Chromium Code Reviews Chromium Code Reviews
Issue 101773003:
Linux sandbox: cleanup sandbox-bpf naming. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: content/common/sandbox_seccomp_bpf_linux.cc |
| diff --git a/content/common/sandbox_seccomp_bpf_linux.cc b/content/common/sandbox_seccomp_bpf_linux.cc |
| index e1f344db84f6cb56f40658e4cf347566c4144c28..edd87a26bb26a8eee7f6941ad3e46774cf84d8ab 100644 |
| --- a/content/common/sandbox_seccomp_bpf_linux.cc |
| +++ b/content/common/sandbox_seccomp_bpf_linux.cc |
| @@ -46,9 +46,9 @@ |
| #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h" |
| #include "sandbox/linux/services/linux_syscalls.h" |
| -using playground2::arch_seccomp_data; |
| -using playground2::ErrorCode; |
| -using playground2::Sandbox; |
| +using sandbox::arch_seccomp_data; |
| +using sandbox::ErrorCode; |
| +using sandbox::SandboxBPF; |
|
Robert Sesek
2013/12/10 15:07:46
nit: alphabetize
jln (very slow on Chromium)
2013/12/10 18:43:47
Done.
|
| using sandbox::BrokerProcess; |
| using sandbox::BaselinePolicy; |
| using sandbox::SyscallSets; |
| @@ -57,7 +57,7 @@ namespace content { |
| namespace { |
| -void StartSandboxWithPolicy(playground2::SandboxBpfPolicy* policy); |
| +void StartSandboxWithPolicy(sandbox::SandboxBpfPolicy* policy); |
| inline bool IsChromeOS() { |
| #if defined(OS_CHROMEOS) |
| @@ -147,7 +147,7 @@ class GpuProcessPolicy : public SandboxBpfBasePolicy { |
| : broker_process_(broker_process) {} |
| virtual ~GpuProcessPolicy() {} |
| - virtual ErrorCode EvaluateSyscall(Sandbox* sandbox_compiler, |
| + virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, |
| int system_call_number) const OVERRIDE; |
| private: |
| @@ -156,7 +156,8 @@ class GpuProcessPolicy : public SandboxBpfBasePolicy { |
| }; |
| // Main policy for x86_64/i386. Extended by ArmGpuProcessPolicy. |
| -ErrorCode GpuProcessPolicy::EvaluateSyscall(Sandbox* sandbox, int sysno) const { |
| +ErrorCode GpuProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox, |
| + int sysno) const { |
| switch (sysno) { |
| case __NR_ioctl: |
| #if defined(__i386__) || defined(__x86_64__) |
| @@ -189,7 +190,7 @@ class GpuBrokerProcessPolicy : public GpuProcessPolicy { |
| GpuBrokerProcessPolicy() : GpuProcessPolicy(NULL) {} |
| virtual ~GpuBrokerProcessPolicy() {} |
| - virtual ErrorCode EvaluateSyscall(Sandbox* sandbox_compiler, |
| + virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, |
| int system_call_number) const OVERRIDE; |
| private: |
| @@ -199,7 +200,7 @@ class GpuBrokerProcessPolicy : public GpuProcessPolicy { |
| // x86_64/i386. |
| // A GPU broker policy is the same as a GPU policy with open and |
| // openat allowed. |
| -ErrorCode GpuBrokerProcessPolicy::EvaluateSyscall(Sandbox* sandbox, |
| +ErrorCode GpuBrokerProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox, |
| int sysno) const { |
| switch (sysno) { |
| case __NR_access: |
| @@ -217,7 +218,7 @@ class ArmGpuProcessPolicy : public GpuProcessPolicy { |
| : GpuProcessPolicy(broker_process), allow_shmat_(allow_shmat) {} |
| virtual ~ArmGpuProcessPolicy() {} |
| - virtual ErrorCode EvaluateSyscall(Sandbox* sandbox_compiler, |
| + virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, |
| int system_call_number) const OVERRIDE; |
| private: |
| @@ -226,7 +227,7 @@ class ArmGpuProcessPolicy : public GpuProcessPolicy { |
| }; |
