services/service_manager/sandbox/linux/bpf_gpu_policy_linux.cc - chromium/src - Git at Google

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "services/service_manager/sandbox/linux/bpf_gpu_policy_linux.h"

 #include <errno.h>
 #include <fcntl.h>
 #include <sys/socket.h>
 #include <sys/types.h>
 #include <unistd.h>

 #include "base/compiler_specific.h"
 #include "base/logging.h"
 #include "base/macros.h"
 #include "build/build_config.h"
 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"
 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h"
 #include "sandbox/linux/syscall_broker/broker_process.h"
 #include "sandbox/linux/system_headers/linux_syscalls.h"
 #include "services/service_manager/sandbox/linux/bpf_base_policy_linux.h"
 #include "services/service_manager/sandbox/linux/sandbox_linux.h"
 #include "services/service_manager/sandbox/linux/sandbox_seccomp_bpf_linux.h"

 using sandbox::bpf_dsl::Allow;
 using sandbox::bpf_dsl::ResultExpr;
 using sandbox::bpf_dsl::Trap;
 using sandbox::syscall_broker::BrokerProcess;
 using sandbox::SyscallSets;

 namespace service_manager {

 GpuProcessPolicy::GpuProcessPolicy() {}

 GpuProcessPolicy::~GpuProcessPolicy() {}

 // Main policy for x86_64/i386. Extended by CrosArmGpuProcessPolicy.
 ResultExpr GpuProcessPolicy::EvaluateSyscall(int sysno) const {
   switch (sysno) {
 #if !defined(OS_CHROMEOS)
     case __NR_ftruncate:
     case __NR_fallocate:
 #endif
     case __NR_ioctl:
       return Allow();
 #if defined(__i386__) || defined(__x86_64__) || defined(__mips__)
     // The Nvidia driver uses flags not in the baseline policy
     // (MAP_LOCKED | MAP_EXECUTABLE | MAP_32BIT)
     case __NR_mmap:
 #endif
     // We also hit this on the linux_chromeos bot but don't yet know what
     // weird flags were involved.
     case __NR_mprotect:
     // TODO(jln): restrict prctl.
     case __NR_prctl:
     case __NR_sysinfo:
       return Allow();
     case __NR_sched_getaffinity:
     case __NR_sched_setaffinity:
       return sandbox::RestrictSchedTarget(GetPolicyPid(), sysno);
     case __NR_prlimit64:
       return sandbox::RestrictPrlimit64(GetPolicyPid());
     default:
       if (SyscallSets::IsEventFd(sysno))
         return Allow();

       auto* broker_process = SandboxLinux::GetInstance()->broker_process();
       if (broker_process->IsSyscallAllowed(sysno)) {
         return Trap(BrokerProcess::SIGSYS_Handler, broker_process);
       }

       // Default on the baseline policy.
       return BPFBasePolicy::EvaluateSyscall(sysno);
   }
 }

 }  // namespace service_manager
	// Copyright (c) 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "services/service_manager/sandbox/linux/bpf_gpu_policy_linux.h"

	#include <errno.h>
	#include <fcntl.h>
	#include <sys/socket.h>
	#include <sys/types.h>
	#include <unistd.h>

	#include "base/compiler_specific.h"
	#include "base/logging.h"
	#include "base/macros.h"
	#include "build/build_config.h"
	#include "sandbox/linux/bpf_dsl/bpf_dsl.h"
	#include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"
	#include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h"
	#include "sandbox/linux/syscall_broker/broker_process.h"
	#include "sandbox/linux/system_headers/linux_syscalls.h"
	#include "services/service_manager/sandbox/linux/bpf_base_policy_linux.h"
	#include "services/service_manager/sandbox/linux/sandbox_linux.h"
	#include "services/service_manager/sandbox/linux/sandbox_seccomp_bpf_linux.h"

	using sandbox::bpf_dsl::Allow;
	using sandbox::bpf_dsl::ResultExpr;
	using sandbox::bpf_dsl::Trap;
	using sandbox::syscall_broker::BrokerProcess;
	using sandbox::SyscallSets;

	namespace service_manager {

	GpuProcessPolicy::GpuProcessPolicy() {}

	GpuProcessPolicy::~GpuProcessPolicy() {}

	// Main policy for x86_64/i386. Extended by CrosArmGpuProcessPolicy.
	ResultExpr GpuProcessPolicy::EvaluateSyscall(int sysno) const {
	switch (sysno) {
	#if !defined(OS_CHROMEOS)
	case __NR_ftruncate:
	case __NR_fallocate:
	#endif
	case __NR_ioctl:
	return Allow();
	#if defined(__i386__) \|\| defined(__x86_64__) \|\| defined(__mips__)
	// The Nvidia driver uses flags not in the baseline policy
	// (MAP_LOCKED \| MAP_EXECUTABLE \| MAP_32BIT)
	case __NR_mmap:
	#endif
	// We also hit this on the linux_chromeos bot but don't yet know what
	// weird flags were involved.
	case __NR_mprotect:
	// TODO(jln): restrict prctl.
	case __NR_prctl:
	case __NR_sysinfo:
	return Allow();
	case __NR_sched_getaffinity:
	case __NR_sched_setaffinity:
	return sandbox::RestrictSchedTarget(GetPolicyPid(), sysno);
	case __NR_prlimit64:
	return sandbox::RestrictPrlimit64(GetPolicyPid());
	default:
	if (SyscallSets::IsEventFd(sysno))
	return Allow();

	auto* broker_process = SandboxLinux::GetInstance()->broker_process();
	if (broker_process->IsSyscallAllowed(sysno)) {
	return Trap(BrokerProcess::SIGSYS_Handler, broker_process);
	}

	// Default on the baseline policy.
	return BPFBasePolicy::EvaluateSyscall(sysno);
	}
	}

	} // namespace service_manager