| Index: content/common/sandbox_init_linux.cc
|
| ===================================================================
|
| --- content/common/sandbox_init_linux.cc (revision 138143)
|
| +++ content/common/sandbox_init_linux.cc (working copy)
|
| @@ -182,9 +182,9 @@
|
| EmitRet(SECCOMP_RET_TRAP, program);
|
| }
|
|
|
| -static void EmitAllowKillSelf(int signal,
|
| - std::vector<struct sock_filter>* program) {
|
| - EmitAllowSyscallArgN(__NR_kill, 2, signal, program);
|
| +static void EmitAllowSignalSelf(std::vector<struct sock_filter>* program) {
|
| + EmitAllowSyscallArgN(__NR_kill, 1, getpid(), program);
|
| + EmitAllowSyscallArgN(__NR_tgkill, 1, getpid(), program);
|
| }
|
|
|
| static void EmitAllowGettime(std::vector<struct sock_filter>* program) {
|
| @@ -240,7 +240,9 @@
|
| EmitAllowSyscall(__NR_getpid, program); // Nvidia binary driver.
|
| EmitAllowSyscall(__NR_getppid, program); // ATI binary driver.
|
| EmitAllowSyscall(__NR_lseek, program); // Nvidia binary driver.
|
| - EmitAllowKillSelf(SIGTERM, program); // GPU watchdog.
|
| + EmitAllowSyscall(__NR_shutdown, program); // Virtual driver.
|
| + EmitAllowSyscall(__NR_rt_sigaction, program); // Breakpad signal handler.
|
| + EmitAllowSignalSelf(program); // GPU watchdog.
|
|
|
| // Generally, filename-based syscalls will fail with ENOENT to behave
|
| // similarly to a possible future setuid sandbox.
|
| @@ -248,6 +250,7 @@
|
| EmitFailSyscall(__NR_access, ENOENT, program);
|
| EmitFailSyscall(__NR_mkdir, ENOENT, program); // Nvidia binary driver.
|
| EmitFailSyscall(__NR_readlink, ENOENT, program); // ATI binary driver.
|
| + EmitFailSyscall(__NR_stat, ENOENT, program); // Nvidia binary driver.
|
| }
|
|
|
| static void ApplyFlashPolicy(std::vector<struct sock_filter>* program) {
|
| @@ -291,6 +294,9 @@
|
| EmitAllowSyscall(__NR_lseek, program);
|
| EmitAllowSyscall(__NR_brk, program);
|
| EmitAllowSyscall(__NR_sched_yield, program);
|
| + EmitAllowSyscall(__NR_shutdown, program);
|
| + EmitAllowSyscall(__NR_sched_getaffinity, program); // 3D
|
| + EmitAllowSignalSelf(program);
|
|
|
| // These are under investigation, and hopefully not here for the long term.
|
| EmitAllowSyscall(__NR_shmctl, program);
|
|
|
Chromium Code Reviews
Issue 10383274:
Sandbox policy fixes for all known remaining issues. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/