blob: cc66c5bc96f8768a4eeff4e622c6a34348ebd3a9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CONTENT_COMMON_SANDBOX_LINUX_BPF_GPU_POLICY_LINUX_H_
#define CONTENT_COMMON_SANDBOX_LINUX_BPF_GPU_POLICY_LINUX_H_
#include <string>
#include <vector>
#include "base/callback_forward.h"
#include "content/common/sandbox_linux/sandbox_bpf_base_policy_linux.h"
namespace sandbox {
namespace syscall_broker {
class BrokerFilePermission;
class BrokerProcess;
}
}
namespace content {
class GpuProcessPolicy : public SandboxBPFBasePolicy {
public:
GpuProcessPolicy();
explicit GpuProcessPolicy(bool allow_mincore);
~GpuProcessPolicy() override;
sandbox::bpf_dsl::ResultExpr EvaluateSyscall(
int system_call_number) const override;
bool PreSandboxHook() override;
protected:
// Start a broker process to handle open() inside the sandbox.
// |broker_sandboxer_allocator| is a function pointer which can allocate a
// suitable sandbox policy for the broker process itself.
// |permissions_extra| is a list of file permissions
// that should be whitelisted by the broker process, in addition to
// the basic ones.
void InitGpuBrokerProcess(
sandbox::bpf_dsl::Policy* (*broker_sandboxer_allocator)(void),
const std::vector<sandbox::syscall_broker::BrokerFilePermission>&
permissions_extra);
sandbox::syscall_broker::BrokerProcess* broker_process() {
return broker_process_;
}
private:
// A BrokerProcess is a helper that is started before the sandbox is engaged
// and will serve requests to access files over an IPC channel. The client of
// this runs from a SIGSYS handler triggered by the seccomp-bpf sandbox.
// This should never be destroyed, as after the sandbox is started it is
// vital to the process.
// This is allocated by InitGpuBrokerProcess, called from PreSandboxHook(),
// which executes iff the sandbox is going to be enabled afterwards.
sandbox::syscall_broker::BrokerProcess* broker_process_;
// eglCreateWindowSurface() needs mincore().
bool allow_mincore_;
DISALLOW_COPY_AND_ASSIGN(GpuProcessPolicy);
};
} // namespace content
#endif // CONTENT_COMMON_SANDBOX_LINUX_BPF_GPU_POLICY_LINUX_H_
|
