Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1341)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp-bpf/trap.cc

Issue 23461032: Linux Sandbox: add RawSandboxDie() (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: __attribute__ ((noinline)) for SigSys Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/linux/seccomp-bpf/trap.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <errno.h> 5 #include <errno.h>
6 #include <signal.h> 6 #include <signal.h>
7 #include <string.h> 7 #include <string.h>
8 #include <sys/prctl.h> 8 #include <sys/prctl.h>
9 #include <sys/syscall.h> 9 #include <sys/syscall.h>
10 10
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after
97 global_trap_ = new Trap(); 97 global_trap_ = new Trap();
98 if (!global_trap_) { 98 if (!global_trap_) {
99 SANDBOX_DIE("Failed to allocate global trap handler"); 99 SANDBOX_DIE("Failed to allocate global trap handler");
100 } 100 }
101 } 101 }
102 return global_trap_; 102 return global_trap_;
103 } 103 }
104 104
105 void Trap::SigSysAction(int nr, siginfo_t *info, void *void_context) { 105 void Trap::SigSysAction(int nr, siginfo_t *info, void *void_context) {
106 if (!global_trap_) { 106 if (!global_trap_) {
107 SANDBOX_DIE("This can't happen. Found no global singleton instance " 107 RAW_SANDBOX_DIE("This can't happen. Found no global singleton instance "
108 "for Trap() handling."); 108 "for Trap() handling.");
109 } 109 }
110 global_trap_->SigSys(nr, info, void_context); 110 global_trap_->SigSys(nr, info, void_context);
111 } 111 }
112 112
113 void Trap::SigSys(int nr, siginfo_t *info, void *void_context) { 113 void Trap::SigSys(int nr, siginfo_t *info, void *void_context) {
114 // Signal handlers should always preserve "errno". Otherwise, we could 114 // Signal handlers should always preserve "errno". Otherwise, we could
115 // trigger really subtle bugs. 115 // trigger really subtle bugs.
116 const int old_errno = errno; 116 const int old_errno = errno;
117 117
118 // Various sanity checks to make sure we actually received a signal 118 // Various sanity checks to make sure we actually received a signal
(...skipping 22 matching lines...) Expand all
141 141
142 // Some more sanity checks. 142 // Some more sanity checks.
143 if (sigsys.ip != reinterpret_cast<void *>(SECCOMP_IP(ctx)) || 143 if (sigsys.ip != reinterpret_cast<void *>(SECCOMP_IP(ctx)) ||
144 sigsys.nr != static_cast<int>(SECCOMP_SYSCALL(ctx)) || 144 sigsys.nr != static_cast<int>(SECCOMP_SYSCALL(ctx)) ||
145 sigsys.arch != SECCOMP_ARCH) { 145 sigsys.arch != SECCOMP_ARCH) {
146 // TODO(markus): 146 // TODO(markus):
147 // SANDBOX_DIE() can call LOG(FATAL). This is not normally async-signal 147 // SANDBOX_DIE() can call LOG(FATAL). This is not normally async-signal
148 // safe and can lead to bugs. We should eventually implement a different 148 // safe and can lead to bugs. We should eventually implement a different
149 // logging and reporting mechanism that is safe to be called from 149 // logging and reporting mechanism that is safe to be called from
150 // the sigSys() handler. 150 // the sigSys() handler.
151 SANDBOX_DIE("Sanity checks are failing after receiving SIGSYS."); 151 RAW_SANDBOX_DIE("Sanity checks are failing after receiving SIGSYS.");
152 } 152 }
153 153
154 intptr_t rc; 154 intptr_t rc;
155 if (has_unsafe_traps_ && GetIsInSigHandler(ctx)) { 155 if (has_unsafe_traps_ && GetIsInSigHandler(ctx)) {
156 errno = old_errno; 156 errno = old_errno;
157 if (sigsys.nr == __NR_clone) { 157 if (sigsys.nr == __NR_clone) {
158 SANDBOX_DIE("Cannot call clone() from an UnsafeTrap() handler."); 158 RAW_SANDBOX_DIE("Cannot call clone() from an UnsafeTrap() handler.");
159 } 159 }
160 rc = SandboxSyscall(sigsys.nr, 160 rc = SandboxSyscall(sigsys.nr,
161 SECCOMP_PARM1(ctx), SECCOMP_PARM2(ctx), 161 SECCOMP_PARM1(ctx), SECCOMP_PARM2(ctx),
162 SECCOMP_PARM3(ctx), SECCOMP_PARM4(ctx), 162 SECCOMP_PARM3(ctx), SECCOMP_PARM4(ctx),
163 SECCOMP_PARM5(ctx), SECCOMP_PARM6(ctx)); 163 SECCOMP_PARM5(ctx), SECCOMP_PARM6(ctx));
164 } else { 164 } else {
165 const ErrorCode& err = trap_array_[info->si_errno - 1]; 165 const ErrorCode& err = trap_array_[info->si_errno - 1];
166 if (!err.safe_) { 166 if (!err.safe_) {
167 SetIsInSigHandler(); 167 SetIsInSigHandler();
168 } 168 }
(...skipping 169 matching lines...) Expand 10 before | Expand all | Expand 10 after
338 if (global_trap_ && id > 0 && id <= global_trap_->trap_array_size_) { 338 if (global_trap_ && id > 0 && id <= global_trap_->trap_array_size_) {
339 return global_trap_->trap_array_[id - 1]; 339 return global_trap_->trap_array_[id - 1];
340 } else { 340 } else {
341 return ErrorCode(); 341 return ErrorCode();
342 } 342 }
343 } 343 }
344 344
345 Trap *Trap::global_trap_; 345 Trap *Trap::global_trap_;
346 346
347 } // namespace playground2 347 } // namespace playground2
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp-bpf/trap.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698