diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2017-07-12 14:07:37 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2017-07-17 10:29:26 +0000 |
commit | ec02ee4181c49b61fce1c8fb99292dbb8139cc90 (patch) | |
tree | 25cde714b2b71eb639d1cd53f5a22e9ba76e14ef /chromium/sandbox | |
parent | bb09965444b5bb20b096a291445170876225268d (diff) | |
download | qtwebengine-chromium-ec02ee4181c49b61fce1c8fb99292dbb8139cc90.tar.gz |
BASELINE: Update Chromium to 59.0.3071.134
Change-Id: Id02ef6fb2204c5fd21668a1c3e6911c83b17585a
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
Diffstat (limited to 'chromium/sandbox')
-rw-r--r-- | chromium/sandbox/linux/BUILD.gn | 5 | ||||
-rw-r--r-- | chromium/sandbox/linux/services/credentials.cc | 26 | ||||
-rw-r--r-- | chromium/sandbox/linux/suid/client/setuid_sandbox_host.cc | 4 | ||||
-rw-r--r-- | chromium/sandbox/mac/bootstrap_sandbox_unittest.mm | 21 | ||||
-rw-r--r-- | chromium/sandbox/mac/sandbox_mac_compiler_unittest.mm | 43 | ||||
-rw-r--r-- | chromium/sandbox/mac/sandbox_mac_compiler_v2_unittest.mm | 8 | ||||
-rw-r--r-- | chromium/sandbox/mac/xpc_message_server_unittest.cc | 13 |
7 files changed, 70 insertions, 50 deletions
diff --git a/chromium/sandbox/linux/BUILD.gn b/chromium/sandbox/linux/BUILD.gn index 3e98defa5c6..d250d216acc 100644 --- a/chromium/sandbox/linux/BUILD.gn +++ b/chromium/sandbox/linux/BUILD.gn @@ -391,14 +391,19 @@ source_set("sandbox_services_headers") { "system_headers/arm_linux_syscalls.h", "system_headers/arm_linux_ucontext.h", "system_headers/i386_linux_ucontext.h", + "system_headers/linux_filter.h", "system_headers/linux_futex.h", "system_headers/linux_seccomp.h", "system_headers/linux_signal.h", "system_headers/linux_syscalls.h", "system_headers/linux_time.h", "system_headers/linux_ucontext.h", + "system_headers/mips64_linux_syscalls.h", + "system_headers/mips_linux_syscalls.h", + "system_headers/mips_linux_ucontext.h", "system_headers/x86_32_linux_syscalls.h", "system_headers/x86_64_linux_syscalls.h", + "system_headers/x86_64_linux_ucontext.h", ] } diff --git a/chromium/sandbox/linux/services/credentials.cc b/chromium/sandbox/linux/services/credentials.cc index 50a109e2f45..ba2cb7f1fcb 100644 --- a/chromium/sandbox/linux/services/credentials.cc +++ b/chromium/sandbox/linux/services/credentials.cc @@ -132,9 +132,10 @@ bool ChrootToSafeEmptyDir() { void CheckCloneNewUserErrno(int error) { // EPERM can happen if already in a chroot. EUSERS if too many nested // namespaces are used. EINVAL for kernels that don't support the feature. - // Valgrind will ENOSYS unshare(). + // Valgrind will ENOSYS unshare(). ENOSPC can occur when the system has + // reached its maximum configured number of user namespaces. PCHECK(error == EPERM || error == EUSERS || error == EINVAL || - error == ENOSYS); + error == ENOSYS || error == ENOSPC); } // Converts a Capability to the corresponding Linux CAP_XXX value. @@ -150,16 +151,21 @@ int CapabilityToKernelValue(Credentials::Capability cap) { return 0; } -void SetGidAndUidMaps(gid_t gid, uid_t uid) { +bool SetGidAndUidMaps(gid_t gid, uid_t uid) { + const char kGidMapFile[] = "/proc/self/gid_map"; + const char kUidMapFile[] = "/proc/self/uid_map"; + struct stat buf; + if (stat(kGidMapFile, &buf) || stat(kGidMapFile, &buf)) { + return false; + } if (NamespaceUtils::KernelSupportsDenySetgroups()) { PCHECK(NamespaceUtils::DenySetgroups()); } DCHECK(GetRESIds(NULL, NULL)); - const char kGidMapFile[] = "/proc/self/gid_map"; - const char kUidMapFile[] = "/proc/self/uid_map"; PCHECK(NamespaceUtils::WriteToIdMapFile(kGidMapFile, gid)); PCHECK(NamespaceUtils::WriteToIdMapFile(kUidMapFile, uid)); DCHECK(GetRESIds(NULL, NULL)); + return true; } } // namespace. @@ -284,7 +290,8 @@ bool Credentials::CanCreateProcessInNewUserNS() { if (pid == 0) { // unshare() requires the effective uid and gid to have a mapping in the // parent namespace. - SetGidAndUidMaps(gid, uid); + if (!SetGidAndUidMaps(gid, uid)) + _exit(1); // Make sure we drop CAP_SYS_ADMIN. CHECK(sandbox::Credentials::DropAllCapabilities()); @@ -292,7 +299,10 @@ bool Credentials::CanCreateProcessInNewUserNS() { // Ensure we have unprivileged use of CLONE_NEWUSER. Debian // Jessie explicitly forbids this case. See: // add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch - _exit(!!sys_unshare(CLONE_NEWUSER)); + if (sys_unshare(CLONE_NEWUSER)) + _exit(1); + + _exit(kExitSuccess); } // Always reap the child. @@ -324,7 +334,7 @@ bool Credentials::MoveToNewUserNS() { // The current {r,e,s}{u,g}id is now an overflow id (c.f. // /proc/sys/kernel/overflowuid). Setup the uid and gid maps. - SetGidAndUidMaps(gid, uid); + PCHECK(SetGidAndUidMaps(gid, uid)); return true; } diff --git a/chromium/sandbox/linux/suid/client/setuid_sandbox_host.cc b/chromium/sandbox/linux/suid/client/setuid_sandbox_host.cc index 24608ecf6ee..58cb8c712a7 100644 --- a/chromium/sandbox/linux/suid/client/setuid_sandbox_host.cc +++ b/chromium/sandbox/linux/suid/client/setuid_sandbox_host.cc @@ -86,9 +86,9 @@ void SaveSUIDUnsafeEnvironmentVariables(base::Environment* env) { std::string value; if (env->GetVar(env_var, &value)) - env->SetVar(saved_env_var->c_str(), value); + env->SetVar(*saved_env_var, value); else - env->UnSetVar(saved_env_var->c_str()); + env->UnSetVar(*saved_env_var); } } diff --git a/chromium/sandbox/mac/bootstrap_sandbox_unittest.mm b/chromium/sandbox/mac/bootstrap_sandbox_unittest.mm index a6225a91c32..3f71e650b7f 100644 --- a/chromium/sandbox/mac/bootstrap_sandbox_unittest.mm +++ b/chromium/sandbox/mac/bootstrap_sandbox_unittest.mm @@ -104,13 +104,14 @@ class BootstrapSandboxTest : public base::MultiProcessTest { base::LaunchOptions options; options.pre_exec_delegate = pre_exec_delegate.get(); - base::Process process = SpawnChildWithOptions(child_name, options); - ASSERT_TRUE(process.IsValid()); + base::SpawnChildResult spawn_child = + SpawnChildWithOptions(child_name, options); + ASSERT_TRUE(spawn_child.process.IsValid()); int code = 0; - EXPECT_TRUE(process.WaitForExit(&code)); + EXPECT_TRUE(spawn_child.process.WaitForExit(&code)); EXPECT_EQ(0, code); if (out_pid) - *out_pid = process.Pid(); + *out_pid = spawn_child.process.Pid(); } protected: @@ -124,15 +125,15 @@ TEST_F(BootstrapSandboxTest, DistributedNotifications_Unsandboxed) { base::scoped_nsobject<DistributedNotificationObserver> observer( [[DistributedNotificationObserver alloc] init]); - base::Process process = SpawnChild(kNotificationTestMain); - ASSERT_TRUE(process.IsValid()); + base::SpawnChildResult