// Copyright 2012 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifdef UNSAFE_BUFFERS_BUILD // TODO(crbug.com/351564777): Remove this and convert code to safer constructs. #pragma allow_unsafe_buffers #endif // https://chromium.googlesource.com/chromium/src/+/main/docs/linux/suid_sandbox.md #include "sandbox/linux/suid/common/sandbox.h" #ifndef _GNU_SOURCE #define _GNU_SOURCE #endif #include <asm/unistd.h> #include <errno.h> #include <fcntl.h> #include <limits.h> #include <sched.h> #include <signal.h> #include <stdarg.h> #include <stdbool.h> #include <stddef.h> #include <stdint.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/prctl.h> #include <sys/resource.h> #include <sys/socket.h> #include <sys/stat.h> #include <sys/time.h> #include <sys/types.h> #include <sys/vfs.h> #include <sys/wait.h> #include <unistd.h> #include "sandbox/linux/suid/common/suid_unsafe_environment_variables.h" #include "sandbox/linux/suid/process_util.h" #if !defined(CLONE_NEWPID) #define CLONE_NEWPID … #endif #if !defined(CLONE_NEWNET) #define CLONE_NEWNET … #endif static bool DropRoot(); #define HANDLE_EINTR(x) … static void FatalError(const char* msg, ...) __attribute__((noreturn, format(printf, 1, 2))); static void FatalError(const char* msg, ...) { … } static void ExitWithErrorSignalHandler(int signal) { … } // We will chroot() to the helper's /proc/self directory. Anything there will // not exist anymore if we make sure to wait() for the helper. // // /proc/self/fdinfo or /proc/self/fd are especially safe and will be empty // even if the helper survives as a zombie. // // There is very little reason to use fdinfo/ instead of fd/ but we are // paranoid. fdinfo/ only exists since 2.6.22 so we allow fallback to fd/ #define SAFE_DIR … #define SAFE_DIR2 … static bool SpawnChrootHelper() { … } // Block until child_pid exits, then exit. Try to preserve the exit code. static void WaitForChildAndExit(pid_t child_pid) { … } static bool MoveToNewNamespaces() { … } static bool DropRoot() { … } static bool SetupChildEnvironment() { … } bool CheckAndExportApiVersion() { … } int main(int argc, char** argv) { … }
Codebase Browser
chromium