Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(49)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/seccomp/maps.cc

Issue 371047: Allow the seccomp sandbox to be enabled, even if the suid sandbox has... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 11 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/linux/seccomp/maps.h ('k') | sandbox/linux/seccomp/mmap.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #include <errno.h> 1 #include <errno.h>
2 #include <fcntl.h> 2 #include <fcntl.h>
3 #include <iostream> 3 #include <iostream>
4 #include <linux/unistd.h> 4 #include <linux/unistd.h>
5 #include <signal.h> 5 #include <signal.h>
6 #include <stdarg.h> 6 #include <stdarg.h>
7 #include <stdlib.h> 7 #include <stdlib.h>
8 #include <sys/ptrace.h> 8 #include <sys/ptrace.h>
9 #include <sys/types.h> 9 #include <sys/types.h>
10 #include <sys/wait.h> 10 #include <sys/wait.h>
11 11
12 #include "library.h" 12 #include "library.h"
13 #include "maps.h" 13 #include "maps.h"
14 #include "sandbox_impl.h" 14 #include "sandbox_impl.h"
15 15
16 namespace playground { 16 namespace playground {
17 17
18 Maps::Maps(const std::string& maps_file) : 18 Maps::Maps(int proc_self_maps) :
19 maps_file_(maps_file), 19 proc_self_maps_(proc_self_maps),
20 begin_iter_(this, true, false), 20 begin_iter_(this, true, false),
21 end_iter_(this, false, true), 21 end_iter_(this, false, true),
22 vsyscall_(0) { 22 vsyscall_(0) {
23 int fd = open(maps_file.c_str(), O_RDONLY);
24 Sandbox::SysCalls sys; 23 Sandbox::SysCalls sys;
25 if (fd >= 0) { 24 if (proc_self_maps_ >= 0 &&
25 !sys.lseek(proc_self_maps_, 0, SEEK_SET)) {
26 char buf[256] = { 0 }; 26 char buf[256] = { 0 };
27 int len = 0, rc = 1; 27 int len = 0, rc = 1;
28 bool long_line = false; 28 bool long_line = false;
29 do { 29 do {
30 if (rc > 0) { 30 if (rc > 0) {
31 rc = Sandbox::read(sys, fd, buf + len, sizeof(buf) - len - 1); 31 rc = Sandbox::read(sys, proc_self_maps_, buf + len,
32 sizeof(buf) - len - 1);
32 if (rc > 0) { 33 if (rc > 0) {
33 len += rc; 34 len += rc;
34 } 35 }
35 } 36 }
36 char *ptr = buf; 37 char *ptr = buf;
37 if (!long_line) { 38 if (!long_line) {
38 long_line = true; 39 long_line = true;
39 unsigned long start = strtoul(ptr, &ptr, 16); 40 unsigned long start = strtoul(ptr, &ptr, 16);
40 unsigned long stop = strtoul(ptr + 1, &ptr, 16); 41 unsigned long stop = strtoul(ptr + 1, &ptr, 16);
41 while (*ptr == ' ' || *ptr == '\t') ++ptr; 42 while (*ptr == ' ' || *ptr == '\t') ++ptr;
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after
88 for (;;) { 89 for (;;) {
89 if (!*ptr || *ptr++ == '\n') { 90 if (!*ptr || *ptr++ == '\n') {
90 long_line = false; 91 long_line = false;
91 memmove(buf, ptr, len - (ptr - buf)); 92 memmove(buf, ptr, len - (ptr - buf));
92 memset(buf + len - (ptr - buf), 0, ptr - buf); 93 memset(buf + len - (ptr - buf), 0, ptr - buf);
93 len -= (ptr - buf); 94 len -= (ptr - buf);
94 break; 95 break;
95 } 96 }
96 } 97 }
97 } while (len || long_line); 98 } while (len || long_line);
98 NOINTR_SYS(close(fd));
99 } 99 }
100 } 100 }
101 101
102 Maps::Iterator::Iterator(Maps* maps, bool at_beginning, bool at_end) 102 Maps::Iterator::Iterator(Maps* maps, bool at_beginning, bool at_end)
103 : maps_(maps), 103 : maps_(maps),
104 at_beginning_(at_beginning), 104 at_beginning_(at_beginning),
105 at_end_(at_end) { 105 at_end_(at_end) {
106 } 106 }
107 107
108 Maps::LibraryMap::iterator& Maps::Iterator::getIterator() const { 108 Maps::LibraryMap::iterator& Maps::Iterator::getIterator() const {
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
148 148
149 std::string Maps::Iterator::name() const { 149 std::string Maps::Iterator::name() const {
150 return getIterator()->first; 150 return getIterator()->first;
151 } 151 }
152 152
153 char* Maps::allocNearAddr(char* addr, size_t size, int prot) const { 153 char* Maps::allocNearAddr(char* addr, size_t size, int prot) const {
154 // We try to allocate memory within 1.5GB of a target address. This means, 154 // We try to allocate memory within 1.5GB of a target address. This means,
155 // we will be able to perform relative 32bit jumps from the target address. 155 // we will be able to perform relative 32bit jumps from the target address.
