| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Note: any code in this file MUST be async-signal safe. | 5 // Note: any code in this file MUST be async-signal safe. |
| 6 | 6 |
| 7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" | 7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" |
| 8 | 8 |
| 9 #include <unistd.h> | 9 #include <unistd.h> |
| 10 | 10 |
| 11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 12 #include "base/posix/eintr_wrapper.h" | 12 #include "base/posix/eintr_wrapper.h" |
| 13 #include "build/build_config.h" | 13 #include "build/build_config.h" |
| 14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| 15 | 15 |
| 16 #define SECCOMP_MESSAGE_COMMON_CONTENT "seccomp-bpf failure" |
| 17 #define SECCOMP_MESSAGE_CLONE_CONTENT "clone() failure" |
| 18 #define SECCOMP_MESSAGE_PRCTL_CONTENT "prctl() failure" |
| 19 #define SECCOMP_MESSAGE_IOCTL_CONTENT "ioctl() failure" |
| 20 |
| 16 namespace { | 21 namespace { |
| 17 | 22 |
| 18 inline bool IsArchitectureX86_64() { | 23 inline bool IsArchitectureX86_64() { |
| 19 #if defined(__x86_64__) | 24 #if defined(__x86_64__) |
| 20 return true; | 25 return true; |
| 21 #else | 26 #else |
| 22 return false; | 27 return false; |
| 23 #endif | 28 #endif |
| 24 } | 29 } |
| 25 | 30 |
| (...skipping 21 matching lines...) Expand all Loading... |
| 47 const size_t kNumDigits = 4; | 52 const size_t kNumDigits = 4; |
| 48 char sysno_base10[kNumDigits]; | 53 char sysno_base10[kNumDigits]; |
| 49 uint32_t rem = sysno; | 54 uint32_t rem = sysno; |
| 50 uint32_t mod = 0; | 55 uint32_t mod = 0; |
| 51 for (int i = kNumDigits - 1; i >= 0; i--) { | 56 for (int i = kNumDigits - 1; i >= 0; i--) { |
| 52 mod = rem % 10; | 57 mod = rem % 10; |
| 53 rem /= 10; | 58 rem /= 10; |
| 54 sysno_base10[i] = '0' + mod; | 59 sysno_base10[i] = '0' + mod; |
| 55 } | 60 } |
| 56 static const char kSeccompErrorPrefix[] = | 61 static const char kSeccompErrorPrefix[] = |
| 57 __FILE__":**CRASHING**:seccomp-bpf failure in syscall "; | 62 __FILE__":**CRASHING**:" SECCOMP_MESSAGE_COMMON_CONTENT " in syscall "; |
| 58 static const char kSeccompErrorPostfix[] = "\n"; | 63 static const char kSeccompErrorPostfix[] = "\n"; |
| 59 WriteToStdErr(kSeccompErrorPrefix, sizeof(kSeccompErrorPrefix) - 1); | 64 WriteToStdErr(kSeccompErrorPrefix, sizeof(kSeccompErrorPrefix) - 1); |
| 60 WriteToStdErr(sysno_base10, sizeof(sysno_base10)); | 65 WriteToStdErr(sysno_base10, sizeof(sysno_base10)); |
| 61 WriteToStdErr(kSeccompErrorPostfix, sizeof(kSeccompErrorPostfix) - 1); | 66 WriteToStdErr(kSeccompErrorPostfix, sizeof(kSeccompErrorPostfix) - 1); |
| 62 } | 67 } |
| 63 | 68 |
| 64 } // namespace. | 69 } // namespace. |
| 65 | 70 |
| 66 namespace sandbox { | 71 namespace sandbox { |
| 67 | 72 |
| (...skipping 20 matching lines...) Expand all Loading... |
| 88 addr = reinterpret_cast<volatile char*>(syscall); | 93 addr = reinterpret_cast<volatile char*>(syscall); |
| 89 *addr = '\0'; | 94 *addr = '\0'; |
| 90 for (;;) | 95 for (;;) |
| 91 _exit(1); | 96 _exit(1); |
| 92 } | 97 } |
| 93 | 98 |
| 94 // TODO(jln): refactor the reporting functions. | 99 // TODO(jln): refactor the reporting functions. |
| 95 | 100 |
| 96 intptr_t SIGSYSCloneFailure(const struct arch_seccomp_data& args, void* aux) { | 101 intptr_t SIGSYSCloneFailure(const struct arch_seccomp_data& args, void* aux) { |
| 97 static const char kSeccompCloneError[] = | 102 static const char kSeccompCloneError[] = |
| 98 __FILE__":**CRASHING**:clone() failure\n"; | 103 __FILE__":**CRASHING**:" SECCOMP_MESSAGE_CLONE_CONTENT "\n"; |
| 99 WriteToStdErr(kSeccompCloneError, sizeof(kSeccompCloneError) - 1); | 104 WriteToStdErr(kSeccompCloneError, sizeof(kSeccompCloneError) - 1); |
| 100 // "flags" is the first argument in the kernel's clone(). | 105 // "flags" is the first argument in the kernel's clone(). |
| 101 // Mark as volatile to be able to find the value on the stack in a minidump. | 106 // Mark as volatile to be able to find the value on the stack in a minidump. |
