tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

SandboxInfo.h (2433B)

      1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
      3 /* This Source Code Form is subject to the terms of the Mozilla Public
      4 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
      5 * You can obtain one at http://mozilla.org/MPL/2.0/. */
      6 
      7 #ifndef mozilla_SandboxInfo_h
      8 #define mozilla_SandboxInfo_h
      9 
     10 #include "mozilla/Types.h"
     11 #include <cstdint>
     12 
     13 // Information on what parts of sandboxing are enabled in this build
     14 // and/or supported by the system.
     15 
     16 namespace mozilla {
     17 
     18 class SandboxInfo {
     19 public:
     20  // No need to prevent copying; this is essentially just a const int.
     21  SandboxInfo(const SandboxInfo& aOther) = default;
     22 
     23  // Flags are checked at initializer time; this returns them.
     24  static const SandboxInfo& Get() { return sSingleton; }
     25 
     26  enum Flags {
     27    // System call filtering; kernel config option CONFIG_SECCOMP_FILTER.
     28    kHasSeccompBPF = 1 << 0,
     29    // Whether to use a sandbox for content processes; env var
     30    // MOZ_DISABLE_CONTENT_SANDBOX
     31    kEnabledForContent = 1 << 1,
     32    // Whether to use a sandbox for GMP processes; env var
     33    // MOZ_DISABLE_GMP_SANDBOX.
     34    kEnabledForMedia = 1 << 2,
     35    // Env var MOZ_SANDBOX_LOGGING.
     36    kVerbose = 1 << 3,
     37    // Kernel can atomically set system call filtering on entire thread group.
     38    kHasSeccompTSync = 1 << 4,
     39    // Can this process create user namespaces? (Man page user_namespaces(7).)
     40    kHasUserNamespaces = 1 << 5,
     41    // Could a more privileged process have user namespaces, even if we can't?
     42    kHasPrivilegedUserNamespaces = 1 << 6,
     43    // Env var MOZ_PERMISSIVE_CONTENT_SANDBOX
     44    kPermissive = 1 << 7,
     45    // (1 << 8) was kUnexpectedThreads
     46    // MOZ_SANDBOX_LOGGING_FOR_TESTS
     47    kVerboseTests = 1 << 9,
     48  };
     49 
     50  bool Test(Flags aFlag) const { return (mFlags & aFlag) == aFlag; }
     51 
     52  // Returns true if SetContentProcessSandbox may be called.
     53  bool CanSandboxContent() const {
     54    return !Test(kEnabledForContent) || Test(kHasSeccompBPF);
     55  }
     56 
     57  // Returns true if SetMediaPluginSandbox may be called.
     58  bool CanSandboxMedia() const {
     59    return !Test(kEnabledForMedia) || Test(kHasSeccompBPF);
     60  }
     61 
     62  // For telemetry / crash annotation uses.
     63  uint32_t AsInteger() const { return mFlags; }
     64 
     65 private:
     66  enum Flags mFlags;
     67  static const MOZ_EXPORT SandboxInfo sSingleton;
     68  SandboxInfo();
     69 };
     70 
     71 }  // namespace mozilla
     72 
     73 #endif  // mozilla_SandboxInfo_h