sandbox/linux/services/syscall_wrappers.cc - Issue 800183004: Add a ForkWithFlags wrapper using the libc clone wrapper.

Side by Side Diff: sandbox/linux/services/syscall_wrappers.cc

Issue 800183004: Add a ForkWithFlags wrapper using the libc clone wrapper. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 6 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "sandbox/linux/services/syscall_wrappers.h"	5 #include "sandbox/linux/services/syscall_wrappers.h"

6	6

	7 #include <pthread.h>

	8 #include <sched.h>

	9 #include <setjmp.h>

7 #include <sys/resource.h>	10 #include <sys/resource.h>

8 #include <sys/syscall.h>	11 #include <sys/syscall.h>

9 #include <sys/time.h>	12 #include <sys/time.h>

10 #include <sys/types.h>	13 #include <sys/types.h>

11 #include <unistd.h>	14 #include <unistd.h>

12	15

	16 #include "base/compiler_specific.h"

13 #include "base/logging.h"	17 #include "base/logging.h"

	18 #include "base/third_party/valgrind/valgrind.h"

14 #include "build/build_config.h"	19 #include "build/build_config.h"

15 #include "sandbox/linux/services/linux_syscalls.h"	20 #include "sandbox/linux/services/linux_syscalls.h"

16	21

17 namespace sandbox {	22 namespace sandbox {

18	23

19 pid_t sys_getpid(void) {	24 pid_t sys_getpid(void) {

20 return syscall(__NR_getpid);	25 return syscall(__NR_getpid);

21 }	26 }

22	27

23 pid_t sys_gettid(void) {	28 pid_t sys_gettid(void) {

24 return syscall(__NR_gettid);	29 return syscall(__NR_gettid);

25 }	30 }

26	31

27 long sys_clone(unsigned long flags) {	32 namespace {

28 return sys_clone(flags, nullptr, nullptr, nullptr, nullptr);

29 }

30	33

31 long sys_clone(unsigned long flags,	34 bool CloneArgumentsValid(unsigned long flags, pid_t* ptid, pid_t* ctid) {

32 void* child_stack,

33 pid_t* ptid,

34 pid_t* ctid,

35 decltype(nullptr) tls) {

36 const bool clone_tls_used = flags & CLONE_SETTLS;	35 const bool clone_tls_used = flags & CLONE_SETTLS;

37 const bool invalid_ctid =	36 const bool invalid_ctid =

38 (flags & (CLONE_CHILD_SETTID \| CLONE_CHILD_CLEARTID)) && !ctid;	37 (flags & (CLONE_CHILD_SETTID \| CLONE_CHILD_CLEARTID)) && !ctid;

39 const bool invalid_ptid = (flags & CLONE_PARENT_SETTID) && !ptid;	38 const bool invalid_ptid = (flags & CLONE_PARENT_SETTID) && !ptid;

40 const bool invalid_stack = (flags & CLONE_VM) && !child_stack;

41	39

42 if (clone_tls_used \|\| invalid_ctid \|\| invalid_ptid \|\| invalid_stack) {	40 // We do not support CLONE_VM.

	41 const bool clone_vm_used = flags & CLONE_VM;

	42

	43 return !(clone_tls_used \|\| invalid_ctid \|\| invalid_ptid \|\| clone_vm_used);

	44 }

	45

	46 } // namespace

	47

	48 long sys_clone(unsigned long flags,

	49 decltype(nullptr) child_stack,

	50 pid_t* ptid,

	51 pid_t* ctid,

	52 decltype(nullptr) tls) {

	53

	54 if (!CloneArgumentsValid(flags, ptid, ctid)) {

43 RAW_LOG(FATAL, "Invalid usage of sys_clone");	55 RAW_LOG(FATAL, "Invalid usage of sys_clone");

44 }	56 }

45	57

46 // See kernel/fork.c in Linux. There is different ordering of sys_clone	58 // See kernel/fork.c in Linux. There is different ordering of sys_clone

47 // parameters depending on CONFIG_CLONE_BACKWARDS* configuration options.	59 // parameters depending on CONFIG_CLONE_BACKWARDS* configuration options.

