SECCOMP-BPF: Added supported for inspection system call arguments from BPF filters.

content/common/sandbox_seccomp_bpf_linux.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <asm/unistd.h>
 #include <dlfcn.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <linux/audit.h>
 #include <linux/filter.h>
@@ skipping 1279 matching lines @@
       if (IsSystemVIpc(sysno))
         return ErrorCode(ErrorCode::ERR_ALLOWED);
 #endif
 
       // Default on the baseline policy.
       return BaselinePolicy(sysno);
   }
 }
 
 ErrorCode BlacklistDebugAndNumaPolicy(int sysno, void *) {
-  if (!Sandbox::isValidSyscallNumber(sysno)) {
+  if (!Sandbox::IsValidSyscallNumber(sysno)) {
     // TODO(jln) we should not have to do that in a trivial policy.
     return ErrorCode(ENOSYS);
   }
 
   if (IsDebug(sysno) || IsNuma(sysno))
     return Sandbox::Trap(CrashSIGSYS_Handler, NULL);
 
   return ErrorCode(ErrorCode::ERR_ALLOWED);
 }
 
 // Allow all syscalls.
 // This will still deny x32 or IA32 calls in 64 bits mode or
 // 64 bits system calls in compatibility mode.
 ErrorCode AllowAllPolicy(int sysno, void *) {
-  if (!Sandbox::isValidSyscallNumber(sysno)) {
+  if (!Sandbox::IsValidSyscallNumber(sysno)) {
     // TODO(jln) we should not have to do that in a trivial policy.
     return ErrorCode(ENOSYS);
   } else {
     return ErrorCode(ErrorCode::ERR_ALLOWED);
   }
 }
 
 bool EnableGpuBrokerPolicyCallBack() {
   StartSandboxWithPolicy(GpuBrokerProcessPolicy_x86_64, NULL);
   return true;
@@ skipping 70 matching lines @@
   NOTREACHED();
   // This will be our default if we need one.
   return AllowAllPolicy;
 }
 
 // broker_process can be NULL if there is no need for one.
 void StartSandboxWithPolicy(Sandbox::EvaluateSyscall syscall_policy,
                             BrokerProcess* broker_process) {
 
   Sandbox::setSandboxPolicy(syscall_policy, broker_process);
   Sandbox::startSandbox();

[jln (very slow on Chromium), 2012/12/14 23:33:13]

You missed renaming these.

 }
 
 // Initialize the seccomp-bpf sandbox.
 bool StartBpfSandbox(const CommandLine& command_line,
                      const std::string& process_type) {
   Sandbox::EvaluateSyscall syscall_policy =
       GetProcessSyscallPolicy(command_line, process_type);
 
   BrokerProcess* broker_process = NULL;
   // Warm up resources needed by the policy we're about to enable and
@@ skipping 32 matching lines @@
   return true;
 #endif  // SECCOMP_BPF_SANDBOX
   return false;
 }
 
 bool SandboxSeccompBpf::SupportsSandbox() {
 #if defined(SECCOMP_BPF_SANDBOX)
   // TODO(jln): pass the saved proc_fd_ from the LinuxSandbox singleton
   // here.
   Sandbox::SandboxStatus bpf_sandbox_status =
-      Sandbox::supportsSeccompSandbox(-1);
+      Sandbox::SupportsSeccompSandbox(-1);
   // Kernel support is what we are interested in here. Other status
   // such as STATUS_UNAVAILABLE (has threads) still indicate kernel support.
   // We make this a negative check, since if there is a bug, we would rather
   // "fail closed" (expect a sandbox to be available and try to start it).
   if (bpf_sandbox_status != Sandbox::STATUS_UNSUPPORTED) {
     return true;
   }
 #endif
   return false;
 }
 
 bool SandboxSeccompBpf::StartSandbox(const std::string& process_type) {
 #if defined(SECCOMP_BPF_SANDBOX)
   const CommandLine& command_line = *CommandLine::ForCurrentProcess();
 
   if (IsSeccompBpfDesired() &&  // Global switches policy.
       ShouldEnableSeccompBpf(process_type) &&  // Process-specific policy.
       SupportsSandbox()) {
     // If the kernel supports the sandbox, and if the command line says we
     // should enable it, enable it or die.
     bool started_sandbox = StartBpfSandbox(command_line, process_type);
     CHECK(started_sandbox);
     return true;
   }
 #endif
   return false;
 }
 
 }  // namespace content