sandbox/linux/seccomp/library.h - Issue 661438: Seccomp sandbox changes (performance and correctness fixes, primarily targetting x86-32)

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/linux/seccomp/library.h

Issue 661438: Seccomp sandbox changes (performance and correctness fixes, primarily targetting x86-32) (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/

Patch Set: '' Created 10 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/linux/seccomp/library.h

===================================================================

--- sandbox/linux/seccomp/library.h (revision 39965)

+++ sandbox/linux/seccomp/library.h (working copy)

@@ -1,3 +1,7 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

#ifndef LIBRARY_H__

#define LIBRARY_H__

@@ -30,6 +34,8 @@

class Library {

friend class Maps;

public:

+ typedef Maps::string string;

Library() :

valid_(false),

isVDSO_(false),

@@ -50,14 +56,24 @@

void addMemoryRange(void* start, void* stop, Elf_Addr offset,

int prot, int isVDSO) {

+ isVDSO_ = isVDSO;

+ RangeMap::const_iterator iter = memory_ranges_.find(offset);

+ if (iter != memory_ranges_.end()) {

+ // It is possible to have overlapping mappings. This is particularly

+ // likely to happen with very small programs or libraries. If it does

+ // happen, we really only care about the text segment. Look for a

+ // mapping that is mapped executable.

+ if ((prot & PROT_EXEC) == 0) {

+ return;

+ }

memory_ranges_.insert(std::make_pair(offset, Range(start, stop, prot)));

- isVDSO_ = isVDSO;

}

char *get(Elf_Addr offset, char *buf, size_t len);

- std::string get(Elf_Addr offset);

+ string get(Elf_Addr offset);

char *getOriginal(Elf_Addr offset, char *buf, size_t len);

- std::string getOriginal(Elf_Addr offset);

+ string getOriginal(Elf_Addr offset);

template<class T>T* get(Elf_Addr offset, T* t) {

if (!valid_) {

@@ -108,10 +124,8 @@

bool parseElf();

const Elf_Ehdr* getEhdr();

- const Elf_Shdr* getSection(const std::string& section);

- const int getSectionIndex(const std::string& section);

- void **getRelocation(const std::string& symbol);

- void *getSymbol(const std::string& symbol);

+ const Elf_Shdr* getSection(const string& section);

+ const int getSectionIndex(const string& section);

void makeWritable(bool state) const;

void patchSystemCalls();

bool isVDSO() const { return isVDSO_; }

@@ -136,9 +150,9 @@

};

typedef std::map<Elf_Addr, Range, GreaterThan> RangeMap;

- typedef std::map<std::string, std::pair<int, Elf_Shdr> > SectionTable;

- typedef std::map<std::string, Elf_Sym> SymbolTable;

- typedef std::map<std::string, Elf_Addr> PltTable;

+ typedef std::map<string, std::pair<int, Elf_Shdr> > SectionTable;

+ typedef std::map<string, Elf_Sym> SymbolTable;

+ typedef std::map<string, Elf_Addr> PltTable;

char* getBytes(char* dst, const char* src, ssize_t len);

static bool isSafeInsn(unsigned short insn);

« no previous file with comments | « sandbox/linux/seccomp/clone.cc ('k') | sandbox/linux/seccomp/library.cc » ('j') | no next file with comments »