Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(208)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/common/sandbox_seccomp_bpf_linux.cc

Issue 11416336: Revert an occasional change of Trap to UnsafeTrap (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <asm/unistd.h> 5 #include <asm/unistd.h>
6 #include <dlfcn.h> 6 #include <dlfcn.h>
7 #include <errno.h> 7 #include <errno.h>
8 #include <fcntl.h> 8 #include <fcntl.h>
9 #include <linux/audit.h> 9 #include <linux/audit.h>
10 #include <linux/filter.h> 10 #include <linux/filter.h>
(...skipping 1209 matching lines...) Expand 10 before | Expand all | Expand 10 after
1220 } 1220 }
1221 1221
1222 if (IsUmask(sysno) || IsDeniedFileSystemAccessViaFd(sysno) || 1222 if (IsUmask(sysno) || IsDeniedFileSystemAccessViaFd(sysno) ||
1223 IsDeniedGetOrModifySocket(sysno)) { 1223 IsDeniedGetOrModifySocket(sysno)) {
1224 return ErrorCode(EPERM); 1224 return ErrorCode(EPERM);
1225 } 1225 }
1226 1226
1227 if (IsBaselinePolicyWatched(sysno)) { 1227 if (IsBaselinePolicyWatched(sysno)) {
1228 // Previously unseen syscalls. TODO(jln): some of these should 1228 // Previously unseen syscalls. TODO(jln): some of these should
1229 // be denied gracefully right away. 1229 // be denied gracefully right away.
1230 return Sandbox::UnsafeTrap(CrashSIGSYS_Handler, NULL); 1230 return Sandbox::Trap(CrashSIGSYS_Handler, NULL);
1231 } 1231 }
1232 // In any other case crash the program with our SIGSYS handler 1232 // In any other case crash the program with our SIGSYS handler
1233 return Sandbox::UnsafeTrap(CrashSIGSYS_Handler, NULL); 1233 return Sandbox::Trap(CrashSIGSYS_Handler, NULL);
1234 } 1234 }
1235 1235
1236 // x86_64 only for now. Needs to be adapted and tested for i386/ARM. 1236 // x86_64 only for now. Needs to be adapted and tested for i386/ARM.
1237 ErrorCode GpuProcessPolicy_x86_64(int sysno, void *) { 1237 ErrorCode GpuProcessPolicy_x86_64(int sysno, void *) {
1238 switch(sysno) { 1238 switch(sysno) {
1239 case __NR_ioctl: 1239 case __NR_ioctl:
1240 #if defined(ADDRESS_SANITIZER) 1240 #if defined(ADDRESS_SANITIZER)
1241 // Allow to call sched_getaffinity under AddressSanitizer. 1241 // Allow to call sched_getaffinity under AddressSanitizer.
1242 case __NR_sched_getaffinity: 1242 case __NR_sched_getaffinity:
1243 #endif 1243 #endif
1244 return ErrorCode(ErrorCode::ERR_ALLOWED); 1244 return ErrorCode(ErrorCode::ERR_ALLOWED);
1245 case __NR_open: 1245 case __NR_open:
1246 // Accelerated video decode is enabled by default only on Chrome OS. 1246 // Accelerated video decode is enabled by default only on Chrome OS.
1247 if (IsAcceleratedVideoDecodeEnabled()) { 1247 if (IsAcceleratedVideoDecodeEnabled()) {
1248 // Accelerated video decode needs to open /dev/dri/card0, and 1248 // Accelerated video decode needs to open /dev/dri/card0, and
1249 // dup()'ing an already open file descriptor does not work. 1249 // dup()'ing an already open file descriptor does not work.
1250 // Allow open() even though it severely weakens the sandbox, 1250 // Allow open() even though it severely weakens the sandbox,
1251 // to test the sandboxing mechanism in general. 1251 // to test the sandboxing mechanism in general.
1252 // TODO(jorgelo): remove this once we solve the libva issue. 1252 // TODO(jorgelo): remove this once we solve the libva issue.
1253 return ErrorCode(ErrorCode::ERR_ALLOWED); 1253 return ErrorCode(ErrorCode::ERR_ALLOWED);
1254 } else { 1254 } else {
1255 // Hook open() in the GPU process to allow opening /etc/drirc, 1255 // Hook open() in the GPU process to allow opening /etc/drirc,
1256 // needed by Mesa. 1256 // needed by Mesa.
1257 // The hook needs dup(), lseek(), and close() to be allowed. 1257 // The hook needs dup(), lseek(), and close() to be allowed.
1258 return Sandbox::UnsafeTrap(GpuOpenSIGSYS_Handler, NULL); 1258 return Sandbox::Trap(GpuOpenSIGSYS_Handler, NULL);
1259 } 1259 }
1260 default: 1260 default:
1261 if (IsEventFd(sysno)) 1261 if (IsEventFd(sysno))
1262 return ErrorCode(ErrorCode::ERR_ALLOWED); 1262 return ErrorCode(ErrorCode::ERR_ALLOWED);
1263 1263
1264 // Default on the baseline policy. 1264 // Default on the baseline policy.
1265 return BaselinePolicy(sysno); 1265 return BaselinePolicy(sysno);
1266 } 1266 }
1267 } 1267 }
1268 1268
(...skipping 212 matching lines...) Expand 10 before | Expand all | Expand 10 after
1481 // should enable it, enable it or die. 1481 // should enable it, enable it or die.
1482 bool started_sandbox = StartBpfSandbox(command_line, process_type); 1482 bool started_sandbox = StartBpfSandbox(command_line, process_type);
1483 CHECK(started_sandbox); 1483 CHECK(started_sandbox);
1484 return true; 1484 return true;
1485 } 1485 }
1486 #endif 1486 #endif
1487 return false; 1487 return false;
1488 } 1488 }
1489 1489
1490 } // namespace content 1490 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698