OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Note: any code in this file MUST be async-signal safe. | 5 // Note: any code in this file MUST be async-signal safe. |
6 | 6 |
7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" | 7 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" |
8 | 8 |
9 #include <unistd.h> | 9 #include <unistd.h> |
10 | 10 |
11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
12 #include "base/posix/eintr_wrapper.h" | 12 #include "base/posix/eintr_wrapper.h" |
13 #include "build/build_config.h" | 13 #include "build/build_config.h" |
14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" | 14 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
15 | 15 |
16 #define SECCOMP_MESSAGE_COMMON_CONTENT "seccomp-bpf failure" | 16 #define SECCOMP_MESSAGE_COMMON_CONTENT "seccomp-bpf failure" |
17 #define SECCOMP_MESSAGE_CLONE_CONTENT "clone() failure" | 17 #define SECCOMP_MESSAGE_CLONE_CONTENT "clone() failure" |
18 #define SECCOMP_MESSAGE_PRCTL_CONTENT "prctl() failure" | 18 #define SECCOMP_MESSAGE_PRCTL_CONTENT "prctl() failure" |
19 #define SECCOMP_MESSAGE_IOCTL_CONTENT "ioctl() failure" | 19 #define SECCOMP_MESSAGE_IOCTL_CONTENT "ioctl() failure" |
20 #define SECCOMP_MESSAGE_KILL_CONTENT "(tg)kill() failure" | 20 #define SECCOMP_MESSAGE_KILL_CONTENT "(tg)kill() failure" |
| 21 #define SECCOMP_MESSAGE_FUTEX_CONTENT "futex() failure" |
21 | 22 |
22 namespace { | 23 namespace { |
23 | 24 |
24 inline bool IsArchitectureX86_64() { | 25 inline bool IsArchitectureX86_64() { |
25 #if defined(__x86_64__) | 26 #if defined(__x86_64__) |
26 return true; | 27 return true; |
27 #else | 28 #else |
28 return false; | 29 return false; |
29 #endif | 30 #endif |
30 } | 31 } |
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
157 volatile uint64_t pid = args.args[0]; | 158 volatile uint64_t pid = args.args[0]; |
158 volatile char* addr = reinterpret_cast<volatile char*>(pid & 0xFFF); | 159 volatile char* addr = reinterpret_cast<volatile char*>(pid & 0xFFF); |
159 *addr = '\0'; | 160 *addr = '\0'; |
160 // Hit the NULL page if this fails. | 161 // Hit the NULL page if this fails. |
161 addr = reinterpret_cast<volatile char*>(pid & 0xFFF); | 162 addr = reinterpret_cast<volatile char*>(pid & 0xFFF); |
162 *addr = '\0'; | 163 *addr = '\0'; |
163 for (;;) | 164 for (;;) |
164 _exit(1); | 165 _exit(1); |
165 } | 166 } |
166 | 167 |
| 168 intptr_t SIGSYSFutexFailure(const struct arch_seccomp_data& args, |
| 169 void* /* aux */) { |
| 170 static const char kSeccompFutexError[] = |
| 171 __FILE__ ":**CRASHING**:" SECCOMP_MESSAGE_FUTEX_CONTENT "\n"; |
| 172 WriteToStdErr(kSeccompFutexError, sizeof(kSeccompFutexError) - 1); |
| 173 volatile int futex_op = args.args[1]; |
| 174 volatile char* addr = reinterpret_cast<volatile char*>(futex_op & 0xFFF); |
| 175 *addr = '\0'; |
| 176 for (;;) |
| 177 _exit(1); |
| 178 } |
| 179 |
167 const char* GetErrorMessageContentForTests() { | 180 const char* GetErrorMessageContentForTests() { |
168 return SECCOMP_MESSAGE_COMMON_CONTENT; | 181 return SECCOMP_MESSAGE_COMMON_CONTENT; |
169 } | 182 } |
170 | 183 |
171 const char* GetCloneErrorMessageContentForTests() { | 184 const char* GetCloneErrorMessageContentForTests() { |
172 return SECCOMP_MESSAGE_CLONE_CONTENT; | 185 return SECCOMP_MESSAGE_CLONE_CONTENT; |
173 } | 186 } |
174 | 187 |
175 const char* GetPrctlErrorMessageContentForTests() { | 188 const char* GetPrctlErrorMessageContentForTests() { |
176 return SECCOMP_MESSAGE_PRCTL_CONTENT; | 189 return SECCOMP_MESSAGE_PRCTL_CONTENT; |
177 } | 190 } |
178 | 191 |
179 const char* GetIoctlErrorMessageContentForTests() { | 192 const char* GetIoctlErrorMessageContentForTests() { |
180 return SECCOMP_MESSAGE_IOCTL_CONTENT; | 193 return SECCOMP_MESSAGE_IOCTL_CONTENT; |
181 } | 194 } |
182 | 195 |
183 const char* GetKillErrorMessageContentForTests() { | 196 const char* GetKillErrorMessageContentForTests() { |
184 return SECCOMP_MESSAGE_KILL_CONTENT; | 197 return SECCOMP_MESSAGE_KILL_CONTENT; |
185 } | 198 } |
186 | 199 |
| 200 const char* GetFutexErrorMessageContentForTests() { |
| 201 return SECCOMP_MESSAGE_FUTEX_CONTENT; |
| 202 } |
| 203 |
187 } // namespace sandbox. | 204 } // namespace sandbox. |
OLD | NEW |