summaryrefslogtreecommitdiffstats
path: root/sandbox/linux
Commit message (Collapse)AuthorAgeFilesLines
* Linux sandbox: add test to ensure that pread64 can be forwarded.jln@chromium.org2014-06-278-44/+253
| | | | | | | | | | | | Make sure that the pread64() system call can be forwarded from seccomp-bpf trap handlers. BUG=388978 NOTRY=true Review URL: https://codereview.chromium.org/348853006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@280262 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add sandbox_linux_unittests.isolatejln@chromium.org2014-06-191-0/+18
| | | | | | | | | | | This is a re-land of https://codereview.chromium.org/340523006/ BUG=384514 R=maruel@chromium.org Review URL: https://codereview.chromium.org/341623003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@278212 0039d316-1c4b-4281-b951-d872f2087c98
* Revert of Linux sandbox: add sandbox_linux_unittests.isolate ↵jln@chromium.org2014-06-172-41/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (https://codereview.chromium.org/340523006/) Reason for revert: Breaking linux_chromium_clang_dbg [7609/24970 | 449.637] SOLINK lib/libmojo_launcher.so FAILED: cd ../../sandbox; python ../tools/isolate_driver.py check --isolated "../out/Debug/sandbox_linux_unittests.isolated" --isolate "linux/sandbox_linux_unittests.isolate" --path-variable DEPTH .. --path-variable PRODUCT_DIR "../out/Debug " --extra-variable "version_full=37.0.2056.0" --config-variable "OS=linux" --config-variable "chromeos=0" --config-variable "component=shared_library" --config-variable "internal_gles2_conform_tests=0" --config-variable "icu_use_data_file_flag=1" --config-variable "libpeer_target_type=static_library" --config-variable "use_openssl=0" --ignore_broken_items Traceback (most recent call last): File "../tools/isolate_driver.py", line 279, in <module> sys.exit(main()) File "../tools/isolate_driver.py", line 269, in main create_wrapper(args, isolate, isolated) File "../tools/isolate_driver.py", line 194, in create_wrapper assert os.path.basename(isolate) == isolate, isolate AssertionError: linux/sandbox_linux_unittests.isolate ninja: build stopped: subcommand failed. Original issue's description: > Linux sandbox: add sandbox_linux_unittests.isolate > > BUG=384514 > NOTRY=true > > Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=277867 TBR=nodir@chromium.org,vadimsh@chromium.org,maruel@chromium.org NOTREECHECKS=true NOTRY=true BUG=384514 Review URL: https://codereview.chromium.org/339183007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@277875 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add sandbox_linux_unittests.isolatejln@chromium.org2014-06-172-0/+41
| | | | | | | | | BUG=384514 NOTRY=true Review URL: https://codereview.chromium.org/340523006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@277867 0039d316-1c4b-4281-b951-d872f2087c98
* Define regs_struct on x86 Bionic as well.rickyz@google.com2014-06-141-1/+29
| | | | | | | | | | (r276595 broke the x86 Android build) BUG= Review URL: https://codereview.chromium.org/332873002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@277148 0039d316-1c4b-4281-b951-d872f2087c98
* Use PTRACE_SET_SYSCALL to override syscalls on ARM.rickyz@google.com2014-06-131-2/+34
| | | | | | | | | | | | | Unfortunately, this change also disables the test on ARM due to a bug which prevents syscalls from being overriden on ARM (see crbug.com/383977 for details). This should fix ARM chrome tests, which were broken in r276595. BUG=383977 Review URL: https://codereview.chromium.org/331833002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@277089 0039d316-1c4b-4281-b951-d872f2087c98
* Clean-up the SandboxSyscall interfacejln@chromium.org2014-06-138-411/+388
| | | | | | | | | | | Create a new Syscall class with a static method to replace SandboxSyscall() and clean-up some documentation. BUG=369594 Review URL: https://codereview.chromium.org/330723003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@277004 0039d316-1c4b-4281-b951-d872f2087c98
* Seccomp_bpf. Fix compilation error for Android x64.anton@chromium.org2014-06-121-1/+1
| | | | | | | | | | There is no old version of bionic for x64. BUG=346626 Review URL: https://codereview.chromium.org/335623002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@276817 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: Add support for SECCOMP_RET_TRACE.rickyz@google.com2014-06-128-1/+223
| | | | | | | | | | | | To use, make a BPF program return ErrorCode(ERR_TRACE + ret_data), where ret_data is a 16 bit value that will be available to the tracing process via PTRACE_GETEVENTMSG. BUG=231000 Review URL: https://codereview.chromium.org/278583005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@276595 0039d316-1c4b-4281-b951-d872f2087c98
