Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(298)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 250773003: NaCl Linux: create NaClSandbox class (Closed)

Created:
6 years, 8 months ago by jln (very slow on Chromium)
Modified:
6 years, 7 months ago
Reviewers:
Mark Seaborn
CC:
chromium-reviews, agl, jln+watch_chromium.org, hamaji, elijahtaylor1
Visibility:
Public.

Description

NaCl Linux: create NaClSandbox class We create a new NaClSandbox class, with InitializeLayerOneSandbox() and InitializeLayerTwoSandbox() methods. This class centralizes existing code and adds important security checks as to whether or not threads are running or directory file descriptors are open. BUG=359230, 358719 R=mseaborn@chromium.org Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=266735

Patch Set 1 : #

Patch Set 2 : Nits. #

Patch Set 3 : Split policy matching function. #

Patch Set 4 : Nits. #

Patch Set 5 : Rebase #

Patch Set 6 : Minor namespace cleanup. #

Total comments: 18

Patch Set 7 : Address nits. #

Unified diffs Side-by-side diffs Delta from patch set Stats (+278 lines, -271 lines) Patch
M components/nacl.gyp View 2 chunks +2 lines, -1 line 0 comments Download
D components/nacl/loader/OWNERS View 1 chunk +0 lines, -2 lines 0 comments Download
M components/nacl/loader/nacl_helper_linux.cc View 1 2 3 4 13 chunks +30 lines, -82 lines 0 comments Download
D components/nacl/loader/nacl_sandbox_linux.h View 1 chunk +0 lines, -10 lines 0 comments Download
D components/nacl/loader/nacl_sandbox_linux.cc View 1 chunk +0 lines, -174 lines 0 comments Download
A components/nacl/loader/sandbox_linux/OWNERS View 1 chunk +2 lines, -0 lines 0 comments Download
A components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.h View 1 2 3 4 5 1 chunk +14 lines, -0 lines 0 comments Download
A + components/nacl/loader/sandbox_linux/nacl_bpf_sandbox_linux.cc View 1 2 3 4 5 3 chunks +5 lines, -1 line 0 comments Download
A components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h View 1 2 3 4 5 6 1 chunk +76 lines, -0 lines 0 comments Download
A components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc View 1 2 3 4 5 6 1 chunk +148 lines, -0 lines 0 comments Download
M sandbox/linux/services/credentials.cc View 1 chunk +1 line, -1 line 0 comments Download

Messages

Total messages: 7 (0 generated)
jln (very slow on Chromium)
Mark: PTAL! hamaji, elijahtaylor1: FYI It would probably make sense to move nonsfi/nonsfi_sandbox* to sandbox_linux ...
6 years, 8 months ago (2014-04-25 01:39:33 UTC) #1
jln (very slow on Chromium)
Friendly ping? This CL should be quick to review, it's mostly moving code around.
6 years, 7 months ago (2014-04-28 23:08:38 UTC) #2
Mark Seaborn
LGTM. It was a bit difficult to follow the moving around of code, but I ...
6 years, 7 months ago (2014-04-29 00:28:22 UTC) #3
jln (very slow on Chromium)
Thanks Mark! https://chromiumcodereview.appspot.com/250773003/diff/150001/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc File components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc (right): https://chromiumcodereview.appspot.com/250773003/diff/150001/components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc#newcode119 components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc:119: static const char kItIsDangerousMsg[] = " it ...
6 years, 7 months ago (2014-04-29 01:28:31 UTC) #4
jln (very slow on Chromium)
The CQ bit was checked by jln@chromium.org
6 years, 7 months ago (2014-04-29 01:38:27 UTC) #5
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/jln@chromium.org/250773003/160001
6 years, 7 months ago (2014-04-29 01:40:23 UTC) #6
jln (very slow on Chromium)
6 years, 7 months ago (2014-04-29 01:54:03 UTC) #7
Message was sent while issue was closed. 
Committed patchset #7 manually as r266735 (presubmit successful).

Powered by Google App Engine
This is Rietveld 408576698