Chromium Code Reviews Chromium Code Reviews
Issue 278583005:
Linux Sandbox: Add support for SECCOMP_RET_TRACE. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: sandbox/linux/seccomp-bpf/errorcode.h |
| diff --git a/sandbox/linux/seccomp-bpf/errorcode.h b/sandbox/linux/seccomp-bpf/errorcode.h |
| index 7a21f3f2c93e9676c78997fc397bb7268177a914..a77c4007dace4ee9c14db9c04a5ba05797daf7a9 100644 |
| --- a/sandbox/linux/seccomp-bpf/errorcode.h |
| +++ b/sandbox/linux/seccomp-bpf/errorcode.h |
| @@ -30,6 +30,12 @@ class SANDBOX_EXPORT ErrorCode { |
| // "errno" (see below) value instead. |
| ERR_ALLOWED = 0x04000000, |
| + // If the progress is being ptraced with PTRACE_O_TRACESECCOMP, then then |
|
jln (very slow on Chromium)
2014/05/20 03:02:10
Nit: one "then"
rickyz (Google)
2014/05/20 22:34:01
Done.
|
| + // the tracer will be notified of a PTRACE_EVENT_SECCOMP and allowed to |
| + // change or skip the system call. The lower 16 bits of err will be |
| + // available to the tracer via PTRACE_GETEVENTMSG. |
| + ERR_TRACE = 0x08000000, |
| + |
| // Deny the system call with a particular "errno" value. |
| // N.B.: It is also possible to return "0" here. That would normally |
| // indicate success, but it won't actually run the system call. |