| // Generic ARM GPU process sandbox, inheriting from GpuProcessPolicy. |
| -ErrorCode ArmGpuProcessPolicy::EvaluateSyscall(Sandbox* sandbox, |
| +ErrorCode ArmGpuProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox, |
| int sysno) const { |
| #if defined(__arm__) |
| if (allow_shmat_ && sysno == __NR_shmat) |
| @@ -265,7 +266,7 @@ class ArmGpuBrokerProcessPolicy : public ArmGpuProcessPolicy { |
| ArmGpuBrokerProcessPolicy() : ArmGpuProcessPolicy(NULL, false) {} |
| virtual ~ArmGpuBrokerProcessPolicy() {} |
| - virtual ErrorCode EvaluateSyscall(Sandbox* sandbox_compiler, |
| + virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, |
| int system_call_number) const OVERRIDE; |
| private: |
| @@ -274,7 +275,7 @@ class ArmGpuBrokerProcessPolicy : public ArmGpuProcessPolicy { |
| // A GPU broker policy is the same as a GPU policy with open and |
| // openat allowed. |
| -ErrorCode ArmGpuBrokerProcessPolicy::EvaluateSyscall(Sandbox* sandbox, |
| +ErrorCode ArmGpuBrokerProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox, |
| int sysno) const { |
| switch (sysno) { |
| case __NR_access: |
| @@ -294,14 +295,14 @@ class RendererOrWorkerProcessPolicy : public SandboxBpfBasePolicy { |
| RendererOrWorkerProcessPolicy() {} |
| virtual ~RendererOrWorkerProcessPolicy() {} |
| - virtual ErrorCode EvaluateSyscall(Sandbox* sandbox_compiler, |
| + virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, |
| int system_call_number) const OVERRIDE; |
| private: |
| DISALLOW_COPY_AND_ASSIGN(RendererOrWorkerProcessPolicy); |
| }; |
| -ErrorCode RendererOrWorkerProcessPolicy::EvaluateSyscall(Sandbox* sandbox, |
| +ErrorCode RendererOrWorkerProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox, |
| int sysno) const { |
| switch (sysno) { |
| case __NR_clone: |
| @@ -360,14 +361,14 @@ class FlashProcessPolicy : public SandboxBpfBasePolicy { |
| FlashProcessPolicy() {} |
| virtual ~FlashProcessPolicy() {} |
| - virtual ErrorCode EvaluateSyscall(Sandbox* sandbox_compiler, |
| + virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, |
| int system_call_number) const OVERRIDE; |
| private: |
| DISALLOW_COPY_AND_ASSIGN(FlashProcessPolicy); |
| }; |
| -ErrorCode FlashProcessPolicy::EvaluateSyscall(Sandbox* sandbox, |
| +ErrorCode FlashProcessPolicy::EvaluateSyscall(SandboxBPF* sandbox, |
| int sysno) const { |
| switch (sysno) { |
| case __NR_clone: |
| @@ -406,16 +407,16 @@ class BlacklistDebugAndNumaPolicy : public SandboxBpfBasePolicy { |
| BlacklistDebugAndNumaPolicy() {} |
| virtual ~BlacklistDebugAndNumaPolicy() {} |
| - virtual ErrorCode EvaluateSyscall(Sandbox* sandbox_compiler, |
| + virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, |
| int system_call_number) const OVERRIDE; |
| private: |
| DISALLOW_COPY_AND_ASSIGN(BlacklistDebugAndNumaPolicy); |
| }; |
| -ErrorCode BlacklistDebugAndNumaPolicy::EvaluateSyscall(Sandbox* sandbox, |
| +ErrorCode BlacklistDebugAndNumaPolicy::EvaluateSyscall(SandboxBPF* sandbox, |
| int sysno) const { |
| - if (!Sandbox::IsValidSyscallNumber(sysno)) { |
| + if (!SandboxBPF::IsValidSyscallNumber(sysno)) { |
| // TODO(jln) we should not have to do that in a trivial policy. |
| return ErrorCode(ENOSYS); |
| } |
| @@ -430,7 +431,7 @@ class AllowAllPolicy : public SandboxBpfBasePolicy { |
| AllowAllPolicy() {} |
| virtual ~AllowAllPolicy() {} |
