OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h" | 5 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <fcntl.h> | 8 #include <fcntl.h> |
9 #include <fcntl.h> | 9 #include <fcntl.h> |
10 #include <linux/net.h> | 10 #include <linux/net.h> |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
58 return false; | 58 return false; |
59 #endif | 59 #endif |
60 } | 60 } |
61 | 61 |
62 } // namespace. | 62 } // namespace. |
63 | 63 |
64 namespace sandbox { | 64 namespace sandbox { |
65 | 65 |
66 ErrorCode RestrictCloneToThreadsAndEPERMFork(SandboxBPF* sandbox) { | 66 ErrorCode RestrictCloneToThreadsAndEPERMFork(SandboxBPF* sandbox) { |
67 // Glibc's pthread. | 67 // Glibc's pthread. |
| 68 // TODO(jln): fix this on ASAN. |
68 if (!RunningOnASAN()) { | 69 if (!RunningOnASAN()) { |
69 return sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, | 70 return sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, |
70 CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | | 71 CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | |
71 CLONE_THREAD | CLONE_SYSVSEM | CLONE_SETTLS | | 72 CLONE_THREAD | CLONE_SYSVSEM | CLONE_SETTLS | |
72 CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID, | 73 CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID, |
73 ErrorCode(ErrorCode::ERR_ALLOWED), | 74 ErrorCode(ErrorCode::ERR_ALLOWED), |
74 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, | 75 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, |
75 CLONE_PARENT_SETTID | SIGCHLD, | 76 CLONE_PARENT_SETTID | SIGCHLD, |
76 ErrorCode(EPERM), | 77 ErrorCode(EPERM), |
77 // ARM | 78 // ARM |
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
205 SYS_SHUTDOWN, ErrorCode(ErrorCode::ERR_ALLOWED), | 206 SYS_SHUTDOWN, ErrorCode(ErrorCode::ERR_ALLOWED), |
206 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, | 207 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, |
207 SYS_SENDMSG, ErrorCode(ErrorCode::ERR_ALLOWED), | 208 SYS_SENDMSG, ErrorCode(ErrorCode::ERR_ALLOWED), |
208 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, | 209 sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, |
209 SYS_RECVMSG, ErrorCode(ErrorCode::ERR_ALLOWED), | 210 SYS_RECVMSG, ErrorCode(ErrorCode::ERR_ALLOWED), |
210 ErrorCode(EPERM))))))))); | 211 ErrorCode(EPERM))))))))); |
211 } | 212 } |
212 #endif | 213 #endif |
213 | 214 |
214 ErrorCode RestrictKillTarget(pid_t target_pid, SandboxBPF* sandbox, int sysno) { | 215 ErrorCode RestrictKillTarget(pid_t target_pid, SandboxBPF* sandbox, int sysno) { |
215 switch (sysno) { | 216 if (!RunningOnASAN()) { |
216 case __NR_kill: | 217 switch (sysno) { |
217 case __NR_tgkill: | 218 case __NR_kill: |
218 return sandbox->Cond(0, ErrorCode::TP_32BIT, ErrorCode::OP_EQUAL, | 219 case __NR_tgkill: |
219 target_pid, | 220 return sandbox->Cond(0, |
220 ErrorCode(ErrorCode::ERR_ALLOWED), | 221 ErrorCode::TP_32BIT, |
221 sandbox->Trap(SIGSYSKillFailure, NULL)); | 222 ErrorCode::OP_EQUAL, |
222 case __NR_tkill: | 223 target_pid, |
223 return sandbox->Trap(SIGSYSKillFailure, NULL); | 224 ErrorCode(ErrorCode::ERR_ALLOWED), |
224 default: | 225 sandbox->Trap(SIGSYSKillFailure, NULL)); |
225 NOTREACHED(); | 226 case __NR_tkill: |
226 return sandbox->Trap(CrashSIGSYS_Handler, NULL); | 227 return sandbox->Trap(SIGSYSKillFailure, NULL); |
| 228 default: |
| 229 NOTREACHED(); |
| 230 return sandbox->Trap(CrashSIGSYS_Handler, NULL); |
| 231 } |
| 232 } else { |
| 233 switch (sysno) { |
| 234 case __NR_kill: |
| 235 case __NR_tgkill: |
| 236 case __NR_tkill: |
| 237 // On ASAN, fork() is not properly denied. This could lead to the |
| 238 // strange failures we're observing with this policy on ASAN. |
| 239 // TODO(jln): fix this. |
| 240 return ErrorCode(ErrorCode::ERR_ALLOWED); |
| 241 default: |
| 242 NOTREACHED(); |
| 243 return sandbox->Trap(CrashSIGSYS_Handler, NULL); |
| 244 } |
227 } | 245 } |
228 } | 246 } |
229 | 247 |
230 } // namespace sandbox. | 248 } // namespace sandbox. |
OLD | NEW |