OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Note: any code in this file MUST be async-signal safe. | 5 // Note: any code in this file MUST be async-signal safe. |
6 | 6 |
7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" | 7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" |
8 | 8 |
9 #include <unistd.h> | 9 #include <unistd.h> |
10 | 10 |
11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
12 #include "base/posix/eintr_wrapper.h" | 12 #include "base/posix/eintr_wrapper.h" |
13 #include "build/build_config.h" | 13 #include "build/build_config.h" |
14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
15 | 15 |
16 #define SECCOMP_MESSAGE_COMMON_CONTENT "seccomp-bpf failure" | 16 #define SECCOMP_MESSAGE_COMMON_CONTENT "seccomp-bpf failure" |
17 #define SECCOMP_MESSAGE_CLONE_CONTENT "clone() failure" | 17 #define SECCOMP_MESSAGE_CLONE_CONTENT "clone() failure" |
18 #define SECCOMP_MESSAGE_PRCTL_CONTENT "prctl() failure" | 18 #define SECCOMP_MESSAGE_PRCTL_CONTENT "prctl() failure" |
19 #define SECCOMP_MESSAGE_IOCTL_CONTENT "ioctl() failure" | 19 #define SECCOMP_MESSAGE_IOCTL_CONTENT "ioctl() failure" |
| 20 #define SECCOMP_MESSAGE_KILL_CONTENT "(tg)kill() failure" |
20 | 21 |
21 namespace { | 22 namespace { |
22 | 23 |
23 inline bool IsArchitectureX86_64() { | 24 inline bool IsArchitectureX86_64() { |
24 #if defined(__x86_64__) | 25 #if defined(__x86_64__) |
25 return true; | 26 return true; |
26 #else | 27 #else |
27 return false; | 28 return false; |
28 #endif | 29 #endif |
29 } | 30 } |
(...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
140 volatile uint64_t request = args.args[1]; | 141 volatile uint64_t request = args.args[1]; |
141 volatile char* addr = reinterpret_cast<volatile char*>(request & 0xFFFF); | 142 volatile char* addr = reinterpret_cast<volatile char*>(request & 0xFFFF); |
142 *addr = '\0'; | 143 *addr = '\0'; |
143 // Hit the NULL page if this fails. | 144 // Hit the NULL page if this fails. |
144 addr = reinterpret_cast<volatile char*>(request & 0xFFF); | 145 addr = reinterpret_cast<volatile char*>(request & 0xFFF); |
145 *addr = '\0'; | 146 *addr = '\0'; |
146 for (;;) | 147 for (;;) |
147 _exit(1); | 148 _exit(1); |
148 } | 149 } |
149 | 150 |
| 151 intptr_t SIGSYSKillFailure(const struct arch_seccomp_data& args, |
| 152 void* /* aux */) { |
| 153 static const char kSeccompKillError[] = |
| 154 __FILE__":**CRASHING**:" SECCOMP_MESSAGE_KILL_CONTENT "\n"; |
| 155 WriteToStdErr(kSeccompKillError, sizeof(kSeccompKillError) - 1); |
| 156 // Make "request" volatile so that we can see it on the stack in a minidump. |
| 157 volatile uint64_t pid = args.args[0]; |
| 158 volatile char* addr = reinterpret_cast<volatile char*>(pid & 0xFFF); |
| 159 *addr = '\0'; |
| 160 // Hit the NULL page if this fails. |
| 161 addr = reinterpret_cast<volatile char*>(pid & 0xFFF); |
| 162 *addr = '\0'; |
| 163 for (;;) |
| 164 _exit(1); |
| 165 } |
| 166 |
150 const char* GetErrorMessageContentForTests() { | 167 const char* GetErrorMessageContentForTests() { |
151 return SECCOMP_MESSAGE_COMMON_CONTENT; | 168 return SECCOMP_MESSAGE_COMMON_CONTENT; |
152 } | 169 } |
153 | 170 |
154 const char* GetCloneErrorMessageContentForTests() { | 171 const char* GetCloneErrorMessageContentForTests() { |
155 return SECCOMP_MESSAGE_CLONE_CONTENT; | 172 return SECCOMP_MESSAGE_CLONE_CONTENT; |
156 } | 173 } |
157 | 174 |
158 const char* GetPrctlErrorMessageContentForTests() { | 175 const char* GetPrctlErrorMessageContentForTests() { |
159 return SECCOMP_MESSAGE_PRCTL_CONTENT; | 176 return SECCOMP_MESSAGE_PRCTL_CONTENT; |
160 } | 177 } |
161 | 178 |
162 const char* GetIoctlErrorMessageContentForTests() { | 179 const char* GetIoctlErrorMessageContentForTests() { |
163 return SECCOMP_MESSAGE_IOCTL_CONTENT; | 180 return SECCOMP_MESSAGE_IOCTL_CONTENT; |
164 } | 181 } |
165 | 182 |
166 } // namespace sandbox. | 183 } // namespace sandbox. |
OLD | NEW |