Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(118)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/services/namespace_sandbox.cc

Issue 1158793003: Enable one PID namespace per process for NaCl processes. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Respond to comments. Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« sandbox/linux/services/namespace_sandbox.h ('K') | « sandbox/linux/services/namespace_sandbox.h ('k') | sandbox/linux/services/namespace_sandbox_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/linux/services/namespace_sandbox.h" 5 #include "sandbox/linux/services/namespace_sandbox.h"
6 6
7 #include <sched.h> 7 #include <sched.h>
8 #include <signal.h> 8 #include <signal.h>
9 #include <stdlib.h> 9 #include <stdlib.h>
10 #include <sys/types.h> 10 #include <sys/types.h>
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
70 int g_signal_exit_codes[64]; 70 int g_signal_exit_codes[64];
71 71
72 void TerminationSignalHandler(int sig) { 72 void TerminationSignalHandler(int sig) {
73 // Return a special exit code so that the process is detected as terminated by 73 // Return a special exit code so that the process is detected as terminated by
74 // a signal. 74 // a signal.
75 const size_t sig_idx = static_cast<size_t>(sig); 75 const size_t sig_idx = static_cast<size_t>(sig);
76 if (sig_idx < arraysize(g_signal_exit_codes)) { 76 if (sig_idx < arraysize(g_signal_exit_codes)) {
77 _exit(g_signal_exit_codes[sig_idx]); 77 _exit(g_signal_exit_codes[sig_idx]);
78 } 78 }
79 79
80 _exit(NamespaceSandbox::kDefaultExitCode); 80 _exit(NamespaceSandbox::SignalExitCode(sig));
81 } 81 }
82 #endif // !defined(OS_NACL_NONSFI) 82 #endif // !defined(OS_NACL_NONSFI)
83 83
84 } // namespace 84 } // namespace
85 85
86 #if !defined(OS_NACL_NONSFI) 86 #if !defined(OS_NACL_NONSFI)
87 // static 87 // static
88 base::Process NamespaceSandbox::LaunchProcess( 88 base::Process NamespaceSandbox::LaunchProcess(
89 const base::CommandLine& cmdline, 89 const base::CommandLine& cmdline,
90 const base::LaunchOptions& options) { 90 const base::LaunchOptions& options) {
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
150 return pid; 150 return pid;
151 } 151 }
152 152
153 // static 153 // static
154 void NamespaceSandbox::InstallDefaultTerminationSignalHandlers() { 154 void NamespaceSandbox::InstallDefaultTerminationSignalHandlers() {
155 static const int kDefaultTermSignals[] = { 155 static const int kDefaultTermSignals[] = {
156 SIGHUP, SIGINT, SIGABRT, SIGQUIT, SIGPIPE, SIGTERM, SIGUSR1, SIGUSR2, 156 SIGHUP, SIGINT, SIGABRT, SIGQUIT, SIGPIPE, SIGTERM, SIGUSR1, SIGUSR2,
157 }; 157 };
158 158
159 for (const int sig : kDefaultTermSignals) { 159 for (const int sig : kDefaultTermSignals) {
160 InstallTerminationSignalHandler(sig, kDefaultExitCode); 160 InstallTerminationSignalHandler(sig, SignalExitCode(sig));
161 } 161 }
162 } 162 }
163 163
164 // static 164 // static
165 bool NamespaceSandbox::InstallTerminationSignalHandler( 165 bool NamespaceSandbox::InstallTerminationSignalHandler(
166 int sig, 166 int sig,
167 int exit_code) { 167 int exit_code) {
168 struct sigaction old_action; 168 struct sigaction old_action;
169 PCHECK(sigaction(sig, nullptr, &old_action) == 0); 169 PCHECK(sigaction(sig, nullptr, &old_action) == 0);
170 170
(...skipping 28 matching lines...) Expand all
199 bool NamespaceSandbox::InNewPidNamespace() { 199 bool NamespaceSandbox::InNewPidNamespace() {
200 return getenv(kSandboxPIDNSEnvironmentVarName) != nullptr; 200 return getenv(kSandboxPIDNSEnvironmentVarName) != nullptr;
201 } 201 }
202 202
203 // static 203 // static
204 bool NamespaceSandbox::InNewNetNamespace() { 204 bool NamespaceSandbox::InNewNetNamespace() {
205 return getenv(kSandboxNETNSEnvironmentVarName) != nullptr; 205 return getenv(kSandboxNETNSEnvironmentVarName) != nullptr;
206 } 206 }
207 207
208 } // namespace sandbox 208 } // namespace sandbox
OLDNEW
« sandbox/linux/services/namespace_sandbox.h ('K') | « sandbox/linux/services/namespace_sandbox.h ('k') | sandbox/linux/services/namespace_sandbox_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698