| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ | 5 #ifndef CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ |
| 6 #define CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ | 6 #define CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> |
| 9 | 10 |
| 10 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 11 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 12 #include "content/public/common/sandbox_linux.h" | 13 #include "content/public/common/sandbox_linux.h" |
| 13 | 14 |
| 14 #if defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \ | 15 #if defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \ |
| 15 defined(THREAD_SANITIZER) || defined(LEAK_SANITIZER) || \ | 16 defined(THREAD_SANITIZER) || defined(LEAK_SANITIZER) || \ |
| 16 defined(UNDEFINED_SANITIZER) | 17 defined(UNDEFINED_SANITIZER) |
| 17 #include <sanitizer/common_interface_defs.h> | 18 #include <sanitizer/common_interface_defs.h> |
| 18 #define ANY_OF_AMTLU_SANITIZER 1 | 19 #define ANY_OF_AMTLU_SANITIZER 1 |
| (...skipping 23 matching lines...) Expand all Loading... |
| 42 METHOD_MAKE_SHARED_MEMORY_SEGMENT = 36, | 43 METHOD_MAKE_SHARED_MEMORY_SEGMENT = 36, |
| 43 METHOD_MATCH_WITH_FALLBACK = 37, | 44 METHOD_MATCH_WITH_FALLBACK = 37, |
| 44 }; | 45 }; |
| 45 | 46 |
| 46 // Get our singleton instance. | 47 // Get our singleton instance. |
| 47 static LinuxSandbox* GetInstance(); | 48 static LinuxSandbox* GetInstance(); |
| 48 | 49 |
| 49 // Do some initialization that can only be done before any of the sandboxes | 50 // Do some initialization that can only be done before any of the sandboxes |
| 50 // are enabled. If using the setuid sandbox, this should be called manually | 51 // are enabled. If using the setuid sandbox, this should be called manually |
| 51 // before the setuid sandbox is engaged. | 52 // before the setuid sandbox is engaged. |
| 53 // Security: When this runs, it is imperative that either InitializeSandbox() |
| 54 // runs as well or that all file descriptors returned in |
| 55 // GetFileDescriptorsToClose() |
| 56 // get closed. |
| 57 // Otherwise file descriptors that bypass the security of the setuid sandbox |
| 58 // would be kept open. One must be particularly careful if a process performs |
| 59 // a fork(). |
| 52 void PreinitializeSandbox(); | 60 void PreinitializeSandbox(); |
| 53 | 61 |
| 62 // Return a list of file descriptors to close if PreinitializeSandbox() ran |
| 63 // but |
| 64 // InitializeSandbox won't. Avoid using. |
| 65 // TODO(jln): get rid of this hack. |
| 66 std::vector<int> GetFileDescriptorsToClose(); |
| 67 |
| 54 // Initialize the sandbox with the given pre-built configuration. Currently | 68 // Initialize the sandbox with the given pre-built configuration. Currently |
| 55 // seccomp-bpf and address space limitations (the setuid sandbox works | 69 // seccomp-bpf and address space limitations (the setuid sandbox works |
| 56 // differently and is set-up in the Zygote). This will instantiate the | 70 // differently and is set-up in the Zygote). This will instantiate the |
| 57 // LinuxSandbox singleton if it doesn't already exist. | 71 // LinuxSandbox singleton if it doesn't already exist. |
| 58 // This function should only be called without any thread running. | 72 // This function should only be called without any thread running. |
| 59 static bool InitializeSandbox(); | 73 static bool InitializeSandbox(); |
| 60 | 74 |
| 61 // Stop |thread| in a way that can be trusted by the sandbox. | 75 // Stop |thread| in a way that can be trusted by the sandbox. |
| 62 static void StopThread(base::Thread* thread); | 76 static void StopThread(base::Thread* thread); |
| 63 | 77 |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 136 #if defined(ANY_OF_AMTLU_SANITIZER) | 150 #if defined(ANY_OF_AMTLU_SANITIZER) |
| 137 scoped_ptr<__sanitizer_sandbox_arguments> sanitizer_args_; | 151 scoped_ptr<__sanitizer_sandbox_arguments> sanitizer_args_; |
| 138 #endif | 152 #endif |
| 139 | 153 |
| 140 DISALLOW_COPY_AND_ASSIGN(LinuxSandbox); | 154 DISALLOW_COPY_AND_ASSIGN(LinuxSandbox); |
| 141 }; | 155 }; |
| 142 | 156 |
| 143 } // namespace content | 157 } // namespace content |
| 144 | 158 |
| 145 #endif // CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ | 159 #endif // CONTENT_COMMON_SANDBOX_LINUX_SANDBOX_LINUX_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 733303004:
Linux sandbox: change API to start the sandbox (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master