sandbox/linux/seccomp-bpf/sandbox_bpf.cc - Issue 754433003: Update from https://crrev.com/305340

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/linux/seccomp-bpf/sandbox_bpf.cc

Issue 754433003: Update from https://crrev.com/305340 (Closed) Base URL: git@github.com:domokit/mojo.git@master

Patch Set: Created 6 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: sandbox/linux/seccomp-bpf/sandbox_bpf.cc

diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf.cc b/sandbox/linux/seccomp-bpf/sandbox_bpf.cc

index d5a5d4d983e75e23123d70e0c47349e549217a9f..43c9af6f339be05c5a841da22474b3449144ab17 100644

--- a/sandbox/linux/seccomp-bpf/sandbox_bpf.cc

+++ b/sandbox/linux/seccomp-bpf/sandbox_bpf.cc

@@ -41,6 +41,7 @@

#include "sandbox/linux/seccomp-bpf/trap.h"

#include "sandbox/linux/seccomp-bpf/verifier.h"

#include "sandbox/linux/services/linux_syscalls.h"

+#include "sandbox/linux/services/syscall_wrappers.h"

using sandbox::bpf_dsl::Allow;

using sandbox::bpf_dsl::Error;

@@ -92,8 +93,8 @@ class ProbePolicy : public bpf_dsl::Policy {

};

void ProbeProcess(void) {

- if (syscall(__NR_getpid) < 0 && errno == EPERM) {

- syscall(__NR_exit_group, static_cast<intptr_t>(kExpectedExitCode));

+ if (sys_getpid() < 0 && errno == EPERM) {

+ sys_exit_group(kExpectedExitCode);

}

@@ -117,7 +118,7 @@ void TryVsyscallProcess(void) {

// vsyscall=emulate and some versions of the seccomp BPF patch

// we may get SIGKILL-ed. Detect this!

if (time(&current_time) != static_cast<time_t>(-1)) {

- syscall(__NR_exit_group, static_cast<intptr_t>(kExpectedExitCode));

+ sys_exit_group(kExpectedExitCode);

}

« no previous file with comments | « sandbox/linux/seccomp-bpf/instruction.h ('k') | sandbox/linux/services/credentials.cc » ('j') | no next file with comments »