Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(172)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp/library.h

Issue 661438: Seccomp sandbox changes (performance and correctness fixes, primarily targetting x86-32) (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 10 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/linux/seccomp/clone.cc ('k') | sandbox/linux/seccomp/library.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
1 #ifndef LIBRARY_H__ 5 #ifndef LIBRARY_H__
2 #define LIBRARY_H__ 6 #define LIBRARY_H__
3 7
4 #include <elf.h> 8 #include <elf.h>
5 #include <map> 9 #include <map>
6 #include <set> 10 #include <set>
7 #include <string> 11 #include <string>
8 #include <string.h> 12 #include <string.h>
9 #include <sys/mman.h> 13 #include <sys/mman.h>
10 14
(...skipping 12 matching lines...) Expand all
23 #else 27 #else
24 #error Unsupported target platform 28 #error Unsupported target platform
25 #endif 29 #endif
26 30
27 struct SyscallTable; 31 struct SyscallTable;
28 namespace playground { 32 namespace playground {
29 33
30 class Library { 34 class Library {
31 friend class Maps; 35 friend class Maps;
32 public: 36 public:
37 typedef Maps::string string;
38
33 Library() : 39 Library() :
34 valid_(false), 40 valid_(false),
35 isVDSO_(false), 41 isVDSO_(false),
36 asr_offset_(0), 42 asr_offset_(0),
37 vsys_offset_(0), 43 vsys_offset_(0),
38 maps_(0), 44 maps_(0),
39 image_(0), 45 image_(0),
40 image_size_(0) { 46 image_size_(0) {
41 } 47 }
42 48
43 ~Library(); 49 ~Library();
44 50
45 void setLibraryInfo(Maps* maps) { 51 void setLibraryInfo(Maps* maps) {
46 if (!maps_) { 52 if (!maps_) {
47 maps_ = maps; 53 maps_ = maps;
48 } 54 }
49 } 55 }
50 56
51 void addMemoryRange(void* start, void* stop, Elf_Addr offset, 57 void addMemoryRange(void* start, void* stop, Elf_Addr offset,
52 int prot, int isVDSO) { 58 int prot, int isVDSO) {
59 isVDSO_ = isVDSO;
60 RangeMap::const_iterator iter = memory_ranges_.find(offset);
61 if (iter != memory_ranges_.end()) {
62 // It is possible to have overlapping mappings. This is particularly
63 // likely to happen with very small programs or libraries. If it does
64 // happen, we really only care about the text segment. Look for a
65 // mapping that is mapped executable.
66 if ((prot & PROT_EXEC) == 0) {
67 return;
68 }
69 }
53 memory_ranges_.insert(std::make_pair(offset, Range(start, stop, prot))); 70 memory_ranges_.insert(std::make_pair(offset, Range(start, stop, prot)));
54 isVDSO_ = isVDSO;
55 } 71 }
56 72
57 char *get(Elf_Addr offset, char *buf, size_t len); 73 char *get(Elf_Addr offset, char *buf, size_t len);
58 std::string get(Elf_Addr offset); 74 string get(Elf_Addr offset);
59 char *getOriginal(Elf_Addr offset, char *buf, size_t len); 75 char *getOriginal(Elf_Addr offset, char *buf, size_t len);
60 std::string getOriginal(Elf_Addr offset); 76 string getOriginal(Elf_Addr offset);
61 77
62 template<class T>T* get(Elf_Addr offset, T* t) { 78 template<class T>T* get(Elf_Addr offset, T* t) {
63 if (!valid_) { 79 if (!valid_) {
64 memset(t, 0, sizeof(T)); 80 memset(t, 0, sizeof(T));
65 return NULL; 81 return NULL;
66 } 82 }
67 return reinterpret_cast<T *>(get(offset, reinterpret_cast<char *>(t), 83 return reinterpret_cast<T *>(get(offset, reinterpret_cast<char *>(t),
68 sizeof(T))); 84 sizeof(T)));
69 } 85 }
70 86
(...skipping 30 matching lines...) Expand all
101 sizeof(T)) { 117 sizeof(T)) {
102 return false; 118 return false;
103 } 119 }
104 *reinterpret_cast<T *>( 120 *reinterpret_cast<T *>(
105 reinterpret_cast<char *>(iter->second.start) + offset) = *value; 121 reinterpret_cast<char *>(iter->second.start) + offset) = *value;
