Linux Sandbox: add RawSandboxDie()
Add an async signal safe version of SANDBOX_DIE(). BUG=277240 R=markus@chromium.org Review URL: https://codereview.chromium.org/23461032 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@221558 0039d316-1c4b-4281-b951-d872f2087c98
This commit is contained in:
jln@chromium.org
@ -55,6 +55,13 @@ void Die::SandboxDie(const char *msg, const char *file, int line) {
|
|||||||
ExitGroup();
|
ExitGroup();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void Die::RawSandboxDie(const char *msg) {
|
||||||
|
if (!msg)
|
||||||
|
msg = "";
|
||||||
|
RAW_LOG(FATAL, msg);
|
||||||
|
ExitGroup();
|
||||||
|
}
|
||||||
|
|
||||||
void Die::SandboxInfo(const char *msg, const char *file, int line) {
|
void Die::SandboxInfo(const char *msg, const char *file, int line) {
|
||||||
if (!suppress_info_) {
|
if (!suppress_info_) {
|
||||||
#if defined(SECCOMP_BPF_STANDALONE)
|
#if defined(SECCOMP_BPF_STANDALONE)
|
||||||
|
|||||||
@ -13,9 +13,13 @@ namespace playground2 {
|
|||||||
class Die {
|
class Die {
|
||||||
public:
|
public:
|
||||||
// This is the main API for using this file. Prints a error message and
|
// This is the main API for using this file. Prints a error message and
|
||||||
// exits with a fatal error.
|
// exits with a fatal error. This is not async-signal safe.
|
||||||
#define SANDBOX_DIE(m) playground2::Die::SandboxDie(m, __FILE__, __LINE__)
|
#define SANDBOX_DIE(m) playground2::Die::SandboxDie(m, __FILE__, __LINE__)
|
||||||
|
|
||||||
|
// An async signal safe version of the same API. Won't print the filename
|
||||||
|
// and line numbers.
|
||||||
|
#define RAW_SANDBOX_DIE(m) playground2::Die::RawSandboxDie(m)
|
||||||
|
|
||||||
// Adds an informational message to the log file or stderr as appropriate.
|
// Adds an informational message to the log file or stderr as appropriate.
|
||||||
#define SANDBOX_INFO(m) playground2::Die::SandboxInfo(m, __FILE__, __LINE__)
|
#define SANDBOX_INFO(m) playground2::Die::SandboxInfo(m, __FILE__, __LINE__)
|
||||||
|
|
||||||
@ -31,6 +35,8 @@ class Die {
|
|||||||
static void SandboxDie(const char *msg, const char *file, int line)
|
static void SandboxDie(const char *msg, const char *file, int line)
|
||||||
__attribute__((noreturn));
|
__attribute__((noreturn));
|
||||||
|
|
||||||
|
static void RawSandboxDie(const char *msg) __attribute__((noreturn));
|
||||||
|
|
||||||
// This method gets called by SANDBOX_INFO(). There is normally no reason
|
// This method gets called by SANDBOX_INFO(). There is normally no reason
|
||||||
// to call it directly unless you are defining your own logging macro.
|
// to call it directly unless you are defining your own logging macro.
|
||||||
static void SandboxInfo(const char *msg, const char *file, int line);
|
static void SandboxInfo(const char *msg, const char *file, int line);
|
||||||
|
|||||||
@ -118,8 +118,8 @@ Trap *Trap::GetInstance() {
|
|||||||
|
|
||||||
void Trap::SigSysAction(int nr, siginfo_t *info, void *void_context) {
|
void Trap::SigSysAction(int nr, siginfo_t *info, void *void_context) {
|
||||||
if (!global_trap_) {
|
if (!global_trap_) {
|
||||||
SANDBOX_DIE("This can't happen. Found no global singleton instance "
|
RAW_SANDBOX_DIE("This can't happen. Found no global singleton instance "
|
||||||
"for Trap() handling.");
|
"for Trap() handling.");
|
||||||
}
|
}
|
||||||
global_trap_->SigSys(nr, info, void_context);
|
global_trap_->SigSys(nr, info, void_context);
|
||||||
}
|
}
|
||||||
@ -162,14 +162,14 @@ void Trap::SigSys(int nr, siginfo_t *info, void *void_context) {
|
|||||||
// safe and can lead to bugs. We should eventually implement a different
|
// safe and can lead to bugs. We should eventually implement a different
|
||||||
// logging and reporting mechanism that is safe to be called from
|
// logging and reporting mechanism that is safe to be called from
|
||||||
// the sigSys() handler.
|
// the sigSys() handler.
|
||||||
SANDBOX_DIE("Sanity checks are failing after receiving SIGSYS.");
|
RAW_SANDBOX_DIE("Sanity checks are failing after receiving SIGSYS.");
|
||||||
}
|
}
|
||||||
|
|
||||||
intptr_t rc;
|
intptr_t rc;
|
||||||
if (has_unsafe_traps_ && GetIsInSigHandler(ctx)) {
|
if (has_unsafe_traps_ && GetIsInSigHandler(ctx)) {
|
||||||
errno = old_errno;
|
errno = old_errno;
|
||||||
if (sigsys.nr == __NR_clone) {
|
if (sigsys.nr == __NR_clone) {
|
||||||
SANDBOX_DIE("Cannot call clone() from an UnsafeTrap() handler.");
|
RAW_SANDBOX_DIE("Cannot call clone() from an UnsafeTrap() handler.");
|
||||||
}
|
}
|
||||||
rc = SandboxSyscall(sigsys.nr,
|
rc = SandboxSyscall(sigsys.nr,
|
||||||
SECCOMP_PARM1(ctx), SECCOMP_PARM2(ctx),
|
SECCOMP_PARM1(ctx), SECCOMP_PARM2(ctx),
|
||||||
|
|||||||
@ -90,7 +90,10 @@ class Trap {
|
|||||||
static Trap *GetInstance();
|
static Trap *GetInstance();
|
||||||
static void SigSysAction(int nr, siginfo_t *info, void *void_context);
|
static void SigSysAction(int nr, siginfo_t *info, void *void_context);
|
||||||
|
|
||||||
void SigSys(int nr, siginfo_t *info, void *void_context);
|
// Make sure that SigSys is not inlined in order to get slightly better crash
|
||||||
|
// dumps.
|
||||||
|
void SigSys(int nr, siginfo_t *info, void *void_context)
|
||||||
|
__attribute__ ((noinline));
|
||||||
ErrorCode MakeTrapImpl(TrapFnc fnc, const void *aux, bool safe);
|
ErrorCode MakeTrapImpl(TrapFnc fnc, const void *aux, bool safe);
|
||||||
bool SandboxDebuggingAllowedByUser() const;
|
bool SandboxDebuggingAllowedByUser() const;
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user