Issue 12209029: Linux sandbox: restrict clone() in renderer processes.

Issue 12209029: Linux sandbox: restrict clone() in renderer processes. (Closed)

Created:
7 years, 10 months ago by jln (very slow on Chromium)

Modified:
7 years, 10 months ago

Reviewers:
Chris Evans

CC:
chromium-reviews, joi+watch-content_chromium.org, darin-cc_chromium.org, jam, jln+watch_chromium.org, Jorge Lucangeli Obes

Base URL:
svn://svn.chromium.org/chrome/trunk/src

Visibility:
Public.

More Reviews

Description

Linux sandbox: restrict clone() in renderer processes. In renderers, we restrict the use of clone() to the creation of threads. BUG=129097 NOTRY=true Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=180939

Patch Set 1 : #

Total comments: 10

Patch Set 2 : Only perform the restrictions on 64 bits x86. #

Total comments: 3

Patch Set 3 : Address nits. #

Patch Set 4 : Restrict to Linux. #

Patch Set 5 : Add crashing message in Debug builds. #

Created: 7 years, 10 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+34 lines, -0 lines)			Patch
	M	content/common/sandbox_seccomp_bpf_linux.cc	View	1 2 3 4	2 chunks	+34 lines, -0 lines	0 comments	Download

Messages

Total messages: 9 (0 generated)

Expand Messages | Collapse Messages

jln (very slow on Chromium)

Should be fairly safe, but slightly worried about 32 bits and fringe plugins.

7 years, 10 months ago (2013-02-06 01:40:43 UTC) #1

Chris Evans

https://codereview.chromium.org/12209029/diff/2001/content/common/sandbox_seccomp_bpf_linux.cc File content/common/sandbox_seccomp_bpf_linux.cc (right): https://codereview.chromium.org/12209029/diff/2001/content/common/sandbox_seccomp_bpf_linux.cc#newcode116 content/common/sandbox_seccomp_bpf_linux.cc:116: _exit(1); Is exit_group() better? https://codereview.chromium.org/12209029/diff/2001/content/common/sandbox_seccomp_bpf_linux.cc#newcode1259 content/common/sandbox_seccomp_bpf_linux.cc:1259: CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID, ...

7 years, 10 months ago (2013-02-06 03:27:59 UTC) #2

jln (very slow on Chromium)

7 years, 10 months ago (2013-02-06 03:32:31 UTC) #3

Chris Evans

https://codereview.chromium.org/12209029/diff/2001/content/common/sandbox_seccomp_bpf_linux.cc File content/common/sandbox_seccomp_bpf_linux.cc (right): https://codereview.chromium.org/12209029/diff/2001/content/common/sandbox_seccomp_bpf_linux.cc#newcode110 content/common/sandbox_seccomp_bpf_linux.cc:110: reinterpret_cast<volatile char*>(clone_flags & 0xFFFFFF); BTW, on 32-bit systems that's ...

7 years, 10 months ago (2013-02-06 03:36:11 UTC) #4

Chris Evans

7 years, 10 months ago (2013-02-06 03:37:25 UTC) #5

Chris Evans

LGTM with nits https://codereview.chromium.org/12209029/diff/8001/content/common/sandbox_seccomp_bpf_linux.cc File content/common/sandbox_seccomp_bpf_linux.cc (right): https://codereview.chromium.org/12209029/diff/8001/content/common/sandbox_seccomp_bpf_linux.cc#newcode112 content/common/sandbox_seccomp_bpf_linux.cc:112: // Hit the NULL page if ...

7 years, 10 months ago (2013-02-06 03:44:54 UTC) #6

jln (very slow on Chromium)

https://codereview.chromium.org/12209029/diff/8001/content/common/sandbox_seccomp_bpf_linux.cc File content/common/sandbox_seccomp_bpf_linux.cc (right): https://codereview.chromium.org/12209029/diff/8001/content/common/sandbox_seccomp_bpf_linux.cc#newcode112 content/common/sandbox_seccomp_bpf_linux.cc:112: // Hit the NULL page if this fails. On ...

7 years, 10 months ago (2013-02-06 04:00:51 UTC) #7

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/jln@chromium.org/12209029/1003

7 years, 10 months ago (2013-02-06 08:45:37 UTC) #8

Message was sent while issue was closed.

Change committed as 180939

Expand Messages | Collapse Messages