Index: sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc |
diff --git a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc |
index 25398b6a48acb4a6b8689b9bc1bd2a1598e13c66..0f8b1a7260ebaf28476cff85c0e3d6e7841299e5 100644 |
--- a/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc |
+++ b/sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc |
@@ -12,6 +12,7 @@ |
#include "base/posix/eintr_wrapper.h" |
#include "build/build_config.h" |
#include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" |
+#include "sandbox/linux/services/linux_syscalls.h" |
#if defined(__mips__) |
// __NR_Linux, is defined in <asm/unistd.h>. |
@@ -206,6 +207,36 @@ intptr_t SIGSYSFutexFailure(const struct arch_seccomp_data& args, |
_exit(1); |
} |
+intptr_t SIGSYSSchedHandler(const struct arch_seccomp_data& args, |
+ void* aux) { |
+ pid_t tid = syscall(__NR_gettid); |
jln (very slow on Chromium)
2014/09/22 21:56:44
const
rickyz (no longer on Chrome)
2014/09/23 06:03:20
Done.
|
+ if (args.args[0] == (uint64_t) tid) { |
jln (very slow on Chromium)
2014/09/22 21:56:44
A nit (feel free to ignore), but I find it a tad a
jln (very slow on Chromium)
2014/09/22 21:56:44
style: C++ static_cast
rickyz (no longer on Chrome)
2014/09/23 06:03:20
Done.
|
+ switch (args.nr) { |
+ case __NR_sched_getaffinity: |
+ case __NR_sched_getattr: |
+ case __NR_sched_getparam: |
+ case __NR_sched_getscheduler: |
+ case __NR_sched_rr_get_interval: |
+ case __NR_sched_setaffinity: |
+ case __NR_sched_setattr: |
+ case __NR_sched_setparam: |
+ case __NR_sched_setscheduler: |
+ // The first argument the pid |
+ return syscall(args.nr, |
jln (very slow on Chromium)
2014/09/22 21:56:44
glibc's syscall sets errno (which will be discarde
rickyz (no longer on Chrome)
2014/09/23 06:03:20
Ah, good catch - fixed this and added a test that
|
+ 0, |
+ args.args[1], |
+ args.args[2], |
+ args.args[3], |
+ args.args[4], |
+ args.args[5]); |
+ } |
+ } |
+ |
+ CrashSIGSYS_Handler(args, aux); |
+ NOTREACHED(); |
jln (very slow on Chromium)
2014/09/22 21:56:44
Don't use NOTREACHED() here, as it's not async sig
rickyz (no longer on Chrome)
2014/09/23 06:03:20
Done.
|
+ return -1; |
jln (very slow on Chromium)
2014/09/22 21:56:44
return -ENOSYS maybe?
rickyz (no longer on Chrome)
2014/09/23 06:03:20
Done.
|
+} |
+ |
bpf_dsl::ResultExpr CrashSIGSYS() { |
return bpf_dsl::Trap(CrashSIGSYS_Handler, NULL); |
} |
@@ -230,6 +261,10 @@ bpf_dsl::ResultExpr CrashSIGSYSFutex() { |
return bpf_dsl::Trap(SIGSYSFutexFailure, NULL); |
} |
+bpf_dsl::ResultExpr RewriteSchedSIGSYS() { |
+ return bpf_dsl::Trap(SIGSYSSchedHandler, NULL); |
+} |
+ |
const char* GetErrorMessageContentForTests() { |
return SECCOMP_MESSAGE_COMMON_CONTENT; |
} |