library.cc - Issue 8596009: Add test for patching a system call instruction

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: library.cc

Issue 8596009: Add test for patching a system call instruction (Closed) Base URL: https://seccompsandbox.googlecode.com/svn/trunk

Patch Set: Add comment Created 9 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: library.cc

diff --git a/library.cc b/library.cc

index 0842a47e76a2b80a09455cd3e0bf6b2487253530..58459435b13315c515ef46ec86fdafc892c60b67 100644

--- a/library.cc

+++ b/library.cc

@@ -59,7 +59,6 @@ typedef Elf32_Versym Elf_Versym;

namespace playground {

-Maps* Library::maps_;

char* Library::__kernel_vsyscall;

char* Library::__kernel_sigreturn;

char* Library::__kernel_rt_sigreturn;

@@ -70,7 +69,8 @@ Library::Library() :

asr_offset_(0),

vsys_offset_(0),

image_(0),

- image_size_(0) {

+ image_size_(0),

+ maps_(NULL) {

}

Library::~Library() {

@@ -1014,6 +1014,17 @@ void Library::patchSystemCalls() {

const Elf_Shdr& shdr = iter->second.second;

char* start = reinterpret_cast<char *>(shdr.sh_addr + asr_offset_);

char* stop = start + shdr.sh_size;

+ patchSystemCallsInRange(start, stop, &extraSpace, &extraLength);

+ // Mark our scratch space as write-protected and executable.

+ if (extraSpace) {

+ Sandbox::SysCalls sys;

+ sys.mprotect(extraSpace, 4096, PROT_READ|PROT_EXEC);

+ }

+void Library::patchSystemCallsInRange(char* start, char* stop,

+ char** extraSpace, int* extraLength) {

char* func = start;

int nopcount = 0;

bool has_syscall = false;

@@ -1047,7 +1058,7 @@ void Library::patchSystemCalls() {

// Our quick scan of the function found a potential system call.

// Do a more thorough scan, now.

patchSystemCallsInFunction(maps_, isVDSO_ ? vsys_offset_ : 0, func,

- ptr, &extraSpace, &extraLength);

+ ptr, extraSpace, extraLength);

}

func = ptr;

}

@@ -1060,13 +1071,7 @@ void Library::patchSystemCalls() {

// Patch any remaining system calls that were in the last function before

// the loop terminated.

patchSystemCallsInFunction(maps_, isVDSO_ ? vsys_offset_ : 0, func, stop,

- &extraSpace, &extraLength);

- }

- // Mark our scratch space as write-protected and executable.

- if (extraSpace) {

- Sandbox::SysCalls sys;

- sys.mprotect(extraSpace, 4096, PROT_READ|PROT_EXEC);

+ extraSpace, extraLength);

}

« no previous file with comments | « library.h ('k') | makefile » ('j') | tests/test_patching.cc » ('J')