* Do not instrument the suid sandbox binary with sanitizer tools.earthdok@chromium.org2014-06-101-0/+7
| | | | | | | | | | BUG=382766 R=glider@chromium.org, jln@chromium.org NOTRY=true Review URL: https://codereview.chromium.org/323003006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@276190 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: restrict prctl in the baseline.jln@chromium.org2014-06-064-6/+30
| | | | | | | | | | | | | Restrict prctl(2) in the baseline policy. We temporarily allow in the GPU and PPAPI policies, so the net effect of this CL is only to restrict prctl for NaCl processes. BUG=270914 R=mdempsky@chromium.org Review URL: https://codereview.chromium.org/315383003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@275284 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: restrict futex operations.jln@chromium.org2014-06-0411-5/+112
| | | | | | | | | | | | First-pass at restricting futex operations. We ban FUTEX_CMP_REQUEUE_PI, as it is not used throughout Chrome. BUG=377392 R=mdempsky@chromium.org Review URL: https://codereview.chromium.org/314903002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@274934 0039d316-1c4b-4281-b951-d872f2087c98
* Enable some more targets in the GN build.brettw@chromium.org2014-06-041-1/+1
| | | | | | | | Fixes a warning in the sandbox code. GYP must compile this file with reduced warnings, but it's a valid warning so it seems better to fix than suppress. Review URL: https://codereview.chromium.org/317733007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@274922 0039d316-1c4b-4281-b951-d872f2087c98
* Add GN build for Linux sandbox.brettw@chromium.org2014-05-291-0/+313
| | | | | | | | | | | Also removes duplicate gfx x11 target. BUG= R=erg@chromium.org Review URL: https://codereview.chromium.org/304833002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@273589 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: make SANDBOX_TEST compatible with LSANjln@chromium.org2014-05-229-22/+63
| | | | | | | | | | | | | | | | | Leak Sanitizer did not run in SANDBOX_TEST (i.e. tests running in their own subprocesses) since they called _exit(2). We now explicitly call __lsan_do_leak_checks() before calling _exit(). This feature is still disabled for any test that enables a real sandbox since it may not be compatible with LSAN. BUG=376120 R=mdempsky@chromium.org Review URL: https://codereview.chromium.org/288063005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@272121 0039d316-1c4b-4281-b951-d872f2087c98
* Convert a bunch of BPF_TEST tests to use BPF_TEST_Cmdempsky@chromium.org2014-05-214-204/+247
| | | | | | | | | | | | This CL converts all BPF_TEST tests that didn't make use of BPF_AUX to instead use BPF_TEST_C and a proper SandboxBPFPolicy instead of a SyscallEvaluator. Simultaneously, it removes a lot of unnecessary code that was only necessary to support these tests that don't use BPF_AUX. Review URL: https://codereview.chromium.org/289193003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@272014 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: run all BaselinePolicy tests with sanitizers.jln@chromium.org2014-05-212-23/+28
| | | | | | | | | | | | | - Allow ioctls TCGETS and FIONREAD with sanitizers. - Allow sched_getaffinity() with sanitizers. - Enable all BaselinePolicy unit tests with sanitizers. BUG=372445 R=mdempsky@chromium.org Review URL: https://codereview.chromium.org/296703007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271854 0039d316-1c4b-4281-b951-d872f2087c98
* [reland] Remove SandboxBPF's dependency on CompatibilityPolicymdempsky@chromium.org2014-05-214-104/+120
| | | | | | | | | | | SandboxBPF users are now required to always provide a SandboxBPFPolicy instead of a SyscallEvaluator. CompatibilityPolicy can't be removed just yet though because it's still used by the deprecated BPF_TEST macros. Review URL: https://codereview.chromium.org/286903005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271814 0039d316-1c4b-4281-b951-d872f2087c98
* Revert of Remove SandboxBPF's dependency on CompatibilityPolicy ↵isherman@chromium.org2014-05-204-120/+104
| | | | | | | | | | | | | | | | | | | | | | | | | (https://codereview.chromium.org/290223002/) Reason for revert: Broke VerboseAPITesting in sandbox_linux_unittests on Linux: http://build.chromium.org/p/chromium.linux/buildstatus?builder=Linux%20Tests%20%28dbg%29%282%29%2832%29&number=13046 Original issue's description: > Remove SandboxBPF's dependency on CompatibilityPolicy > > SandboxBPF users are now required to always provide a SandboxBPFPolicy > instead of a SyscallEvaluator. CompatibilityPolicy can't be removed > just yet though because it's still used by the deprecated BPF_TEST > macros. > > Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=271607 TBR=jln@chromium.org,mdempsky@chromium.org NOTREECHECKS=true NOTRY=true Review URL: https://codereview.chromium.org/293993006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271621 0039d316-1c4b-4281-b951-d872f2087c98
