Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp-bpf/util.cc

Issue 12223109: SECCOMP-BPF: Refactor the BPF sandbox API to use fewer "static" fields and methods. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase (now, that the bitmask change has landed in the tree) Created 7 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« sandbox/linux/seccomp-bpf/sandbox_bpf.cc ('K') | « sandbox/linux/seccomp-bpf/util.h ('k') | sandbox/linux/seccomp-bpf/verifier.h » ('j') | sandbox/linux/seccomp-bpf/verifier.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <dirent.h> 5 #include <dirent.h>
6 #include <errno.h> 6 #include <errno.h>
7 #include <fcntl.h> 7 #include <fcntl.h>
8 #include <stdarg.h> 8 #include <stdarg.h>
9 #include <stdlib.h> 9 #include <stdlib.h>
10 #include <string.h> 10 #include <string.h>
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after
108 return false; 108 return false;
109 } 109 }
110 va_start(ap, len); 110 va_start(ap, len);
111 for (int *fd, i = 0; (fd = va_arg(ap, int *)) != NULL; ++i) { 111 for (int *fd, i = 0; (fd = va_arg(ap, int *)) != NULL; ++i) {
112 *fd = (reinterpret_cast<int *>(CMSG_DATA(cmsg)))[i]; 112 *fd = (reinterpret_cast<int *>(CMSG_DATA(cmsg)))[i];
113 } 113 }
114 va_end(ap); 114 va_end(ap);
115 return true; 115 return true;
116 } 116 }
117 117
118 void Util::CloseAllBut(int fd, ...) { 118 void Util::CloseAllBut(int proc_fd, int fd, ...) {
119 int proc_fd;
120 int fdir; 119 int fdir;
121 if ((proc_fd = Sandbox::proc_fd()) < 0 || 120 if (proc_fd < 0) {
121 proc_fd = open("/proc/", O_RDONLY|O_DIRECTORY);
122 }
123 if (proc_fd < 0 ||
122 (fdir = openat(proc_fd, "self/fd", O_RDONLY|O_DIRECTORY)) < 0) { 124 (fdir = openat(proc_fd, "self/fd", O_RDONLY|O_DIRECTORY)) < 0) {
123 SANDBOX_DIE("Cannot access \"/proc/self/fd\""); 125 SANDBOX_DIE("Cannot access \"/proc/self/fd\"");
124 } 126 }
125 int dev_null = open("/dev/null", O_RDWR); 127 int dev_null = open("/dev/null", O_RDWR);
126 DIR *dir = fdopendir(fdir); 128 DIR *dir = fdopendir(fdir);
127 struct dirent de, *res; 129 struct dirent de, *res;
128 while (!readdir_r(dir, &de, &res) && res) { 130 while (!readdir_r(dir, &de, &res) && res) {
129 if (res->d_name[0] < '0') { 131 if (res->d_name[0] < '0') {
130 continue; 132 continue;
131 } 133 }
(...skipping 23 matching lines...) Expand all
155 } 157 }
156 } 158 }
157 closedir(dir); 159 closedir(dir);
158 if (dev_null >= 0) { 160 if (dev_null >= 0) {
159 if (HANDLE_EINTR(close(dev_null))) { } 161 if (HANDLE_EINTR(close(dev_null))) { }
160 } 162 }
161 return; 163 return;
162 } 164 }
163 165
164 } // namespace 166 } // namespace
OLDNEW
« sandbox/linux/seccomp-bpf/sandbox_bpf.cc ('K') | « sandbox/linux/seccomp-bpf/util.h ('k') | sandbox/linux/seccomp-bpf/verifier.h » ('j') | sandbox/linux/seccomp-bpf/verifier.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698