summaryrefslogtreecommitdiffstats
path: root/sandbox
Commit message (Collapse)AuthorAgeFilesLines
* Remove all the "set noparent" directivesdpranke@chromium.org2012-10-191-2/+0
| | | | | | | | | | | | | Now that OWNERS supports per-file owners, we can limit the scope of the top-level wildcard to just DEPS, and make darin and ben owners for everything else and remove the broad use of "set noparent". R=ben@chromium.org, darin@chromium.org BUG=88315 Review URL: https://codereview.chromium.org/11191038 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@163069 0039d316-1c4b-4281-b951-d872f2087c98
* Minor fix for gcc builidng problem.shenhan@google.com2012-10-191-1/+2
| | | | | | | | | | | | Added explicit type conversion in initilization list. BUG=None TEST=Built using gcc 4.7. Review URL: https://chromiumcodereview.appspot.com/11193050 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162945 0039d316-1c4b-4281-b951-d872f2087c98
* SANDBOX-BPF: Initial version of the updated code generator.markus@chromium.org2012-10-1914-153/+1469
| | | | | | | | | | | | | | | | | | | | | | | | | | | New code generator that is more generic and can automatically reorder instructions to meet the constraints of BPF programs. Previously, we were very careful to emit instructions in just the right order so that there would only ever be forward jumps. As we add more features to our BPF programs, this code is getting fragile. So, instead, we now use standard compiler techniques; we first build a graph of all the instructions, then we split them into basic blocks, we perform some basic optimizations (at the moment, this is just the merging of common tails of instructions), we sort the basic blocks topologically, and then we reassemble all the blocks into a BPF program. There should be no functional change, but this code is the pre-requisite for upcoming changes. BUG=130662 TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/10690011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162924 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 162293 - Enable DEP earlier on Vista and belowmattm@chromium.org2012-10-173-29/+29
| | | | | | | | | | | | | We can't enable DEP at launch prior to Win7, but we can queue an APC to enable immediately after the loader finishes. BUG=147752 Review URL: https://chromiumcodereview.appspot.com/10944015 TBR=jschuh@chromium.org Review URL: https://codereview.chromium.org/11194027 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162300 0039d316-1c4b-4281-b951-d872f2087c98
* Enable DEP earlier on Vista and belowjschuh@chromium.org2012-10-173-29/+29
| | | | | | | | | | We can't enable DEP at launch prior to Win7, but we can queue an APC to enable immediately after the loader finishes. BUG=147752 Review URL: https://chromiumcodereview.appspot.com/10944015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@162293 0039d316-1c4b-4281-b951-d872f2087c98
* Add a platform-specific syscall number iterator.jorgelo@chromium.org2012-10-159-107/+401
| | | | | | | | | | | | | | | Avoid needlessly expensive scanning of system call ranges. This CL improves how we deal with discontiguous ranges of system call numbers. (Original CL by markus@chromium.org) TEST=sandbox_linux_unittests on x86_64 and ARM BUG=148856 Review URL: https://chromiumcodereview.appspot.com/11096012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@161943 0039d316-1c4b-4281-b951-d872f2087c98
* Seccomp BPF: handle EINTR in error reporting setup.jln@chromium.org2012-10-111-3/+8
| | | | | | | | | | | | | | | Wrap dup2 with HANDLE_EINTR in the error reporting set-up for the BPF support detection process. We also print errno as an attempt to obtain more information on this puzzling bug. BUG=152530 Review URL: https://chromiumcodereview.appspot.com/11103021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@161443 0039d316-1c4b-4281-b951-d872f2087c98
* Re-enable the tests for jobless children and add some more to them.pastarmovj@chromium.org2012-10-111-17/+100
| | | | | | | | | | | | | The new tests do aral end-to-end testing that the JOB_NONE flag works as expected. BUG=79091 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/11017012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@161245 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 160252 - Make mitigation failures CHECKjschuh@chromium.org2012-10-051-17/+23
| | | | | | | | | | | | This is a temporary change to narrow down failures enabling mitigations on Win8. I'll revert once the cause is determined. BUG=153399 Review URL: https://codereview.chromium.org/11040046 TBR=jschuh@chromium.org Review URL: https://codereview.chromium.org/11026071 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160419 0039d316-1c4b-4281-b951-d872f2087c98
* Make mitigation failures CHECKjschuh@chromium.org2012-10-041-23/+17
| | | | | | | | | This is a temporary change to narrow down failures enabling mitigations on Win8. I'll revert once the cause is determined. BUG=153399 Review URL: https://codereview.chromium.org/11040046 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160252 0039d316-1c4b-4281-b951-d872f2087c98
