diff options
| -rw-r--r-- | sandbox/linux/services/credentials.cc | 11 | ||||
| -rw-r--r-- | sandbox/linux/services/credentials.h | 1 | ||||
| -rw-r--r-- | sandbox/linux/tests/unit_tests.h | 8 |
3 files changed, 20 insertions, 0 deletions
diff --git a/sandbox/linux/services/credentials.cc b/sandbox/linux/services/credentials.cc index c8c679d..6f84a66 100644 --- a/sandbox/linux/services/credentials.cc +++ b/sandbox/linux/services/credentials.cc @@ -22,6 +22,7 @@ #include "base/process/launch.h" #include "base/template_util.h" #include "base/third_party/valgrind/valgrind.h" +#include "build/build_config.h" #include "sandbox/linux/services/namespace_utils.h" #include "sandbox/linux/services/proc_util.h" #include "sandbox/linux/services/syscall_wrappers.h" @@ -133,7 +134,11 @@ void CheckCloneNewUserErrno(int error) { bool Credentials::DropAllCapabilities(int proc_fd) { DCHECK_LE(0, proc_fd); +#if !defined(THREAD_SANITIZER) + // With TSAN, accept to break the security model as it is a testing + // configuration. CHECK(ThreadHelpers::IsSingleThreaded(proc_fd)); +#endif ScopedCap cap(cap_init()); CHECK(cap); @@ -172,6 +177,12 @@ bool Credentials::CanCreateProcessInNewUserNS() { return false; } +#if defined(THREAD_SANITIZER) + // With TSAN, processes will always have threads running and can never + // enter a new user namespace with MoveToNewUserNS(). + return false; +#endif + // This is roughly a fork(). const pid_t pid = sys_clone(CLONE_NEWUSER | SIGCHLD, 0, 0, 0, 0); diff --git a/sandbox/linux/services/credentials.h b/sandbox/linux/services/credentials.h index 6b37d49..9143561 100644 --- a/sandbox/linux/services/credentials.h +++ b/sandbox/linux/services/credentials.h @@ -56,6 +56,7 @@ class SANDBOX_EXPORT Credentials { // change. // If this call succeeds, the current process will be granted a full set of // capabilities in the new namespace. + // This will fail if the process is not mono-threaded. static bool MoveToNewUserNS() WARN_UNUSED_RESULT; // Remove the ability of the process to access the file system. File diff --git a/sandbox/linux/tests/unit_tests.h b/sandbox/linux/tests/unit_tests.h index 6f150ac..bf0a44f 100644 --- a/sandbox/linux/tests/unit_tests.h +++ b/sandbox/linux/tests/unit_tests.h @@ -38,6 +38,14 @@ bool IsRunningOnValgrind(); #define DISABLE_ON_TSAN(test_name) test_name #endif // defined(THREAD_SANITIZER) +#if defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \ + defined(THREAD_SANITIZER) || defined(LEAK_SANITIZER) || \ + defined(UNDEFINED_SANITIZER) || defined(SANITIZER_COVERAGE) +#define DISABLE_ON_SANITIZERS(test_name) DISABLED_##test_name +#else +#define DISABLE_ON_SANITIZERS(test_name) test_name +#endif + #if defined(OS_ANDROID) #define DISABLE_ON_ANDROID(test_name) DISABLED_##test_name #else |