Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(782)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: sandbox/linux/seccomp-bpf/sandbox_bpf.cc

Issue 1095133003: Linux sandbox: workaround colliding system call. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: sandbox/linux/seccomp-bpf/sandbox_bpf.cc
diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf.cc b/sandbox/linux/seccomp-bpf/sandbox_bpf.cc
index af397dfaa35b8c583b4c450bf69e1192d3a72bc9..7732573da2b7bb74400691c0166615d6761fe138 100644
--- a/sandbox/linux/seccomp-bpf/sandbox_bpf.cc
+++ b/sandbox/linux/seccomp-bpf/sandbox_bpf.cc
@@ -59,9 +59,37 @@ bool KernelSupportsSeccompBPF() {
return false;
}
+// LG introduced a buggy syscall, sys_set_media_ext with the same number as
palmer 2015/04/21 03:28:43 Typo: s/ /, /
jln (very slow on Chromium) 2015/04/23 00:02:51 Done.
+// seccomp. Return true if the current kernel has this buggy syscall.
+//
+// We want this to work with upcoming versions of seccomp, so we pass bogus
+// flags that are unlikely to ever be used by the kernel. A normal kernel would
+// return -EINVAL, but a buggy LG kernel would return 1.
+bool KernelHasLGBug() {
+#if defined(OS_ANDROID)
+ // This has to be seen as a NULL pointer by sys_set_media_ext to not crash,
palmer 2015/04/21 03:28:43 Nit: I think this comment could be stated more cle
jln (very slow on Chromium) 2015/04/23 00:02:51 Done.
+ // it will be seen as SECCOMP_SET_MODE_STRICT in a genuine seccomp syscall.
+ const unsigned int operation = 0;
+ // Chosen by fair dice roll. Guaranteed to be random.
+ const unsigned int flags = 0xf7a46a5c;
+ const int rv = sys_seccomp(operation, flags, nullptr);
+ // A genuine kernel would EINVAL, or at the very least return some kind of
palmer 2015/04/21 03:28:44 "...would return -1 and set errno to EINVAL. Any o
jln (very slow on Chromium) 2015/04/23 00:02:51 Done.
+ // error.
+ if (rv != -1) {
+ return true;
+ }
+#endif // defined(OS_ANDROID)
+
+ return false;
+}
+
// Check if the kernel supports seccomp-filter via the seccomp system call
// and the TSYNC feature to enable seccomp on all threads.
bool KernelSupportsSeccompTsync() {
+ if (KernelHasLGBug()) {
+ return false;
+ }
+
errno = 0;
const int rv =
sys_seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC, nullptr);
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698