components/nacl/loader/nacl_helper_linux.cc - Issue 101773003: Linux sandbox: cleanup sandbox-bpf naming.

Side by Side Diff: components/nacl/loader/nacl_helper_linux.cc

Issue 101773003: Linux sandbox: cleanup sandbox-bpf naming. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Address namespace sandbox nits. Created 7 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « chrome/test/security_tests/sandbox_browsertest_linux.cc ('k') | components/nacl/loader/nacl_sandbox_linux.h » ('j') | no next file with comments »

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // A mini-zygote specifically for Native Client.	5 // A mini-zygote specifically for Native Client.

6	6

7 #include "components/nacl/loader/nacl_helper_linux.h"	7 #include "components/nacl/loader/nacl_helper_linux.h"

8	8

9 #include <errno.h>	9 #include <errno.h>

10 #include <fcntl.h>	10 #include <fcntl.h>

(...skipping 34 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
45	45

46 // The child must mimic the behavior of zygote_main_linux.cc on the child	46 // The child must mimic the behavior of zygote_main_linux.cc on the child

47 // side of the fork. See zygote_main_linux.cc:HandleForkRequest from	47 // side of the fork. See zygote_main_linux.cc:HandleForkRequest from

48 // if (!child) {	48 // if (!child) {

49 void BecomeNaClLoader(const std::vector<int>& child_fds,	49 void BecomeNaClLoader(const std::vector<int>& child_fds,

50 const NaClLoaderSystemInfo& system_info) {	50 const NaClLoaderSystemInfo& system_info) {

51 VLOG(1) << "NaCl loader: setting up IPC descriptor";	51 VLOG(1) << "NaCl loader: setting up IPC descriptor";

52 // don't need zygote FD any more	52 // don't need zygote FD any more

53 if (IGNORE_EINTR(close(kNaClZygoteDescriptor)) != 0)	53 if (IGNORE_EINTR(close(kNaClZygoteDescriptor)) != 0)

54 LOG(ERROR) << "close(kNaClZygoteDescriptor) failed.";	54 LOG(ERROR) << "close(kNaClZygoteDescriptor) failed.";

55 bool sandbox_initialized = InitializeBpfSandbox();	55 bool sandbox_initialized = InitializeBPFSandbox();

56 if (!sandbox_initialized) {	56 if (!sandbox_initialized) {

57 LOG(ERROR) << "Could not initialize NaCl's second "	57 LOG(ERROR) << "Could not initialize NaCl's second "

58 << "layer sandbox (seccomp-bpf).";	58 << "layer sandbox (seccomp-bpf).";

59 }	59 }

60 base::GlobalDescriptors::GetInstance()->Set(	60 base::GlobalDescriptors::GetInstance()->Set(

61 kPrimaryIPCChannel,	61 kPrimaryIPCChannel,

62 child_fds[content::ZygoteForkDelegate::kBrowserFDIndex]);	62 child_fds[content::ZygoteForkDelegate::kBrowserFDIndex]);

63	63

64 base::MessageLoopForIO main_message_loop;	64 base::MessageLoopForIO main_message_loop;

65 NaClListener listener;	65 NaClListener listener;

(...skipping 315 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
381 // Now handle requests from the Zygote.	381 // Now handle requests from the Zygote.

382 while (true) {	382 while (true) {

383 bool request_handled = HandleZygoteRequest(kNaClZygoteDescriptor,	383 bool request_handled = HandleZygoteRequest(kNaClZygoteDescriptor,

384 system_info);	384 system_info);

385 // Do not turn this into a CHECK() without thinking about robustness	385 // Do not turn this into a CHECK() without thinking about robustness

386 // against malicious IPC requests.	386 // against malicious IPC requests.

387 DCHECK(request_handled);	387 DCHECK(request_handled);

388 }	388 }

389 NOTREACHED();	389 NOTREACHED();

390 }	390 }

OLD	NEW