summaryrefslogtreecommitdiffstats
path: root/sandbox
Commit message (Collapse)AuthorAgeFilesLines
* Refactor sandbox_policy.cc so that it doesn't contain the sandbox policies ↵jam@chromium.org2013-03-201-0/+2
| | | | | | | | | | | | | | | | | | | | for all processes. Instead have whoever creates a sandboxed process set this data. This allows us to clean a few NaCl related changes in content: -remove NaCl sandbox rules from content -remove the hack for ifdef'ing out the GPU policy since it didn't link for nacl64.exe -remove the 1GB memory reservation for the NaCl loader process out of content Other cleanup: -renamed sandbox_policy.* to sandbox_win.* to match the other platform-specific sandbox files -moved BrokerGetFileHandleForProcess to internal content files since it's not called from outside -remove AddGpuDllEvictionPolicy since it was redundant (the one dll it removed was already listed in the generic list) There's still more cleanup to be done in the sandbox code (i.e. remove chrome frame switch, nacl process type switch etc). I will do that in future changes. BUG=191682 Review URL: https://codereview.chromium.org/12805004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@189175 0039d316-1c4b-4281-b951-d872f2087c98
* Android sandbox: workaround for restricted errno values.jln@chromium.org2013-03-112-3/+37
| | | | | | | | | | | | | On Android, errno are only supported up to 255 and are not processed otherwise. Fix a test to work around this issue. BUG=181647,169416 NOTRY=true TBR=markus Review URL: https://chromiumcodereview.appspot.com/12638015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@187410 0039d316-1c4b-4281-b951-d872f2087c98
* The 'sandbox' target is always 'none'.bungeman@chromium.org2013-02-281-1/+0
| | | | | | | | | | In revision 143549 seccomp_bpf was moved to its own target, however the line changing 'sandbox' to a static_library was left behind. This should be removed as it is misleading and leads to odd build generator behavior (like an empty build.ninja file). Review URL: https://codereview.chromium.org/12340115 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@185143 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Refactor the BPF sandbox API to use objects rather than ↵markus@chromium.org2013-02-2624-990/+1071
| | | | | | | | | | | | | | | | "static" methods. This change allows us to stack multiple instances of the sandbox. Also, split up headers in a generally saner fashion. BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/12223109 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184541 0039d316-1c4b-4281-b951-d872f2087c98
* Move file_path.h to base/files.brettw@chromium.org2013-02-241-1/+1
| | | | | | TBR=sky git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184344 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Added support for checking system call arguments against bit masks.markus@chromium.org2013-02-158-55/+1041
| | | | | | | | | | | | This is a second attempt. The original CL was tracked at https://chromiumcodereview.appspot.com/11613016 BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/11648028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@182698 0039d316-1c4b-4281-b951-d872f2087c98
* Remove sandbox win64 warningjschuh@chromium.org2013-02-121-7/+0
| | | | | | | | | Tests all pass and are getting enabled on the bots this week. BUG=168414 Review URL: https://codereview.chromium.org/12221109 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181924 0039d316-1c4b-4281-b951-d872f2087c98
* Ignore DEP and SEHOP flags on Win64jschuh@chromium.org2013-02-121-0/+3
| | | | | | | | | | These flags aren't supported on 64-bit and can throw an error on Win8 process creation. BUG=147752 Review URL: https://chromiumcodereview.appspot.com/12207106 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181840 0039d316-1c4b-4281-b951-d872f2087c98
* Replace FilePath with base::FilePath in some more top level directories.brettw@chromium.org2013-02-102-2/+3
| | | | | | Review URL: https://codereview.chromium.org/12217101 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181640 0039d316-1c4b-4281-b951-d872f2087c98
* Disable ProcessMitigationsTest.CheckDep on Win64jschuh@chromium.org2013-02-071-2/+2
| | | | | | | | DEP is already enabled by default and Win64 throws an error when you try to manipulate the setting at all. Review URL: https://codereview.chromium.org/12218061 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181382 0039d316-1c4b-4281-b951-d872f2087c98
* Added a unittest to check that we can restrict syscall(__NR_clone)markus@chromium.org2013-02-071-0/+55
| | | | | | | | | | BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/12207029 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@181121 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add warning if running tests multithreaded.jln@chromium.org2013-02-052-5/+22