48 #if defined(ARCH_CPU_X86_64)	60 #if defined(ARCH_CPU_X86_64)

49 return syscall(__NR_clone, flags, child_stack, ptid, ctid, tls);	61 return syscall(__NR_clone, flags, child_stack, ptid, ctid, tls);

50 #elif defined(ARCH_CPU_X86) \|\| defined(ARCH_CPU_ARM_FAMILY) \|\| \	62 #elif defined(ARCH_CPU_X86) \|\| defined(ARCH_CPU_ARM_FAMILY) \|\| \

51 defined(ARCH_CPU_MIPS_FAMILY) \|\| defined(ARCH_CPU_MIPS64_FAMILY)	63 defined(ARCH_CPU_MIPS_FAMILY) \|\| defined(ARCH_CPU_MIPS64_FAMILY)

52 // CONFIG_CLONE_BACKWARDS defined.	64 // CONFIG_CLONE_BACKWARDS defined.

53 return syscall(__NR_clone, flags, child_stack, ptid, tls, ctid);	65 return syscall(__NR_clone, flags, child_stack, ptid, tls, ctid);

54 #endif	66 #endif

55 }	67 }

56	68

	69 long sys_clone(unsigned long flags) {

	70 return sys_clone(flags, nullptr, nullptr, nullptr, nullptr);

	71 }

	72

	73 namespace {
	jln (very slow on Chromium) 2014/12/17 02:23:42 It's not typical to have multiple anonymous namesp It's not typical to have multiple anonymous namespace. Let's just move everything to the previous one? rickyz (no longer on Chrome) 2014/12/17 02:31:34 Done. Show quoted text On 2014/12/17 02:23:42, jln wrote: > It's not typical to have multiple anonymous namespace. Let's just move > everything to the previous one? Done.
	74

	75 bool IsRunningOnValgrind() {

	76 return RUNNING_ON_VALGRIND;

	77 }

	78

	79 int CloneHelper(void* arg) {

	80 jmp_buf* env_ptr = reinterpret_cast<jmp_buf*>(arg);

	81 // This function runs on the stack specified on the clone call. Use longjmp to

	82 // switch back to the original stack so the child can return from sys_clone.
	jln (very slow on Chromium) 2014/12/17 02:23:42 Nit: let's move this comment above the function de Nit: let's move this comment above the function definition (and change it slightly to match that). rickyz (no longer on Chrome) 2014/12/17 02:31:34 Done. Show quoted text On 2014/12/17 02:23:42, jln wrote: > Nit: let's move this comment above the function definition (and change it > slightly to match that). Done.
	83 longjmp(*env_ptr, 1);

	84

	85 // Should not be reached.

	86 RAW_CHECK(false);

	87 return 1;

	88 }

	89

	90 // This function is noinline to ensure that stack_buf is below the stack pointer

	91 // that is saved when setjmp is called below. This is needed because when

	92 // compiled with FORTIFY_SOURCE, glibc's longjmp checks that the stack is moved

	93 // upwards.
	jln (very slow on Chromium) 2014/12/17 02:23:42 Nit: add a https://crbug.com/ link Nit: add a https://crbug.com/ link rickyz (no longer on Chrome) 2014/12/17 02:31:34 Done. Show quoted text On 2014/12/17 02:23:42, jln wrote: > Nit: add a https://crbug.com/ link Done.
	94 NOINLINE pid_t CloneAndLongjmpInChild(unsigned long flags,

	95 pid_t* ptid,

	96 pid_t* ctid,

	97 jmp_buf* env) {

	98 // We use the libc clone wrapper instead of making the syscall

	99 // directly because making the syscall may fail to update the libc's

	100 // internal pid cache. The libc interface unfortunately requires

	101 // specifying a new stack, so we use setjmp/longjmp to emulate

	102 // fork-like behavior.

