1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
5  * You can obtain one at http://mozilla.org/MPL/2.0/. */
6 
7 #ifndef mozilla_SandboxInfo_h
8 #define mozilla_SandboxInfo_h
9 
10 #include "mozilla/Types.h"
11 
12 // Information on what parts of sandboxing are enabled in this build
13 // and/or supported by the system.
14 
15 namespace mozilla {
16 
17 class SandboxInfo {
18  public:
19   // No need to prevent copying; this is essentially just a const int.
20   SandboxInfo(const SandboxInfo& aOther) = default;
21 
22   // Flags are checked at initializer time; this returns them.
Get()23   static const SandboxInfo& Get() { return sSingleton; }
24 
25   enum Flags {
26     // System call filtering; kernel config option CONFIG_SECCOMP_FILTER.
27     kHasSeccompBPF = 1 << 0,
28     // Whether to use a sandbox for content processes; env var
29     // MOZ_DISABLE_CONTENT_SANDBOX
30     kEnabledForContent = 1 << 1,
31     // Whether to use a sandbox for GMP processes; env var
32     // MOZ_DISABLE_GMP_SANDBOX.
33     kEnabledForMedia = 1 << 2,
34     // Env var MOZ_SANDBOX_LOGGING.
35     kVerbose = 1 << 3,
36     // Kernel can atomically set system call filtering on entire thread group.
37     kHasSeccompTSync = 1 << 4,
38     // Can this process create user namespaces? (Man page user_namespaces(7).)
39     kHasUserNamespaces = 1 << 5,
40     // Could a more privileged process have user namespaces, even if we can't?
41     kHasPrivilegedUserNamespaces = 1 << 6,
42     // Env var MOZ_PERMISSIVE_CONTENT_SANDBOX
43     kPermissive = 1 << 7,
44     // (1 << 8) was kUnexpectedThreads
45   };
46 
Test(Flags aFlag)47   bool Test(Flags aFlag) const { return (mFlags & aFlag) == aFlag; }
48 
49   // Returns true if SetContentProcessSandbox may be called.
CanSandboxContent()50   bool CanSandboxContent() const {
51     return !Test(kEnabledForContent) || Test(kHasSeccompBPF);
52   }
53 
54   // Returns true if SetMediaPluginSandbox may be called.
CanSandboxMedia()55   bool CanSandboxMedia() const {
56     return !Test(kEnabledForMedia) || Test(kHasSeccompBPF);
57   }
58 
59   // For telemetry / crash annotation uses.
AsInteger()60   uint32_t AsInteger() const { return mFlags; }
61 
62  private:
63   enum Flags mFlags;
64   static const MOZ_EXPORT SandboxInfo sSingleton;
65   SandboxInfo();
66 };
67 
68 }  // namespace mozilla
69 
70 #endif  // mozilla_SandboxInfo_h
71