blob: 25cbf954fc15a961defab1f912db9a1d7c41d692 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <string>
#include "base/command_line.h"
#include "base/logging.h"
#include "content/common/sandbox_linux.h"
#include "content/public/common/content_switches.h"
#include "content/public/common/sandbox_init.h"
namespace content {
// TODO(jln): have call sites provide a process / policy type to
// InitializeSandbox().
bool InitializeSandbox() {
bool seccomp_legacy_started = false;
bool seccomp_bpf_started = false;
LinuxSandbox* linux_sandbox = LinuxSandbox::GetInstance();
const std::string process_type =
CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
switches::kProcessType);
// No matter what, it's always an error to call InitializeSandbox() after
// threads have been created.
if (!linux_sandbox->IsSingleThreaded()) {
std::string error_message = "InitializeSandbox() called with multiple "
"threads in process " + process_type;
// TODO(jln): change this into a CHECK() once we are more comfortable it
// does not trigger.
LOG(ERROR) << error_message;
return false;
}
// Attempt to limit the future size of the address space of the process.
linux_sandbox->LimitAddressSpace(process_type);
// First, try to enable seccomp-bpf.
seccomp_bpf_started = linux_sandbox->StartSeccompBpf(process_type);
// If that fails, try to enable seccomp-legacy.
if (!seccomp_bpf_started) {
seccomp_legacy_started = linux_sandbox->StartSeccompLegacy(process_type);
}
return seccomp_legacy_started || seccomp_bpf_started;
}
} // namespace content
|
