OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include <string> | |
6 | |
7 #include "base/command_line.h" | |
8 #include "base/logging.h" | |
9 #include "content/common/sandbox_linux.h" | |
10 #include "content/public/common/content_switches.h" | |
11 #include "content/public/common/sandbox_init.h" | |
12 | |
13 namespace content { | |
14 | |
15 // TODO(jln): have call sites provide a process / policy type to | |
16 // InitializeSandbox(). | |
17 bool InitializeSandbox() { | |
18 bool seccomp_legacy_started = false; | |
19 bool seccomp_bpf_started = false; | |
20 LinuxSandbox* linux_sandbox = LinuxSandbox::GetInstance(); | |
21 const std::string process_type = | |
22 CommandLine::ForCurrentProcess()->GetSwitchValueASCII( | |
23 switches::kProcessType); | |
24 | |
25 // No matter what, it's always an error to call InitializeSandbox() after | |
26 // threads have been created. | |
27 if (!linux_sandbox->IsSingleThreaded()) { | |
28 std::string error_message = "InitializeSandbox() called with multiple " | |
29 "threads in process " + process_type; | |
30 // TODO(jln): change this into a CHECK() once we are more comfortable it | |
31 // does not trigger. | |
32 LOG(ERROR) << error_message; | |
33 return false; | |
34 } | |
35 | |
36 // Attempt to limit the future size of the address space of the process. | |
37 linux_sandbox->LimitAddressSpace(process_type); | |
38 | |
39 // First, try to enable seccomp-bpf. | |
40 seccomp_bpf_started = linux_sandbox->StartSeccompBpf(process_type); | |
41 | |
42 // If that fails, try to enable seccomp-legacy. | |
43 if (!seccomp_bpf_started) { | |
44 seccomp_legacy_started = linux_sandbox->StartSeccompLegacy(process_type); | |
45 } | |
46 | |
47 return seccomp_legacy_started || seccomp_bpf_started; | |
48 } | |
49 | |
50 } // namespace content | |
OLD | NEW |