spawn_child = SpawnChild(kNotificationTestMain); + ASSERT_TRUE(spawn_child.process.IsValid()); int code = 0; - EXPECT_TRUE(process.WaitForExit(&code)); + EXPECT_TRUE(spawn_child.process.WaitForExit(&code)); EXPECT_EQ(0, code); [observer waitForNotification]; EXPECT_EQ(1, [observer receivedCount]); - EXPECT_EQ(process.Pid(), [[observer object] intValue]); + EXPECT_EQ(spawn_child.process.Pid(), [[observer object] intValue]); } // Run the test with the sandbox enabled without notifications on the policy @@ -471,7 +472,9 @@ TEST_F(BootstrapSandboxTest, ChildOutliveSandbox) { sandbox_->NewClient(kTestPolicyId)); base::LaunchOptions options; options.pre_exec_delegate = pre_exec_delegate.get(); - base::Process process = SpawnChildWithOptions("ChildOutliveSandbox", options); + base::SpawnChildResult spawn_result = + SpawnChildWithOptions("ChildOutliveSandbox", options); + base::Process& process = spawn_result.process; ASSERT_TRUE(process.IsValid()); // Synchronize with the child. diff --git a/chromium/sandbox/mac/sandbox_mac_compiler_unittest.mm b/chromium/sandbox/mac/sandbox_mac_compiler_unittest.mm index 404bf4bbabb..0e9ee97c739 100644 --- a/chromium/sandbox/mac/sandbox_mac_compiler_unittest.mm +++ b/chromium/sandbox/mac/sandbox_mac_compiler_unittest.mm @@ -32,11 +32,11 @@ MULTIPROCESS_TEST_MAIN(BasicProfileProcess) { } TEST_F(SandboxMacCompilerTest, BasicProfileTest) { - base::Process process = SpawnChild("BasicProfileProcess"); - ASSERT_TRUE(process.IsValid()); + base::SpawnChildResult spawn_child = SpawnChild("BasicProfileProcess"); + ASSERT_TRUE(spawn_child.process.IsValid()); int exit_code = 42; - EXPECT_TRUE(process.WaitForExitWithTimeout(TestTimeouts::action_max_timeout(), - &exit_code)); + EXPECT_TRUE(spawn_child.process.WaitForExitWithTimeout( + TestTimeouts::action_max_timeout(), &exit_code)); EXPECT_EQ(exit_code, 0); } @@ -55,11 +55,12 @@ MULTIPROCESS_TEST_MAIN(BasicProfileWithParamProcess) { } TEST_F(SandboxMacCompilerTest, BasicProfileTestWithParam) { - base::Process process = SpawnChild("BasicProfileWithParamProcess"); - ASSERT_TRUE(process.IsValid()); + base::SpawnChildResult spawn_child = + SpawnChild("BasicProfileWithParamProcess"); + ASSERT_TRUE(spawn_child.process.IsValid()); int exit_code = 42; - EXPECT_TRUE(process.WaitForExitWithTimeout(TestTimeouts::action_max_timeout(), - &exit_code)); + EXPECT_TRUE(spawn_child.process.WaitForExitWithTimeout( + TestTimeouts::action_max_timeout(), &exit_code)); EXPECT_EQ(exit_code, 0); } @@ -86,11 +87,11 @@ MULTIPROCESS_TEST_MAIN(ProfileFunctionalProcess) { } TEST_F(SandboxMacCompilerTest, ProfileFunctionalityTest) { - base::Process process = SpawnChild("ProfileFunctionalProcess"); - ASSERT_TRUE(process.IsValid()); + base::SpawnChildResult spawn_child = SpawnChild("ProfileFunctionalProcess"); + ASSERT_TRUE(spawn_child.process.IsValid()); int exit_code = 42; - EXPECT_TRUE(process.WaitForExitWithTimeout(TestTimeouts::action_max_timeout(), - &exit_code)); + EXPECT_TRUE(spawn_child.process.WaitForExitWithTimeout( + TestTimeouts::action_max_timeout(), &exit_code)); EXPECT_EQ(exit_code, 0); } @@ -126,11 +127,12 @@ MULTIPROCESS_TEST_MAIN(ProfileFunctionalTestWithParamsProcess) { } TEST_F(SandboxMacCompilerTest, ProfileFunctionalityTestWithParams) { - base::Process process = SpawnChild("ProfileFunctionalTestWithParamsProcess"); - ASSERT_TRUE(process.IsValid()); + base::SpawnChildResult spawn_child = + SpawnChild("ProfileFunctionalTestWithParamsProcess"); + ASSERT_TRUE(spawn_child.process.IsValid()); int exit_code = 42; - EXPECT_TRUE(process.WaitForExitWithTimeout(TestTimeouts::action_max_timeout(), - &exit_code)); + EXPECT_TRUE(spawn_child.process.WaitForExitWithTimeout( + TestTimeouts::action_max_timeout(), &exit_code)); EXPECT_EQ(exit_code, 0); } @@ -149,11 +151,12 @@ MULTIPROCESS_TEST_MAIN(ProfileFunctionalityTestErrorProcess) { } TEST_F(SandboxMacCompilerTest, ProfileFunctionalityTestError) { - base::Process process = SpawnChild("ProfileFunctionalityTestErrorProcess"); - ASSERT_TRUE(process.IsValid()); + base::SpawnChildResult spawn_child = + SpawnChild("ProfileFunctionalityTestErrorProcess"); + ASSERT_TRUE(spawn_child.process.IsValid()); int exit_code = 42; - EXPECT_TRUE(process.WaitForExitWithTimeout(TestTimeouts::action_max_timeout(), - &exit_code)); + EXPECT_TRUE(spawn_child.process.WaitForExitWithTimeout( + TestTimeouts::action_max_timeout(), &exit_code)); EXPECT_EQ(exit_code, 0); } diff --git a/chromium/sandbox/mac/sandbox_mac_compiler_v2_unittest.mm b/chromium/sandbox/mac/sandbox_mac_compiler_v2_unittest.mm index aba42edbc94..adb9895c3ef 100644 --- a/chromium/sandbox/mac/sandbox_mac_compiler_v2_unittest.mm +++ b/chromium/sandbox/mac/sandbox_mac_compiler_v2_unittest.mm @@ -126,11 +126,11 @@ MULTIPROCESS_TEST_MAIN(V2ProfileProcess) { } TEST_F(SandboxMacCompilerV2Test, V2ProfileTest) { - base::Process process = SpawnChild("V2ProfileProcess"); - ASSERT_TRUE(process.IsValid()); + base::SpawnChildResult spawn_child = SpawnChild("V2ProfileProcess"); + ASSERT_TRUE(spawn_child.process.IsValid()); int exit_code = 42; - EXPECT_TRUE(process.WaitForExitWithTimeout(TestTimeouts::action_max_timeout(), - &exit_code)); + EXPECT_TRUE(spawn_child.process.WaitForExitWithTimeout( + TestTimeouts::action_max_timeout(), &exit_code)); EXPECT_EQ(exit_code, 0); } diff --git a/chromium/sandbox/mac/xpc_message_server_unittest.cc b/chromium/sandbox/mac/xpc_message_server_unittest.cc index 0feaac975e4..630833f2853 100644 --- a/chromium/sandbox/mac/xpc_message_server_unittest.cc +++ b/chromium/sandbox/mac/xpc_message_server_unittest.cc @@ -147,18 +147,17 @@ TEST(XPCMessageServerTest, GetSenderPID) { #pragma GCC diagnostic pop ASSERT_EQ(KERN_SUCCESS, kr); - base::Process child = base::SpawnMultiProcessTestChild( - "GetSenderPID", - base::GetMultiProcessTestChildBaseCommandLine(), + base::SpawnChildResult spawn_child = base::SpawnMultiProcessTestChild( + "GetSenderPID", base::GetMultiProcessTestChildBaseCommandLine(), base::LaunchOptions()); - ASSERT_TRUE(child.IsValid()); + ASSERT_TRUE(spawn_child.process.IsValid()); int exit_code = -1; - ASSERT_TRUE(child.WaitForExit(&exit_code)); + ASSERT_TRUE(spawn_child.process.WaitForExit(&exit_code)); EXPECT_EQ(0, exit_code); - EXPECT_EQ(child.Pid(), sender_pid); - EXPECT_EQ(child.Pid(), child_pid); + EXPECT_EQ(spawn_child.process.Pid(), sender_pid); + EXPECT_EQ(spawn_child.process.Pid(), child_pid); EXPECT_EQ(sender_pid, child_pid); } |