| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <asm/unistd.h> | 5 #include <asm/unistd.h> |
| 6 #include <dlfcn.h> | 6 #include <dlfcn.h> |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <fcntl.h> | 8 #include <fcntl.h> |
| 9 #include <linux/audit.h> | 9 #include <linux/audit.h> |
| 10 #include <linux/filter.h> | 10 #include <linux/filter.h> |
| (...skipping 996 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1007 bool IsSystemVIpc(int sysno) { | 1007 bool IsSystemVIpc(int sysno) { |
| 1008 switch (sysno) { | 1008 switch (sysno) { |
| 1009 case __NR_ipc: | 1009 case __NR_ipc: |
| 1010 return true; | 1010 return true; |
| 1011 default: | 1011 default: |
| 1012 return false; | 1012 return false; |
| 1013 } | 1013 } |
| 1014 } | 1014 } |
| 1015 #endif | 1015 #endif |
| 1016 | 1016 |
| 1017 bool IsAnySystemV(int sysno) { |
| 1018 #if defined(__x86_64__) || defined(__arm__) |
| 1019 return IsSystemVMessageQueue(sysno) || |
| 1020 IsSystemVSemaphores(sysno) || |
| 1021 IsSystemVSharedMemory(sysno); |
| 1022 #elif defined(__i386__) |
| 1023 return IsSystemVIpc(sysno); |
| 1024 #endif |
| 1025 } |
| 1026 |
| 1017 bool IsAdvancedScheduler(int sysno) { | 1027 bool IsAdvancedScheduler(int sysno) { |
| 1018 switch (sysno) { | 1028 switch (sysno) { |
| 1019 case __NR_ioprio_get: // IO scheduler. | 1029 case __NR_ioprio_get: // IO scheduler. |
| 1020 case __NR_ioprio_set: | 1030 case __NR_ioprio_set: |
| 1021 case __NR_sched_get_priority_max: | 1031 case __NR_sched_get_priority_max: |
| 1022 case __NR_sched_get_priority_min: | 1032 case __NR_sched_get_priority_min: |
| 1023 case __NR_sched_getaffinity: | 1033 case __NR_sched_getaffinity: |
| 1024 case __NR_sched_getparam: | 1034 case __NR_sched_getparam: |
| 1025 case __NR_sched_getscheduler: | 1035 case __NR_sched_getscheduler: |
| 1026 case __NR_sched_rr_get_interval: | 1036 case __NR_sched_rr_get_interval: |
| (...skipping 198 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1225 #if defined(__x86_64__) | 1235 #if defined(__x86_64__) |
| 1226 IsNetworkSocketInformation(sysno) || | 1236 IsNetworkSocketInformation(sysno) || |
| 1227 #endif | 1237 #endif |
| 1228 IsNuma(sysno) || | 1238 IsNuma(sysno) || |
| 1229 IsProcessGroupOrSession(sysno) || | 1239 IsProcessGroupOrSession(sysno) || |
| 1230 IsProcessPrivilegeChange(sysno) || | 1240 IsProcessPrivilegeChange(sysno) || |
| 1231 #if defined(__i386__) | 1241 #if defined(__i386__) |
| 1232 IsSocketCall(sysno) || // We'll need to handle this properly to build | 1242 IsSocketCall(sysno) || // We'll need to handle this properly to build |
| 1233 // a x86_32 policy. | 1243 // a x86_32 policy. |
| 1234 #endif | 1244 #endif |
| 1235 #if defined(__x86_64__) || defined(__arm__) | |
| 1236 IsSystemVMessageQueue(sysno) || | |
| 1237 IsSystemVSemaphores(sysno) || | |
| 1238 IsSystemVSharedMemory(sysno) || | |
| 1239 #elif defined(__i386__) | |
| 1240 IsSystemVIpc(sysno) || | |
| 1241 #endif | |
| 1242 #if defined(__arm__) | 1245 #if defined(__arm__) |
| 1243 IsArmPciConfig(sysno) || | 1246 IsArmPciConfig(sysno) || |
| 1244 #endif | 1247 #endif |
| 1245 IsTimer(sysno)) { | 1248 IsTimer(sysno)) { |
| 1246 return true; | 1249 return true; |
| 1247 } else { | 1250 } else { |
| 1248 return false; | 1251 return false; |
| 1249 } | 1252 } |
| 1250 } | 1253 } |
| 1251 | 1254 |
| (...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1407 if (sysno == __NR_fcntl64) | 1410 if (sysno == __NR_fcntl64) |
| 1408 return ErrorCode(ErrorCode::ERR_ALLOWED); | 1411 return ErrorCode(ErrorCode::ERR_ALLOWED); |
