// Common code for sandbox startup. static void SetCurrentProcessSandbox(UniquePtr<sandbox::bpf_dsl::Policy> aPolicy) { MOZ_ASSERT(gSandboxCrashFunc); // Note: PolicyCompiler borrows the policy and registry for its // lifetime, but does not take ownership of them. sandbox::bpf_dsl::PolicyCompiler compiler(aPolicy.get(), sandbox::Trap::Registry()); auto program = compiler.Compile(); if (SandboxInfo::Get().Test(SandboxInfo::kVerbose)) { sandbox::bpf_dsl::DumpBPF::PrintProgram(*program); } InstallSigSysHandler(); #ifdef MOZ_ASAN __sanitizer_sandbox_arguments asanArgs; asanArgs.coverage_sandboxed = 1; asanArgs.coverage_fd = -1; asanArgs.coverage_max_block_size = 0; __sanitizer_sandbox_on_notify(&asanArgs); #endif // The syscall takes a C-style array, so copy the vector into one. UniquePtr<sock_filter[]> flatProgram(new sock_filter[program->size()]); for (auto i = program->begin(); i != program->end(); ++i) { flatProgram[i - program->begin()] = *i; } BroadcastSetThreadSandbox(Move(flatProgram), program->size()); }
// Common code for sandbox startup. static void SetCurrentProcessSandbox(SandboxType aType) { if (InstallSyscallReporter()) { LOG_ERROR("install_syscall_reporter() failed\n"); } BroadcastSetThreadSandbox(aType); }
// Common code for sandbox startup. static void SetCurrentProcessSandbox(SandboxType aType) { MOZ_ASSERT(gSandboxCrashFunc); if (InstallSyscallReporter()) { SANDBOX_LOG_ERROR("install_syscall_reporter() failed\n"); } BroadcastSetThreadSandbox(aType); }
// Common code for sandbox startup. static void SetCurrentProcessSandbox(UniquePtr<sandbox::bpf_dsl::Policy> aPolicy) { MOZ_ASSERT(gSandboxCrashFunc); // Note: PolicyCompiler borrows the policy and registry for its // lifetime, but does not take ownership of them. sandbox::bpf_dsl::PolicyCompiler compiler(aPolicy.get(), sandbox::Trap::Registry()); auto program = compiler.Compile(); if (SandboxInfo::Get().Test(SandboxInfo::kVerbose)) { sandbox::bpf_dsl::DumpBPF::PrintProgram(*program); } InstallSigSysHandler(); #ifdef MOZ_ASAN __sanitizer_sandbox_arguments asanArgs; asanArgs.coverage_sandboxed = 1; asanArgs.coverage_fd = -1; asanArgs.coverage_max_block_size = 0; __sanitizer_sandbox_on_notify(&asanArgs); #endif // The syscall takes a C-style array, so copy the vector into one. size_t programLen = program->size(); UniquePtr<sock_filter[]> flatProgram(new sock_filter[programLen]); for (auto i = program->begin(); i != program->end(); ++i) { flatProgram[i - program->begin()] = *i; } sock_fprog fprog; fprog.filter = flatProgram.get(); fprog.len = static_cast<unsigned short>(programLen); MOZ_RELEASE_ASSERT(static_cast<size_t>(fprog.len) == programLen); const SandboxInfo info = SandboxInfo::Get(); if (info.Test(SandboxInfo::kHasSeccompTSync)) { if (info.Test(SandboxInfo::kVerbose)) { SANDBOX_LOG_ERROR("using seccomp tsync"); } ApplySandboxWithTSync(&fprog); } else { if (info.Test(SandboxInfo::kVerbose)) { SANDBOX_LOG_ERROR("no tsync support; using signal broadcast"); } BroadcastSetThreadSandbox(&fprog); } MOZ_RELEASE_ASSERT(!gChrootHelper, "forgot to chroot"); }
// Common code for sandbox startup. static void SetCurrentProcessSandbox(SandboxType aType) { MOZ_ASSERT(gSandboxCrashFunc); if (InstallSyscallReporter()) { SANDBOX_LOG_ERROR("install_syscall_reporter() failed\n"); } #ifdef MOZ_ASAN __sanitizer_sandbox_arguments asanArgs; asanArgs.coverage_sandboxed = 1; asanArgs.coverage_fd = -1; asanArgs.coverage_max_block_size = 0; __sanitizer_sandbox_on_notify(&asanArgs); #endif BroadcastSetThreadSandbox(aType); }
/** * Starts the seccomp sandbox for this process and sets user/group-based privileges. * Should be called only once, and before any potentially harmful content is loaded. * * Should normally make the process exit on failure. */ void SetCurrentProcessSandbox() { #if !defined(ANDROID) && defined(PR_LOGGING) if (!gSeccompSandboxLog) { gSeccompSandboxLog = PR_NewLogModule("SeccompSandbox"); } PR_ASSERT(gSeccompSandboxLog); #endif #if defined(MOZ_CONTENT_SANDBOX_REPORTER) if (InstallSyscallReporter()) { LOG_ERROR("install_syscall_reporter() failed\n"); } #endif if (IsSandboxingSupported()) { BroadcastSetThreadSandbox(); } }