| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
|
|
|
| |
SandboxSyscall uses variadic arguments from the stack and it seems to confuse
ASAN.
BUG=162925
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/11416209
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169733 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
| |
BUG=162073
TEST=none
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169545 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix a race where we could end-up opening the wrong /proc/pid/fd because
we were using absolute paths.
BUG=162489
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/11418160
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169541 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In addition to a Sandbox::Trap() handler, we now have a Sandbox::UnsafeTrap()
handler. This feature should only be used for debugging purposes as it subverts
the security of the sandbox. But it is useful to track down problems with the
sandboxing policy. Within an unsafe trap handler, all sandbox restrictions are
lifted. This, for example, allows us to allow system calls that would normally
be denied by the policy, but to log their arguments, return value, and call stack.
N.B.: this is the second attempt at submitting this CL. See https://chromiumcodereview.appspot.com/11363212/
for previous code reviews
BUG=130662
TEST=sandbox_linux_unittests
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/11419121
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169213 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
| |
Print the size of pointers in the CallSupports test.
BUG=
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/11416143
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@169125 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reason: SigBus test failure
-- LOG --
SandboxBpf.SigBus:
sandbox/linux/tests/unit_tests.cc:65: Failure
Value of: subprocess_exit_status
Actual: 1
Expected: kExpectedValue
Which is: 42
---------
BUG=130662
TEST=sandbox_linux_unittests
Review URL: https://chromiumcodereview.appspot.com/11363212
TBR=markus@chromium.org
Review URL: https://codereview.chromium.org/11418112
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168993 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=130662
TEST=sandbox_linux_unittests
Review URL: https://chromiumcodereview.appspot.com/11363212
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168969 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
| |
This means that external timeouts (the test framework) are now the
dominant factor to detect a hung test.
BUG=137652
TEST=none
Review URL: https://codereview.chromium.org/11299052
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@168336 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
| |
Review URL: https://codereview.chromium.org/11366229
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@167739 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PolicyRule copy ctor was not taking into account that the source policy rule
could be using some 'constants' memory at the bottom, so adding further
opcodes to the new policy rule would overwrite the copied ones.
In other words, this pattern
PolicyRule pr_orig(ASK_BROKER);
pr_orig.AddStringMatch(...);
PolicyRule pr_copy(pr_orig);
pr_copy.AddStringMatch(...);
Was broken. This was not impacting the chrome sbox code because we don't
mutate the new rule after copy construction.
Acknoledgments to Ashutosh Mehra from Adobe Corp for pointing the bug
and providing a test case.
BUG=160890
TEST=new unittest added
Review URL: https://codereview.chromium.org/11275301
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@167571 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This data can be used by the policy to communicate with the method that set up policy.
In BPF_TEST()s it allows us to avoid global variables.
BUG=130662
TEST=sandbox_linux_unittests
Review URL: https://chromiumcodereview.appspot.com/11230048
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@165123 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we set-up the probe process to test seccomp-bpf availability, setting
a pipe on stderr can sometimes fail. Presumably if this descriptor is backed
by a file on a file system that will return an error on close().
We don't consider not being able to set-up the pipe on stderr as a fatal error
anymore.
BUG=152530
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/11300014
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@164850 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that OWNERS supports per-file owners, we can limit the scope of the
top-level wildcard to just DEPS, and make darin and ben owners for
everything else and remove the broad use of "set noparent".
R=ben@chromium.org, darin@chromium.org
BUG=88315
Review URL: https://codereview.chromium.org/11191038
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@163069 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
| |
Added explicit type conversion in initilization list.
BUG=None
TEST=Built using gcc 4.7.
Review URL: https://chromiumcodereview.appspot.com/11193050
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162945 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New code generator that is more generic and can automatically reorder
instructions to meet the constraints of BPF programs.
Previously, we were very careful to emit instructions in just the
right order so that there would only ever be forward jumps. As we add
more features to our BPF programs, this code is getting fragile.
So, instead, we now use standard compiler techniques; we first build a
graph of all the instructions, then we split them into basic blocks,
we perform some basic optimizations (at the moment, this is just the
merging of common tails of instructions), we sort the basic blocks
topologically, and then we reassemble all the blocks into a BPF
program.
There should be no functional change, but this code is the
pre-requisite for upcoming changes.
BUG=130662
TEST=sandbox_linux_unittests
Review URL: https://chromiumcodereview.appspot.com/10690011
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162924 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We can't enable DEP at launch prior to Win7, but we can queue an APC to enable immediately after the loader finishes.
BUG=147752
Review URL: https://chromiumcodereview.appspot.com/10944015
TBR=jschuh@chromium.org
Review URL: https://codereview.chromium.org/11194027
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162300 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
We can't enable DEP at launch prior to Win7, but we can queue an APC to enable immediately after the loader finishes.
BUG=147752
Review URL: https://chromiumcodereview.appspot.com/10944015
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162293 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid needlessly expensive scanning of system call ranges.
This CL improves how we deal with discontiguous ranges of system call numbers.
(Original CL by markus@chromium.org)
TEST=sandbox_linux_unittests on x86_64 and ARM
BUG=148856
Review URL: https://chromiumcodereview.appspot.com/11096012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@161943 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Wrap dup2 with HANDLE_EINTR in the error reporting set-up for the BPF
support detection process.
We also print errno as an attempt to obtain more information on this puzzling
bug.
BUG=152530
Review URL: https://chromiumcodereview.appspot.com/11103021
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@161443 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new tests do aral end-to-end testing that the JOB_NONE flag works
as expected.
