Issue 1295513003: Non-SFI mode: Sandbox support for NaCl async-signals.

Issue 1295513003: Non-SFI mode: Sandbox support for NaCl async-signals. (Closed)

Created:
5 years, 4 months ago by Luis Héctor Chávez

Modified:
5 years, 4 months ago

Reviewers:
Mark Seaborn, jln (very slow on Chromium), mdempsky

CC:
chromium-reviews

Base URL:
https://chromium.googlesource.com/chromium/src.git@master

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Non-SFI mode: Sandbox support for NaCl async-signals. In preparation for the async-signal support change in https://codereview.chromium.org/1212613002, this CL allows two new syscalls: * clone() with CLONE_PARENT_SETTID. * tgkill() with the current pid as tgid and SIGUSR1 as signal number. TEST=nacl_loader_unittests TEST=Ran bots TEST=ARC async-signals work BUG=nativeclient:4065 R=mseaborn@chromium.org Committed: https://crrev.com/1a9a9ce3b6bec20af9c0bcc9427f654d53697abe Cr-Commit-Position: refs/heads/master@{#343807}

Patch Set 1 #

Total comments: 5

Patch Set 2 : Added a TODO to remove a flag after NaCl roll #

Patch Set 3 : Added positive restriction for tid + unit tests #

Total comments: 1

Patch Set 4 : Fixed unit tests #

Patch Set 5 : Used the correct constant for SIGUSR1 #

Total comments: 6

Patch Set 6 : Addressed feedback #

Total comments: 2

Patch Set 7 : Added a const #

Created: 5 years, 4 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+103 lines, -3 lines)			Patch
M	components/nacl/loader/nonsfi/nonsfi_sandbox.h	View	1 2 3 4 5 6	1 chunk	+5 lines, -2 lines	0 comments	Download
M	components/nacl/loader/nonsfi/nonsfi_sandbox.cc	View	1 2 3 4 5	5 chunks	+31 lines, -1 line	0 comments	Download
M	components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc	View	1 2 3 4 5	1 chunk	+67 lines, -0 lines	0 comments	Download

Messages

Total messages: 22 (6 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

Mark Seaborn

LGTM. I'd like Julien to sign off on this too. https://codereview.chromium.org/1295513003/diff/1/components/nacl/loader/nonsfi/nonsfi_sandbox.cc File components/nacl/loader/nonsfi/nonsfi_sandbox.cc (right): https://codereview.chromium.org/1295513003/diff/1/components/nacl/loader/nonsfi/nonsfi_sandbox.cc#newcode87 ...

5 years, 4 months ago (2015-08-13 23:38:10 UTC) #3

Luis Héctor Chávez

https://codereview.chromium.org/1295513003/diff/1/components/nacl/loader/nonsfi/nonsfi_sandbox.cc File components/nacl/loader/nonsfi/nonsfi_sandbox.cc (right): https://codereview.chromium.org/1295513003/diff/1/components/nacl/loader/nonsfi/nonsfi_sandbox.cc#newcode87 components/nacl/loader/nonsfi/nonsfi_sandbox.cc:87: return If(flags == clone_flags || On 2015/08/13 23:38:10, Mark ...

5 years, 4 months ago (2015-08-14 00:29:32 UTC) #4

Mark Seaborn

https://codereview.chromium.org/1295513003/diff/1/components/nacl/loader/nonsfi/nonsfi_sandbox.cc File components/nacl/loader/nonsfi/nonsfi_sandbox.cc (right): https://codereview.chromium.org/1295513003/diff/1/components/nacl/loader/nonsfi/nonsfi_sandbox.cc#newcode155 components/nacl/loader/nonsfi/nonsfi_sandbox.cc:155: return If(tgid == getpid() && signum == LINUX_SIGUSR1, On ...

5 years, 4 months ago (2015-08-14 20:12:41 UTC) #5

Luis Héctor Chávez

On 2015/08/14 20:12:41, Mark Seaborn wrote: > https://codereview.chromium.org/1295513003/diff/1/components/nacl/loader/nonsfi/nonsfi_sandbox.cc > File components/nacl/loader/nonsfi/nonsfi_sandbox.cc (right): > > https://codereview.chromium.org/1295513003/diff/1/components/nacl/loader/nonsfi/nonsfi_sandbox.cc#newcode155 ...