| - virtual ErrorCode EvaluateSyscall(Sandbox* sandbox_compiler, |
| + virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, |
| int system_call_number) const OVERRIDE; |
| private: |
| @@ -440,8 +441,8 @@ class AllowAllPolicy : public SandboxBpfBasePolicy { |
| // Allow all syscalls. |
| // This will still deny x32 or IA32 calls in 64 bits mode or |
| // 64 bits system calls in compatibility mode. |
| -ErrorCode AllowAllPolicy::EvaluateSyscall(Sandbox*, int sysno) const { |
| - if (!Sandbox::IsValidSyscallNumber(sysno)) { |
| +ErrorCode AllowAllPolicy::EvaluateSyscall(SandboxBPF*, int sysno) const { |
| + if (!SandboxBPF::IsValidSyscallNumber(sysno)) { |
| // TODO(jln) we should not have to do that in a trivial policy. |
| return ErrorCode(ENOSYS); |
| } else { |
| @@ -674,13 +675,13 @@ void StartGpuProcessSandbox(const CommandLine& command_line, |
| } |
| // This function takes ownership of |policy|. |
| -void StartSandboxWithPolicy(playground2::SandboxBpfPolicy* policy) { |
| +void StartSandboxWithPolicy(sandbox::SandboxBpfPolicy* policy) { |
| // Starting the sandbox is a one-way operation. The kernel doesn't allow |
| // us to unload a sandbox policy after it has been started. Nonetheless, |
| // in order to make the use of the "Sandbox" object easier, we allow for |
| // the object to be destroyed after the sandbox has been started. Note that |
| // doing so does not stop the sandbox. |
| - Sandbox sandbox; |
| + SandboxBPF sandbox; |
| sandbox.SetSandboxPolicy(policy); |
| sandbox.StartSandbox(); |
| } |
| @@ -748,13 +749,13 @@ bool SandboxSeccompBpf::SupportsSandbox() { |
| #if defined(SECCOMP_BPF_SANDBOX) |
| // TODO(jln): pass the saved proc_fd_ from the LinuxSandbox singleton |
| // here. |
| - Sandbox::SandboxStatus bpf_sandbox_status = |
| - Sandbox::SupportsSeccompSandbox(-1); |
| + SandboxBPF::SandboxStatus bpf_sandbox_status = |
| + SandboxBPF::SupportsSeccompSandbox(-1); |
| // Kernel support is what we are interested in here. Other status |
| // such as STATUS_UNAVAILABLE (has threads) still indicate kernel support. |
| // We make this a negative check, since if there is a bug, we would rather |
| // "fail closed" (expect a sandbox to be available and try to start it). |
| - if (bpf_sandbox_status != Sandbox::STATUS_UNSUPPORTED) { |
| + if (bpf_sandbox_status != SandboxBPF::STATUS_UNSUPPORTED) { |
| return true; |
| } |
| #endif |
| @@ -779,7 +780,7 @@ bool SandboxSeccompBpf::StartSandbox(const std::string& process_type) { |
| } |
| bool SandboxSeccompBpf::StartSandboxWithExternalPolicy( |
| - scoped_ptr<playground2::SandboxBpfPolicy> policy) { |
| + scoped_ptr<sandbox::SandboxBpfPolicy> policy) { |
| #if defined(SECCOMP_BPF_SANDBOX) |
| if (IsSeccompBpfDesired() && SupportsSandbox()) { |
| CHECK(policy); |
| @@ -790,12 +791,12 @@ bool SandboxSeccompBpf::StartSandboxWithExternalPolicy( |
| return false; |
| } |
| -scoped_ptr<playground2::SandboxBpfPolicy> |
| +scoped_ptr<sandbox::SandboxBpfPolicy> |
| SandboxSeccompBpf::GetBaselinePolicy() { |
| #if defined(SECCOMP_BPF_SANDBOX) |
| - return scoped_ptr<playground2::SandboxBpfPolicy>(new BaselinePolicy); |
| + return scoped_ptr<sandbox::SandboxBpfPolicy>(new BaselinePolicy); |
| #else |
| - return scoped_ptr<playground2::SandboxBpfPolicy>(); |
| + return scoped_ptr<sandbox::SandboxBpfPolicy>(); |
| #endif // defined(SECCOMP_BPF_SANDBOX) |
| } |