* Remove SandboxBPF's dependency on CompatibilityPolicymdempsky@chromium.org2014-05-204-104/+120
| | | | | | | | | | | SandboxBPF users are now required to always provide a SandboxBPFPolicy instead of a SyscallEvaluator. CompatibilityPolicy can't be removed just yet though because it's still used by the deprecated BPF_TEST macros. Review URL: https://codereview.chromium.org/290223002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271607 0039d316-1c4b-4281-b951-d872f2087c98
* Simplify PointerCompare a littlemdempsky@chromium.org2014-05-201-66/+60
| | | | | | | | | | | | | | | | | | Technically makes a few behavioral changes, but these shouldn't have any real consequences: 1. When comparing conditional branch statements, the 'false' jump target is now compared lexicographically before the 'true' jump target (to reduce redundancy with comparing unconditional branches). This affects block ordering slightly, but equality (which is what we really care about) remains the same. 2. Adds a bit more sanity checking: RET and JMP instructions should only occur at the end of basic blocks. Review URL: https://codereview.chromium.org/286063007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271593 0039d316-1c4b-4281-b951-d872f2087c98
* Fix misuses of DISALLOW_IMPLICIT_CONSTRUCTORS()mdempsky@chromium.org2014-05-202-8/+13
| | | | | | | | | | | | DISALLOW_IMPLICIT_CONSTRUCTORS() should be used when we don't want any implicit functions; but in the cases this CL touches, we just want the default constructor to be private, not disallowed. BUG=375000 Review URL: https://codereview.chromium.org/291063002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271592 0039d316-1c4b-4281-b951-d872f2087c98
* NaCl: Add sanity check for number of open FDs at startupmseaborn@chromium.org2014-05-203-0/+46
| | | | | | | | | | | | | | | | | This is primarily for Non-SFI NaCl, where leaking FDs would be a security hole. For SFI NaCl, this is just for defence in depth. I've put the check just before enabling the seccomp-bpf sandbox. This guards against creation of unusual FDs, e.g. via epoll_create(), which might happen even after enabling the SUID sandbox (which mostly disables open()). BUG=358719 TEST=browser_tests Review URL: https://codereview.chromium.org/276443003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271583 0039d316-1c4b-4281-b951-d872f2087c98
* Add SandboxBPFPolicy::InvalidSyscall() to simplify writing policiesmdempsky@chromium.org2014-05-176-24/+50
| | | | | | | | | | | Instead of requiring every BPF policy to check IsValidSyscallNumber() and return a fixed value when it's true, provide an alternative entry point and guarantee that EvaluateSyscall() will only be called for valid syscall numbers. Review URL: https://codereview.chromium.org/293463002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271256 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add more baseline policy unittests.jln@chromium.org2014-05-173-0/+141
| | | | | | | | | | | | | | Add more unit tests to the baseline policy. This is still highly incomplete. BUG=368092 TBR=mdempsky NOTRY=true Review URL: https://codereview.chromium.org/290143006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271226 0039d316-1c4b-4281-b951-d872f2087c98
* Android: cleanup gtest_target_type conditions.bulach@chromium.org2014-05-171-3/+2
| | | | | | | | | | | | For a long time (crrev.com/133053) OS==android implies: gtest_target_type=shared_library Cleanup the spurious conditions and obsolete TODOs. BUG= Review URL: https://codereview.chromium.org/278443003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@271222 0039d316-1c4b-4281-b951-d872f2087c98
* Split up the //sandbox OWNERS file into per-subdirectory ones.rsesek@chromium.org2014-05-131-0/+3
| | | | | | | | | | | | This also removes non-active OWNERS per http://dev.chromium.org/developers/owners-files. NOTRY=true R=jln@chromium.org, jschuh@chromium.org, cpu@chromium.org, rvargas@chromium.org Review URL: https://codereview.chromium.org/282643003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@270223 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: exclude MSAN from baseline policy testsjln@chromium.org2014-05-121-2/+4
| | | | | | | | | | | | For now we disable most baseline policy unittests under *SAN, until we make the policy work with them. BUG=372445 TBR=earthdok Review URL: https://codereview.chromium.org/283643002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269905 0039d316-1c4b-4281-b951-d872f2087c98
* Move sanbox_export.h to //sandbox from //sandbox/linux and split root OWNERS ↵rsesek@chromium.org2014-05-1220-42/+19
