OLD | NEW |
---|---|
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_HELPERS_BASELINE_POLICY_H_ | 5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_HELPERS_BASELINE_POLICY_H_ |
6 #define SANDBOX_LINUX_SECCOMP_BPF_HELPERS_BASELINE_POLICY_H_ | 6 #define SANDBOX_LINUX_SECCOMP_BPF_HELPERS_BASELINE_POLICY_H_ |
7 | 7 |
8 #include "sandbox/linux/sandbox_export.h" | 8 #include "sandbox/linux/sandbox_export.h" |
9 #include "sandbox/linux/seccomp-bpf/errorcode.h" | 9 #include "sandbox/linux/seccomp-bpf/errorcode.h" |
10 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h" | 10 #include "sandbox/linux/seccomp-bpf/sandbox_bpf_policy.h" |
11 | 11 |
12 namespace sandbox { | 12 namespace sandbox { |
13 | 13 |
14 class SandboxBPF; | 14 class SandboxBPF; |
15 class SandboxBPFPolicy; | 15 class SandboxBPFPolicy; |
16 | 16 |
17 // This is a helper to build seccomp-bpf policies, i.e. policies for a sandbox | 17 // This is a helper to build seccomp-bpf policies, i.e. policies for a sandbox |
18 // that reduces the Linux kernel's attack surface. Given its nature, it doesn't | 18 // that reduces the Linux kernel's attack surface. Given its nature, it doesn't |
19 // have a clear semantics and is mostly "implementation-defined". | 19 // have a clear semantics and is mostly "implementation-defined". |
20 // | 20 // |
21 // This returns an object that implements the SandboxBPFPolicy interface with | 21 // This class implements the SandboxBPFPolicy interface with a "baseline" |
22 // a "baseline" policy within Chromium. | 22 // policy for us within Chromium. |
23 // The "baseline" policy is somewhat arbitrary. All Chromium policies are an | 23 // The "baseline" policy is somewhat arbitrary. All Chromium policies are an |
24 // alteration of it, and it represents a reasonable common ground to run most | 24 // alteration of it, and it represents a reasonable common ground to run most |
25 // code in a sandboxed environment. | 25 // code in a sandboxed environment. |
26 // A baseline policy is only valid for the process for which this object was | |
27 // instanciated (so do not fork() and use it in a child). | |
Jorge Lucangeli Obes
2014/04/29 17:01:26
"instantiated"
jln (very slow on Chromium)
2014/04/29 18:19:52
Done.
| |
26 class SANDBOX_EXPORT BaselinePolicy : public SandboxBPFPolicy { | 28 class SANDBOX_EXPORT BaselinePolicy : public SandboxBPFPolicy { |
27 public: | 29 public: |
28 BaselinePolicy(); | 30 BaselinePolicy(); |
29 // |fs_denied_errno| is the errno returned when a filesystem access system | 31 // |fs_denied_errno| is the errno returned when a filesystem access system |
30 // call is denied. | 32 // call is denied. |
31 explicit BaselinePolicy(int fs_denied_errno); | 33 explicit BaselinePolicy(int fs_denied_errno); |
32 virtual ~BaselinePolicy(); | 34 virtual ~BaselinePolicy(); |
33 | 35 |
34 virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, | 36 virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler, |
35 int system_call_number) const OVERRIDE; | 37 int system_call_number) const OVERRIDE; |
36 | 38 |
37 private: | 39 private: |
38 int fs_denied_errno_; | 40 int fs_denied_errno_; |
41 pid_t current_pid_; | |
39 DISALLOW_COPY_AND_ASSIGN(BaselinePolicy); | 42 DISALLOW_COPY_AND_ASSIGN(BaselinePolicy); |
40 }; | 43 }; |
41 | 44 |
42 } // namespace sandbox. | 45 } // namespace sandbox. |
43 | 46 |
44 #endif // SANDBOX_LINUX_SECCOMP_BPF_HELPERS_BASELINE_POLICY_H_ | 47 #endif // SANDBOX_LINUX_SECCOMP_BPF_HELPERS_BASELINE_POLICY_H_ |
OLD | NEW |