| 102 volatile uint64_t clone_flags = args.args[0]; | 107 volatile uint64_t clone_flags = args.args[0]; |
| 103 volatile char* addr; | 108 volatile char* addr; |
| 104 if (IsArchitectureX86_64()) { | 109 if (IsArchitectureX86_64()) { |
| 105 addr = reinterpret_cast<volatile char*>(clone_flags & 0xFFFFFF); | 110 addr = reinterpret_cast<volatile char*>(clone_flags & 0xFFFFFF); |
| 106 *addr = '\0'; | 111 *addr = '\0'; |
| 107 } | 112 } |
| 108 // Hit the NULL page if this fails to fault. | 113 // Hit the NULL page if this fails to fault. |
| 109 addr = reinterpret_cast<volatile char*>(clone_flags & 0xFFF); | 114 addr = reinterpret_cast<volatile char*>(clone_flags & 0xFFF); |
| 110 *addr = '\0'; | 115 *addr = '\0'; |
| 111 for (;;) | 116 for (;;) |
| 112 _exit(1); | 117 _exit(1); |
| 113 } | 118 } |
| 114 | 119 |
| 115 intptr_t SIGSYSPrctlFailure(const struct arch_seccomp_data& args, | 120 intptr_t SIGSYSPrctlFailure(const struct arch_seccomp_data& args, |
| 116 void* /* aux */) { | 121 void* /* aux */) { |
| 117 static const char kSeccompPrctlError[] = | 122 static const char kSeccompPrctlError[] = |
| 118 __FILE__":**CRASHING**:prctl() failure\n"; | 123 __FILE__":**CRASHING**:" SECCOMP_MESSAGE_PRCTL_CONTENT "\n"; |
| 119 WriteToStdErr(kSeccompPrctlError, sizeof(kSeccompPrctlError) - 1); | 124 WriteToStdErr(kSeccompPrctlError, sizeof(kSeccompPrctlError) - 1); |
| 120 // Mark as volatile to be able to find the value on the stack in a minidump. | 125 // Mark as volatile to be able to find the value on the stack in a minidump. |
| 121 volatile uint64_t option = args.args[0]; | 126 volatile uint64_t option = args.args[0]; |
| 122 volatile char* addr = | 127 volatile char* addr = |
| 123 reinterpret_cast<volatile char*>(option & 0xFFF); | 128 reinterpret_cast<volatile char*>(option & 0xFFF); |
| 124 *addr = '\0'; | 129 *addr = '\0'; |
| 125 for (;;) | 130 for (;;) |
| 126 _exit(1); | 131 _exit(1); |
| 127 } | 132 } |
| 128 | 133 |
| 129 intptr_t SIGSYSIoctlFailure(const struct arch_seccomp_data& args, | 134 intptr_t SIGSYSIoctlFailure(const struct arch_seccomp_data& args, |
| 130 void* /* aux */) { | 135 void* /* aux */) { |
| 131 static const char kSeccompIoctlError[] = | 136 static const char kSeccompIoctlError[] = |
| 132 __FILE__":**CRASHING**:ioctl() failure\n"; | 137 __FILE__":**CRASHING**:" SECCOMP_MESSAGE_IOCTL_CONTENT "\n"; |
| 133 WriteToStdErr(kSeccompIoctlError, sizeof(kSeccompIoctlError) - 1); | 138 WriteToStdErr(kSeccompIoctlError, sizeof(kSeccompIoctlError) - 1); |
| 134 // Make "request" volatile so that we can see it on the stack in a minidump. | 139 // Make "request" volatile so that we can see it on the stack in a minidump. |
| 135 volatile uint64_t request = args.args[1]; | 140 volatile uint64_t request = args.args[1]; |
| 136 volatile char* addr = reinterpret_cast<volatile char*>(request & 0xFFFF); | 141 volatile char* addr = reinterpret_cast<volatile char*>(request & 0xFFFF); |
| 137 *addr = '\0'; | 142 *addr = '\0'; |
| 138 // Hit the NULL page if this fails. | 143 // Hit the NULL page if this fails. |
| 139 addr = reinterpret_cast<volatile char*>(request & 0xFFF); | 144 addr = reinterpret_cast<volatile char*>(request & 0xFFF); |
| 140 *addr = '\0'; | 145 *addr = '\0'; |
| 141 for (;;) | 146 for (;;) |
| 142 _exit(1); | 147 _exit(1); |
| 143 } | 148 } |
| 144 | 149 |
| 150 const char* GetErrorMessageContentForTests() { |
| 151 return SECCOMP_MESSAGE_COMMON_CONTENT; |
| 152 } |
| 153 |
| 154 const char* GetCloneErrorMessageContentForTests() { |
| 155 return SECCOMP_MESSAGE_CLONE_CONTENT; |
| 156 } |
| 157 |
| 158 const char* GetPrctlErrorMessageContentForTests() { |
| 159 return SECCOMP_MESSAGE_PRCTL_CONTENT; |
| 160 } |
| 161 |
| 162 const char* GetIoctlErrorMessageContentForTests() { |
| 163 return SECCOMP_MESSAGE_IOCTL_CONTENT; |
| 164 } |
| 165 |
| 145 } // namespace sandbox. | 166 } // namespace sandbox. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 196793023:
Add seccomp sandbox for non-SFI NaCl (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src