* Temporarily disable failing integration tests on Windowsbartfab@chromium.org2012-10-041-5/+5
| | | | | | | | | | | | | These tests are failing due to timing issues on the slower bots after crrev.com/160133 landed. Julian will fiddle with the timings and re- enable the tests tomorrow. BUG=79091 TBR=pastarmovj@chromium.org Review URL: https://codereview.chromium.org/11030028 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160137 0039d316-1c4b-4281-b951-d872f2087c98
* Add a parameter to the sandbox policy to allow sandboxed process to run ↵pastarmovj@chromium.org2012-10-0410-26/+211
| | | | | | | | | | | | | | | | | | | outside of a job and wire it to a cmd line flag. This is needed for running chrome in Citrix or RemoteApp (Terminal Services) environments. These envoronments both start the main process inside a job spawned by rdpinit.exe (at least in the RemoteApp case) and the process are not allowed to escape it therefore when the job assignment is attempted it failes with ERROR_PERMISSION_DENIED. This is not a problem in Windows 8/Server 2012 because these allow nested jobs so we should only respect this flag for versions older than that. BUG=79091 TEST=Start Chrome as a published app with --allow-no-job and observe it spawning renderer processes properly. Review URL: https://chromiumcodereview.appspot.com/10908171 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@160133 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 159850 - Enable handle tracing in Canary, Dev, and all debug builds ↵alexeypa@google.com2012-10-031-11/+6
| | | | | | | | | | | | | | | of Chrome (Windows only). BUG=131699,153148 Enabling handle tracing for the whole lifetime of a process uncovers to many bugs, causing lots of crashes. A supression or selective enablement mechanism is required to make it work. Review URL: https://chromiumcodereview.appspot.com/11035012 TBR=alexeypa@chromium.org Review URL: https://codereview.chromium.org/11043021 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159914 0039d316-1c4b-4281-b951-d872f2087c98
* Enable handle tracing in Canary, Dev, and all debug builds of Chrome ↵alexeypa@chromium.org2012-10-031-6/+11
| | | | | | | | | | | (Windows only). BUG=131699,153148 Review URL: https://chromiumcodereview.appspot.com/11035012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159850 0039d316-1c4b-4281-b951-d872f2087c98
* Improve error handling in ApplyProcessMitigationsToCurrentProcessjschuh@chromium.org2012-10-021-7/+15
| | | | | | | BUG=153399 Review URL: https://codereview.chromium.org/11036009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159632 0039d316-1c4b-4281-b951-d872f2087c98
* Add extra buckets to CrashExitCodes histogram for sandbox terminations.eroman@chromium.org2012-09-281-2/+3
| | | | | | | | BUG=152814 Review URL: https://chromiumcodereview.appspot.com/10981061 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@159215 0039d316-1c4b-4281-b951-d872f2087c98
* Remove GetModuleHandleHelper(), which was only needed for Win2k (which we ↵pkasting@chromium.org2012-09-226-83/+26
| | | | | | | | | | don't support). BUG=none TEST=none Review URL: https://codereview.chromium.org/10951038 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@158165 0039d316-1c4b-4281-b951-d872f2087c98
* Make ProcessMitigationsTest.CheckWin8 work in debug buildsjschuh@chromium.org2012-09-221-11/+15
| | | | | | Review URL: https://chromiumcodereview.appspot.com/10956050 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@158132 0039d316-1c4b-4281-b951-d872f2087c98
* Cleanup: avoid foo ? true : false, part 2.thestig@chromium.org2012-09-195-14/+9
| | | | | | Review URL: https://chromiumcodereview.appspot.com/10942004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@157509 0039d316-1c4b-4281-b951-d872f2087c98
* Fix sandbox_bpf_unittest compile on ARMjorgelo@chromium.org2012-09-151-1/+1
| | | | | | | | | | BUG=None TEST=Compile and run sandbox_linux_unittests on ARM. Review URL: https://chromiumcodereview.appspot.com/10908270 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156944 0039d316-1c4b-4281-b951-d872f2087c98
* Add sandbox support for Windows process mitigations jschuh@chromium.org2012-09-1317-309/+767
| | | | | | | BUG=147752 Review URL: https://codereview.chromium.org/10690058 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156657 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 156550 - Add sandbox support for Windows process mitigations jschuh@chromium.org2012-09-1317-746/+309
| | | | | | | | | | BUG=147752 Review URL: https://codereview.chromium.org/10690058 TBR=jschuh@chromium.org Review URL: https://chromiumcodereview.appspot.com/10907217 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156556 0039d316-1c4b-4281-b951-d872f2087c98
* Add sandbox support for Windows process mitigations jschuh@chromium.org2012-09-1317-309/+746
