Chromium Code Reviews Chromium Code Reviews
Issue 11096012:
Add a platform-specific syscall number iterator. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master| Index: sandbox/linux/seccomp-bpf/sandbox_bpf.h |
| diff --git a/sandbox/linux/seccomp-bpf/sandbox_bpf.h b/sandbox/linux/seccomp-bpf/sandbox_bpf.h |
| index 5a177ad72bbd330cdb53fd24dd909392a5c3ac1a..fdf983c5e6d5b89dadfa029ed6f536a500334792 100644 |
| --- a/sandbox/linux/seccomp-bpf/sandbox_bpf.h |
| +++ b/sandbox/linux/seccomp-bpf/sandbox_bpf.h |
| @@ -87,8 +87,9 @@ |
| #define SECCOMP_MAX_PROGRAM_SIZE (1<<30) |
| #if defined(__i386__) |
| -#define MIN_SYSCALL 0u |
| -#define MAX_SYSCALL 1024u |
| +#define MIN_SYSCALL 0u |
| +#define MAX_PUBLIC_SYSCALL 1024u |
| +#define MAX_SYSCALL MAX_PUBLIC_SYSCALL |
| #define SECCOMP_ARCH AUDIT_ARCH_I386 |
| #define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.gregs[(_reg)]) |
| @@ -103,8 +104,9 @@ |
| #define SECCOMP_PARM6(_ctx) SECCOMP_REG(_ctx, REG_EBP) |
| #elif defined(__x86_64__) |
| -#define MIN_SYSCALL 0u |
| -#define MAX_SYSCALL 1024u |
| +#define MIN_SYSCALL 0u |
| +#define MAX_PUBLIC_SYSCALL 1024u |
| +#define MAX_SYSCALL MAX_PUBLIC_SYSCALL |
| #define SECCOMP_ARCH AUDIT_ARCH_X86_64 |
| #define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.gregs[(_reg)]) |
| @@ -123,8 +125,12 @@ |
| // and a "ghost syscall private to the kernel", cmpxchg, |
| // at |__ARM_NR_BASE+0x00fff0|. |
| // See </arch/arm/include/asm/unistd.h> in the Linux kernel. |
| -#define MIN_SYSCALL ((unsigned int)__NR_SYSCALL_BASE) |
| -#define MAX_SYSCALL ((unsigned int)__ARM_NR_BASE + 0x00ffffu) |
| +#define MIN_SYSCALL ((unsigned int)__NR_SYSCALL_BASE) |
| +#define MAX_PUBLIC_SYSCALL (MIN_SYSCALL + 1024u) |
| +#define MIN_PRIVATE_SYSCALL ((unsigned int)__ARM_NR_BASE) |
| +#define MAX_PRIVATE_SYSCALL (MIN_PRIVATE_SYSCALL + 16u) |
| +#define MIN_GHOST_SYSCALL ((unsigned int)__ARM_NR_BASE + 0xfff0u) |
| +#define MAX_SYSCALL (MIN_GHOST_SYSCALL + 4u) |
| // <linux/audit.h> includes <linux/elf-em.h>, which does not define EM_ARM. |
| // <linux/elf.h> only includes <asm/elf.h> if we're in the kernel. |
| # if !defined(EM_ARM) |
| @@ -151,6 +157,15 @@ |
| #endif |
| +#if defined(SECCOMP_BPF_STANDALONE) |
| +#define arraysize(x) (sizeof(x)/sizeof(*(x))) |
| +#define HANDLE_EINTR TEMP_FAILURE_RETRY |
| +#define DISALLOW_IMPLICIT_CONSTRUCTORS(TypeName) \ |
| + TypeName(); \ |
| + TypeName(const TypeName&); \ |
| + void operator=(const TypeName&) |
| +#endif |
| + |
| #include "sandbox/linux/seccomp-bpf/die.h" |
| #include "sandbox/linux/seccomp-bpf/errorcode.h" |
| @@ -169,15 +184,6 @@ struct arch_sigsys { |
| unsigned int arch; |
| }; |
| -#if defined(SECCOMP_BPF_STANDALONE) |
| -#define arraysize(x) sizeof(x)/sizeof(*(x))) |
| -#define HANDLE_EINTR TEMP_FAILURE_RETRY |
| -#define DISALLOW_IMPLICIT_CONSTRUCTORS(TypeName) \ |
| - TypeName(); \ |
| - TypeName(const TypeName&); \ |
| - void operator=(const TypeName&) |
| -#endif |
| - |
| class Sandbox { |
| public: |
| enum SandboxStatus { |
| @@ -217,6 +223,10 @@ class Sandbox { |
| Constraint *constraint); |
| typedef std::vector<std::pair<EvaluateSyscall,EvaluateArguments> >Evaluators; |
| + // ARM has a non-contiguous range of "private" system calls. |
| + // Checks whether a particular system call number is valid. |
|
jln (very slow on Chromium)
2012/10/12 20:26:52
Please remove the specific line about ARM above (o
Jorge Lucangeli Obes
2012/10/13 01:39:30
Done.
|
| + static bool isValidSyscallNumber(int sysnum); |
| + |
| // There are a lot of reasons why the Seccomp sandbox might not be available. |
| // This could be because the kernel does not support Seccomp mode, or it |
| // could be because another sandbox is already active. |
| @@ -291,7 +301,7 @@ class Sandbox { |
| static ErrorCode probeEvaluator(int signo) __attribute__((const)); |
| static void probeProcess(void); |
| - static ErrorCode allowAllEvaluator(int signo); |
| + static ErrorCode allowAllEvaluator(int sysnum); |
| static void tryVsyscallProcess(void); |
| static bool kernelSupportSeccompBPF(int proc_fd); |
| static bool RunFunctionInPolicy(void (*function)(), |