| | | | | | | | | BUG=169416 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12207004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@180747 0039d316-1c4b-4281-b951-d872f2087c98
* Windows: Allow subprocesses to inherit non-console stdout/stderrmseaborn@chromium.org2013-02-038-3/+142
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Before this change, the renderer and other subprocesses never inherit stdout and stderr when they are pipe handles. Stdout/stderr will be pipe handles when chrome.exe/browser_tests.exe is running under Buildbot or under Cygwin's default terminal, mintty. We fix this by specifying PROC_THREAD_ATTRIBUTE_HANDLE_LIST in the arguments to CreateProcess(). The fix only applies on Windows >=Vista. Although it's probably safe for stdout/stderr to be inherited when it is a pipe handle or file handle, we put this behind the flag "--enable-logging". (This flag already makes stderr work when chrome.exe/browser_tests.exe is running under a Windows console -- a case which is not handled by the code path we're adding here because a Windows console is not an inheritable kernel handle.) Note that this relies on the fix committed in http://crrev.com/178656. BUG=171836 TEST=manually add logging to renderer process and check that it appears when running chrome.exe or browser_tests.exe Review URL: https://chromiumcodereview.appspot.com/12033045 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@180303 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: Make the test run on Android as Native executablejln@chromium.org2013-02-023-37/+67
| | | | | | | | | | | | Make it possible to run the tests via run_tests.py --exe. BUG=169416 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12093055 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@180236 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Refactoring in preparation for sandbox stacking.markus@chromium.org2013-01-2611-281/+539
| | | | | | | | | | | | | | | | | | | | | | | | | | We have to keep a few globally shared bits of data, because of the way the kernel exposes the sandboxing API. In the past, we solved this problem by having a monolithic "static" class for all of the sandboxing code. This is sub-optimal and makes it difficult to implement stacking of multiple BPF sandboxes -- a feature that we would like to have. I believe, all that needs to be kept static is the handling of SIGSYS traps. So, we are pulling those into their own class. In the next step, we'll clean up the actual sandbox class. This changelist introduces one new feature. Going forward, we won't allow "unsafe" traps (e.g. used for grey listing) unless the user explicitly sets the CHROME_SANDBOX_DEBUGGING environment variable. This prevents accidental bugs from unintentionally disabling the entire sandbox. BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/11929036 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@179026 0039d316-1c4b-4281-b951-d872f2087c98
* Disabling nacl_win64 targets when building in target_arch!=ia32 mode.bradnelson@google.com2013-01-211-30/+36
| | | | | | | | | | | | | | | | When building on windows with target_arch=x64, we no longer need win32 targets forced to be 64-bit. This gates out these targets when target_arch!=ia32. (Prior CL dropped the minimal set to break the dependency between these targets and the rest of the build. This eliminates them completely.) BUG=None TEST=None R=jschuh@chromium.org,thestig@chromium.org TBR=darin@chromium.org,abodenha@chromium.org,apatrick@chromium.org,sra@chromium.org,wtc@chromium.org Review URL: https://chromiumcodereview.appspot.com/11929039 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177959 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: more internal timeout in unit tests.jln@chromium.org2013-01-201-8/+32
| | | | | | | | | | | | | | Every SANDBOX_TEST derivative will now use poll() with a timeout instead of a blocking write. This is a second layer to make sure that our tests have a timeout. BUG=169416 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12018029 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177875 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add timeout to tests.jln@chromium.org2013-01-181-0/+44
| | | | | | | | | | | | All derivatives of SANDBOX_TEST() will now have a 10s timeout. BUG=169416 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12021021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177771 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: ASSERT instead of EXPECT in broker tests.jln@chromium.org2013-01-181-28/+40