| | | | | | | BUG=147752 Review URL: https://codereview.chromium.org/10690058 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156550 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 156315 - Add sandbox support for Windows process mitigationsjschuh@chromium.org2012-09-1217-738/+304
| | | | | | | | | | BUG=147752 Review URL: https://chromiumcodereview.appspot.com/10690058 TBR=jschuh@chromium.org Review URL: https://chromiumcodereview.appspot.com/10918197 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156322 0039d316-1c4b-4281-b951-d872f2087c98
* Add sandbox support for Windows process mitigationsjschuh@chromium.org2012-09-1217-304/+738
| | | | | | | BUG=147752 Review URL: https://chromiumcodereview.appspot.com/10690058 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156315 0039d316-1c4b-4281-b951-d872f2087c98
* Disable FilePolicyTest, DISABLED_TestReparsePointtbreisacher@chromium.org2012-09-071-1/+2
| | | | | | | | | | BUG=146944 TBR=nsylvain@chromium.org NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10910125 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@155286 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Add support for Windows 8' AppContainer.rvargas@google.com2012-09-0517-82/+665
| | | | | | | | | | | | | Both sandboxes are not fully compatible yet; it is not possible to enable the AppContainer if the process is to be fully sandboxed (USER_LOCKDOWN), but the sandbox is user configurable anyway. BUG=none TEST=sbox_unittests, sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10825425 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@154986 0039d316-1c4b-4281-b951-d872f2087c98
* Refactored ErrorCode into it's own class. Removed operators and made themmarkus@chromium.org2012-08-3113-162/+449
| | | | | | | | | | | | | | | | explicit functions. Added code that allows testing of the sandbox infrastructure with Valgrind (this currently only works when building with the Makefile; we still need to decide if and how we want to expose this to our unittests). Added a way to unittest the ErrorCode class. BUG=n/a TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/10833044 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@154397 0039d316-1c4b-4281-b951-d872f2087c98
* Move STARTUPINFO manipulation into SpawnTargetjschuh@chromium.org2012-08-283-13/+25
| | | | | | Review URL: https://chromiumcodereview.appspot.com/10878071 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@153606 0039d316-1c4b-4281-b951-d872f2087c98
* Simplified unit testing of sandboxing code. We now have helper methods that ↵markus@chromium.org2012-08-2713-229/+453
| | | | | | | | | | | | | | | | | | | | | run all tests inside their own processes. And we have another set of helpers that ensure we actually set a sandboxing policy and don't forget to start the sandbox prior to running the tests. Also simplified the handling of unexpected failure and termination of the sandbox'd process. TODO: we still don't have a good story for testing fatal errors. We will eventually need some form of exit tests. BUG=n/a TEST=sandbox_linux_unittests Review URL: https://chromiumcodereview.appspot.com/10878033 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@153555 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Disable a test that fails on Win64.rvargas@google.com2012-08-231-0/+2
| | | | | | | | BUG=6944 TEST=none Review URL: https://chromiumcodereview.appspot.com/10860081 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@153035 0039d316-1c4b-4281-b951-d872f2087c98
* Re-enable sandbox ClientFastServer test.jln@chromium.org2012-08-221-3/+0
| | | | | | | | | | BUG=137791 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10831414 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@152806 0039d316-1c4b-4281-b951-d872f2087c98
* Add full ARM syscall list.jorgelo@chromium.org2012-08-212-12/+1361
| | | | | | | | | | BUG=141157 TEST=Build and boot on daisy, check about:sandbox for "Seccomp-BPF Yes". Review URL: https://chromiumcodereview.appspot.com/10837316 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@152448 0039d316-1c4b-4281-b951-d872f2087c98
* Add ARM syscalls to syscall sets.jorgelo@chromium.org2012-08-171-0/+4
| | | | | | | | | | BUG=141157 TEST=Build and boot on daisy. Review URL: https://chromiumcodereview.appspot.com/10830348 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@152164 0039d316-1c4b-4281-b951-d872f2087c98
* Correct style issues in Linux sandbox code.jln@chromium.org2012-08-173-7/+10
| | | | | | | | NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10818015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@152123 0039d316-1c4b-4281-b951-d872f2087c98
* Add basic ARM policy to seccomp-bpf sandbox.jorgelo@chromium.org2012-08-151-0/+28
| | | | | | | | | | BUG=141157 TEST=about:sandbox on daisy shows "Seccomp-BPF Yes". Review URL: https://chromiumcodereview.appspot.com/10836243 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@151650 0039d316-1c4b-4281-b951-d872f2087c98
