blob: a9288fbb4a60873166e05dfd66b81d5ceec5878e [file] [log] [blame]
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "content/common/sandbox_linux/bpf_utility_policy_linux.h"
#include <errno.h>
#include "base/basictypes.h"
#include "build/build_config.h"
#include "content/common/sandbox_linux/sandbox_linux.h"
#include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h"
#include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h"
#include "sandbox/linux/services/linux_syscalls.h"
using sandbox::SyscallSets;
using sandbox::bpf_dsl::Allow;
using sandbox::bpf_dsl::Error;
using sandbox::bpf_dsl::ResultExpr;
namespace content {
UtilityProcessPolicy::UtilityProcessPolicy() {
}
UtilityProcessPolicy::~UtilityProcessPolicy() {
}
ResultExpr UtilityProcessPolicy::EvaluateSyscall(int sysno) const {
// TODO(mdempsky): For now, this is just a copy of the renderer
// policy, which happens to work well for utility processes too. It
// should be possible to limit further though. In particular, the
// entries below annotated with bug references are most likely
// unnecessary.
switch (sysno) {
case __NR_ioctl:
return sandbox::RestrictIoctl();
// Allow the system calls below.
case __NR_fdatasync:
case __NR_fsync:
#if defined(__i386__) || defined(__x86_64__)
case __NR_getrlimit:
#endif
#if defined(__i386__) || defined(__arm__)
case __NR_ugetrlimit:
#endif
case __NR_pread64:
case __NR_pwrite64:
case __NR_sysinfo:
case __NR_times:
case __NR_uname:
return Allow();
default:
// Default on the content baseline policy.
return SandboxBPFBasePolicy::EvaluateSyscall(sysno);
}
}
} // namespace content