| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Note: any code in this file MUST be async-signal safe. | 5 // Note: any code in this file MUST be async-signal safe. |
| 6 | 6 |
| 7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" | 7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" |
| 8 | 8 |
| 9 #include <unistd.h> | 9 #include <unistd.h> |
| 10 | 10 |
| 11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 12 #include "base/logging.h" | |
| 13 #include "base/posix/eintr_wrapper.h" | 12 #include "base/posix/eintr_wrapper.h" |
| 14 #include "build/build_config.h" | 13 #include "build/build_config.h" |
| 15 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
| 16 | 15 |
| 17 namespace { | 16 namespace { |
| 18 | 17 |
| 19 inline bool IsArchitectureX86_64() { | 18 inline bool IsArchitectureX86_64() { |
| 20 #if defined(__x86_64__) | 19 #if defined(__x86_64__) |
| 21 return true; | 20 return true; |
| 22 #else | 21 #else |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 88 syscall &= 0xfffUL; | 87 syscall &= 0xfffUL; |
| 89 addr = reinterpret_cast<volatile char*>(syscall); | 88 addr = reinterpret_cast<volatile char*>(syscall); |
| 90 *addr = '\0'; | 89 *addr = '\0'; |
| 91 for (;;) | 90 for (;;) |
| 92 _exit(1); | 91 _exit(1); |
| 93 } | 92 } |
| 94 | 93 |
| 95 // TODO(jln): refactor the reporting functions. | 94 // TODO(jln): refactor the reporting functions. |
| 96 | 95 |
| 97 intptr_t SIGSYSCloneFailure(const struct arch_seccomp_data& args, void* aux) { | 96 intptr_t SIGSYSCloneFailure(const struct arch_seccomp_data& args, void* aux) { |
| 97 static const char kSeccompCloneError[] = |
| 98 __FILE__":**CRASHING**:clone() failure\n"; |
| 99 WriteToStdErr(kSeccompCloneError, sizeof(kSeccompCloneError) - 1); |
| 98 // "flags" is the first argument in the kernel's clone(). | 100 // "flags" is the first argument in the kernel's clone(). |
| 99 // Mark as volatile to be able to find the value on the stack in a minidump. | 101 // Mark as volatile to be able to find the value on the stack in a minidump. |
| 100 #if !defined(NDEBUG) | |
| 101 RAW_LOG(ERROR, __FILE__":**CRASHING**:clone() failure\n"); | |
| 102 #endif | |
| 103 volatile uint64_t clone_flags = args.args[0]; | 102 volatile uint64_t clone_flags = args.args[0]; |
| 104 volatile char* addr; | 103 volatile char* addr; |
| 105 if (IsArchitectureX86_64()) { | 104 if (IsArchitectureX86_64()) { |
| 106 addr = reinterpret_cast<volatile char*>(clone_flags & 0xFFFFFF); | 105 addr = reinterpret_cast<volatile char*>(clone_flags & 0xFFFFFF); |
| 107 *addr = '\0'; | 106 *addr = '\0'; |
| 108 } | 107 } |
| 109 // Hit the NULL page if this fails to fault. | 108 // Hit the NULL page if this fails to fault. |
| 110 addr = reinterpret_cast<volatile char*>(clone_flags & 0xFFF); | 109 addr = reinterpret_cast<volatile char*>(clone_flags & 0xFFF); |
| 111 *addr = '\0'; | 110 *addr = '\0'; |
| 112 for (;;) | 111 for (;;) |
| 113 _exit(1); | 112 _exit(1); |
| 114 } | 113 } |
| 115 | 114 |
| 116 intptr_t SIGSYSPrctlFailure(const struct arch_seccomp_data& args, | 115 intptr_t SIGSYSPrctlFailure(const struct arch_seccomp_data& args, |
| 117 void* /* aux */) { | 116 void* /* aux */) { |
| 117 static const char kSeccompPrctlError[] = |
| 118 __FILE__":**CRASHING**:prctl() failure\n"; |
| 119 WriteToStdErr(kSeccompPrctlError, sizeof(kSeccompPrctlError) - 1); |
| 118 // Mark as volatile to be able to find the value on the stack in a minidump. | 120 // Mark as volatile to be able to find the value on the stack in a minidump. |
| 119 #if !defined(NDEBUG) | |
| 120 RAW_LOG(ERROR, __FILE__":**CRASHING**:prctl() failure\n"); | |
| 121 #endif | |
| 122 volatile uint64_t option = args.args[0]; | 121 volatile uint64_t option = args.args[0]; |
| 123 volatile char* addr = | 122 volatile char* addr = |
| 124 reinterpret_cast<volatile char*>(option & 0xFFF); | 123 reinterpret_cast<volatile char*>(option & 0xFFF); |
| 125 *addr = '\0'; | 124 *addr = '\0'; |
| 126 for (;;) | 125 for (;;) |
| 127 _exit(1); | 126 _exit(1); |
| 128 } | 127 } |
| 129 | 128 |
| 130 intptr_t SIGSYSIoctlFailure(const struct arch_seccomp_data& args, | 129 intptr_t SIGSYSIoctlFailure(const struct arch_seccomp_data& args, |
| 131 void* /* aux */) { | 130 void* /* aux */) { |
| 131 static const char kSeccompIoctlError[] = |
| 132 __FILE__":**CRASHING**:ioctl() failure\n"; |
| 133 WriteToStdErr(kSeccompIoctlError, sizeof(kSeccompIoctlError) - 1); |
| 132 // Make "request" volatile so that we can see it on the stack in a minidump. | 134 // Make "request" volatile so that we can see it on the stack in a minidump. |
| 133 #if !defined(NDEBUG) | |
| 134 RAW_LOG(ERROR, __FILE__":**CRASHING**:ioctl() failure\n"); | |
| 135 #endif | |
| 136 volatile uint64_t request = args.args[1]; | 135 volatile uint64_t request = args.args[1]; |
| 137 volatile char* addr = reinterpret_cast<volatile char*>(request & 0xFFFF); | 136 volatile char* addr = reinterpret_cast<volatile char*>(request & 0xFFFF); |
| 138 *addr = '\0'; | 137 *addr = '\0'; |
| 139 // Hit the NULL page if this fails. | 138 // Hit the NULL page if this fails. |
| 140 addr = reinterpret_cast<volatile char*>(request & 0xFFF); | 139 addr = reinterpret_cast<volatile char*>(request & 0xFFF); |
| 141 *addr = '\0'; | 140 *addr = '\0'; |
| 142 for (;;) | 141 for (;;) |
| 143 _exit(1); | 142 _exit(1); |
| 144 } | 143 } |
| 145 | 144 |
| 146 } // namespace sandbox. | 145 } // namespace sandbox. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 231423002:
Always output seccomp error messages to stderr (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src