1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "content/common/sandbox_linux/bpf_cros_arm_gpu_policy_linux.h"
10 #include <sys/socket.h>
12 #include <sys/types.h>
18 #include "base/bind.h"
19 #include "base/compiler_specific.h"
20 #include "base/logging.h"
21 #include "base/memory/scoped_ptr.h"
22 #include "build/build_config.h"
23 #include "content/common/sandbox_linux/sandbox_bpf_base_policy_linux.h"
24 #include "content/common/sandbox_linux/sandbox_seccomp_bpf_linux.h"
25 #include "sandbox/linux/bpf_dsl/bpf_dsl.h"
26 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h"
27 #include "sandbox/linux/services/linux_syscalls.h"
29 using sandbox::SyscallSets;
30 using sandbox::bpf_dsl::Allow;
31 using sandbox::bpf_dsl::Arg;
32 using sandbox::bpf_dsl::Error;
33 using sandbox::bpf_dsl::If;
34 using sandbox::bpf_dsl::ResultExpr;
40 inline bool IsChromeOS() {
41 #if defined(OS_CHROMEOS)
48 inline bool IsArchitectureArm() {
56 void AddArmMaliGpuWhitelist(std::vector<std::string>* read_whitelist,
57 std::vector<std::string>* write_whitelist) {
58 // Device file needed by the ARM GPU userspace.
59 static const char kMali0Path[] = "/dev/mali0";
61 // Devices needed for video decode acceleration on ARM.
62 static const char kDevMfcDecPath[] = "/dev/mfc-dec";
63 static const char kDevGsc1Path[] = "/dev/gsc1";
65 // Devices needed for video encode acceleration on ARM.
66 static const char kDevMfcEncPath[] = "/dev/mfc-enc";
68 read_whitelist->push_back(kMali0Path);
69 read_whitelist->push_back(kDevMfcDecPath);
70 read_whitelist->push_back(kDevGsc1Path);
71 read_whitelist->push_back(kDevMfcEncPath);
73 write_whitelist->push_back(kMali0Path);
74 write_whitelist->push_back(kDevMfcDecPath);
75 write_whitelist->push_back(kDevGsc1Path);
76 write_whitelist->push_back(kDevMfcEncPath);
79 void AddArmGpuWhitelist(std::vector<std::string>* read_whitelist,
80 std::vector<std::string>* write_whitelist) {
81 // On ARM we're enabling the sandbox before the X connection is made,
82 // so we need to allow access to |.Xauthority|.
83 static const char kXAuthorityPath[] = "/home/chronos/.Xauthority";
84 static const char kLdSoCache[] = "/etc/ld.so.cache";
86 // Files needed by the ARM GPU userspace.
87 static const char kLibGlesPath[] = "/usr/lib/libGLESv2.so.2";
88 static const char kLibEglPath[] = "/usr/lib/libEGL.so.1";
90 read_whitelist->push_back(kXAuthorityPath);
91 read_whitelist->push_back(kLdSoCache);
92 read_whitelist->push_back(kLibGlesPath);
93 read_whitelist->push_back(kLibEglPath);
95 AddArmMaliGpuWhitelist(read_whitelist, write_whitelist);
98 class CrosArmGpuBrokerProcessPolicy : public CrosArmGpuProcessPolicy {
100 static sandbox::bpf_dsl::Policy* Create() {
101 return new CrosArmGpuBrokerProcessPolicy();
103 ~CrosArmGpuBrokerProcessPolicy() override {}
105 ResultExpr EvaluateSyscall(int system_call_number) const override;
108 CrosArmGpuBrokerProcessPolicy() : CrosArmGpuProcessPolicy(false) {}
109 DISALLOW_COPY_AND_ASSIGN(CrosArmGpuBrokerProcessPolicy);
112 // A GPU broker policy is the same as a GPU policy with open and
114 ResultExpr CrosArmGpuBrokerProcessPolicy::EvaluateSyscall(int sysno) const {
121 return CrosArmGpuProcessPolicy::EvaluateSyscall(sysno);
127 CrosArmGpuProcessPolicy::CrosArmGpuProcessPolicy(bool allow_shmat)
128 : allow_shmat_(allow_shmat) {}
130 CrosArmGpuProcessPolicy::~CrosArmGpuProcessPolicy() {}
132 ResultExpr CrosArmGpuProcessPolicy::EvaluateSyscall(int sysno) const {
134 if (allow_shmat_ && sysno == __NR_shmat)
136 #endif // defined(__arm__)
140 // ARM GPU sandbox is started earlier so we need to allow networking
143 case __NR_getpeername:
144 case __NR_getsockname:
148 // Allow only AF_UNIX for |domain|.
150 case __NR_socketpair: {
151 const Arg<int> domain(0);
152 return If(domain == AF_UNIX, Allow()).Else(Error(EPERM));
154 #endif // defined(__arm__)
156 // Default to the generic GPU policy.
157 return GpuProcessPolicy::EvaluateSyscall(sysno);
161 bool CrosArmGpuProcessPolicy::PreSandboxHook() {
162 DCHECK(IsChromeOS() && IsArchitectureArm());
163 // Create a new broker process.
164 DCHECK(!broker_process());
166 std::vector<std::string> read_whitelist_extra;
167 std::vector<std::string> write_whitelist_extra;
168 // Add ARM-specific files to whitelist in the broker.
170 AddArmGpuWhitelist(&read_whitelist_extra, &write_whitelist_extra);
171 InitGpuBrokerProcess(CrosArmGpuBrokerProcessPolicy::Create,
172 read_whitelist_extra,
173 write_whitelist_extra);
175 const int dlopen_flag = RTLD_NOW | RTLD_GLOBAL | RTLD_NODELETE;
177 // Preload the Mali library.
178 dlopen("/usr/lib/libmali.so", dlopen_flag);
179 // Preload the Tegra V4L2 (video decode acceleration) library.
180 dlopen("/usr/lib/libtegrav4l2.so", dlopen_flag);
181 // Resetting errno since platform-specific libraries will fail on other
188 } // namespace content