diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-08-28 15:28:34 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-08-28 13:54:51 +0000 |
commit | 2a19c63448c84c1805fb1a585c3651318bb86ca7 (patch) | |
tree | eb17888e8531aa6ee5e85721bd553b832a7e5156 /chromium/sandbox/mac | |
parent | b014812705fc80bff0a5c120dfcef88f349816dc (diff) | |
download | qtwebengine-chromium-2a19c63448c84c1805fb1a585c3651318bb86ca7.tar.gz |
BASELINE: Update Chromium to 69.0.3497.70
Change-Id: I2b7b56e4e7a8b26656930def0d4575dc32b900a0
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'chromium/sandbox/mac')
-rw-r--r-- | chromium/sandbox/mac/BUILD.gn | 2 | ||||
-rw-r--r-- | chromium/sandbox/mac/seatbelt_exec.cc | 59 | ||||
-rw-r--r-- | chromium/sandbox/mac/seatbelt_exec.h | 35 |
3 files changed, 94 insertions, 2 deletions
diff --git a/chromium/sandbox/mac/BUILD.gn b/chromium/sandbox/mac/BUILD.gn index 654f643e452..fd2afe0d907 100644 --- a/chromium/sandbox/mac/BUILD.gn +++ b/chromium/sandbox/mac/BUILD.gn @@ -69,7 +69,7 @@ test("sandbox_mac_unittests") { ":seatbelt_proto", "mojom:test_interfaces", "//base", - "//mojo/edk/test:run_all_unittests", + "//mojo/core/test:run_all_unittests", "//testing/gtest", ] } diff --git a/chromium/sandbox/mac/seatbelt_exec.cc b/chromium/sandbox/mac/seatbelt_exec.cc index 5dc4c9e5e84..f05a6a8b5c6 100644 --- a/chromium/sandbox/mac/seatbelt_exec.cc +++ b/chromium/sandbox/mac/seatbelt_exec.cc @@ -69,6 +69,14 @@ bool ReadOrWrite(int fd, } // namespace +namespace switches { + +const char kSeatbeltClient[] = "--seatbelt-client="; + +const char kSeatbeltClientName[] = "seatbelt-client"; + +} // namespace switches + SeatbeltExecClient::SeatbeltExecClient() { if (pipe(pipe_) != 0) logging::PFatal("SeatbeltExecClient: pipe failed"); @@ -147,6 +155,57 @@ SeatbeltExecServer::~SeatbeltExecServer() { close(fd_); } +sandbox::SeatbeltExecServer::CreateFromArgumentsResult:: + CreateFromArgumentsResult() = default; +sandbox::SeatbeltExecServer::CreateFromArgumentsResult:: + CreateFromArgumentsResult(CreateFromArgumentsResult&&) = default; +sandbox::SeatbeltExecServer::CreateFromArgumentsResult:: + ~CreateFromArgumentsResult() = default; + +// static +sandbox::SeatbeltExecServer::CreateFromArgumentsResult +SeatbeltExecServer::CreateFromArguments(const char* executable_path, + int argc, + char** argv) { + CreateFromArgumentsResult result; + int seatbelt_client_fd = -1; + for (int i = 1; i < argc; ++i) { + if (strncmp(argv[i], switches::kSeatbeltClient, + strlen(switches::kSeatbeltClient)) == 0) { + result.sandbox_required = true; + std::string arg(argv[i]); + std::string fd_string = arg.substr(strlen(switches::kSeatbeltClient)); + seatbelt_client_fd = std::stoi(fd_string); + } + } + + if (!result.sandbox_required) + return result; + + if (seatbelt_client_fd < 0) { + logging::Error("Must pass a valid file descriptor to %s", + switches::kSeatbeltClient); + return result; + } + + char full_exec_path[MAXPATHLEN]; + if (realpath(executable_path, full_exec_path) == NULL) { + logging::PError("realpath"); + return result; + } + + auto server = std::make_unique<SeatbeltExecServer>(seatbelt_client_fd); + // These parameters are provided for every profile to use. + if (!server->SetParameter("EXECUTABLE_PATH", full_exec_path) || + !server->SetParameter("CURRENT_PID", std::to_string(getpid()))) { + logging::Error("Failed to set up parameters for sandbox."); + return result; + } + + result.server = std::move(server); + return result; +} + bool SeatbeltExecServer::InitializeSandbox() { std::string policy_string; if (!ReadString(&policy_string)) diff --git a/chromium/sandbox/mac/seatbelt_exec.h b/chromium/sandbox/mac/seatbelt_exec.h index cb12c0c5fb1..190c793ee33 100644 --- a/chromium/sandbox/mac/seatbelt_exec.h +++ b/chromium/sandbox/mac/seatbelt_exec.h @@ -13,6 +13,19 @@ namespace sandbox { +namespace switches { + +// This switch is set by the process running the SeatbeltExecClient. It +// specifies the FD number from which the SeatbeltExecServer should read the +// sandbox profile and parameters. This is prefixed with "--" and ends with "=" +// for easier processing in C. +SEATBELT_EXPORT extern const char kSeatbeltClient[]; + +// This is the same as kSeatbeltClient without the prefix and suffix. +SEATBELT_EXPORT extern const char kSeatbeltClientName[]; + +} // namespace switches + // SeatbeltExecClient is used by the process that is launching another sandboxed // process. The API allows the launcher process to supply a sandbox profile and // parameters, which will be communicated to the sandboxed process over IPC. @@ -65,10 +78,30 @@ class SEATBELT_EXPORT SeatbeltExecClient { // the profile, sandboxing the process. class SEATBELT_EXPORT SeatbeltExecServer { public: - // |sandbox_fd| should be the result of SendProfileAndGetFD(). + // Creates a server instance with |server_fd| being the pipe returned from + // SeatbeltExecClient::GetReadFD(). To sandbox the process, + // InitializeSandbox() must be called. explicit SeatbeltExecServer(int sandbox_fd); ~SeatbeltExecServer(); + // CreateFromArguments parses the command line arguments for the + // kSeatbeltClient flag. If no flag is present, then |sandbox_required| is + // false and |server| is nullptr. If the flag is present, then + // |sandbox_required| is true. If the SeatbeltExecServer was successfully + // created then |server| will be the result instance, upon which + // InitializeSandbox() must be called. If initialization fails, then |server| + // will be nullptr. + struct CreateFromArgumentsResult { + CreateFromArgumentsResult(); + CreateFromArgumentsResult(CreateFromArgumentsResult&&); + ~CreateFromArgumentsResult(); + + bool sandbox_required = false; + std::unique_ptr<SeatbeltExecServer> server; + }; + static CreateFromArgumentsResult + CreateFromArguments(const char* executable_path, int argc, char** argv); + // Reads the policy from the client, applies the profile, and returns whether // or not the operation succeeds. bool InitializeSandbox(); |