Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(415)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/services/syscall_wrappers.h

Issue 800183004: Add a ForkWithFlags wrapper using the libc clone wrapper. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 6 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | sandbox/linux/services/syscall_wrappers.cc » ('j') | sandbox/linux/services/syscall_wrappers.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_ 5 #ifndef SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_
6 #define SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_ 6 #define SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_
7 7
8 #include <sys/types.h> 8 #include <sys/types.h>
9 9
10 #include "sandbox/sandbox_export.h" 10 #include "sandbox/sandbox_export.h"
11 11
12 struct sock_fprog; 12 struct sock_fprog;
13 struct rlimit64; 13 struct rlimit64;
14 14
15 namespace sandbox { 15 namespace sandbox {
16 16
17 // Provide direct system call wrappers for a few common system calls. 17 // Provide direct system call wrappers for a few common system calls.
18 // These are guaranteed to perform a system call and do not rely on things such 18 // These are guaranteed to perform a system call and do not rely on things such
19 // as caching the current pid (c.f. getpid()). 19 // as caching the current pid (c.f. getpid()) unless otherwise specified.
20 20
21 SANDBOX_EXPORT pid_t sys_getpid(void); 21 SANDBOX_EXPORT pid_t sys_getpid(void);
22 22
23 SANDBOX_EXPORT pid_t sys_gettid(void); 23 SANDBOX_EXPORT pid_t sys_gettid(void);
24 24
25 SANDBOX_EXPORT long sys_clone(unsigned long flags); 25 SANDBOX_EXPORT long sys_clone(unsigned long flags);
26 26
27 // |regs| is not supported and must be passed as nullptr. 27 // |regs| is not supported and must be passed as nullptr. |child_stack| must be
28 // nullptr, since otherwise this function cannot safely return. As a
29 // consequence, this function does not support CLONE_VM.
28 SANDBOX_EXPORT long sys_clone(unsigned long flags, 30 SANDBOX_EXPORT long sys_clone(unsigned long flags,
29 void* child_stack, 31 decltype(nullptr) child_stack,
30 pid_t* ptid, 32 pid_t* ptid,
31 pid_t* ctid, 33 pid_t* ctid,
32 decltype(nullptr) regs); 34 decltype(nullptr) regs);
33 35
36 // A wrapper for clone with fork-like behavior, meaning that it returns the
37 // child's pid in the parent and 0 in the child. |flags| is as in the clone
38 // system call (CLONE_VM is not supported).
39 //
40 // This function uses the libc clone wrapper (which updates libc's pid cache)
41 // internally, so callers may expect things like getpid() to work correctly
42 // after in both the child and parent. An exception is when this code is run
43 // under Valgrind. Valgrind does not support the libc clone wrapper, so the libc
44 // pid cache may be incorrect after this function is called under Valgrind.
jln (very slow on Chromium) 2014/12/17 02:23:42 Nit: document ptid / ctid.
rickyz (no longer on Chrome) 2014/12/17 02:31:34 Done (just folded it into the prev sentence).
45 SANDBOX_EXPORT pid_t
46 ForkWithFlags(unsigned long flags, pid_t* ptid, pid_t* ctid);
47
34 SANDBOX_EXPORT void sys_exit_group(int status); 48 SANDBOX_EXPORT void sys_exit_group(int status);
35 49
36 // The official system call takes |args| as void* (in order to be extensible), 50 // The official system call takes |args| as void* (in order to be extensible),
37 // but add more typing for the cases that are currently used. 51 // but add more typing for the cases that are currently used.
38 SANDBOX_EXPORT int sys_seccomp(unsigned int operation, 52 SANDBOX_EXPORT int sys_seccomp(unsigned int operation,
39 unsigned int flags, 53 unsigned int flags,
40 const struct sock_fprog* args); 54 const struct sock_fprog* args);
41 55
42 // Some libcs do not expose a prlimit64 wrapper. 56 // Some libcs do not expose a prlimit64 wrapper.
43 SANDBOX_EXPORT int sys_prlimit64(pid_t pid, 57 SANDBOX_EXPORT int sys_prlimit64(pid_t pid,
44 int resource, 58 int resource,
45 const struct rlimit64* new_limit, 59 const struct rlimit64* new_limit,
46 struct rlimit64* old_limit); 60 struct rlimit64* old_limit);
47 61
48 } // namespace sandbox 62 } // namespace sandbox
49 63
50 #endif // SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_ 64 #endif // SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_
OLDNEW
« no previous file with comments | « no previous file | sandbox/linux/services/syscall_wrappers.cc » ('j') | sandbox/linux/services/syscall_wrappers.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698