| 1409 #endif | 1412 #endif |
| 1410 | 1413 |
| 1411 // TODO(jln): some system calls in those sets are not supposed to | 1414 // TODO(jln): some system calls in those sets are not supposed to |
| 1412 // return ENOENT. Return the appropriate error. | 1415 // return ENOENT. Return the appropriate error. |
| 1413 if (IsFileSystem(sysno) || IsCurrentDirectory(sysno)) { | 1416 if (IsFileSystem(sysno) || IsCurrentDirectory(sysno)) { |
| 1414 return ErrorCode(ENOENT); | 1417 return ErrorCode(ENOENT); |
| 1415 } | 1418 } |
| 1416 | 1419 |
| 1420 if (IsAnySystemV(sysno)) { |
| 1421 return ErrorCode(EPERM); |
| 1422 } |
| 1423 |
| 1417 if (IsUmask(sysno) || IsDeniedFileSystemAccessViaFd(sysno) || | 1424 if (IsUmask(sysno) || IsDeniedFileSystemAccessViaFd(sysno) || |
| 1418 IsDeniedGetOrModifySocket(sysno)) { | 1425 IsDeniedGetOrModifySocket(sysno)) { |
| 1419 return ErrorCode(EPERM); | 1426 return ErrorCode(EPERM); |
| 1420 } | 1427 } |
| 1421 | 1428 |
| 1422 #if defined(__i386__) | 1429 #if defined(__i386__) |
| 1423 if (IsSocketCall(sysno)) | 1430 if (IsSocketCall(sysno)) |
| 1424 return RestrictSocketcallCommand(sandbox); | 1431 return RestrictSocketcallCommand(sandbox); |
| 1425 #endif | 1432 #endif |
| 1426 | 1433 |
| (...skipping 21 matching lines...) Expand all Loading... |
| 1448 case __NR_mprotect: | 1455 case __NR_mprotect: |
| 1449 case __NR_sched_getaffinity: | 1456 case __NR_sched_getaffinity: |
| 1450 case __NR_sched_setaffinity: | 1457 case __NR_sched_setaffinity: |
| 1451 case __NR_setpriority: | 1458 case __NR_setpriority: |
| 1452 return ErrorCode(ErrorCode::ERR_ALLOWED); | 1459 return ErrorCode(ErrorCode::ERR_ALLOWED); |
| 1453 case __NR_access: | 1460 case __NR_access: |
| 1454 case __NR_open: | 1461 case __NR_open: |
| 1455 case __NR_openat: | 1462 case __NR_openat: |
| 1456 return sandbox->Trap(GpuSIGSYS_Handler, broker_process); | 1463 return sandbox->Trap(GpuSIGSYS_Handler, broker_process); |
| 1457 default: | 1464 default: |
| 1458 #if defined(__x86_64__) || defined(__arm__) | |
| 1459 if (IsSystemVSharedMemory(sysno)) | |
| 1460 return ErrorCode(EACCES); | |
| 1461 #endif | |
| 1462 if (IsEventFd(sysno)) | 1465 if (IsEventFd(sysno)) |
| 1463 return ErrorCode(ErrorCode::ERR_ALLOWED); | 1466 return ErrorCode(ErrorCode::ERR_ALLOWED); |
| 1464 | 1467 |
| 1465 // Default on the baseline policy. | 1468 // Default on the baseline policy. |
| 1466 return BaselinePolicy(sandbox, sysno); | 1469 return BaselinePolicy(sandbox, sysno); |
| 1467 } | 1470 } |
| 1468 } | 1471 } |
| 1469 | 1472 |
| 1470 // x86_64/i386. | 1473 // x86_64/i386. |
| 1471 // A GPU broker policy is the same as a GPU policy with open and | 1474 // A GPU broker policy is the same as a GPU policy with open and |
| (...skipping 427 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1899 // should enable it, enable it or die. | 1902 // should enable it, enable it or die. |
| 1900 bool started_sandbox = StartBpfSandbox(command_line, process_type); | 1903 bool started_sandbox = StartBpfSandbox(command_line, process_type); |
| 1901 CHECK(started_sandbox); | 1904 CHECK(started_sandbox); |
| 1902 return true; | 1905 return true; |
| 1903 } | 1906 } |
| 1904 #endif | 1907 #endif |
| 1905 return false; | 1908 return false; |
| 1906 } | 1909 } |
| 1907 | 1910 |
| 1908 } // namespace content | 1911 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 16266014:
Linux Sandbox: EPERM any system V IPC in the baseline (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src