* Add basic ARM support to the seccomp-bpf sandbox.jorgelo@chromium.org2012-08-104-31/+86
| | | | | | | | | | BUG=141157 TEST=unit tests on daisy. Review URL: https://chromiumcodereview.appspot.com/10827223 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@151007 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-102-45/+110
| | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10837151 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150957 0039d316-1c4b-4281-b951-d872f2087c98
* Setuid sandbox unittest: fix environment.jln@chromium.org2012-08-091-0/+12
| | | | | | | | | | | Don't pollute LD_PRELOAD in the environment after a test runs. BUG= Review URL: https://chromiumcodereview.appspot.com/10823251 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150739 0039d316-1c4b-4281-b951-d872f2087c98
* Seccomp: always call setSandboxPolicy in unittest.jln@chromium.org2012-08-091-1/+6
| | | | | | | | | | | | In seccomp-bpf unittest, we now call setSandboxPolicy even if we have no kernel support for seccomp-bpf. BUG=141545 NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10837178 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150690 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 150423 - Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-072-111/+45
| | | | | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10831160 TBR=rvargas@google.com Review URL: https://chromiumcodereview.appspot.com/10831200 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150429 0039d316-1c4b-4281-b951-d872f2087c98
* Remove X32 syscalls numbers from x86_64_linux_syscalls.hjln@chromium.org2012-08-071-116/+0
| | | | | | | | | | | | | | | There was a bug where X32 syscalls were included in x86_64_linux_syscalls.h. Thankfully, the "#if defined" guard prevented those lines from actually doing anything. BUG= NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10826190 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150428 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-072-45/+111
| | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10831160 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150423 0039d316-1c4b-4281-b951-d872f2087c98
* Linux: add our own headers for system call numbers.jln@chromium.org2012-08-073-0/+2801
| | | | | | | | | BUG= NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10825227 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@150390 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 149782 - Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-032-105/+45
| | | | | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10823134 TBR=rvargas@google.com Review URL: https://chromiumcodereview.appspot.com/10828142 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149790 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Fix CreateProcess policy tests.rvargas@google.com2012-08-032-45/+105
| | | | | | | | BUG=6944 TEST=sbox_integration_tests Review URL: https://chromiumcodereview.appspot.com/10823134 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149782 0039d316-1c4b-4281-b951-d872f2087c98
* Sandbox: Verify that members of TargetProcess are valid before freeing them.rvargas@google.com2012-08-031-10/+13
| | | | | | | | | | SpawnCleanup may trigger the destruction of a partially created TargetProcess. BUG=139898 TEST=none Review URL: https://chromiumcodereview.appspot.com/10831133 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149763 0039d316-1c4b-4281-b951-d872f2087c98
* Create a LinuxSandbox class.jln@chromium.org2012-08-023-3/+19
| | | | | | | | | | | | | | | | | | The LinuxSandbox class aims to become the central place for Linux sandboxing inside content/. For now, this refactors mostly code from the Zygote. (Note: this is a re-land of https://chromiumcodereview.appspot.com/10826093/ with a trivial fix for ARM architectures). BUG= TBR=piman@chromium.org NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10843059 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149734 0039d316-1c4b-4281-b951-d872f2087c98
* Revert 149692 - Create a LinuxSandbox class.mazda@chromium.org2012-08-023-19/+3
| | | | | | | | | | | | | | | | | | | | r149692 broke ChromiumOS (tegra2) build. The LinuxSandbox class aims to become the central place for Linux sandboxing inside content/. For now, this refactors mostly code from the Zygote. BUG= NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10826093 TBR=jln@chromium.org Review URL: https://chromiumcodereview.appspot.com/10837081 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149705 0039d316-1c4b-4281-b951-d872f2087c98
* Create a LinuxSandbox class.jln@chromium.org2012-08-023-3/+19
| | | | | | | | | | | | | | | The LinuxSandbox class aims to become the central place for Linux sandboxing inside content/. For now, this refactors mostly code from the Zygote. BUG= NOTRY=true Review URL: https://chromiumcodereview.appspot.com/10826093 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149692 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-02-19 10:07:25 +0000