| | | | | | | | | | TEST=sandbox_linux_unittests NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11859020 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177702 0039d316-1c4b-4281-b951-d872f2087c98
* Use SOCK_SEQPACKET for synchronous IPC.glider@google.com2013-01-181-1/+1
| | | | | | | | | | | | | | This is a copy of https://codereview.chromium.org/11738003 by mnissler@chromium.org SOCK_DGRAM fails in case the other end of the connection dies before sending a reply. This causes recvmsg() calls on the socket to hang, which results in stuck processes sticking around after running tests. BUG=chromium:166528 TEST=No more stuck --type=zygote processes in browser_tests and content_browsertests. Review URL: https://codereview.chromium.org/11823024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177638 0039d316-1c4b-4281-b951-d872f2087c98
* Android make sandbox/linux/seccomp-bpf compile on i386jln@chromium.org2013-01-185-42/+99
| | | | | | | | | | BUG=166704 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/12025004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177542 0039d316-1c4b-4281-b951-d872f2087c98
* Android: remove x86 from sandbox/linux once again.jln@chromium.org2013-01-171-1/+1
| | | | | | | | | | | BUG=166704 TBR=markus NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11958035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177371 0039d316-1c4b-4281-b951-d872f2087c98
* Android: create a generic android_ucontext.hjln@chromium.org2013-01-175-6/+74
| | | | | | | | | | | | | | | | | | We now have a generic android_ucontext.h that should work on both ARM and X86. Note: if this needs to be reverted on X86, please only revert the GYP file and send me the error message. (Thanks to Yin Fengwei for his related work in https://chromiumcodereview.appspot.com/11639038/) BUG=166704 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11971028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@177321 0039d316-1c4b-4281-b951-d872f2087c98
* If the kernel lacks support for BPF filtering, we can still perform a couplemarkus@chromium.org2013-01-114-85/+108
| | | | | | | | | | | | | of static tests on our filter policy and on the filter program. This extends the test coverage of our unittests, even if it is still somewhat limited. TEST=sandbox_linux_unittests BUG=141545 Review URL: https://chromiumcodereview.appspot.com/11829013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@176361 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: handle O_CREAT properly in broker process.jln@chromium.org2013-01-092-1/+13
| | | | | | | | | | | | | We only support 2-parameters open in the broker process but we didn't filter-out O_CREAT properly. BUG=168944 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11778056 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@175744 0039d316-1c4b-4281-b951-d872f2087c98
* Make the Windows sandbox support a normal x64 buildjschuh@chromium.org2013-01-052-26/+32
| | | | | | | | | | I've fixed the dependencies, so we can now support building the sandbox and running the tests as part of a normal Win64 build. BUG=168414 Review URL: https://chromiumcodereview.appspot.com/11788002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@175278 0039d316-1c4b-4281-b951-d872f2087c98
* Base: Update ScopedProcessInformation to use ScopedHandle and restrict Receive()rvargas@google.com2013-01-031-3/+4
| | | | | | | | | | to the span of the callsite. BUG=none TEST=base_unittests Review URL: https://codereview.chromium.org/11636061 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174998 0039d316-1c4b-4281-b951-d872f2087c98
* Fix Android x86 build with a quick hack.jln@chromium.org2012-12-201-2/+3
| | | | | | | | | | | BUG=166704 TBR=markus NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11649044 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174244 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 174135jochen@chromium.org2012-12-207-752/+19
| | | | | | | | | | | | | | | | | | > SECCOMP-BPF: Added support for checking system call arguments against bit masks. > > > BUG=130662 > TEST=sandbox_linux_unittests > > > Review URL: https://chromiumcodereview.appspot.com/11613016 Tests fail on Linux Precise bot: http://build.chromium.org/p/chromium.linux/buildstatus?builder=Linux%20Precise%20%28dbg%29&number=410 TBR=markus@chromium.org Review URL: https://codereview.chromium.org/11618035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174147 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Added support for checking system call arguments against bit masks.markus@chromium.org2012-12-207-19/+752
| | | | | | | | | | BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/11613016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174135 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Don't create an ScopedHandle with an invalid handle.rvargas@chromium.org2012-12-201-1/+2
