OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <dirent.h> | 5 #include <dirent.h> |
6 #include <fcntl.h> | 6 #include <fcntl.h> |
7 #include <sys/resource.h> | 7 #include <sys/resource.h> |
8 #include <sys/stat.h> | 8 #include <sys/stat.h> |
9 #include <sys/time.h> | 9 #include <sys/time.h> |
10 #include <sys/types.h> | 10 #include <sys/types.h> |
(...skipping 10 matching lines...) Expand all Loading... | |
21 #include "base/files/scoped_file.h" | 21 #include "base/files/scoped_file.h" |
22 #include "base/logging.h" | 22 #include "base/logging.h" |
23 #include "base/macros.h" | 23 #include "base/macros.h" |
24 #include "base/memory/scoped_ptr.h" | 24 #include "base/memory/scoped_ptr.h" |
25 #include "base/memory/singleton.h" | 25 #include "base/memory/singleton.h" |
26 #include "base/posix/eintr_wrapper.h" | 26 #include "base/posix/eintr_wrapper.h" |
27 #include "base/strings/string_number_conversions.h" | 27 #include "base/strings/string_number_conversions.h" |
28 #include "base/sys_info.h" | 28 #include "base/sys_info.h" |
29 #include "base/time/time.h" | 29 #include "base/time/time.h" |
30 #include "build/build_config.h" | 30 #include "build/build_config.h" |
31 #include "content/common/sandbox_linux/sandbox_debug_handling_linux.h" | |
32 #include "content/common/sandbox_linux/sandbox_linux.h" | 31 #include "content/common/sandbox_linux/sandbox_linux.h" |
33 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" | 32 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h" |
34 #include "content/public/common/content_switches.h" | 33 #include "content/public/common/content_switches.h" |
35 #include "content/public/common/sandbox_linux.h" | 34 #include "content/public/common/sandbox_linux.h" |
36 #include "sandbox/linux/services/credentials.h" | 35 #include "sandbox/linux/services/credentials.h" |
37 #include "sandbox/linux/services/namespace_sandbox.h" | 36 #include "sandbox/linux/services/namespace_sandbox.h" |
38 #include "sandbox/linux/services/proc_util.h" | 37 #include "sandbox/linux/services/proc_util.h" |
39 #include "sandbox/linux/services/resource_limits.h" | 38 #include "sandbox/linux/services/resource_limits.h" |
40 #include "sandbox/linux/services/thread_helpers.h" | 39 #include "sandbox/linux/services/thread_helpers.h" |
41 #include "sandbox/linux/services/yama.h" | 40 #include "sandbox/linux/services/yama.h" |
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
178 CHECK(sandbox::Credentials::MoveToNewUserNS()); | 177 CHECK(sandbox::Credentials::MoveToNewUserNS()); |
179 // Note: this requires SealSandbox() to be called later in this process to be | 178 // Note: this requires SealSandbox() to be called later in this process to be |
180 // safe, as this class is keeping a file descriptor to /proc/. | 179 // safe, as this class is keeping a file descriptor to /proc/. |
181 CHECK(sandbox::Credentials::DropFileSystemAccess(proc_fd_)); | 180 CHECK(sandbox::Credentials::DropFileSystemAccess(proc_fd_)); |
182 | 181 |
183 // We do not drop CAP_SYS_ADMIN because we need it to place each child process | 182 // We do not drop CAP_SYS_ADMIN because we need it to place each child process |
184 // in its own PID namespace later on. | 183 // in its own PID namespace later on. |
185 std::vector<sandbox::Credentials::Capability> caps; | 184 std::vector<sandbox::Credentials::Capability> caps; |
186 caps.push_back(sandbox::Credentials::Capability::SYS_ADMIN); | 185 caps.push_back(sandbox::Credentials::Capability::SYS_ADMIN); |
187 CHECK(sandbox::Credentials::SetCapabilities(proc_fd_, caps)); | 186 CHECK(sandbox::Credentials::SetCapabilities(proc_fd_, caps)); |
188 | |
189 // This needs to happen after moving to a new user NS, since doing so involves | |
190 // writing the UID/GID map. | |
191 CHECK(SandboxDebugHandling::SetDumpableStatusAndHandlers()); | |
rickyz (no longer on Chrome)
2015/12/11 02:04:44
Do we care about the crash test handler that insta
jln (very slow on Chromium)
2015/12/11 17:53:43
Yeah, it's kind of ugly, but one can always pass -
| |
192 } | 187 } |
193 | 188 |
194 std::vector<int> LinuxSandbox::GetFileDescriptorsToClose() { | 189 std::vector<int> LinuxSandbox::GetFileDescriptorsToClose() { |
195 std::vector<int> fds; | 190 std::vector<int> fds; |
196 if (proc_fd_ >= 0) { | 191 if (proc_fd_ >= 0) { |
197 fds.push_back(proc_fd_); | 192 fds.push_back(proc_fd_); |
198 } | 193 } |
199 return fds; | 194 return fds; |
200 } | 195 } |
201 | 196 |
(...skipping 244 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
446 | 441 |
447 void LinuxSandbox::StopThreadAndEnsureNotCounted(base::Thread* thread) const { | 442 void LinuxSandbox::StopThreadAndEnsureNotCounted(base::Thread* thread) const { |
448 DCHECK(thread); | 443 DCHECK(thread); |
449 base::ScopedFD proc_fd(OpenProc(proc_fd_)); | 444 base::ScopedFD proc_fd(OpenProc(proc_fd_)); |
450 PCHECK(proc_fd.is_valid()); | 445 PCHECK(proc_fd.is_valid()); |
451 CHECK( | 446 CHECK( |
452 sandbox::ThreadHelpers::StopThreadAndWatchProcFS(proc_fd.get(), thread)); | 447 sandbox::ThreadHelpers::StopThreadAndWatchProcFS(proc_fd.get(), thread)); |
453 } | 448 } |
454 | 449 |
455 } // namespace content | 450 } // namespace content |
OLD | NEW |