Chromium Code Reviews Chromium Code Reviews
Issue 10546041:
Added a new Verifier class to the BPF compiler. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef SANDBOX_BPF_H__ | 5 #ifndef SANDBOX_BPF_H__ |
| 6 #define SANDBOX_BPF_H__ | 6 #define SANDBOX_BPF_H__ |
| 7 | 7 |
| 8 #include <endian.h> | 8 #include <endian.h> |
| 9 #include <errno.h> | 9 #include <errno.h> |
| 10 #include <fcntl.h> | 10 #include <fcntl.h> |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 101 struct arch_seccomp_data { | 101 struct arch_seccomp_data { |
| 102 int nr; | 102 int nr; |
| 103 uint32_t arch; | 103 uint32_t arch; |
| 104 uint64_t instruction_pointer; | 104 uint64_t instruction_pointer; |
| 105 uint64_t args[6]; | 105 uint64_t args[6]; |
| 106 }; | 106 }; |
| 107 | 107 |
| 108 #ifdef SECCOMP_BPF_STANDALONE | 108 #ifdef SECCOMP_BPF_STANDALONE |
| 109 #define arraysize(x) sizeof(x)/sizeof(*(x))) | 109 #define arraysize(x) sizeof(x)/sizeof(*(x))) |
| 110 #define HANDLE_EINTR TEMP_FAILURE_RETRY | 110 #define HANDLE_EINTR TEMP_FAILURE_RETRY |
| 111 #define DISALLOW_IMPLICIT_CONSTRUCTORS(TypeName) \ | |
|
jln (very slow on Chromium)
2012/06/08 19:28:22
If/once we make demo.cc a proper test in Chrome, I
| |
| 112 TypeName(); \ | |
| 113 TypeName(const TypeName&); \ | |
| 114 void operator=(const TypeName&) | |
| 111 #endif | 115 #endif |
| 112 | 116 |
| 113 | 117 |
| 114 namespace playground2 { | 118 namespace playground2 { |
| 115 | 119 |
| 116 class Sandbox { | 120 class Sandbox { |
| 117 friend class Util; | 121 friend class Util; |
| 122 friend class Verifier; | |
| 118 | 123 |
| 119 public: | 124 public: |
| 120 enum SandboxStatus { | 125 enum SandboxStatus { |
| 121 STATUS_UNKNOWN, // Status prior to calling supportsSeccompSandbox() | 126 STATUS_UNKNOWN, // Status prior to calling supportsSeccompSandbox() |
| 122 STATUS_UNSUPPORTED, // The kernel does not appear to support sandboxing | 127 STATUS_UNSUPPORTED, // The kernel does not appear to support sandboxing |
| 123 STATUS_UNAVAILABLE, // Currently unavailable but might work again later | 128 STATUS_UNAVAILABLE, // Currently unavailable but might work again later |
| 124 STATUS_AVAILABLE, // Sandboxing is available but not currently active | 129 STATUS_AVAILABLE, // Sandboxing is available but not currently active |
| 125 STATUS_ENABLED // The sandbox is now active | 130 STATUS_ENABLED // The sandbox is now active |
| 126 }; | 131 }; |
| 127 | 132 |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 146 bool is32bit; | 151 bool is32bit; |
| 147 Operation op; | 152 Operation op; |
| 148 uint32_t value; | 153 uint32_t value; |
| 149 ErrorCode passed; | 154 ErrorCode passed; |
| 150 ErrorCode failed; | 155 ErrorCode failed; |
| 151 }; | 156 }; |
| 152 | 157 |
| 153 typedef ErrorCode (*EvaluateSyscall)(int sysno); | 158 typedef ErrorCode (*EvaluateSyscall)(int sysno); |
| 154 typedef int (*EvaluateArguments)(int sysno, int arg, | 159 typedef int (*EvaluateArguments)(int sysno, int arg, |
| 155 Constraint *constraint); | 160 Constraint *constraint); |
| 161 typedef std::vector<std::pair<EvaluateSyscall,EvaluateArguments> >Evaluators; | |
| 156 | 162 |
| 157 // There are a lot of reasons why the Seccomp sandbox might not be available. | 163 // There are a lot of reasons why the Seccomp sandbox might not be available. |
| 158 // This could be because the kernel does not support Seccomp mode, or it | 164 // This could be because the kernel does not support Seccomp mode, or it |
| 159 // could be because another sandbox is already active. | 165 // could be because another sandbox is already active. |
| 160 // "proc_fd" should be a file descriptor for "/proc", or -1 if not | 166 // "proc_fd" should be a file descriptor for "/proc", or -1 if not |
| 161 // provided by the caller. | 167 // provided by the caller. |
| 162 static SandboxStatus supportsSeccompSandbox(int proc_fd); | 168 static SandboxStatus supportsSeccompSandbox(int proc_fd); |
| 163 | 169 |
| 164 // The sandbox needs to be able to access files in "/proc/self". If this | 170 // The sandbox needs to be able to access files in "/proc/self". If this |
| 165 // directory is not accessible when "startSandbox()" gets called, the caller | 171 // directory is not accessible when "startSandbox()" gets called, the caller |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 228 static bool kernelSupportSeccompBPF(int proc_fd); | 234 static bool kernelSupportSeccompBPF(int proc_fd); |
| 229 | 235 |
| 230 static bool isSingleThreaded(int proc_fd); | 236 static bool isSingleThreaded(int proc_fd); |
| 231 static bool disableFilesystem(); | 237 static bool disableFilesystem(); |
| 232 static void installFilter(); | 238 static void installFilter(); |
| 233 static void sigSys(int nr, siginfo_t *info, void *void_context); | 239 static void sigSys(int nr, siginfo_t *info, void *void_context); |
| 234 | 240 |
| 235 static bool suppressLogging_; | 241 static bool suppressLogging_; |
| 236 static SandboxStatus status_; | 242 static SandboxStatus status_; |
| 237 static int proc_fd_; | 243 static int proc_fd_; |
| 238 static std::vector<std::pair<EvaluateSyscall, | 244 static Evaluators evaluators_; |
| 239 EvaluateArguments> > evaluators_; | |
| 240 }; | 245 }; |
| 241 | 246 |
| 242 } // namespace | 247 } // namespace |
| 243 | 248 |
| 244 #endif // SANDBOX_BPF_H__ | 249 #endif // SANDBOX_BPF_H__ |
| OLD | NEW |
