Tighten socket(2)/socketpair(2) on ARM GPU.

BUG=235609 TEST=daisy boots, about:gpu shows correct info. Review URL: https://chromiumcodereview.appspot.com/16358023 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@205504 0039d316-1c4b-4281-b951-d872f2087c98
author: jorgelo@chromium.org <jorgelo@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-06-11 12:20:58 +0000
committer: jorgelo@chromium.org <jorgelo@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-06-11 12:20:58 +0000
commit: 86c9029581b519ed2bb39d33811d8cb3fa5875cf (patch)
tree: 9393ead2ef0f23d352d95d2d5d28253d0147b460
parent: 7b9faeb78d74cab7464edbd9fe4abf7f6fc9d976 (diff)
download: chromium_src-86c9029581b519ed2bb39d33811d8cb3fa5875cf.zip
chromium_src-86c9029581b519ed2bb39d33811d8cb3fa5875cf.tar.gz
chromium_src-86c9029581b519ed2bb39d33811d8cb3fa5875cf.tar.bz2
1 files changed, 11 insertions, 10 deletions
diff --git a/content/common/sandbox_seccomp_bpf_linux.cc b/content/common/sandbox_seccomp_bpf_linux.cc
index 5740106..4cbba66 100644
--- a/content/common/sandbox_seccomp_bpf_linux.cc
+++ b/content/common/sandbox_seccomp_bpf_linux.cc
@@ -1492,15 +1492,19 @@ ErrorCode ArmMaliGpuProcessPolicy(Sandbox* sandbox, int sysno,
 #if defined(__arm__)
     // ARM GPU sandbox is started earlier so we need to allow networking
     // in the sandbox.
-    // TODO(jorgelo): tighten this (crbug.com/235609).
     case __NR_connect:
     case __NR_getpeername:
     case __NR_getsockname:
-    case __NR_socket:
-    case __NR_socketpair:
     case __NR_sysinfo:
     case __NR_uname:
       return ErrorCode(ErrorCode::ERR_ALLOWED);
+    // Allow only AF_UNIX for |domain|.
+    case __NR_socket:
+    case __NR_socketpair:
+      return sandbox->Cond(0, ErrorCode::TP_32BIT,
+                           ErrorCode::OP_EQUAL, AF_UNIX,
+                           ErrorCode(ErrorCode::ERR_ALLOWED),
+                           ErrorCode(EPERM));
 #endif  // defined(__arm__)
     default:
       if (IsAdvancedScheduler(sysno))
@@ -1702,13 +1706,10 @@ void RunSandboxSanityChecks(const std::string& process_type) {
     CHECK_EQ(-1, syscall_ret);
     CHECK_EQ(EPERM, errno);
 
-    // TODO(jorgelo): re-enable on arm (crbug.com/235609).
-    if (!IsArchitectureArm()) {
-      // We should never allow the creation of netlink sockets.
-      syscall_ret = socket(AF_NETLINK, SOCK_DGRAM, 0);
-      CHECK_EQ(-1, syscall_ret);
-      CHECK_EQ(EPERM, errno);
-    }
+    // We should never allow the creation of netlink sockets.
+    syscall_ret = socket(AF_NETLINK, SOCK_DGRAM, 0);
+    CHECK_EQ(-1, syscall_ret);
+    CHECK_EQ(EPERM, errno);
 #endif  // !defined(NDEBUG)
   }
 }
author	jorgelo@chromium.org <jorgelo@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-06-11 12:20:58 +0000
committer	jorgelo@chromium.org <jorgelo@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-06-11 12:20:58 +0000
commit	86c9029581b519ed2bb39d33811d8cb3fa5875cf (patch)
tree	9393ead2ef0f23d352d95d2d5d28253d0147b460
parent	7b9faeb78d74cab7464edbd9fe4abf7f6fc9d976 (diff)
download	chromium_src-86c9029581b519ed2bb39d33811d8cb3fa5875cf.zip chromium_src-86c9029581b519ed2bb39d33811d8cb3fa5875cf.tar.gz chromium_src-86c9029581b519ed2bb39d33811d8cb3fa5875cf.tar.bz2