Linux sandbox: move CurrentProcessHasOpenDirectories

content/common/sandbox_linux.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <dirent.h>
 #include <fcntl.h>
 #include <sys/resource.h>
 #include <sys/stat.h>
 #include <sys/time.h>
 #include <sys/types.h>
 
 #include <limits>
 
 #include "base/bind.h"
 #include "base/callback_helpers.h"
 #include "base/command_line.h"
 #include "base/logging.h"
 #include "base/memory/singleton.h"
 #include "base/posix/eintr_wrapper.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/time/time.h"
 #include "content/common/sandbox_linux.h"
 #include "content/common/sandbox_seccomp_bpf_linux.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/sandbox_linux.h"
+#include "sandbox/linux/services/credentials.h"
 #include "sandbox/linux/suid/client/setuid_sandbox_client.h"
 
 namespace {
 
 void LogSandboxStarted(const std::string& sandbox_name) {
   const CommandLine& command_line = *CommandLine::ForCurrentProcess();
   const std::string process_type =
       command_line.GetSwitchValueASCII(switches::kProcessType);
   const std::string activated_sandbox =
       "Activated " + sandbox_name + " sandbox for process type: " +
@@ skipping 19 matching lines @@
 }
 
 bool IsRunningTSAN() {
 #if defined(THREAD_SANITIZER)
   return true;
 #else
   return false;
 #endif
 }
 
-struct DIRDeleter {
-  void operator()(DIR* d) {
-    PCHECK(closedir(d) == 0);
-  }
-};
-
-// |proc_fd| should be a file descriptor to /proc (useful if the process
-// is sandboxed) or -1.
-// If |proc_fd| is -1, this function will return false if /proc/self/fd
-// cannot be opened.
-bool CurrentProcessHasOpenDirectories(int proc_fd) {
-  int proc_self_fd = -1;
-  if (proc_fd >= 0) {
-    proc_self_fd = openat(proc_fd, "self/fd", O_DIRECTORY | O_RDONLY);
-  } else {
-    proc_self_fd = openat(AT_FDCWD, "/proc/self/fd", O_DIRECTORY | O_RDONLY);
-    if (proc_self_fd < 0) {
-      // If not available, guess false.
-      // TODO(mostynb@opera.com): add a CHECK_EQ(ENOENT, errno); Figure out what
-      // other situations are here. http://crbug.com/314985
-      return false;
-    }
-  }
-  CHECK_GE(proc_self_fd, 0);
-
-  // Ownership of proc_self_fd is transferred here, it must not be closed
-  // or modified afterwards except via dir.
-  scoped_ptr<DIR, DIRDeleter> dir(fdopendir(proc_self_fd));
-  CHECK(dir);
-
-  struct dirent e;
-  struct dirent* de;
-  while (!readdir_r(dir.get(), &e, &de) && de) {
-    if (strcmp(e.d_name, ".") == 0 || strcmp(e.d_name, "..") == 0) {
-      continue;
-    }
-
-    int fd_num;
-    CHECK(base::StringToInt(e.d_name, &fd_num));
-    if (fd_num == proc_fd || fd_num == proc_self_fd) {
-      continue;
-    }
-
-    struct stat s;
-    // It's OK to use proc_self_fd here, fstatat won't modify it.
-    CHECK(fstatat(proc_self_fd, e.d_name, &s, 0) == 0);
-    if (S_ISDIR(s.st_mode)) {
-      return true;
-    }
-  }
-
-  // No open unmanaged directories found.
-  return false;
-}
-
 }  // namespace
 
 namespace content {
 
 LinuxSandbox::LinuxSandbox()
     : proc_fd_(-1),
       seccomp_bpf_started_(false),
       pre_initialized_(false),
       seccomp_bpf_supported_(false),
       setuid_sandbox_client_(sandbox::SetuidSandboxClient::Create()) {
@@ skipping 201 matching lines @@
 
   bool limited_as = AddResourceLimit(RLIMIT_AS, address_space_limit);
   bool limited_data = AddResourceLimit(RLIMIT_DATA, kNewDataSegmentMaxSize);
   return limited_as && limited_data;
 #else
   return false;
 #endif  // !defined(ADDRESS_SANITIZER)
 }
 
 bool LinuxSandbox::HasOpenDirectories() {
-  return CurrentProcessHasOpenDirectories(proc_fd_);
+  return sandbox::Credentials().HasOpenDirectory(proc_fd_);
 }
 
 void LinuxSandbox::SealSandbox() {
   if (proc_fd_ >= 0) {
     int ret = HANDLE_EINTR(close(proc_fd_));
     CHECK_EQ(0, ret);
     proc_fd_ = -1;
   }
 }
 
 }  // namespace content