5 years, 4 months ago (2015-08-14 21:16:24 UTC) #6

Mark Seaborn

https://codereview.chromium.org/1295513003/diff/40001/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc File components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc (right): https://codereview.chromium.org/1295513003/diff/40001/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc#newcode648 components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc:648: int tid = syscall(__NR_gettid); Won't this test get killed ...

5 years, 4 months ago (2015-08-14 21:25:20 UTC) #7

Luis Héctor Chávez

On 2015/08/14 21:25:20, Mark Seaborn wrote: > https://codereview.chromium.org/1295513003/diff/40001/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc > File components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc (right): > > https://codereview.chromium.org/1295513003/diff/40001/components/nacl/loader/nonsfi/nonsfi_sandbox_unittest.cc#newcode648 ...

5 years, 4 months ago (2015-08-14 21:46:03 UTC) #8

jln (very slow on Chromium)

+cc mdempsky FYI https://chromiumcodereview.appspot.com/1295513003/diff/80001/components/nacl/loader/nonsfi/nonsfi_sandbox.cc File components/nacl/loader/nonsfi/nonsfi_sandbox.cc (right): https://chromiumcodereview.appspot.com/1295513003/diff/80001/components/nacl/loader/nonsfi/nonsfi_sandbox.cc#newcode157 components/nacl/loader/nonsfi/nonsfi_sandbox.cc:157: return If(tgid == getpid() && Don't ...

5 years, 4 months ago (2015-08-17 21:21:12 UTC) #10

Luis Héctor Chávez

https://chromiumcodereview.appspot.com/1295513003/diff/80001/components/nacl/loader/nonsfi/nonsfi_sandbox.cc File components/nacl/loader/nonsfi/nonsfi_sandbox.cc (right): https://chromiumcodereview.appspot.com/1295513003/diff/80001/components/nacl/loader/nonsfi/nonsfi_sandbox.cc#newcode157 components/nacl/loader/nonsfi/nonsfi_sandbox.cc:157: return If(tgid == getpid() && On 2015/08/17 21:21:11, jln ...

5 years, 4 months ago (2015-08-17 22:13:07 UTC) #11

jln (very slow on Chromium)

lgtm with nit https://chromiumcodereview.appspot.com/1295513003/diff/100001/components/nacl/loader/nonsfi/nonsfi_sandbox.h File components/nacl/loader/nonsfi/nonsfi_sandbox.h (right): https://chromiumcodereview.appspot.com/1295513003/diff/100001/components/nacl/loader/nonsfi/nonsfi_sandbox.h#newcode29 components/nacl/loader/nonsfi/nonsfi_sandbox.h:29: pid_t policy_pid_; const

5 years, 4 months ago (2015-08-17 23:08:35 UTC) #12

Luis Héctor Chávez

https://chromiumcodereview.appspot.com/1295513003/diff/100001/components/nacl/loader/nonsfi/nonsfi_sandbox.h File components/nacl/loader/nonsfi/nonsfi_sandbox.h (right): https://chromiumcodereview.appspot.com/1295513003/diff/100001/components/nacl/loader/nonsfi/nonsfi_sandbox.h#newcode29 components/nacl/loader/nonsfi/nonsfi_sandbox.h:29: pid_t policy_pid_; On 2015/08/17 23:08:35, jln (slow on Chromium) ...

5 years, 4 months ago (2015-08-17 23:14:59 UTC) #13

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1295513003/120001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1295513003/120001

5 years, 4 months ago (2015-08-18 00:33:47 UTC) #16

commit-bot: I haz the power

Try jobs failed on following builders: linux_chromium_rel_ng on tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_rel_ng/builds/99467)

5 years, 4 months ago (2015-08-18 03:16:19 UTC) #18

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1295513003/120001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1295513003/120001

5 years, 4 months ago (2015-08-18 04:34:03 UTC) #20

commit-bot: I haz the power

5 years, 4 months ago (2015-08-18 05:14:59 UTC) #22

Message was sent while issue was closed.

Patchset 7 (id:??) landed as
https://crrev.com/1a9a9ce3b6bec20af9c0bcc9427f654d53697abe
Cr-Commit-Position: refs/heads/master@{#343807}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages