diff options
author | sgurun <sgurun@chromium.org> | 2016-02-05 16:52:08 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-02-06 00:53:40 +0000 |
commit | d8166bd9a4c900c9a8079c9e7b4d3e750b497f51 (patch) | |
tree | 58911aa657808e7a4ac4087cebe65739dcf02e32 /content/common/sandbox_linux | |
parent | 13f285d4687f9e39204a3d7e0743da52d7ab6f1c (diff) | |
download | chromium_src-d8166bd9a4c900c9a8079c9e7b4d3e750b497f51.zip chromium_src-d8166bd9a4c900c9a8079c9e7b4d3e750b497f51.tar.gz chromium_src-d8166bd9a4c900c9a8079c9e7b4d3e750b497f51.tar.bz2 |
Revert of [Android] Fix Microdump generation when Seccomp-BPF is enabled. (patchset #3 id:40001 of https://codereview.chromium.org/1669043003/ )
Reason for revert:
broke android x86 builder.
Bug: 584857
Original issue's description:
> [Android] Fix Microdump generation when Seccomp-BPF is enabled.
>
> BUG=584518,439573
>
> Committed: https://crrev.com/4fe32a5a3c3c5db910517f70f45ea03ee1c676ed
> Cr-Commit-Position: refs/heads/master@{#373934}
TBR=mdempsky@chromium.org,rsesek@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=584518,439573
Review URL: https://codereview.chromium.org/1671333003
Cr-Commit-Position: refs/heads/master@{#373978}
Diffstat (limited to 'content/common/sandbox_linux')
-rw-r--r-- | content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc | 40 |
1 files changed, 0 insertions, 40 deletions
diff --git a/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc b/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc index 7074a2d..c3b1605 100644 --- a/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc +++ b/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc @@ -4,33 +4,17 @@ #include "content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.h" -#include <errno.h> -#include <fcntl.h> -#include <sys/socket.h> #include <sys/syscall.h> #include <sys/types.h> #include "build/build_config.h" #include "sandbox/linux/bpf_dsl/bpf_dsl.h" -using sandbox::bpf_dsl::AllOf; using sandbox::bpf_dsl::Allow; -using sandbox::bpf_dsl::AnyOf; -using sandbox::bpf_dsl::Arg; -using sandbox::bpf_dsl::If; -using sandbox::bpf_dsl::Error; using sandbox::bpf_dsl::ResultExpr; namespace content { -#ifndef SOCK_CLOEXEC -#define SOCK_CLOEXEC O_CLOEXEC -#endif - -#ifndef SOCK_NONBLOCK -#define SOCK_NONBLOCK O_NONBLOCK -#endif - SandboxBPFBasePolicyAndroid::SandboxBPFBasePolicyAndroid() : SandboxBPFBasePolicy() {} @@ -46,10 +30,8 @@ ResultExpr SandboxBPFBasePolicyAndroid::EvaluateSyscall(int sysno) const { case __NR_flock: #if defined(__x86_64__) || defined(__aarch64__) case __NR_newfstatat: - case __NR_getdents64: #elif defined(__i386__) || defined(__arm__) || defined(__mips__) case __NR_fstatat64: - case __NR_getdents: #endif case __NR_getpriority: case __NR_ioctl: @@ -74,32 +56,10 @@ ResultExpr SandboxBPFBasePolicyAndroid::EvaluateSyscall(int sysno) const { case __NR_getrlimit: #endif case __NR_uname: - - // Permit socket operations so that renderers can connect to logd and - // debuggerd. The arguments to socket() are further restricted below. - case __NR_socket: - case __NR_connect: - - // Ptrace is allowed so the Breakpad Microdumper can fork in a renderer - // and then ptrace the parent. - case __NR_ptrace: override_and_allow = true; break; } - if (sysno == __NR_socket) { - const Arg<int> domain(0); - const Arg<int> type(1); - const Arg<int> protocol(2); - const int kSockFlags = SOCK_CLOEXEC | SOCK_NONBLOCK; - return If(AllOf(domain == AF_UNIX, - AnyOf((type & ~kSockFlags) == SOCK_DGRAM, - (type & ~kSockFlags) == SOCK_STREAM), - protocol == 0), - Allow()) - .Else(Error(EPERM)); - } - if (override_and_allow) return Allow(); |