// Copyright 2017 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "services/network/network_sandbox_hook_linux.h" #include <dlfcn.h> #include <optional> #include "base/feature_list.h" #include "base/files/file_path.h" #include "base/files/file_util.h" #include "sandbox/linux/syscall_broker/broker_command.h" #include "sandbox/linux/syscall_broker/broker_file_permission.h" #include "sandbox/policy/features.h" BrokerFilePermission; MakeBrokerCommandSet; namespace network { sandbox::syscall_broker::BrokerCommandSet GetNetworkBrokerCommandSet() { … } std::vector<BrokerFilePermission> GetNetworkFilePermissions( std::vector<std::string> network_context_parent_dirs) { … } #if BUILDFLAG(IS_CHROMEOS) void LoadNetworkLibraries() { const std::string libraries[]{ // On ChromeOS DNS resolution will occur in process, so load the libraries // now. Note that depending on the glibc version, these libraries may have // been built directly into libc.so, so it's not an error if they fail to // load. "libnss_files.so.2", "libnss_dns.so.2"}; for (const auto& library_name : libraries) { if (!dlopen(library_name.c_str(), RTLD_LAZY | RTLD_GLOBAL | RTLD_NODELETE)) { VLOG(1) << "LoadNetworkLibraries() dlopen() of " << library_name << " failed with error: " << dlerror(); } } } #endif // BUILDFLAG(IS_CHROMEOS) bool NetworkPreSandboxHook(std::vector<std::string> network_context_parent_dirs, sandbox::policy::SandboxLinux::Options options) { … } } // namespace network
Codebase Browser
chromium