| | | | | | | | | BUG=166888 TEST=none Review URL: https://chromiumcodereview.appspot.com/11639024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174122 0039d316-1c4b-4281-b951-d872f2087c98
* Update Linux sandbox tests to pass on Android.palmer@chromium.org2012-12-202-7/+25
| | | | | | | | | | BUG=166704 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11647024 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174116 0039d316-1c4b-4281-b951-d872f2087c98
* Fix for downstream android webviewboliu@chromium.org2012-12-201-0/+3
| | | | | | | | | | | | | | Previously erros is struct sigcontext is not defined. Including the header file now. TBR=jln,markus Android only include change. Android trybots pass compile. NOTRY=true BUG= Review URL: https://chromiumcodereview.appspot.com/11636039 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174104 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: get everything to compile on Android.jln@chromium.org2012-12-205-7/+47
| | | | | | | | | | | | | We define our own android_arm_ucontext.h file since signal.h doesn't define ucontext_t on Android. BUG=166704 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11618010 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@174070 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: compile partially under Android.jln@chromium.org2012-12-196-20/+102
| | | | | | | | | | | Get a subset of sandbox/linux to compile under Android. BUG=166704 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11612014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173954 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Added supported for inspection system call arguments from BPF ↵markus@chromium.org2012-12-1514-290/+1029
| | | | | | | | | | | | | filters. BUG=130662 TEST=sandbox_linux_unittests NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11411254 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173243 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: Basic support for GPU broker.jln@chromium.org2012-12-142-7/+9
| | | | | | | | | | | | | | | We add a GPU broker process to make sure we can open certain files once the sandbox is started. We do not need to allow open() in the GPU policy in certain configuration anymore, which creates an effective GPU sandbox. BUG=166111 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11569028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173233 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add a new low-level broker process mechanism.jln@chromium.org2012-12-145-0/+809
| | | | | | | | | | | | | | | | | We add a new low-level broker process mechanism that can be async signal safe and is suitable for use in the seccomp-bpf sandbox. Also fix UnixDomainSocket::SendMsg() to never generate a SIGPIPE. This is a re-land of https://chromiumcodereview.appspot.com/11557025/ (173064) BUG=165837 TBR=markus,willchan NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11564030 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173128 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 173064gene@chromium.org2012-12-145-809/+0
| | | | | | | | | | | | | | | | | | | > Linux sandbox: add a new low-level broker process mechanism. > > We add a new low-level broker process mechanism that can be > async signal safe and is suitable for use in the seccomp-bpf sandbox. > > Also fix UnixDomainSocket::SendMsg() to never generate a SIGPIPE. > > BUG=165837 > NOTRY=true > > Review URL: https://chromiumcodereview.appspot.com/11557025 TBR=jln@chromium.org Review URL: https://codereview.chromium.org/11573030 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173065 0039d316-1c4b-4281-b951-d872f2087c98
* Linux sandbox: add a new low-level broker process mechanism.jln@chromium.org2012-12-145-0/+809
| | | | | | | | | | | | | | We add a new low-level broker process mechanism that can be async signal safe and is suitable for use in the seccomp-bpf sandbox. Also fix UnixDomainSocket::SendMsg() to never generate a SIGPIPE. BUG=165837 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11557025 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173064 0039d316-1c4b-4281-b951-d872f2087c98
* sandbox-bpf: more robust probe process in release modejln@chromium.org2012-12-051-1/+22
| | | | | | | | | | | | In release mode, we don't fail on probe process failing on close() as an attempt to circumvent a very puzzling bug. BUG=152530 Review URL: https://chromiumcodereview.appspot.com/11446011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@171351 0039d316-1c4b-4281-b951-d872f2087c98
* SandboxBpf: new reliable test for SandboxSyscalljln@chromium.org2012-12-052-1/+63
