OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" | 5 #include "components/nacl/loader/sandbox_linux/nacl_sandbox_linux.h" |
6 | 6 |
7 #include <errno.h> | 7 #include <errno.h> |
8 #include <fcntl.h> | 8 #include <fcntl.h> |
9 #include <sys/prctl.h> | 9 #include <sys/prctl.h> |
10 #include <sys/stat.h> | 10 #include <sys/stat.h> |
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
108 // the setuid sandbox model. | 108 // the setuid sandbox model. |
109 CHECK(!HasOpenDirectory()); | 109 CHECK(!HasOpenDirectory()); |
110 | 110 |
111 // Get sandboxed. | 111 // Get sandboxed. |
112 CHECK(setuid_sandbox_client_->ChrootMe()); | 112 CHECK(setuid_sandbox_client_->ChrootMe()); |
113 CHECK(MaybeSetProcessNonDumpable()); | 113 CHECK(MaybeSetProcessNonDumpable()); |
114 CHECK(IsSandboxed()); | 114 CHECK(IsSandboxed()); |
115 layer_one_enabled_ = true; | 115 layer_one_enabled_ = true; |
116 } else if (sandbox::NamespaceSandbox::InNewUserNamespace()) { | 116 } else if (sandbox::NamespaceSandbox::InNewUserNamespace()) { |
117 CHECK(sandbox::Credentials::MoveToNewUserNS()); | 117 CHECK(sandbox::Credentials::MoveToNewUserNS()); |
118 // This relies on SealLayerOneSandbox() to be called later. | |
119 CHECK(!HasOpenDirectory()); | |
mdempsky
2015/02/12 03:07:14
This matches the ordering under IsSuidSandboxChild
jln (very slow on Chromium)
2015/02/12 03:25:28
We actually also do that as part of the "sealing".
| |
118 CHECK(sandbox::Credentials::DropFileSystemAccess()); | 120 CHECK(sandbox::Credentials::DropFileSystemAccess()); |
121 CHECK(IsSingleThreaded()); | |
119 CHECK(sandbox::Credentials::DropAllCapabilities()); | 122 CHECK(sandbox::Credentials::DropAllCapabilities()); |
120 CHECK(IsSandboxed()); | 123 CHECK(IsSandboxed()); |
121 layer_one_enabled_ = true; | 124 layer_one_enabled_ = true; |
122 } | 125 } |
123 } | 126 } |
124 | 127 |
125 void NaClSandbox::CheckForExpectedNumberOfOpenFds() { | 128 void NaClSandbox::CheckForExpectedNumberOfOpenFds() { |
126 // We expect to have the following FDs open: | 129 // We expect to have the following FDs open: |
127 // 1-3) stdin, stdout, stderr. | 130 // 1-3) stdin, stdout, stderr. |
128 // 4) The /dev/urandom FD used by base::GetUrandomFD(). | 131 // 4) The /dev/urandom FD used by base::GetUrandomFD(). |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
195 static const char kNoBpfMsg[] = | 198 static const char kNoBpfMsg[] = |
196 "The seccomp-bpf sandbox is not engaged for NaCl:"; | 199 "The seccomp-bpf sandbox is not engaged for NaCl:"; |
197 if (can_be_no_sandbox) | 200 if (can_be_no_sandbox) |
198 LOG(ERROR) << kNoBpfMsg << kItIsDangerousMsg; | 201 LOG(ERROR) << kNoBpfMsg << kItIsDangerousMsg; |
199 else | 202 else |
200 LOG(FATAL) << kNoBpfMsg << kItIsNotAllowedMsg; | 203 LOG(FATAL) << kNoBpfMsg << kItIsNotAllowedMsg; |
201 } | 204 } |
202 } | 205 } |
203 | 206 |
204 } // namespace nacl | 207 } // namespace nacl |
OLD | NEW |