Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(17)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/zygote/zygote_main_linux.cc

Issue 585123003: Linux sandbox: add behind-flag USR2 handler for crash debugging. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Print message after chroot. Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/zygote/zygote_main_linux.cc
diff --git a/content/zygote/zygote_main_linux.cc b/content/zygote/zygote_main_linux.cc
index b77471a88d956a5fae66617ba90718fa4e187460..7cc9cb27776a2fd3efd1e6b045bc5b419641a2c0 100644
--- a/content/zygote/zygote_main_linux.cc
+++ b/content/zygote/zygote_main_linux.cc
@@ -7,6 +7,7 @@
#include <dlfcn.h>
#include <fcntl.h>
#include <pthread.h>
+#include <signal.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
@@ -22,6 +23,7 @@
#include "base/posix/eintr_wrapper.h"
#include "base/posix/unix_domain_socket_linux.h"
#include "base/rand_util.h"
+#include "base/strings/safe_sprintf.h"
#include "base/strings/string_number_conversions.h"
#include "base/sys_info.h"
#include "build/build_config.h"
@@ -64,6 +66,40 @@
namespace content {
+namespace {
+
+void DoChrootSignalHandler(int) {
+ const int old_errno = errno;
+ const char kFirstMessage[] = "Chroot signal handler called.\n";
+ ignore_result(write(STDERR_FILENO, kFirstMessage, sizeof(kFirstMessage) - 1));
+
+ ignore_result(chroot("/"));
+
+ char kSecondMessage[100];
+ const ssize_t printed = base::strings::SafeSPrintf(
+ kSecondMessage, "chroot() returned. Errno is %d.\n", errno);
mdempsky 2014/09/19 23:35:40 Maybe go ahead and include chroot()'s return value
jln (very slow on Chromium) 2014/09/19 23:42:30 Done
+ if (printed > 0 && printed < static_cast<ssize_t>(sizeof(kSecondMessage))) {
+ ignore_result(write(STDERR_FILENO, kSecondMessage, printed));
+ }
+ errno = old_errno;
+}
+
+// This is a quick hack to allow testing sandbox crash reports in production
+// binaries.
+// This installs a signal handler for SIGUSR2 that performs a chroot().
+// In most of our BPF policies, it is a "watched" system call which will
+// trigger a SIGSYS signal whose handler will crash.
+// This has been added during the investigation of https://crbug.com/415842.
+void InstallSandboxCrashTestHandler() {
+ struct sigaction act = {};
+ act.sa_handler = DoChrootSignalHandler;
+ CHECK_EQ(0, sigemptyset(&act.sa_mask));
+ act.sa_flags = 0;
+
+ PCHECK(0 == sigaction(SIGUSR2, &act, NULL));
+}
+}
mdempsky 2014/09/19 23:35:40 (Should have a "// namespace" comment, I think?)
jln (very slow on Chromium) 2014/09/19 23:42:30 Done.
+
// See http://code.google.com/p/chromium/wiki/LinuxZygote
static void ProxyLocaltimeCallToBrowser(time_t input, struct tm* output,
@@ -411,6 +447,8 @@ static bool EnterSuidSandbox(sandbox::SetuidSandboxClient* setuid_sandbox,
return false;
}
}
+
+ InstallSandboxCrashTestHandler();
#endif
return true;
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698