Chromium Code Reviews Chromium Code Reviews
Issue 188193002:
Linux sandbox: add basic Yama support (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "sandbox/linux/services/yama.h" | |
| 6 | |
| 7 #include <fcntl.h> | |
| 8 #include <sys/prctl.h> | |
| 9 #include <sys/stat.h> | |
| 10 #include <sys/types.h> | |
| 11 #include <unistd.h> | |
| 12 | |
| 13 #include "base/basictypes.h" | |
| 14 #include "base/file_util.h" | |
| 15 #include "base/logging.h" | |
| 16 #include "base/posix/eintr_wrapper.h" | |
| 17 | |
| 18 namespace sandbox { | |
| 19 | |
| 20 namespace { | |
| 21 | |
| 22 // Enable or disable the Yama ptracers restrictions. | |
| 23 // Return false if Yama is not present on this kernel. | |
| 24 bool SetYamaPtracersRestriction(bool enabled) { | |
| 25 unsigned long set_ptracer_arg; | |
| 26 if (enabled) { | |
| 27 set_ptracer_arg = 0; | |
| 28 } else { | |
| 29 set_ptracer_arg = PR_SET_PTRACER_ANY; | |
|
Kees Cook
2014/03/06 00:49:30
PR_SET_PTRACE_ANY is an extreme disabling state --
jln (very slow on Chromium)
2014/03/06 05:06:08
This is mostly for testing.
I've added a comment
| |
| 30 } | |
| 31 | |
| 32 const int ret = prctl(PR_SET_PTRACER, set_ptracer_arg); | |
| 33 const int prctl_errno = errno; | |
| 34 | |
| 35 if (0 == ret) { | |
| 36 return true; | |
| 37 } else { | |
| 38 // This means Yama is not available on this kernel and should be the | |
| 39 // only possibility of failure. | |
| 40 CHECK(ENOSYS == prctl_errno || EINVAL == prctl_errno); | |
| 41 return false; | |
| 42 } | |
| 43 } | |
| 44 | |
| 45 bool CanAccessProcFS() { | |
| 46 const char kProcfsKernelSysPath[] = "/proc/sys/kernel/"; | |
|
mdempsky
2014/03/06 01:56:28
Can this be made static? (kPtraceScopePath below
jln (very slow on Chromium)
2014/03/06 05:06:08
Done.
| |
| 47 struct stat buf; | |
| 48 int ret = stat(kProcfsKernelSysPath, &buf); | |
|
mdempsky
2014/03/06 01:56:28
Since you don't care about the 'stat' buf, would a
jln (very slow on Chromium)
2014/03/06 05:06:08
Done.
| |
| 49 if (ret) { | |
| 50 return false; | |
| 51 } | |
| 52 return true; | |
| 53 } | |
| 54 | |
| 55 } // namespace | |
| 56 | |
| 57 // static | |
| 58 bool Yama::RestrictPtracersToAncestors() { | |
| 59 return SetYamaPtracersRestriction(true /* enabled */); | |
| 60 } | |
| 61 | |
| 62 // static | |
| 63 bool Yama::DisableYamaRestrictions() { | |
| 64 return SetYamaPtracersRestriction(false /* enabled */); | |
| 65 } | |
| 66 | |
| 67 // static | |
| 68 Yama::GlobalStatus Yama::GetStatus() { | |
| 69 if (!CanAccessProcFS()) { | |
| 70 return STATUS_DONT_KNOW; | |
| 71 } | |
| 72 | |
| 73 const char kPtraceScopePath[] = "/proc/sys/kernel/yama/ptrace_scope"; | |
| 74 | |
| 75 int yama_scope = open(kPtraceScopePath, O_RDONLY); | |
| 76 | |
| 77 if (yama_scope < 0) { | |
| 78 const int open_errno = errno; | |
| 79 DCHECK(ENOENT == open_errno); | |
| 80 return STATUS_NOT_PRESENT; | |
| 81 } | |
| 82 | |
| 83 file_util::ScopedFDCloser yama_scope_closer(&yama_scope); | |
| 84 char yama_scope_value = 0; | |
| 85 ssize_t num_read = read(yama_scope, &yama_scope_value, 1); | |
| 86 PCHECK(1 == num_read); | |
| 87 | |
| 88 switch (yama_scope_value) { | |
| 89 case '0': | |
| 90 return STATUS_NOT_ENFORCING; | |
| 91 case '1': | |
| 92 case '2': | |
| 93 case '3': | |
| 94 return STATUS_ENFORCING; | |
| 95 default: | |
| 96 NOTREACHED(); | |
| 97 return STATUS_DONT_KNOW; | |
| 98 } | |
| 99 } | |
| 100 | |
| 101 // static | |
| 102 bool Yama::IsAvailable() { | |
| 103 const GlobalStatus status = GetStatus(); | |
| 104 return (STATUS_NOT_ENFORCING == status) || (STATUS_ENFORCING == status); | |
| 105 } | |
| 106 | |
| 107 } // namespace sandbox | |
| OLD | NEW |
