Commit graph

13 commits

Author SHA1 Message Date
Zach Reizner
d913acb984 io_jail: fix missing null terminator for close_fds test
BUG=None
TEST=cargo test -p io_jail

Change-Id: Ib732daca97cb303ec5013e616e6a7037b11af589
Reviewed-on: https://chromium-review.googlesource.com/1056414
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-05-11 23:22:19 -07:00
Zach Reizner
b3faa5107c io_jail: add exec support via Minijail::run
The exec version of Minijail::fork is useful for running the heavily
sandboxed plugin process which is always passed in as a separate
executable by path.

TEST=./build_test
BUG=chromium:800626

Change-Id: Id31b7998f49d56a5bfbc978c1e1811dd54c5a323
Reviewed-on: https://chromium-review.googlesource.com/882130
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-01-31 22:39:03 -08:00
Chirantan Ekbote
77ba796cf9 io_jail: add minijail_mount
Add support for minijail_mount and minijail_mount_with_data.  This will
be used by the jail for the wayland device.

BUG=none
TEST=filesystem is mounted inside the jail

Change-Id: I6ad9933d057e7642a7551a6a316ff65d3b95a9dd
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/851412
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-01-05 23:59:06 -08:00
Dylan Reid
bd035c780b io_jail: Fix doc tests and docs
There were remnants of using `minijail_enter`, switch them to
`minijail_fork`.

Change-Id: I5c695cbc3bfd6868f25f46f785a2f96391744d90
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/759598
Reviewed-by: Stephen Barber <smbarber@chromium.org>
2017-11-17 20:18:24 -08:00
Zach Reizner
ad98452a14 io_jail: correct io_jail tests that used Minijail::enter()
This also updates the `build_test.py` to use the command line option to
run certain certain test modules serially.

TEST=./build_test
BUG=None

Change-Id: I8a498514cb6b89fab01f02d0ef8faf39629f717c
Reviewed-on: https://chromium-review.googlesource.com/748824
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2017-11-01 14:06:30 -07:00
Dylan Reid
b3bfbde1db Use minijail_fork
Using minijail_fork removes the need to manage user and pid namespace
explicitly in crosvm and removes some parent/child synchonization
requirements too.

Change-Id: I47f9d39527d0a3ccf625600e9bfc2cccc3cb27ca
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/719443
Reviewed-by: Stephen Barber <smbarber@chromium.org>
2017-10-25 05:52:43 -07:00
Dylan Reid
d37aa9fab5 Add ability to minijail_fork
Change-Id: I0c774816067449cbb838dcf29c6fa947ae5916e1
Reviewed-on: https://chromium-review.googlesource.com/719442
Commit-Ready: Dylan Reid <dgreid@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2017-10-25 05:52:42 -07:00
Zach Reizner
bb2317033e io_jail: add ui_map/gid_map support to minijail
Change-Id: I6343e879ba75e8ac912590779c620bd0045e74d9
Reviewed-on: https://chromium-review.googlesource.com/634269
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2017-09-07 21:21:24 -07:00
Zach Reizner
35d4950c3f io_jail: implement Display for Error
Running crosvm in multiprocess mode includes setting up an io_jail for
each device and it can very often fail due to problems in the
enviroment, such as missing policy files or lack of privilege. The auto
generated debug error messages were not very good (based on initial user
feedback) and so this CL implements display to help make the errors more
understandable when they are printed.

BUG=None
TEST=./build_test

Change-Id: If51c00e60abb9b0d482515fa1e401f2fa6fb9e8f
Reviewed-on: https://chromium-review.googlesource.com/649950
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2017-09-06 14:31:06 -07:00
Stephen Barber
5ad8bc5e08 io_jail: Add InvalidPath error
parse_seccomp_filters in libminijail will unhelpfully abort() if the
path doesn't exist. Check that the policy file exists so that there's
a semi-useful error message.

BUG=none
TEST=crosvm run without seccomp policy in current directory; no abort

Change-Id: Ie1123e8cae3f6a27bbd5a3128161364401e8d4b2
Signed-off-by: Stephen Barber <smbarber@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/585829
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2017-07-26 16:46:53 -07:00
Zach Reizner
848b9ff625 io_jail: add bind mount
This will be used by some device jails to get access to unix sockets
after being jailed.

TEST=None
BUG=None

Change-Id: I870bfb155b275769ccb3248b1441e7c0b8f20ad7
Reviewed-on: https://chromium-review.googlesource.com/558447
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2017-06-30 22:24:50 -07:00
Dylan Reid
fa8c6802b6 io_jail: Overwrite standard I/O FDs
The FDs for stdin, stdout, and stderr shouldn't be left empty.  Just
closing these FDs causes the next open() call from the jailed process to
reuse the 0, 1, or 2 FD.  This confuses basic infrastructure like
println!.

Change-Id: I40ea471b4a011f2be5132e1a0ff50656ae2ec14a
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/549659
2017-06-28 00:59:00 -07:00
Dylan Reid
d6c579fcef io_jail: Add a wrapper around minijail
The io_jail is used to jail io processes run from crosvm. Under the hood
it mostly configures a minijail jail to run in.  The minijail
restrictions are applied when iojail::enter is called.  This closes
extra FDs and calls minijail_enter.

The minijail_run* functions are left out as we don't have a need to exec
foreign programs.  libminijail will be used to jail separate processes
spawned from the main crosvm process.

The ability to close all open file descriptors is added.  Minijail only
closes FDs after forking and before exec.

Change-Id: Ida7f52022c934e9e6edeb7b604cd6e6399860cb9
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/505100
Reviewed-by: Zach Reizner <zachr@chromium.org>
2017-05-25 12:25:27 -07:00