| | | | | | | | | | | file. BUG=none R=jln@chromium.org, jschuh@chromium.org Review URL: https://codereview.chromium.org/273423007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269852 0039d316-1c4b-4281-b951-d872f2087c98
* Non-SFI NaCl: Stop running sandbox tests in components_unittestshamaji@chromium.org2014-05-102-23/+9
| | | | | | | | | | | | | | Also revert the temporary change for the sandbox test framework, which allows fork() with threads. https://codereview.chromium.org/242383003 TEST=nacl_loader_unittests, components_unittests, and trybots BUG=364751 Review URL: https://codereview.chromium.org/273623002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269558 0039d316-1c4b-4281-b951-d872f2087c98
* Refactor BPFTesterCompatibilityDelegate to use AuxHolder insteadmdempsky@chromium.org2014-05-093-45/+31
| | | | | | Review URL: https://codereview.chromium.org/271943002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269442 0039d316-1c4b-4281-b951-d872f2087c98
* Ensure that _GNU_SOURCE is defined early enoughmostynb@opera.com2014-05-092-4/+10
| | | | | | | | | | | | | | | | | This style cleanup broke some versions of glibc that include fcntl.h from another header before it is explicitly included: https://codereview.chromium.org/236083002/ We need _GNU_SOURCE defined before the first time fcntl.h is included since we use the linux-specific O_DIRECTORY extension. Thanks to johan_e@opera.com for helping track this down. NOTRY=true Review URL: https://codereview.chromium.org/266913019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269419 0039d316-1c4b-4281-b951-d872f2087c98
* Fix Intel 64 bots by explicitly adding the syscall.hmiguelg@chromium.org2014-05-091-0/+1
| | | | | | | | | | | | BUG=371749 R=jln@chromium.org TBR=jln NOTRY=true Review URL: https://codereview.chromium.org/272993002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269242 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: always restrict clone() in baseline policy.jln@chromium.org2014-05-096-15/+164
| | | | | | | | | | | | | | | | | | | | Always restrict clone() to thread creation in the baseline policy. This CL does the following - Extend RestrictCloneToThreadsAndEPERMFork to support Android. - Always EPERM anything that looks like fork() - Add unit tests to the baseline policy related to clone() and fork(). This CL also modifies any other BPF policy so that if clone() was not restricted before, it remains so. That is, only renderers and PPAPI processes have clone() restrictions applied to them, as before. BUG=367986 R=jorgelo@chromium.org, mdempsky@chromium.org Review URL: https://codereview.chromium.org/270613008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@269114 0039d316-1c4b-4281-b951-d872f2087c98
* NaCl non-sfi sandbox: use modern framework for testsjln@chromium.org2014-05-071-9/+9
| | | | | | | | | | | | | | | The non-sfi sandbox policy is the implementation of the SandboxBPFPolicy interface but tests are testing it as an old-style function pointer policy. This CL makes use of BPF_TEST_C and BPF_DEATH_TEST_C and takes a classname as a parameter rather than a function pointer. BUG=359285 R=mseaborn@chromium.org Review URL: https://codereview.chromium.org/269333004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@268963 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: implement new BPF testing macrosjln@chromium.org2014-05-075-89/+243
| | | | | | | | | | | | | Implement new BPF_TEST_C and BPF_TEST_D macros to allow writing new BPF tests without using the deprecated "BPF policies as function pointers". BUG=368970 R=mdempsky@chromium.org TBR=jorgelo Review URL: https://codereview.chromium.org/269303002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@268668 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: cleanup test framework furtherjln@chromium.org2014-05-0611-91/+289
| | | | | | | | | | | | | | | | | Remove more void* in favor of strong typing. Create a new global SandboxTestRunner interface that can be implemented by specific test runners. Implement BPF_TEST via a SandboxBPFTestRunner class which takes a delegate to implement allocating the BPF policy and actually running the function. This allows us to confine templating to this new BPFTesterSimpleDelegate class. BUG=368970 R=jorgelo@chromium.org, mdempsky@chromium.org Review URL: https://codereview.chromium.org/265283003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@268608 0039d316-1c4b-4281-b951-d872f2087c98
* Get rid of kZygoteIdFd from contentmdempsky@chromium.org2014-05-022-45/+64
| | | | | | | | Move handling of the dummy file descriptor into SetuidSandboxClient. Review URL: https://codereview.chromium.org/262533004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267743 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add basic DEPS files.jln@chromium.org2014-05-024-0/+35
