Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(85)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp/maps.cc

Issue 518071: linux: make the seccomp sandbox work again (Closed)
Patch Set: Created 10 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #include <errno.h> 1 #include <errno.h>
2 #include <fcntl.h> 2 #include <fcntl.h>
3 #include <iostream> 3 #include <iostream>
4 #include <linux/unistd.h> 4 #include <linux/unistd.h>
5 #include <signal.h> 5 #include <signal.h>
6 #include <stdarg.h> 6 #include <stdarg.h>
7 #include <stdlib.h> 7 #include <stdlib.h>
8 #include <sys/ptrace.h> 8 #include <sys/ptrace.h>
9 #include <sys/types.h> 9 #include <sys/types.h>
10 #include <sys/wait.h> 10 #include <sys/wait.h>
(...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after
143 } 143 }
144 144
145 bool Maps::Iterator::operator!=(const Maps::Iterator& iter) const { 145 bool Maps::Iterator::operator!=(const Maps::Iterator& iter) const {
146 return !operator==(iter); 146 return !operator==(iter);
147 } 147 }
148 148
149 std::string Maps::Iterator::name() const { 149 std::string Maps::Iterator::name() const {
150 return getIterator()->first; 150 return getIterator()->first;
151 } 151 }
152 152
153 char* Maps::allocNearAddr(char* addr, size_t size, int prot) const { 153 // Test whether a line ends with "[stack]"; used for identifying the
154 // stack entry of /proc/self/maps.
155 static bool isStackLine(char* buf, char* end) {
156 char* ptr = buf;
157 for ( ; *ptr != '\n' && ptr < end; ++ptr)
158 ;
159 if (ptr < end && ptr - 7 > buf) {
160 return (memcmp(ptr - 7, "[stack]", 7) == 0);
161 }
162 return false;
163 }
164
165 char* Maps::allocNearAddr(char* addr_target, size_t size, int prot) const {
154 // We try to allocate memory within 1.5GB of a target address. This means, 166 // We try to allocate memory within 1.5GB of a target address. This means,
155 // we will be able to perform relative 32bit jumps from the target address. 167 // we will be able to perform relative 32bit jumps from the target address.
168 const unsigned long kMaxDistance = 1536 << 20;
169 // In most of the code below, we just care about the numeric value of
170 // the address.
171 const long addr = reinterpret_cast<long>(addr_target);
156 size = (size + 4095) & ~4095; 172 size = (size + 4095) & ~4095;
157 Sandbox::SysCalls sys; 173 Sandbox::SysCalls sys;
158 if (sys.lseek(proc_self_maps_, 0, SEEK_SET)) { 174 if (sys.lseek(proc_self_maps_, 0, SEEK_SET)) {
159 return NULL; 175 return NULL;
160 } 176 }
161 177
178 // Iterate through lines of /proc/self/maps to consider each mapped
179 // region one at a time, looking for a gap between regions to allocate.
162 char buf[256] = { 0 }; 180 char buf[256] = { 0 };
163 int len = 0, rc = 1; 181 int len = 0, rc = 1;
164 bool long_line = false; 182 bool long_line = false;
165 unsigned long gap_start = 0x10000; 183 unsigned long gap_start = 0x10000;
166 char *new_addr; 184 void* new_addr;
167 do { 185 do {
168 if (rc > 0) { 186 if (rc > 0) {
169 do { 187 do {
170 rc = Sandbox::read(sys, proc_self_maps_, buf + len, 188 rc = Sandbox::read(sys, proc_self_maps_, buf + len,
171 sizeof(buf) - len - 1); 189 sizeof(buf) - len - 1);
172 if (rc > 0) { 190 if (rc > 0) {
173 len += rc; 191 len += rc;
174 } 192 }
175 } while (rc > 0 && len < (int)sizeof(buf) - 1); 193 } while (rc > 0 && len < (int)sizeof(buf) - 1);
176 } 194 }
177 char *ptr = buf; 195 char *ptr = buf;
178 if (!long_line) { 196 if (!long_line) {
179 long_line = true; 197 long_line = true;
180 unsigned long start = strtoul(ptr, &ptr, 16); 198 // Maps lines have the form "<start address>-<end address> ... <name>".