	103 char stack_buf[PTHREAD_STACK_MIN];

	104 #if defined(ARCH_CPU_X86_FAMILY) \|\| defined(ARCH_CPU_ARM_FAMILY) \|\| \

	105 defined(ARCH_CPU_MIPS64_FAMILY) \|\| defined(ARCH_CPU_MIPS_FAMILY)

	106 // The stack grows downward.

	107 void* stack = stack_buf + sizeof(stack_buf);

	108 #else

	109 #error "Unsupported architecture"

	110 #endif

	111 return clone(&CloneHelper, stack, flags, env, ptid, nullptr, ctid);

	112 }

	113

	114 } // namespace

	115

	116 pid_t ForkWithFlags(unsigned long flags, pid_t* ptid, pid_t* ctid) {

	117 // Valgrind's clone implementation does not support specifiying a child_stack

	118 // without CLONE_VM, so we cannot use libc's clone wrapper when running under

	119 // Valgrind. As a result, the libc pid cache may be incorrect under Valgrind.

	120 // See crbug.com/442817 for more details.

	121 if (IsRunningOnValgrind()) {

	122 return sys_clone(flags, nullptr, ptid, ctid, nullptr);

	123 }

	124

	125 if (!CloneArgumentsValid(flags, ptid, ctid)) {
	jln (very slow on Chromium) 2014/12/17 02:23:42 This should be above, no? (And run also on Valgrin This should be above, no? (And run also on Valgrind) rickyz (no longer on Chrome) 2014/12/17 02:31:34 Done. Show quoted text On 2014/12/17 02:23:42, jln wrote: > This should be above, no? (And run also on Valgrind) Done. rickyz (no longer on Chrome) 2014/12/17 02:31:34 Oops, I had left it below since sys_clone has the Show quoted text On 2014/12/17 02:23:42, jln wrote: > This should be above, no? (And run also on Valgrind) Oops, I had left it below since sys_clone has the same check, but yeah, this makes more sense at the top.
	126 RAW_LOG(FATAL, "Invalid usage of ForkWithFlags");

	127 }

	128

	129 jmp_buf env;

	130 if (setjmp(env) == 0) {

	131 return CloneAndLongjmpInChild(flags, ptid, ctid, &env);

	132 }

	133

	134 return 0;

	135 }

	136

57 void sys_exit_group(int status) {	137 void sys_exit_group(int status) {

58 syscall(__NR_exit_group, status);	138 syscall(__NR_exit_group, status);

59 }	139 }

60	140

61 int sys_seccomp(unsigned int operation,	141 int sys_seccomp(unsigned int operation,

62 unsigned int flags,	142 unsigned int flags,

63 const struct sock_fprog* args) {	143 const struct sock_fprog* args) {

64 return syscall(__NR_seccomp, operation, flags, args);	144 return syscall(__NR_seccomp, operation, flags, args);

65 }	145 }

66	146

67 int sys_prlimit64(pid_t pid,	147 int sys_prlimit64(pid_t pid,

68 int resource,	148 int resource,

69 const struct rlimit64* new_limit,	149 const struct rlimit64* new_limit,

70 struct rlimit64* old_limit) {	150 struct rlimit64* old_limit) {

71 return syscall(__NR_prlimit64, pid, resource, new_limit, old_limit);	151 return syscall(__NR_prlimit64, pid, resource, new_limit, old_limit);

72 }	152 }

73	153

74 } // namespace sandbox	154 } // namespace sandbox

OLD	NEW

« sandbox/linux/services/syscall_wrappers.h ('K') | « sandbox/linux/services/syscall_wrappers.h ('k') | sandbox/linux/services/syscall_wrappers_unittest.cc » ('j') | no next file with comments »