| Index: content/common/sandbox_init_linux.cc
|
| ===================================================================
|
| --- content/common/sandbox_init_linux.cc (revision 133256)
|
| +++ content/common/sandbox_init_linux.cc (working copy)
|
| @@ -289,6 +289,66 @@
|
| EmitFailSyscall(__NR_access, ENOENT, program);
|
| }
|
|
|
| +static void ApplyRendererPolicy(std::vector<struct sock_filter>* program) {
|
| + // "Hot" syscalls go first.
|
| + EmitAllowSyscall(__NR_times, program);
|
| + EmitAllowSyscall(__NR_futex, program);
|
| + EmitAllowSyscall(__NR_write, program);
|
| + EmitAllowSyscall(__NR_epoll_wait, program);
|
| + EmitAllowSyscall(__NR_nanosleep, program);
|
| + EmitAllowSyscall(__NR_madvise, program);
|
| +
|
| + EmitAllowSyscall(__NR_mmap, program);
|
| + EmitAllowSyscall(__NR_mprotect, program);
|
| + EmitAllowSyscall(__NR_clone, program);
|
| + EmitAllowSyscall(__NR_set_robust_list, program);
|
| + EmitAllowSyscall(__NR_getuid, program);
|
| + EmitAllowSyscall(__NR_geteuid, program);
|
| + EmitAllowSyscall(__NR_getgid, program);
|
| + EmitAllowSyscall(__NR_getegid, program);
|
| + EmitAllowSyscall(__NR_epoll_create, program);
|
| + EmitAllowSyscall(__NR_fcntl, program);
|
| + EmitAllowSyscall(__NR_socketpair, program);
|
| + EmitAllowSyscall(__NR_pipe, program);
|
| + EmitAllowSyscall(__NR_epoll_ctl, program);
|
| + EmitAllowSyscall(__NR_gettid, program);
|
| + EmitAllowSyscall(__NR_prctl, program);
|
| + EmitAllowSyscall(__NR_read, program);
|
| + EmitAllowSyscall(__NR_fstat, program);
|
| + EmitAllowSyscall(__NR_sendmsg, program);
|
| + EmitAllowSyscall(__NR_sched_get_priority_min, program);
|
| + EmitAllowSyscall(__NR_sched_get_priority_max, program);
|
| + EmitAllowSyscall(__NR_sched_getparam, program);
|
| + EmitAllowSyscall(__NR_sched_getscheduler, program);
|
| + EmitAllowSyscall(__NR_sched_setscheduler, program);
|
| + EmitAllowSyscall(__NR_rt_sigaction, program);
|
| + EmitAllowSyscall(__NR_recvmsg, program);
|
| + EmitAllowSyscall(__NR_dup, program);
|
| + // TODO(cevans): ioctl() in the renderer??
|
| + EmitAllowSyscall(__NR_ioctl, program);
|
| + EmitAllowSyscall(__NR_lseek, program);
|
| + EmitAllowSyscall(__NR_close, program);
|
| + EmitAllowSyscall(__NR_munmap, program);
|
| + EmitAllowSyscall(__NR_sysinfo, program);
|
| + EmitAllowSyscall(__NR_uname, program);
|
| + EmitAllowSyscall(__NR_brk, program);
|
| + EmitAllowSyscall(__NR_restart_syscall, program);
|
| + EmitAllowSyscall(__NR_exit_group, program);
|
| + EmitAllowSyscall(__NR_fdatasync, program); // HTML5 WebDatabase / sqlite.
|
| + EmitAllowSyscall(__NR_setpriority, program);
|
| + EmitAllowSyscall(__NR_exit, program);
|
| + EmitAllowSyscall(__NR_shutdown, program);
|
| + EmitAllowSyscall(__NR_pread64, program); // Seen with PDF / Pepper.
|
| +
|
| + EmitAllowSyscall(__NR_shmget, program);
|
| + EmitAllowSyscall(__NR_shmat, program);
|
| + EmitAllowSyscall(__NR_shmctl, program);
|
| + EmitAllowSyscall(__NR_shmdt, program);
|
| +
|
| + EmitFailSyscall(__NR_open, ENOENT, program);
|
| + EmitFailSyscall(__NR_stat, ENOENT, program);
|
| +}
|
| +
|
| static bool CanUseSeccompFilters() {
|
| int ret = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, 0, 0, 0);
|
| if (ret != 0 && errno == EFAULT)
|
| @@ -336,6 +396,8 @@
|
| ApplyGPUPolicy(&program);
|
| } else if (process_type == switches::kPpapiPluginProcess) {
|
| ApplyFlashPolicy(&program);
|
| + } else if (process_type == switches::kRendererProcess) {
|
| + ApplyRendererPolicy(&program);
|
| } else {
|
| NOTREACHED();
|
| }
|
|
|
Chromium Code Reviews
Issue 10165018:
Apply a policy to the renderer. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/