Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(54)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/linux/integration_tests/bpf_dsl_seccomp_unittest.cc

Issue 988693005: Chromium roll (https://codereview.chromium.org/976353002) (Closed) Base URL: https://github.com/domokit/mojo.git@master
Patch Set: fixed bad android build patch Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/linux/BUILD.gn ('k') | services/http_server/http_server_app.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <errno.h> 5 #include <errno.h>
6 #include <fcntl.h> 6 #include <fcntl.h>
7 #include <pthread.h> 7 #include <pthread.h>
8 #include <sched.h> 8 #include <sched.h>
9 #include <signal.h> 9 #include <signal.h>
10 #include <sys/prctl.h> 10 #include <sys/prctl.h>
(...skipping 633 matching lines...) Expand 10 before | Expand all | Expand 10 after
644 setenv(kSandboxDebuggingEnv, "t", 0); 644 setenv(kSandboxDebuggingEnv, "t", 0);
645 Die::SuppressInfoMessages(true); 645 Die::SuppressInfoMessages(true);
646 646
647 // Some system calls must always be allowed, if our policy wants to make 647 // Some system calls must always be allowed, if our policy wants to make
648 // use of UnsafeTrap() 648 // use of UnsafeTrap()
649 if (SandboxBPF::IsRequiredForUnsafeTrap(sysno)) 649 if (SandboxBPF::IsRequiredForUnsafeTrap(sysno))
650 return Allow(); 650 return Allow();
651 return UnsafeTrap(AllowRedirectedSyscall, NULL); 651 return UnsafeTrap(AllowRedirectedSyscall, NULL);
652 } 652 }
653 653
654 #if !defined(ADDRESS_SANITIZER)
655 // ASan does not allow changing the signal handler for SIGBUS, and treats it as
656 // a fatal signal.
657
654 int bus_handler_fd_ = -1; 658 int bus_handler_fd_ = -1;
655 659
656 void SigBusHandler(int, siginfo_t* info, void* void_context) { 660 void SigBusHandler(int, siginfo_t* info, void* void_context) {
657 BPF_ASSERT(write(bus_handler_fd_, "\x55", 1) == 1); 661 BPF_ASSERT(write(bus_handler_fd_, "\x55", 1) == 1);
658 } 662 }
659 663
660 BPF_TEST_C(SandboxBPF, SigBus, RedirectAllSyscallsPolicy) { 664 BPF_TEST_C(SandboxBPF, SigBus, RedirectAllSyscallsPolicy) {
661 // We use the SIGBUS bit in the signal mask as a thread-local boolean 665 // We use the SIGBUS bit in the signal mask as a thread-local boolean
662 // value in the implementation of UnsafeTrap(). This is obviously a bit 666 // value in the implementation of UnsafeTrap(). This is obviously a bit
663 // of a hack that could conceivably interfere with code that uses SIGBUS 667 // of a hack that could conceivably interfere with code that uses SIGBUS
664 // in more traditional ways. This test verifies that basic functionality 668 // in more traditional ways. This test verifies that basic functionality
665 // of SIGBUS is not impacted, but it is certainly possibly to construe 669 // of SIGBUS is not impacted, but it is certainly possibly to construe
666 // more complex uses of signals where our use of the SIGBUS mask is not 670 // more complex uses of signals where our use of the SIGBUS mask is not
667 // 100% transparent. This is expected behavior. 671 // 100% transparent. This is expected behavior.
668 int fds[2]; 672 int fds[2];
669 BPF_ASSERT(socketpair(AF_UNIX, SOCK_STREAM, 0, fds) == 0); 673 BPF_ASSERT(socketpair(AF_UNIX, SOCK_STREAM, 0, fds) == 0);
670 bus_handler_fd_ = fds[1]; 674 bus_handler_fd_ = fds[1];
671 struct sigaction sa = {}; 675 struct sigaction sa = {};
672 sa.sa_sigaction = SigBusHandler; 676 sa.sa_sigaction = SigBusHandler;
673 sa.sa_flags = SA_SIGINFO; 677 sa.sa_flags = SA_SIGINFO;
674 BPF_ASSERT(sigaction(SIGBUS, &sa, NULL) == 0); 678 BPF_ASSERT(sigaction(SIGBUS, &sa, NULL) == 0);
675 raise(SIGBUS); 679 raise(SIGBUS);
676 char c = '\000'; 680 char c = '\000';
677 BPF_ASSERT(read(fds[0], &c, 1) == 1); 681 BPF_ASSERT(read(fds[0], &c, 1) == 1);
678 BPF_ASSERT(close(fds[0]) == 0); 682 BPF_ASSERT(close(fds[0]) == 0);
679 BPF_ASSERT(close(fds[1]) == 0); 683 BPF_ASSERT(close(fds[1]) == 0);
680 BPF_ASSERT(c == 0x55); 684 BPF_ASSERT(c == 0x55);
681 } 685 }
686 #endif // !defined(ADDRESS_SANITIZER)
682 687
683 BPF_TEST_C(SandboxBPF, SigMask, RedirectAllSyscallsPolicy) { 688 BPF_TEST_C(SandboxBPF, SigMask, RedirectAllSyscallsPolicy) {
684 // Signal masks are potentially tricky to handle. For instance, if we 689 // Signal masks are potentially tricky to handle. For instance, if we
685 // ever tried to update them from inside a Trap() or UnsafeTrap() handler, 690 // ever tried to update them from inside a Trap() or UnsafeTrap() handler,
686 // the call to sigreturn() at the end of the signal handler would undo 691 // the call to sigreturn() at the end of the signal handler would undo
687 // all of our efforts. So, it makes sense to test that sigprocmask() 692 // all of our efforts. So, it makes sense to test that sigprocmask()
688 // works, even if we have a policy in place that makes use of UnsafeTrap(). 693 // works, even if we have a policy in place that makes use of UnsafeTrap().
689 // In practice, this works because we force sigprocmask() to be handled 694 // In practice, this works because we force sigprocmask() to be handled
690 // entirely in the kernel. 695 // entirely in the kernel.
691 sigset_t mask0, mask1, mask2; 696 sigset_t mask0, mask1, mask2;
(...skipping 1553 matching lines...) Expand 10 before | Expand all | Expand 10 after
2245 BPF_ASSERT_EQ(ENOSYS, errno); 2250 BPF_ASSERT_EQ(ENOSYS, errno);
2246 2251
2247 BPF_ASSERT_EQ(-1, syscall(__NR_setgid, 300)); 2252 BPF_ASSERT_EQ(-1, syscall(__NR_setgid, 300));
2248 BPF_ASSERT_EQ(EPERM, errno); 2253 BPF_ASSERT_EQ(EPERM, errno);
2249 } 2254 }
2250 2255
2251 } // namespace 2256 } // namespace
2252 2257
2253 } // namespace bpf_dsl 2258 } // namespace bpf_dsl
2254 } // namespace sandbox 2259 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/linux/BUILD.gn ('k') | services/http_server/http_server_app.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698