sandbox/linux/seccomp/library.cc - Issue 1535004: Fix SELinux warnings when running on Fedora....

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/linux/seccomp/library.cc

Issue 1535004: Fix SELinux warnings when running on Fedora.... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/

Patch Set: '' Created 10 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: sandbox/linux/seccomp/library.cc

===================================================================

--- sandbox/linux/seccomp/library.cc (revision 43083)

+++ sandbox/linux/seccomp/library.cc (working copy)

@@ -88,7 +88,7 @@

// file. Move the temporarily extended mapping back to where we originally

// found. Make sure to preserve any changes that we might have made since.

Sandbox::SysCalls sys;

- sys.mprotect(image_, 4096, PROT_READ | PROT_WRITE);

+ sys.mprotect(image_, 4096, PROT_READ | PROT_WRITE | PROT_EXEC);

if (memcmp(image_, memory_ranges_.rbegin()->second.start, 4096)) {

// Only copy data, if we made any changes in this data. Otherwise there

// is no need to create another modified COW mapping.

@@ -242,7 +242,7 @@

if (image_ == MAP_FAILED) {

image_ = NULL;

} else {

- sys.MMAP(start, 4096, PROT_READ | PROT_WRITE,

+ sys.MMAP(start, 4096, PROT_READ | PROT_WRITE | PROT_EXEC,

MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED, -1, 0);

for (int i = 4096 / sizeof(long); --i;

reinterpret_cast<long *>(start)[i] =

@@ -875,7 +875,7 @@

// Only x86-64 has VSyscalls.

if (maps_->vsyscall()) {

char* copy = maps_->allocNearAddr(maps_->vsyscall(), 0x1000,

- PROT_READ|PROT_WRITE);

+ PROT_READ|PROT_WRITE|PROT_EXEC);

char* extraSpace = copy;

int extraLength = 0x1000;

memcpy(copy, maps_->vsyscall(), 0x1000);

« no previous file with comments | « no previous file | no next file » | no next file with comments »