Merge 171351

sandbox/linux/seccomp-bpf/sandbox_bpf.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
+#ifndef SECCOMP_BPF_STANDALONE
+#include "base/logging.h"
+#include "base/posix/eintr_wrapper.h"
+#endif
+
 #include "sandbox/linux/seccomp-bpf/codegen.h"
 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"
 #include "sandbox/linux/seccomp-bpf/syscall_iterator.h"
 #include "sandbox/linux/seccomp-bpf/verifier.h"
 
 namespace {
 
 void WriteFailedStderrSetupMessage(int out_fd) {
   const char* error_string = strerror(errno);
-  static const char msg[] = "Failed to set up stderr: ";
+  static const char msg[] = "You have reproduced a puzzling issue.\n"
+                            "Please, report to crbug.com/152530!\n"
+                            "Failed to set up stderr: ";
   if (HANDLE_EINTR(write(out_fd, msg, sizeof(msg)-1)) > 0 && error_string &&
       HANDLE_EINTR(write(out_fd, error_string, strlen(error_string))) > 0 &&
       HANDLE_EINTR(write(out_fd, "\n", 1))) {
   }
 }
 
 }  // namespace
 
 // The kernel gives us a sandbox, we turn it into a playground :-)
 // This is version 2 of the playground; version 1 was built on top of
@@ skipping 75 matching lines @@
     sigprocmask(SIG_SETMASK, &oldMask, NULL);  // OK, if it fails
     SANDBOX_DIE("fork() failed unexpectedly");
   }
 
   // In the child process
   if (!pid) {
     // Test a very simple sandbox policy to verify that we can
     // successfully turn on sandboxing.
     Die::EnableSimpleExit();
 
+    errno = 0;
     if (HANDLE_EINTR(close(fds[0]))) {
+      // This call to close() has been failing in strange ways. See
+      // crbug.com/152530. So we only fail in debug mode now.
+#if !defined(NDEBUG)
       WriteFailedStderrSetupMessage(fds[1]);
       SANDBOX_DIE(NULL);
+#endif
     }
     if (HANDLE_EINTR(dup2(fds[1], 2)) != 2) {
       // Stderr could very well be a file descriptor to .xsession-errors, or
       // another file, which could be backed by a file system that could cause
       // dup2 to fail while trying to close stderr. It's important that we do
       // not fail on trying to close stderr.
       // If dup2 fails here, we will continue normally, this means that our
       // parent won't cause a fatal failure if something writes to stderr in
       // this child.
+#if !defined(NDEBUG)
+      // In DEBUG builds, we still want to get a report.
+      WriteFailedStderrSetupMessage(fds[1]);
+      SANDBOX_DIE(NULL);
+#endif
     }
     if (HANDLE_EINTR(close(fds[1]))) {
+      // This call to close() has been failing in strange ways. See
+      // crbug.com/152530. So we only fail in debug mode now.
+#if !defined(NDEBUG)
       WriteFailedStderrSetupMessage(fds[1]);
       SANDBOX_DIE(NULL);
+#endif
     }
 
     evaluators_.clear();
     setSandboxPolicy(syscallEvaluator, NULL);
     setProcFd(proc_fd);
 
     // By passing "quiet=true" to "startSandboxInternal()" we suppress
     // messages for expected and benign failures (e.g. if the current
     // kernel lacks support for BPF filters).
     startSandboxInternal(true);
@@ skipping 508 matching lines @@
 Sandbox::SandboxStatus Sandbox::status_ = STATUS_UNKNOWN;
 int    Sandbox::proc_fd_                = -1;
 Sandbox::Evaluators Sandbox::evaluators_;
 Sandbox::ErrMap Sandbox::errMap_;
 Sandbox::Traps *Sandbox::traps_         = NULL;
 Sandbox::TrapIds Sandbox::trapIds_;
 ErrorCode *Sandbox::trapArray_          = NULL;
 size_t Sandbox::trapArraySize_          = 0;
 
 }  // namespace