content/common/sandbox_linux/bpf_gpu_policy_linux.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CONTENT_COMMON_SANDBOX_LINUX_BPF_GPU_POLICY_LINUX_H_
   6 #define CONTENT_COMMON_SANDBOX_LINUX_BPF_GPU_POLICY_LINUX_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/callback_forward.h"
  12 #include "content/common/sandbox_linux/sandbox_bpf_base_policy_linux.h"
  13
  14 namespace sandbox {
  15 class BrokerProcess;
  16 }
  17
  18 namespace content {
  19
  20 class GpuProcessPolicy : public SandboxBPFBasePolicy {
  21  public:
  22   GpuProcessPolicy();
  23   virtual ~GpuProcessPolicy();
  24
  25   virtual ErrorCode EvaluateSyscall(SandboxBPF* sandbox_compiler,
  26                                     int system_call_number) const OVERRIDE;
  27
  28   virtual bool PreSandboxHook() OVERRIDE;
  29
  30  protected:
  31   // Start a broker process to handle open() inside the sandbox.
  32   // |broker_sandboxer_allocator| is a function pointer which can allocate a
  33   // suitable sandbox policy for the broker process itself.
  34   // |read_whitelist_extra| and |write_whitelist_extra| are lists of file
  35   // names that should be whitelisted by the broker process, in addition to
  36   // the basic ones.
  37   void InitGpuBrokerProcess(
  38       sandbox::SandboxBPFPolicy* (*broker_sandboxer_allocator)(void),
  39       const std::vector<std::string>& read_whitelist_extra,
  40       const std::vector<std::string>& write_whitelist_extra);
  41
  42   sandbox::BrokerProcess* broker_process() { return broker_process_; }
  43
  44  private:
  45   // A BrokerProcess is a helper that is started before the sandbox is engaged
  46   // and will serve requests to access files over an IPC channel. The client of
  47   // this runs from a SIGSYS handler triggered by the seccomp-bpf sandbox.
  48   // This should never be destroyed, as after the sandbox is started it is
  49   // vital to the process.
  50   // This is allocated by InitGpuBrokerProcess, called from PreSandboxHook(),
  51   // which executes iff the sandbox is going to be enabled afterwards.
  52   sandbox::BrokerProcess* broker_process_;
  53   DISALLOW_COPY_AND_ASSIGN(GpuProcessPolicy);
  54 };
  55
  56 }  // namespace content
  57
  58 #endif  // CONTENT_COMMON_SANDBOX_LINUX_BPF_GPU_POLICY_LINUX_H_