106 return true; 122 return true;
107 } 123 }
108 124
109 bool parseElf(); 125 bool parseElf();
110 const Elf_Ehdr* getEhdr(); 126 const Elf_Ehdr* getEhdr();
111 const Elf_Shdr* getSection(const std::string& section); 127 const Elf_Shdr* getSection(const string& section);
112 const int getSectionIndex(const std::string& section); 128 const int getSectionIndex(const string& section);
113 void **getRelocation(const std::string& symbol);
114 void *getSymbol(const std::string& symbol);
115 void makeWritable(bool state) const; 129 void makeWritable(bool state) const;
116 void patchSystemCalls(); 130 void patchSystemCalls();
117 bool isVDSO() const { return isVDSO_; } 131 bool isVDSO() const { return isVDSO_; }
118 132
119 protected: 133 protected:
120 bool parseSymbols(); 134 bool parseSymbols();
121 135
122 private: 136 private:
123 class GreaterThan : public std::binary_function<Elf_Addr, Elf_Addr, bool> { 137 class GreaterThan : public std::binary_function<Elf_Addr, Elf_Addr, bool> {
124 public: 138 public:
125 bool operator() (Elf_Addr s1, Elf_Addr s2) const { 139 bool operator() (Elf_Addr s1, Elf_Addr s2) const {
126 return s1 > s2; 140 return s1 > s2;
127 } 141 }
128 }; 142 };
129 143
130 struct Range { 144 struct Range {
131 Range(void* start, void* stop, int prot) : 145 Range(void* start, void* stop, int prot) :
132 start(start), stop(stop), prot(prot) { } 146 start(start), stop(stop), prot(prot) { }
133 void* start; 147 void* start;
134 void* stop; 148 void* stop;
135 int prot; 149 int prot;
136 }; 150 };
137 151
138 typedef std::map<Elf_Addr, Range, GreaterThan> RangeMap; 152 typedef std::map<Elf_Addr, Range, GreaterThan> RangeMap;
139 typedef std::map<std::string, std::pair<int, Elf_Shdr> > SectionTable; 153 typedef std::map<string, std::pair<int, Elf_Shdr> > SectionTable;
140 typedef std::map<std::string, Elf_Sym> SymbolTable; 154 typedef std::map<string, Elf_Sym> SymbolTable;
141 typedef std::map<std::string, Elf_Addr> PltTable; 155 typedef std::map<string, Elf_Addr> PltTable;
142 156
143 char* getBytes(char* dst, const char* src, ssize_t len); 157 char* getBytes(char* dst, const char* src, ssize_t len);
144 static bool isSafeInsn(unsigned short insn); 158 static bool isSafeInsn(unsigned short insn);
145 static int isSimpleSystemCall(char *start, char *end); 159 static int isSimpleSystemCall(char *start, char *end);
146 static char* getScratchSpace(const Maps* maps, char* near, int needed, 160 static char* getScratchSpace(const Maps* maps, char* near, int needed,
147 char** extraSpace, int* extraLength); 161 char** extraSpace, int* extraLength);
148 void patchSystemCallsInFunction(const Maps* maps, char *start, char *end, 162 void patchSystemCallsInFunction(const Maps* maps, char *start, char *end,
149 char** extraSpace, int* extraLength); 163 char** extraSpace, int* extraLength);
150 int patchVSystemCalls(); 164 int patchVSystemCalls();
151 void patchVDSO(char** extraSpace, int* extraLength); 165 void patchVDSO(char** extraSpace, int* extraLength);
(...skipping 11 matching lines...) Expand all
163 char* image_; 177 char* image_;
164 size_t image_size_; 178 size_t image_size_;
165 static char* __kernel_vsyscall; 179 static char* __kernel_vsyscall;
166 static char* __kernel_sigreturn; 180 static char* __kernel_sigreturn;
167 static char* __kernel_rt_sigreturn; 181 static char* __kernel_rt_sigreturn;
168 }; 182 };
169 183
170 } // namespace 184 } // namespace
171 185
172 #endif // LIBRARY_H__ 186 #endif // LIBRARY_H__
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp/clone.cc ('k') | sandbox/linux/seccomp/library.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698