sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc - Issue 314903002: Linux sandbox: restrict futex operations.

Side by Side Diff: sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc

Issue 314903002: Linux sandbox: restrict futex operations. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Add Android header file. Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h ('k') | sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // Note: any code in this file MUST be async-signal safe.	5 // Note: any code in this file MUST be async-signal safe.

6	6

7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"	7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"

8	8

9 #include <unistd.h>	9 #include <unistd.h>

10	10

11 #include "base/basictypes.h"	11 #include "base/basictypes.h"

12 #include "base/posix/eintr_wrapper.h"	12 #include "base/posix/eintr_wrapper.h"

13 #include "build/build_config.h"	13 #include "build/build_config.h"

14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"	14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h"

15	15

16 #define SECCOMP_MESSAGE_COMMON_CONTENT "seccomp-bpf failure"	16 #define SECCOMP_MESSAGE_COMMON_CONTENT "seccomp-bpf failure"

17 #define SECCOMP_MESSAGE_CLONE_CONTENT "clone() failure"	17 #define SECCOMP_MESSAGE_CLONE_CONTENT "clone() failure"

18 #define SECCOMP_MESSAGE_PRCTL_CONTENT "prctl() failure"	18 #define SECCOMP_MESSAGE_PRCTL_CONTENT "prctl() failure"

19 #define SECCOMP_MESSAGE_IOCTL_CONTENT "ioctl() failure"	19 #define SECCOMP_MESSAGE_IOCTL_CONTENT "ioctl() failure"

20 #define SECCOMP_MESSAGE_KILL_CONTENT "(tg)kill() failure"	20 #define SECCOMP_MESSAGE_KILL_CONTENT "(tg)kill() failure"

	21 #define SECCOMP_MESSAGE_FUTEX_CONTENT "futex() failure"

21	22

22 namespace {	23 namespace {

23	24

24 inline bool IsArchitectureX86_64() {	25 inline bool IsArchitectureX86_64() {

25 #if defined(__x86_64__)	26 #if defined(__x86_64__)

26 return true;	27 return true;

27 #else	28 #else

28 return false;	29 return false;

29 #endif	30 #endif

30 }	31 }

(...skipping 126 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
157 volatile uint64_t pid = args.args[0];	158 volatile uint64_t pid = args.args[0];

158 volatile char* addr = reinterpret_cast<volatile char*>(pid & 0xFFF);	159 volatile char* addr = reinterpret_cast<volatile char*>(pid & 0xFFF);

159 *addr = '\0';	160 *addr = '\0';

160 // Hit the NULL page if this fails.	161 // Hit the NULL page if this fails.

161 addr = reinterpret_cast<volatile char*>(pid & 0xFFF);	162 addr = reinterpret_cast<volatile char*>(pid & 0xFFF);

162 *addr = '\0';	163 *addr = '\0';

163 for (;;)	164 for (;;)

164 _exit(1);	165 _exit(1);

165 }	166 }

166	167

	168 intptr_t SIGSYSFutexFailure(const struct arch_seccomp_data& args,

	169 void* /* aux */) {

	170 static const char kSeccompFutexError[] =
	Mark Seaborn 2014/06/04 20:29:41 Nit: alignment is off here Nit: alignment is off here jln (very slow on Chromium) 2014/06/04 20:40:16 Done. Show quoted text On 2014/06/04 20:29:41, Mark Seaborn wrote: > Nit: alignment is off here Done.
	171 __FILE__":CRASHING:" SECCOMP_MESSAGE_FUTEX_CONTENT "\n";

	172 WriteToStdErr(kSeccompFutexError, sizeof(kSeccompFutexError) - 1);

	173 volatile int futex_op = args.args[1];

	174 volatile char* addr = reinterpret_cast<volatile char*>(futex_op & 0xFFF);

	175 *addr = '\0';

	176 for (;;)

	177 _exit(1);

	178 }

	179

167 const char* GetErrorMessageContentForTests() {	180 const char* GetErrorMessageContentForTests() {

168 return SECCOMP_MESSAGE_COMMON_CONTENT;	181 return SECCOMP_MESSAGE_COMMON_CONTENT;

169 }	182 }

170	183

171 const char* GetCloneErrorMessageContentForTests() {	184 const char* GetCloneErrorMessageContentForTests() {

172 return SECCOMP_MESSAGE_CLONE_CONTENT;	185 return SECCOMP_MESSAGE_CLONE_CONTENT;

173 }	186 }

174	187

175 const char* GetPrctlErrorMessageContentForTests() {	188 const char* GetPrctlErrorMessageContentForTests() {

176 return SECCOMP_MESSAGE_PRCTL_CONTENT;	189 return SECCOMP_MESSAGE_PRCTL_CONTENT;

177 }	190 }

178	191

179 const char* GetIoctlErrorMessageContentForTests() {	192 const char* GetIoctlErrorMessageContentForTests() {

180 return SECCOMP_MESSAGE_IOCTL_CONTENT;	193 return SECCOMP_MESSAGE_IOCTL_CONTENT;

181 }	194 }

182	195

183 const char* GetKillErrorMessageContentForTests() {	196 const char* GetKillErrorMessageContentForTests() {

184 return SECCOMP_MESSAGE_KILL_CONTENT;	197 return SECCOMP_MESSAGE_KILL_CONTENT;

185 }	198 }

186	199

	200 const char* GetFutexErrorMessageContentForTests() {

	201 return SECCOMP_MESSAGE_FUTEX_CONTENT;

	202 }

	203

187 } // namespace sandbox.	204 } // namespace sandbox.

OLD	NEW