Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(75)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/sandbox_init_linux.cc

Issue 10165018: Apply a policy to the renderer. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | content/renderer/renderer_main_platform_delegate_linux.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/public/common/sandbox_init.h" 5 #include "content/public/common/sandbox_init.h"
6 6
7 #if defined(OS_LINUX) && defined(__x86_64__) 7 #if defined(OS_LINUX) && defined(__x86_64__)
8 8
9 #include <asm/unistd.h> 9 #include <asm/unistd.h>
10 #include <errno.h> 10 #include <errno.h>
(...skipping 271 matching lines...) Expand 10 before | Expand all | Expand 10 after
282 // These are under investigation, and hopefully not here for the long term. 282 // These are under investigation, and hopefully not here for the long term.
283 EmitAllowSyscall(__NR_shmctl, program); 283 EmitAllowSyscall(__NR_shmctl, program);
284 EmitAllowSyscall(__NR_shmat, program); 284 EmitAllowSyscall(__NR_shmat, program);
285 EmitAllowSyscall(__NR_shmdt, program); 285 EmitAllowSyscall(__NR_shmdt, program);
286 286
287 EmitFailSyscall(__NR_open, ENOENT, program); 287 EmitFailSyscall(__NR_open, ENOENT, program);
288 EmitFailSyscall(__NR_execve, ENOENT, program); 288 EmitFailSyscall(__NR_execve, ENOENT, program);
289 EmitFailSyscall(__NR_access, ENOENT, program); 289 EmitFailSyscall(__NR_access, ENOENT, program);
290 } 290 }
291 291
292 static void ApplyRendererPolicy(std::vector<struct sock_filter>* program) {
293 // "Hot" syscalls go first.
294 EmitAllowSyscall(__NR_times, program);
295 EmitAllowSyscall(__NR_futex, program);
296 EmitAllowSyscall(__NR_write, program);
297 EmitAllowSyscall(__NR_epoll_wait, program);
298 EmitAllowSyscall(__NR_nanosleep, program);
299 EmitAllowSyscall(__NR_madvise, program);
300
301 EmitAllowSyscall(__NR_mmap, program);
302 EmitAllowSyscall(__NR_mprotect, program);
303 EmitAllowSyscall(__NR_clone, program);
304 EmitAllowSyscall(__NR_set_robust_list, program);
305 EmitAllowSyscall(__NR_getuid, program);
306 EmitAllowSyscall(__NR_geteuid, program);
307 EmitAllowSyscall(__NR_getgid, program);
308 EmitAllowSyscall(__NR_getegid, program);
309 EmitAllowSyscall(__NR_epoll_create, program);
310 EmitAllowSyscall(__NR_fcntl, program);
311 EmitAllowSyscall(__NR_socketpair, program);
312 EmitAllowSyscall(__NR_pipe, program);
313 EmitAllowSyscall(__NR_epoll_ctl, program);
314 EmitAllowSyscall(__NR_gettid, program);
315 EmitAllowSyscall(__NR_prctl, program);
316 EmitAllowSyscall(__NR_read, program);
317 EmitAllowSyscall(__NR_fstat, program);
318 EmitAllowSyscall(__NR_sendmsg, program);
319 EmitAllowSyscall(__NR_sched_get_priority_min, program);
320 EmitAllowSyscall(__NR_sched_get_priority_max, program);
321 EmitAllowSyscall(__NR_sched_getparam, program);
322 EmitAllowSyscall(__NR_sched_getscheduler, program);
323 EmitAllowSyscall(__NR_sched_setscheduler, program);
324 EmitAllowSyscall(__NR_rt_sigaction, program);
325 EmitAllowSyscall(__NR_recvmsg, program);
326 EmitAllowSyscall(__NR_dup, program);
327 // TODO(cevans): ioctl() in the renderer??
328 EmitAllowSyscall(__NR_ioctl, program);
329 EmitAllowSyscall(__NR_lseek, program);
330 EmitAllowSyscall(__NR_close, program);
331 EmitAllowSyscall(__NR_munmap, program);
332 EmitAllowSyscall(__NR_sysinfo, program);
333 EmitAllowSyscall(__NR_uname, program);
334 EmitAllowSyscall(__NR_brk, program);
335 EmitAllowSyscall(__NR_restart_syscall, program);
336 EmitAllowSyscall(__NR_exit_group, program);
337 EmitAllowSyscall(__NR_fdatasync, program); // HTML5 WebDatabase / sqlite.
338 EmitAllowSyscall(__NR_setpriority, program);
339 EmitAllowSyscall(__NR_exit, program);
340 EmitAllowSyscall(__NR_shutdown, program);
341 EmitAllowSyscall(__NR_pread64, program); // Seen with PDF / Pepper.
342
343 EmitAllowSyscall(__NR_shmget, program);
344 EmitAllowSyscall(__NR_shmat, program);
345 EmitAllowSyscall(__NR_shmctl, program);
346 EmitAllowSyscall(__NR_shmdt, program);
347
348 EmitFailSyscall(__NR_open, ENOENT, program);
349 EmitFailSyscall(__NR_stat, ENOENT, program);
350 }
351
292 static bool CanUseSeccompFilters() { 352 static bool CanUseSeccompFilters() {
293 int ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, 0, 0, 0); 353 int ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, 0, 0, 0);
294 if (ret != 0 && errno == EFAULT) 354 if (ret != 0 && errno == EFAULT)
295 return true; 355 return true;
296 return false; 356 return false;
297 } 357 }
298 358
299 static void InstallFilter(const std::vector<struct sock_filter>& program) { 359 static void InstallFilter(const std::vector<struct sock_filter>& program) {
300 int ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); 360 int ret = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
301 PLOG_IF(FATAL, ret != 0) << "prctl(PR_SET_NO_NEW_PRIVS) failed"; 361 PLOG_IF(FATAL, ret != 0) << "prctl(PR_SET_NO_NEW_PRIVS) failed";
(...skipping 27 matching lines...) Expand all
329 389
330 CheckSingleThreaded(); 390 CheckSingleThreaded();
331 391
332 std::vector<struct sock_filter> program; 392 std::vector<struct sock_filter> program;
333 EmitPreamble(&program); 393 EmitPreamble(&program);
334 394
335 if (process_type == switches::kGpuProcess) { 395 if (process_type == switches::kGpuProcess) {
336 ApplyGPUPolicy(&program); 396 ApplyGPUPolicy(&program);
337 } else if (process_type == switches::kPpapiPluginProcess) { 397 } else if (process_type == switches::kPpapiPluginProcess) {
338 ApplyFlashPolicy(&program); 398 ApplyFlashPolicy(&program);
399 } else if (process_type == switches::kRendererProcess) {
400 ApplyRendererPolicy(&program);
339 } else { 401 } else {
340 NOTREACHED(); 402 NOTREACHED();
341 } 403 }
342 404
343 EmitTrap(&program); 405 EmitTrap(&program);
344 406
345 InstallSIGSYSHandler(); 407 InstallSIGSYSHandler();
346 InstallFilter(program); 408 InstallFilter(program);
347 } 409 }
348 410
349 } // namespace content 411 } // namespace content
350 412
351 #else 413 #else
352 414
353 namespace content { 415 namespace content {
354 416
355 void InitializeSandbox() { 417 void InitializeSandbox() {
356 } 418 }
357 419
358 } // namespace content 420 } // namespace content
359 421
360 #endif 422 #endif
361 423
OLDNEW
« no previous file with comments | « no previous file | content/renderer/renderer_main_platform_delegate_linux.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698