_TEST(Credentials, DISABLE_ON_LSAN(CannotRegainPrivileges)) { |
| 154 CHECK(Credentials::DropAllCapabilities()); | 149 CHECK(Credentials::DropAllCapabilities()); |
| 155 // Probably missing kernel support. | 150 // Probably missing kernel support. |
| 156 if (!Credentials::MoveToNewUserNS()) return; | 151 if (!Credentials::MoveToNewUserNS()) return; |
| 157 CHECK(Credentials::DropFileSystemAccess()); | 152 CHECK(Credentials::DropFileSystemAccess()); |
| 158 CHECK(Credentials::DropAllCapabilities()); | 153 CHECK(Credentials::DropAllCapabilities()); |
| 159 | 154 |
| 160 // The kernel should now prevent us from regaining capabilities because we | 155 // The kernel should now prevent us from regaining capabilities because we |
| 161 // are in a chroot. | 156 // are in a chroot. |
| 162 CHECK(!Credentials::SupportsNewUserNS()); | 157 errno = 0; |
| 158 CHECK_EQ(-1, unshare(CLONE_NEWUSER)); |
| 159 CHECK_EQ(EPERM, errno); |
| 160 |
| 161 errno = 0; |
| 162 CHECK_EQ(-1, base::ForkWithFlags(CLONE_NEWUSER | SIGCHLD, nullptr, nullptr)); |
| 163 CHECK_EQ(EPERM, errno); |
| 164 |
| 163 CHECK(!Credentials::MoveToNewUserNS()); | 165 CHECK(!Credentials::MoveToNewUserNS()); |
| 164 } | 166 } |
| 165 | 167 |
| 166 } // namespace. | 168 } // namespace. |
| 167 | 169 |
| 168 } // namespace sandbox. | 170 } // namespace sandbox. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 849893004:
Move a couple of utility functions to a new namespace_utils class. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master