Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(60)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/services/credentials.cc

Issue 951673002: Revert "Pull chromium at 2c3ffb2355a27c32f45e508ef861416b820c823b" (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/linux/BUILD.gn ('k') | sandbox/linux/services/proc_util_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/services/credentials.h" 5 #include "sandbox/linux/services/credentials.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <signal.h> 8 #include <signal.h>
9 #include <stdio.h> 9 #include <stdio.h>
10 #include <sys/capability.h> 10 #include <sys/capability.h>
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after
107 #error "Unsupported architecture" 107 #error "Unsupported architecture"
108 #endif 108 #endif
109 pid = clone(ChrootToSelfFdinfo, stack, 109 pid = clone(ChrootToSelfFdinfo, stack,
110 CLONE_VM | CLONE_VFORK | CLONE_FS | SIGCHLD, nullptr, nullptr, 110 CLONE_VM | CLONE_VFORK | CLONE_FS | SIGCHLD, nullptr, nullptr,
111 nullptr, nullptr); 111 nullptr, nullptr);
112 PCHECK(pid != -1); 112 PCHECK(pid != -1);
113 113
114 int status = -1; 114 int status = -1;
115 PCHECK(HANDLE_EINTR(waitpid(pid, &status, 0)) == pid); 115 PCHECK(HANDLE_EINTR(waitpid(pid, &status, 0)) == pid);
116 116
117 return WIFEXITED(status) && WEXITSTATUS(status) == kExitSuccess; 117 return kExitSuccess == status;
118 } 118 }
119 119
120 // CHECK() that an attempt to move to a new user namespace raised an expected 120 // CHECK() that an attempt to move to a new user namespace raised an expected
121 // errno. 121 // errno.
122 void CheckCloneNewUserErrno(int error) { 122 void CheckCloneNewUserErrno(int error) {
123 // EPERM can happen if already in a chroot. EUSERS if too many nested 123 // EPERM can happen if already in a chroot. EUSERS if too many nested
124 // namespaces are used. EINVAL for kernels that don't support the feature. 124 // namespaces are used. EINVAL for kernels that don't support the feature.
125 // Valgrind will ENOSYS unshare(). 125 // Valgrind will ENOSYS unshare().
126 PCHECK(error == EPERM || error == EUSERS || error == EINVAL || 126 PCHECK(error == EPERM || error == EUSERS || error == EINVAL ||
127 error == ENOSYS); 127 error == ENOSYS);
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
167 167
168 if (pid == -1) { 168 if (pid == -1) {
169 CheckCloneNewUserErrno(errno); 169 CheckCloneNewUserErrno(errno);
170 return false; 170 return false;
171 } 171 }
172 172
173 // The parent process could have had threads. In the child, these threads 173 // The parent process could have had threads. In the child, these threads
174 // have disappeared. Make sure to not do anything in the child, as this is a 174 // have disappeared. Make sure to not do anything in the child, as this is a
175 // fragile execution environment. 175 // fragile execution environment.
176 if (pid == 0) { 176 if (pid == 0) {
177 _exit(kExitSuccess); 177 _exit(0);
178 } 178 }
179 179
180 // Always reap the child. 180 // Always reap the child.
181 int status = -1; 181 siginfo_t infop;
182 PCHECK(HANDLE_EINTR(waitpid(pid, &status, 0)) == pid); 182 PCHECK(0 == HANDLE_EINTR(waitid(P_PID, pid, &infop, WEXITED)));
183 CHECK(WIFEXITED(status));
184 CHECK_EQ(kExitSuccess, WEXITSTATUS(status));
185 183
186 // clone(2) succeeded, we can use CLONE_NEWUSER. 184 // clone(2) succeeded, we can use CLONE_NEWUSER.
187 return true; 185 return true;
188 } 186 }
189 187
190 bool Credentials::MoveToNewUserNS() { 188 bool Credentials::MoveToNewUserNS() {
191 uid_t uid; 189 uid_t uid;
192 gid_t gid; 190 gid_t gid;
193 if (!GetRESIds(&uid, &gid)) { 191 if (!GetRESIds(&uid, &gid)) {
194 // If all the uids (or gids) are not equal to each other, the security 192 // If all the uids (or gids) are not equal to each other, the security
(...skipping 26 matching lines...) Expand all
221 } 219 }
222 220
223 bool Credentials::DropFileSystemAccess() { 221 bool Credentials::DropFileSystemAccess() {
224 CHECK(ChrootToSafeEmptyDir()); 222 CHECK(ChrootToSafeEmptyDir());
225 CHECK(!base::DirectoryExists(base::FilePath("/proc"))); 223 CHECK(!base::DirectoryExists(base::FilePath("/proc")));
226 // We never let this function fail. 224 // We never let this function fail.
227 return true; 225 return true;
228 } 226 }
229 227
230 } // namespace sandbox. 228 } // namespace sandbox.
OLDNEW
« no previous file with comments | « sandbox/linux/BUILD.gn ('k') | sandbox/linux/services/proc_util_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698