| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 5 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| 6 #include "sandbox/linux/seccomp-bpf/verifier.h" |
| 6 | 7 |
| 7 // The kernel gives us a sandbox, we turn it into a playground :-) | 8 // The kernel gives us a sandbox, we turn it into a playground :-) |
| 8 // This is version 2 of the playground; version 1 was built on top of | 9 // This is version 2 of the playground; version 1 was built on top of |
| 9 // pre-BPF seccomp mode. | 10 // pre-BPF seccomp mode. |
| 10 namespace playground2 { | 11 namespace playground2 { |
| 11 | 12 |
| 12 Sandbox::ErrorCode Sandbox::probeEvaluator(int signo) { | 13 Sandbox::ErrorCode Sandbox::probeEvaluator(int signo) { |
| 13 switch (signo) { | 14 switch (signo) { |
| 14 case __NR_getpid: | 15 case __NR_getpid: |
| 15 // Return EPERM so that we can check that the filter actually ran. | 16 // Return EPERM so that we can check that the filter actually ran. |
| (...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 262 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, sysnum, 0, 1)); | 263 BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, sysnum, 0, 1)); |
| 263 program.push_back((struct sock_filter) | 264 program.push_back((struct sock_filter) |
| 264 BPF_STMT(BPF_RET+BPF_K, ret)); | 265 BPF_STMT(BPF_RET+BPF_K, ret)); |
| 265 } | 266 } |
| 266 | 267 |
| 267 // Everything that isn't allowed is forbidden. Eventually, we would | 268 // Everything that isn't allowed is forbidden. Eventually, we would |
| 268 // like to have a way to log forbidden calls, when in debug mode. | 269 // like to have a way to log forbidden calls, when in debug mode. |
| 269 program.push_back((struct sock_filter) | 270 program.push_back((struct sock_filter) |
| 270 BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO + SECCOMP_DENY_ERRNO)); | 271 BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO + SECCOMP_DENY_ERRNO)); |
| 271 | 272 |
| 273 // Make sure compilation resulted in BPF program that executes |
| 274 // correctly. |
| 275 Verifier::verifyBPF(program, evaluators_); |
| 276 |
| 272 // Install BPF filter program | 277 // Install BPF filter program |
| 273 const struct sock_fprog prog = { program.size(), &program[0] }; | 278 const struct sock_fprog prog = { program.size(), &program[0] }; |
| 274 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) || | 279 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) || |
| 275 prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { | 280 prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { |
| 276 goto filter_failed; | 281 goto filter_failed; |
| 277 } | 282 } |
| 278 | 283 |
| 279 return; | 284 return; |
| 280 } | 285 } |
| 281 | 286 |
| (...skipping 24 matching lines...) Expand all Loading... |
| 306 | 311 |
| 307 ctx->uc_mcontext.gregs[REG_RESULT] = reinterpret_cast<greg_t>(rc); | 312 ctx->uc_mcontext.gregs[REG_RESULT] = reinterpret_cast<greg_t>(rc); |
| 308 errno = old_errno; | 313 errno = old_errno; |
| 309 return; | 314 return; |
| 310 } | 315 } |
| 311 | 316 |
| 312 | 317 |
| 313 bool Sandbox::suppressLogging_ = false; | 318 bool Sandbox::suppressLogging_ = false; |
| 314 Sandbox::SandboxStatus Sandbox::status_ = STATUS_UNKNOWN; | 319 Sandbox::SandboxStatus Sandbox::status_ = STATUS_UNKNOWN; |
| 315 int Sandbox::proc_fd_ = -1; | 320 int Sandbox::proc_fd_ = -1; |
| 316 std::vector<std::pair<Sandbox::EvaluateSyscall, | 321 Sandbox::Evaluators Sandbox::evaluators_; |
| 317 Sandbox::EvaluateArguments> > Sandbox::evaluators_; | |
| 318 | 322 |
| 319 } // namespace | 323 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10546041:
Added a new Verifier class to the BPF compiler. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src