1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/android/seccomp_support_detector.h"
8 #include <sys/utsname.h>
10 #include "base/message_loop/message_loop_proxy.h"
11 #include "base/metrics/histogram_macros.h"
12 #include "base/metrics/sparse_histogram.h"
13 #include "chrome/common/chrome_utility_messages.h"
14 #include "chrome/grit/generated_resources.h"
15 #include "content/public/browser/browser_thread.h"
16 #include "content/public/browser/utility_process_host.h"
17 #include "ui/base/l10n/l10n_util.h"
19 using content::BrowserThread
;
21 enum AndroidSeccompStatus
{
22 DETECTION_FAILED
, // The process crashed during detection.
23 NOT_SUPPORTED
, // Kernel has no seccomp support.
24 SUPPORTED
, // Kernel has seccomp support.
29 void SeccompSupportDetector::StartDetection() {
30 // This is instantiated here, and then ownership is maintained by the
31 // Closure objects when the object is being passed between threads. A
32 // reference is also taken by the UtilityProcessHost, which will release
33 // it when the process exits.
34 scoped_refptr
<SeccompSupportDetector
> detector(new SeccompSupportDetector());
35 BrowserThread::PostBlockingPoolTask(FROM_HERE
,
36 base::Bind(&SeccompSupportDetector::DetectKernelVersion
, detector
));
39 SeccompSupportDetector::SeccompSupportDetector() : prctl_detected_(false) {
42 SeccompSupportDetector::~SeccompSupportDetector() {
45 void SeccompSupportDetector::DetectKernelVersion() {
46 DCHECK(BrowserThread::GetBlockingPool()->RunsTasksOnCurrentThread());
48 // This method will report the kernel major and minor versions by
49 // taking the lower 16 bits of each version number and combining
50 // the two into a 32-bit number.
53 if (uname(&uts
) == 0) {
55 if (sscanf(uts
.release
, "%d.%d", &major
, &minor
) == 2) {
56 int version
= ((major
& 0xFFFF) << 16) | (minor
& 0xFFFF);
57 UMA_HISTOGRAM_SPARSE_SLOWLY("Android.KernelVersion", version
);
61 #if defined(USE_SECCOMP_BPF)
62 BrowserThread::PostTask(BrowserThread::IO
, FROM_HERE
,
63 base::Bind(&SeccompSupportDetector::DetectSeccomp
, this));
65 BrowserThread::PostTask(BrowserThread::IO
, FROM_HERE
,
66 base::Bind(&SeccompSupportDetector::OnDetectPrctl
, this, false));
67 BrowserThread::PostTask(BrowserThread::IO
, FROM_HERE
,
68 base::Bind(&SeccompSupportDetector::OnDetectSyscall
, this, false));
72 void SeccompSupportDetector::DetectSeccomp() {
73 DCHECK_CURRENTLY_ON(BrowserThread::IO
);
75 content::UtilityProcessHost
* utility_process_host
=
76 content::UtilityProcessHost::Create(
77 this, base::MessageLoopProxy::current());
78 utility_process_host
->SetName(l10n_util::GetStringUTF16(
79 IDS_UTILITY_PROCESS_SECCOMP_DETECTOR_NAME
));
80 utility_process_host
->Send(new ChromeUtilityMsg_DetectSeccompSupport());
83 void SeccompSupportDetector::OnProcessCrashed(int exit_code
) {
84 DCHECK_CURRENTLY_ON(BrowserThread::IO
);
85 // The process crashed. Since prctl detection happens first, report which
87 if (prctl_detected_
) {
88 UMA_HISTOGRAM_ENUMERATION("Android.SeccompStatus.Syscall",
92 UMA_HISTOGRAM_ENUMERATION("Android.SeccompStatus.Prctl",
98 bool SeccompSupportDetector::OnMessageReceived(const IPC::Message
& message
) {
100 IPC_BEGIN_MESSAGE_MAP(SeccompSupportDetector
, message
)
101 IPC_MESSAGE_HANDLER(ChromeUtilityHostMsg_DetectSeccompSupport_ResultPrctl
,
103 IPC_MESSAGE_HANDLER(ChromeUtilityHostMsg_DetectSeccompSupport_ResultSyscall
,
105 IPC_MESSAGE_UNHANDLED(handled
= false)
106 IPC_END_MESSAGE_MAP()
110 void SeccompSupportDetector::OnDetectPrctl(bool prctl_supported
) {
111 DCHECK_CURRENTLY_ON(BrowserThread::IO
);
112 DCHECK(!prctl_detected_
);
114 prctl_detected_
= true;
116 UMA_HISTOGRAM_ENUMERATION("Android.SeccompStatus.Prctl",
117 prctl_supported
? SUPPORTED
: NOT_SUPPORTED
,
121 void SeccompSupportDetector::OnDetectSyscall(bool syscall_supported
) {
122 DCHECK_CURRENTLY_ON(BrowserThread::IO
);
123 DCHECK(prctl_detected_
);
125 UMA_HISTOGRAM_ENUMERATION("Android.SeccompStatus.Syscall",
126 syscall_supported
? SUPPORTED
: NOT_SUPPORTED
,
129 // The utility process will shutdown after this, and this object will
130 // be deleted when the UtilityProcessHost releases its reference.