1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ 2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */ 3 /* This Source Code Form is subject to the terms of the Mozilla Public 4 * License, v. 2.0. If a copy of the MPL was not distributed with this file, 5 * You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 7 #ifndef mozilla_SandboxInfo_h 8 #define mozilla_SandboxInfo_h 9 10 #include "mozilla/Types.h" 11 12 // Information on what parts of sandboxing are enabled in this build 13 // and/or supported by the system. 14 15 namespace mozilla { 16 17 class SandboxInfo { 18 public: 19 // No need to prevent copying; this is essentially just a const int. 20 SandboxInfo(const SandboxInfo& aOther) = default; 21 22 // Flags are checked at initializer time; this returns them. Get()23 static const SandboxInfo& Get() { return sSingleton; } 24 25 enum Flags { 26 // System call filtering; kernel config option CONFIG_SECCOMP_FILTER. 27 kHasSeccompBPF = 1 << 0, 28 // Whether to use a sandbox for content processes; env var 29 // MOZ_DISABLE_CONTENT_SANDBOX 30 kEnabledForContent = 1 << 1, 31 // Whether to use a sandbox for GMP processes; env var 32 // MOZ_DISABLE_GMP_SANDBOX. 33 kEnabledForMedia = 1 << 2, 34 // Env var MOZ_SANDBOX_LOGGING. 35 kVerbose = 1 << 3, 36 // Kernel can atomically set system call filtering on entire thread group. 37 kHasSeccompTSync = 1 << 4, 38 // Can this process create user namespaces? (Man page user_namespaces(7).) 39 kHasUserNamespaces = 1 << 5, 40 // Could a more privileged process have user namespaces, even if we can't? 41 kHasPrivilegedUserNamespaces = 1 << 6, 42 // Env var MOZ_PERMISSIVE_CONTENT_SANDBOX 43 kPermissive = 1 << 7, 44 // (1 << 8) was kUnexpectedThreads 45 }; 46 Test(Flags aFlag)47 bool Test(Flags aFlag) const { return (mFlags & aFlag) == aFlag; } 48 49 // Returns true if SetContentProcessSandbox may be called. CanSandboxContent()50 bool CanSandboxContent() const { 51 return !Test(kEnabledForContent) || Test(kHasSeccompBPF); 52 } 53 54 // Returns true if SetMediaPluginSandbox may be called. CanSandboxMedia()55 bool CanSandboxMedia() const { 56 return !Test(kEnabledForMedia) || Test(kHasSeccompBPF); 57 } 58 59 // For telemetry / crash annotation uses. AsInteger()60 uint32_t AsInteger() const { return mFlags; } 61 62 private: 63 enum Flags mFlags; 64 static const MOZ_EXPORT SandboxInfo sSingleton; 65 SandboxInfo(); 66 }; 67 68 } // namespace mozilla 69 70 #endif // mozilla_SandboxInfo_h 71