| | | | | | | | | | This is a reland of https://chromiumcodereview.appspot.com/260833002/ TBR=rsesek NOTRY=true Review URL: https://codereview.chromium.org/260893015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267714 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: get rid of a number of reinterpret_castjln@chromium.org2014-05-0210-74/+243
| | | | | | | | | | | | Bring back a little bit of sanity to BPF_TEST. Remove a lot of void* types and their associated reinterpret_cast and enjoy type checking. BUG=368970 R=jorgelo@chromium.org, mdempsky@chromium.org Review URL: https://codereview.chromium.org/260963003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267695 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 267599 "Linux sandbox: add basic DEPS files."noamsml@google.com2014-05-014-35/+0
| | | | | | | | | | | | | | | | | Seems to cause issues with Linux bots > Linux sandbox: add basic DEPS files. > > TBR=brettw > NOTRY=true > > Review URL: https://codereview.chromium.org/260833002 TBR=jln@chromium.org Review URL: https://codereview.chromium.org/266673007 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267604 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add basic DEPS files.jln@chromium.org2014-05-014-0/+35
| | | | | | | | | TBR=brettw NOTRY=true Review URL: https://codereview.chromium.org/260833002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267599 0039d316-1c4b-4281-b951-d872f2087c98
* Change UnixDomainSocket::RecvMsg to return ScopedVector<base::ScopedFD>mdempsky@chromium.org2014-04-302-12/+8
| | | | | | | | | | | | | This is slightly suboptimal because ScopedVector forces each ScopedFD to be individually heap allocated, but it's the simplest solution until C++11 is available. BUG=360274 NOTRY=true Review URL: https://codereview.chromium.org/258543006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267350 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: put back sigaltstack in syscall sets.jln@chromium.org2014-04-301-0/+1
| | | | | | | | | | | | r267220 mistakenly removed sigaltstack. BUG=302040 TBR=glider NOTRY=true Review URL: https://codereview.chromium.org/253193005 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267325 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: disallow fork() and *kill for ASANjln@chromium.org2014-04-301-55/+27
| | | | | | | | | | | Treat ASAN like non-ASAN and disallow fork() and *kill there as well. BUG=367986 R=jorgelo@chromium.org Review URL: https://codereview.chromium.org/263563004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267292 0039d316-1c4b-4281-b951-d872f2087c98
* Enable use_sigaltstack=1 for ASan builds. This will ease the stack overflow ↵glider@chromium.org2014-04-302-1/+7
| | | | | | | | | | | | | | detection. Also whitelist __NR_sigaltstack in seccomp-bpf under ASan. BUG=302040 R=jln@chromium.org TBR=thakis@chromium.org Review URL: https://codereview.chromium.org/253753003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267220 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: allow *kill on ASANjln@chromium.org2014-04-301-12/+30
| | | | | | | | | | | | Restricting *kill on ASAN is crashing somehow. Allow *kill on ASAN for now. BUG=367986 R=jorgelo@chromium.org, mdempsky@chromium.org Review URL: https://codereview.chromium.org/261543003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@267005 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: restrict *kill to the current process.jln@chromium.org2014-04-297-11/+73
| | | | | | | | | | | Restrict tgkill(2) and kill(2) to the current process, forbid tkill. BUG=367986 R=jorgelo@chromium.org Review URL: https://codereview.chromium.org/258073008 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@266926 0039d316-1c4b-4281-b951-d872f2087c98
* NaCl Linux: create NaClSandbox classjln@chromium.org2014-04-291-1/+1
| | | | | | | | | | | | | | | We create a new NaClSandbox class, with InitializeLayerOneSandbox() and InitializeLayerTwoSandbox() methods. This class centralizes existing code and adds important security checks as to whether or not threads are running or directory file descriptors are open. BUG=359230, 358719 R=mseaborn@chromium.org Review URL: https://codereview.chromium.org/250773003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@266735 0039d316-1c4b-4281-b951-d872f2087c98
* Add tests to make sure UnixDomainSocket and namespaces play nicelymdempsky@chromium.org2014-04-282-0/+268
| | | | | | | | BUG=357670 Review URL: https://codereview.chromium.org/259763002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@266483 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-12 08:03:15 +0000