| | | | | | | | | | | | We use a BPF policy to create a reliable test for our SandboxSyscall() facility. BUG=163904, 162925 Review URL: https://chromiumcodereview.appspot.com/11428157 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@171157 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Fix SandboxSyscall()markus@chromium.org2012-12-043-68/+125
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Eliminate variadic arguments in favor of C++ templates. This makes ASAN and Valgrind much happier, as we are no longer accessing more arguments than what has been passed into our function (i.e. in the past, we'd always forward six arguments to the kernel, even if the system call needed fewer; now, we explicitly pass zeros). - In the past, callers had to be very careful when passing NULL, as the C++ compiler was likely to treat this macro as a 32bit integer value rather than a 64bit pointer. We now always perform sign extension for expanding arguments to the full native word width. - On x86-64, we could clobber up to eight (in some cases 16) bytes in the red zone. This would typically only happen when high optimization levels were turned on, and in many cases it ended up overwriting data that was no longer needed. But we have seen at least one case where we ended up clobbering a system call parameter. We now explicitly avoid the red zone and this problem can no longer happen. BUG=163904,162925 TEST=sandbox_linux_unittests NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11416326 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@170896 0039d316-1c4b-4281-b951-d872f2087c98
* Linux Sandbox: add test for one argument system calls.jln@chromium.org2012-12-031-0/+8
| | | | | | | | | | | | | Make it easier to reproduce simple bugs and issues by adding a trivial test for system calls with one argument. BUG=163904 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11434088 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@170804 0039d316-1c4b-4281-b951-d872f2087c98
* Seccomp-BPF: disable ASAN on SandboxSyscall()jln@chromium.org2012-11-271-0/+5
| | | | | | | | | | | | | SandboxSyscall uses variadic arguments from the stack and it seems to confuse ASAN. BUG=162925 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11416209 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169733 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Verify the return value when changing memory protection.rvargas@google.com2012-11-272-2/+6
| | | | | | | BUG=162073 TEST=none git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169545 0039d316-1c4b-4281-b951-d872f2087c98
* setuid tools: open /proc directories relativelyjln@chromium.org2012-11-271-21/+44
| | | | | | | | | | | | | Fix a race where we could end-up opening the wrong /proc/pid/fd because we were using absolute paths. BUG=162489 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11418160 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169541 0039d316-1c4b-4281-b951-d872f2087c98
* SECCOMP-BPF: Added support for greylisting of system calls.markus@chromium.org2012-11-2214-67/+1074
| | | | | | | | | | | | | | | | | | | | | | In addition to a Sandbox::Trap() handler, we now have a Sandbox::UnsafeTrap() handler. This feature should only be used for debugging purposes as it subverts the security of the sandbox. But it is useful to track down problems with the sandboxing policy. Within an unsafe trap handler, all sandbox restrictions are lifted. This, for example, allows us to allow system calls that would normally be denied by the policy, but to log their arguments, return value, and call stack. N.B.: this is the second attempt at submitting this CL. See https://chromiumcodereview.appspot.com/11363212/ for previous code reviews BUG=130662 TEST=sandbox_linux_unittests NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11419121 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169213 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox BPF: print pointer size in testjln@chromium.org2012-11-211-0/+2
| | | | | | | | | | | Print the size of pointers in the CallSupports test. BUG= NOTRY=true Review URL: https://chromiumcodereview.appspot.com/11416143 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169125 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 168969 - Added support for greylisting of system calls.nona@chromium.org2012-11-2114-1008/+67
| | | | | | | | | | | | | | | | | | | | | | | | Reason: SigBus test failure -- LOG -- SandboxBpf.SigBus: sandbox/linux/tests/unit_tests.cc:65: Failure Value of: subprocess_exit_status Actual: 1 Expected: kExpectedValue Which is: 42 --------- BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/11363212 TBR=markus@chromium.org Review URL: https://codereview.chromium.org/11418112 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168993 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-07 05:22:22 +0000