181 unsigned long stop = strtoul(ptr + 1, &ptr, 16); 199 unsigned long gap_end = strtoul(ptr, &ptr, 16);
182 if (start - gap_start >= size) { 200 unsigned long map_end = strtoul(ptr + 1, &ptr, 16);
183 if (reinterpret_cast<long>(addr) - static_cast<long>(start) >= 0) { 201
184 if (reinterpret_cast<long>(addr) - (start - size) < (1536 << 20)) { 202 // gap_start to gap_end now covers the region of empty space before
203 // the current line. Now we try to see if there's a place within the
204 // gap we can use.
205
206 if (gap_end - gap_start >= size) {
207 // Is the gap before our target address?
208 if (addr - static_cast<long>(gap_end) >= 0) {
209 if (addr - (gap_end - size) < kMaxDistance) {
210 unsigned long position;
211 if (isStackLine(ptr, buf + len)) {
212 // If we're adjacent to the stack, try to stay away from
213 // the GROWS_DOWN region. Pick the farthest away region that
214 // is still within the gap.
215
216 if (addr < kMaxDistance || // Underflow protection.
217 addr - kMaxDistance < gap_start) {
218 position = gap_start;
219 } else {
220 position = addr - kMaxDistance;
221 }
222 } else {
223 // Otherwise, take the end of the region.
224 position = gap_end - size;
225 }
185 new_addr = reinterpret_cast<char *>(sys.MMAP 226 new_addr = reinterpret_cast<char *>(sys.MMAP
186 (reinterpret_cast<void *>(start - size), size, prot, 227 (reinterpret_cast<void *>(position), size, prot,
187 MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED, -1, 0)); 228 MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED, -1, 0));
188 if (new_addr != MAP_FAILED) { 229 if (new_addr != MAP_FAILED) {
189 goto done; 230 goto done;
190 } 231 }
191 } 232 }
192 } else if (gap_start + size - reinterpret_cast<long>(addr) < 233 } else if (gap_start + size - addr < kMaxDistance) {
193 (1536 << 20)) { 234 // Gap is after the address. Above checks that we can wrap around
235 // through 0 to a space we'd use.
194 new_addr = reinterpret_cast<char *>(sys.MMAP 236 new_addr = reinterpret_cast<char *>(sys.MMAP
195 (reinterpret_cast<void *>(gap_start), size, prot, 237 (reinterpret_cast<void *>(gap_start), size, prot,
196 MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED, -1 ,0)); 238 MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED, -1 ,0));
197 if (new_addr != MAP_FAILED) { 239 if (new_addr != MAP_FAILED) {
198 goto done; 240 goto done;
199 } 241 }
200 } 242 }
201 } 243 }
202 gap_start = stop; 244 gap_start = map_end;
203 } 245 }
204 for (;;) { 246 for (;;) {
205 if (!*ptr || *ptr++ == '\n') { 247 if (!*ptr || *ptr++ == '\n') {
206 long_line = false; 248 long_line = false;
207 memmove(buf, ptr, len - (ptr - buf)); 249 memmove(buf, ptr, len - (ptr - buf));
208 memset(buf + len - (ptr - buf), 0, ptr - buf); 250 memset(buf + len - (ptr - buf), 0, ptr - buf);
209 len -= (ptr - buf); 251 len -= (ptr - buf);
210 break; 252 break;
211 } 253 }
212 } 254 }
213 } while (len || long_line); 255 } while (len || long_line);
214 new_addr = NULL; 256 new_addr = NULL;
215 done: 257 done:
216 return new_addr; 258 return reinterpret_cast<char*>(new_addr);
217 } 259 }
218 260
219 } // namespace 261 } // namespace
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698