sandbox: Extend BrokerPolicy to support file creation

content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc

Index: content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc
diff --git a/content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc b/content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc
index 20b8f94ea544d5c40fb55ec7caeaed2f118a04ae..007356c659518cd61f47a0d142d18dd7b403e52e 100644
--- a/content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc
+++ b/content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.cc
@@ -25,7 +25,13 @@
 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h"
 #include "sandbox/linux/services/linux_syscalls.h"
+#include "sandbox/linux/syscall_broker/broker_process.h"
 
+using sandbox::syscall_broker::BrokerFilePermission;
+using sandbox::syscall_broker::BrokerFilePermissionReadOnly;
+using sandbox::syscall_broker::BrokerFilePermissionReadWrite;
+using sandbox::syscall_broker::
+    BrokerFilePermissionReadWriteCreateUnlinkRecursive;
 using sandbox::SyscallSets;
 using sandbox::bpf_dsl::Allow;
 using sandbox::bpf_dsl::Arg;
@@ -53,8 +59,7 @@ inline bool IsArchitectureArm() {
 #endif
 }
 
-void AddArmMaliGpuWhitelist(std::vector<std::string>* read_whitelist,
-                            std::vector<std::string>* write_whitelist) {
+void AddArmMaliGpuWhitelist(std::vector<BrokerFilePermission>* permissions) {

[Jorge Lucangeli Obes, 2014/11/14 18:48:06]

Does it make sense to split this CL in two and first add the
BrokerFilePermission class, and then change the policies? It's already a big CL.

[leecam, 2014/11/18 21:40:53]

Not changing the behavior of the policies here but I have changed the
BrokerProcess API so I need to fix up all the users of it.

I have another CL which changes the policy to make DRI3 work

   // Device file needed by the ARM GPU userspace.
   static const char kMali0Path[] = "/dev/mali0";
 
@@ -65,19 +70,13 @@ void AddArmMaliGpuWhitelist(std::vector<std::string>* read_whitelist,
   // Devices needed for video encode acceleration on ARM.
   static const char kDevMfcEncPath[] = "/dev/mfc-enc";
 
-  read_whitelist->push_back(kMali0Path);
-  read_whitelist->push_back(kDevMfcDecPath);
-  read_whitelist->push_back(kDevGsc1Path);
-  read_whitelist->push_back(kDevMfcEncPath);
-
-  write_whitelist->push_back(kMali0Path);
-  write_whitelist->push_back(kDevMfcDecPath);
-  write_whitelist->push_back(kDevGsc1Path);
-  write_whitelist->push_back(kDevMfcEncPath);
+  permissions->push_back(BrokerFilePermissionReadWrite(kMali0Path));
+  permissions->push_back(BrokerFilePermissionReadWrite(kDevMfcDecPath));
+  permissions->push_back(BrokerFilePermissionReadWrite(kDevGsc1Path));
+  permissions->push_back(BrokerFilePermissionReadWrite(kDevMfcEncPath));
 }
 
-void AddArmGpuWhitelist(std::vector<std::string>* read_whitelist,
-                        std::vector<std::string>* write_whitelist) {
+void AddArmGpuWhitelist(std::vector<BrokerFilePermission>* permissions) {
   // On ARM we're enabling the sandbox before the X connection is made,
   // so we need to allow access to |.Xauthority|.
   static const char kXAuthorityPath[] = "/home/chronos/.Xauthority";
@@ -87,12 +86,12 @@ void AddArmGpuWhitelist(std::vector<std::string>* read_whitelist,
   static const char kLibGlesPath[] = "/usr/lib/libGLESv2.so.2";
   static const char kLibEglPath[] = "/usr/lib/libEGL.so.1";
 
-  read_whitelist->push_back(kXAuthorityPath);
-  read_whitelist->push_back(kLdSoCache);
-  read_whitelist->push_back(kLibGlesPath);
-  read_whitelist->push_back(kLibEglPath);
+  permissions->push_back(BrokerFilePermissionReadOnly(kXAuthorityPath));
+  permissions->push_back(BrokerFilePermissionReadOnly(kLdSoCache));
+  permissions->push_back(BrokerFilePermissionReadOnly(kLibGlesPath));
+  permissions->push_back(BrokerFilePermissionReadOnly(kLibEglPath));
 
-  AddArmMaliGpuWhitelist(read_whitelist, write_whitelist);
+  AddArmMaliGpuWhitelist(permissions);
 }
 
 class CrosArmGpuBrokerProcessPolicy : public CrosArmGpuProcessPolicy {
@@ -163,14 +162,12 @@ bool CrosArmGpuProcessPolicy::PreSandboxHook() {
   // Create a new broker process.
   DCHECK(!broker_process());
 
-  std::vector<std::string> read_whitelist_extra;
-  std::vector<std::string> write_whitelist_extra;
   // Add ARM-specific files to whitelist in the broker.
+  std::vector<BrokerFilePermission> permissions;
+
+  AddArmGpuWhitelist(&permissions);
 
-  AddArmGpuWhitelist(&read_whitelist_extra, &write_whitelist_extra);
-  InitGpuBrokerProcess(CrosArmGpuBrokerProcessPolicy::Create,
-                       read_whitelist_extra,
-                       write_whitelist_extra);
+  InitGpuBrokerProcess(CrosArmGpuBrokerProcessPolicy::Create, permissions);
 
   const int dlopen_flag = RTLD_NOW | RTLD_GLOBAL | RTLD_NODELETE;