156 size = (size + 4095) & ~4095; 156 size = (size + 4095) & ~4095;
157 Sandbox::SysCalls sys; 157 Sandbox::SysCalls sys;
158 int fd = sys.open(maps_file_.c_str(), O_RDONLY, 0); 158 if (sys.lseek(proc_self_maps_, 0, SEEK_SET)) {
159 if (fd < 0) {
160 return NULL; 159 return NULL;
161 } 160 }
162 161
163 char buf[256] = { 0 }; 162 char buf[256] = { 0 };
164 int len = 0, rc = 1; 163 int len = 0, rc = 1;
165 bool long_line = false; 164 bool long_line = false;
166 unsigned long gap_start = 0x10000; 165 unsigned long gap_start = 0x10000;
167 char *new_addr; 166 char *new_addr;
168 do { 167 do {
169 if (rc > 0) { 168 if (rc > 0) {
170 do { 169 do {
171 rc = Sandbox::read(sys, fd, buf + len, sizeof(buf) - len - 1); 170 rc = Sandbox::read(sys, proc_self_maps_, buf + len,
171 sizeof(buf) - len - 1);
172 if (rc > 0) { 172 if (rc > 0) {
173 len += rc; 173 len += rc;
174 } 174 }
175 } while (rc > 0 && len < (int)sizeof(buf) - 1); 175 } while (rc > 0 && len < (int)sizeof(buf) - 1);
176 } 176 }
177 char *ptr = buf; 177 char *ptr = buf;
178 if (!long_line) { 178 if (!long_line) {
179 long_line = true; 179 long_line = true;
180 unsigned long start = strtoul(ptr, &ptr, 16); 180 unsigned long start = strtoul(ptr, &ptr, 16);
181 unsigned long stop = strtoul(ptr + 1, &ptr, 16); 181 unsigned long stop = strtoul(ptr + 1, &ptr, 16);
(...skipping 24 matching lines...) Expand all
206 long_line = false; 206 long_line = false;
207 memmove(buf, ptr, len - (ptr - buf)); 207 memmove(buf, ptr, len - (ptr - buf));
208 memset(buf + len - (ptr - buf), 0, ptr - buf); 208 memset(buf + len - (ptr - buf), 0, ptr - buf);
209 len -= (ptr - buf); 209 len -= (ptr - buf);
210 break; 210 break;
211 } 211 }
212 } 212 }
213 } while (len || long_line); 213 } while (len || long_line);
214 new_addr = NULL; 214 new_addr = NULL;
215 done: 215 done:
216 sys.close(fd);
217 return new_addr; 216 return new_addr;
218 } 217 }
219 218
220 } // namespace 219 } // namespace
OLDNEW
« no previous file with comments | « sandbox/linux/seccomp/maps.h ('k') | sandbox/linux/seccomp/mmap.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698