BUG=79091
TEST=sbox_integration_tests
Review URL: https://chromiumcodereview.appspot.com/11017012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@161245 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a temporary change to narrow down failures enabling mitigations on Win8. I'll revert once the cause is determined.
BUG=153399
Review URL: https://codereview.chromium.org/11040046
TBR=jschuh@chromium.org
Review URL: https://codereview.chromium.org/11026071
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160419 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
| |
This is a temporary change to narrow down failures enabling mitigations on Win8. I'll revert once the cause is determined.
BUG=153399
Review URL: https://codereview.chromium.org/11040046
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160252 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These tests are failing due to timing issues on the slower bots after
crrev.com/160133 landed. Julian will fiddle with the timings and re-
enable the tests tomorrow.
BUG=79091
TBR=pastarmovj@chromium.org
Review URL: https://codereview.chromium.org/11030028
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160137 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
outside of a job and wire it to a cmd line flag.
This is needed for running chrome in Citrix or RemoteApp (Terminal Services) environments.
These envoronments both start the main process inside a job spawned by rdpinit.exe
(at least in the RemoteApp case) and the process are not allowed to escape it
therefore when the job assignment is attempted it failes with ERROR_PERMISSION_DENIED.
This is not a problem in Windows 8/Server 2012 because these allow nested jobs so we
should only respect this flag for versions older than that.
BUG=79091
TEST=Start Chrome as a published app with --allow-no-job and observe it spawning renderer processes properly.
Review URL: https://chromiumcodereview.appspot.com/10908171
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160133 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
of Chrome (Windows only).
BUG=131699,153148
Enabling handle tracing for the whole lifetime of a process uncovers to many bugs, causing lots of crashes. A supression or selective enablement mechanism is required to make it work.
Review URL: https://chromiumcodereview.appspot.com/11035012
TBR=alexeypa@chromium.org
Review URL: https://codereview.chromium.org/11043021
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159914 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
| |
(Windows only).
BUG=131699,153148
Review URL: https://chromiumcodereview.appspot.com/11035012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159850 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
| |
BUG=153399
Review URL: https://codereview.chromium.org/11036009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159632 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
| |
BUG=152814
Review URL: https://chromiumcodereview.appspot.com/10981061
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159215 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
don't support).
BUG=none
TEST=none
Review URL: https://codereview.chromium.org/10951038
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@158165 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
| |
Review URL: https://chromiumcodereview.appspot.com/10956050
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@158132 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
| |
Review URL: https://chromiumcodereview.appspot.com/10942004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@157509 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=None
TEST=Compile and run sandbox_linux_unittests on ARM.
Review URL: https://chromiumcodereview.appspot.com/10908270
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156944 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
| |
BUG=147752
Review URL: https://codereview.chromium.org/10690058
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156657 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=147752
Review URL: https://codereview.chromium.org/10690058
TBR=jschuh@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10907217
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156556 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
| |
BUG=147752
Review URL: https://codereview.chromium.org/10690058
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156550 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=147752
Review URL: https://chromiumcodereview.appspot.com/10690058
TBR=jschuh@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10918197
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156322 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
| |
BUG=147752
Review URL: https://chromiumcodereview.appspot.com/10690058
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156315 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=146944
TBR=nsylvain@chromium.org
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/10910125
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@155286 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Both sandboxes are not fully compatible yet; it is not
possible to enable the AppContainer if the process is to be
fully sandboxed (USER_LOCKDOWN), but the sandbox is user
configurable anyway.
BUG=none
TEST=sbox_unittests, sbox_integration_tests
Review URL: https://chromiumcodereview.appspot.com/10825425
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@154986 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
explicit functions. Added code that allows testing of the sandbox infrastructure
with Valgrind (this currently only works when building with the Makefile; we
still need to decide if and how we want to expose this to our unittests).
Added a way to unittest the ErrorCode class.
BUG=n/a
TEST=sandbox_linux_unittests
Review URL: https://chromiumcodereview.appspot.com/10833044
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@154397 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
| |
Review URL: https://chromiumcodereview.appspot.com/10878071
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@153606 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
run all tests
inside their own processes. And we have another set of helpers that ensure we actually set
a sandboxing policy and don't forget to start the sandbox prior to running the tests.
Also simplified the handling of unexpected failure and termination of the sandbox'd process.
TODO: we still don't have a good story for testing fatal errors. We will eventually need
some form of exit tests.
BUG=n/a
TEST=sandbox_linux_unittests
Review URL: https://chromiumcodereview.appspot.com/10878033
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@153555 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
| |
BUG=6944
TEST=none
Review URL: https://chromiumcodereview.appspot.com/10860081
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@153035 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=137791
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/10831414
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@152806 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=141157
TEST=Build and boot on daisy, check about:sandbox for "Seccomp-BPF Yes".
Review URL: https://chromiumcodereview.appspot.com/10837316
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@152448 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=141157
TEST=Build and boot on daisy.
Review URL: https://chromiumcodereview.appspot.com/10830348
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@152164 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
| |
NOTRY=true
Review URL: https://chromiumcodereview.appspot.com/10818015
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@152123 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=141157
TEST=about:sandbox on daisy shows "Seccomp-BPF Yes".
Review URL: https://chromiumcodereview.appspot.com/10836243
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@151650 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
|
|
| |
BUG=141157
TEST=unit tests on daisy.
Review URL: https://chromiumcodereview.appspot.com/10827223
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@151007 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
|
|
|
|
|
| |
BUG=6944
TEST=sbox_integration_tests
Review URL: https://chromiumcodereview.appspot.com/10837151
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150957 0039d316-1c4b-4281-b951-d872f2087c98
|