[MIPS] Add seccomp bpf support

sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Note: any code in this file MUST be async-signal safe.
 
 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h"
 
 #include <unistd.h>
 
@@ skipping 29 matching lines @@
     // We can't handle any type of error here.
     if (ret <= 0 || static_cast<size_t>(ret) > size) break;
     size -= ret;
     error_message += ret;
   }
 }
 
 // Print a seccomp-bpf failure to handle |sysno| to stderr in an
 // async-signal safe way.
 void PrintSyscallError(uint32_t sysno) {
+#if defined(__mips__)
+  // On MIPS syscall numbers are in different range than on x86 and ARM
+  if ((sysno < __NR_Linux) || (sysno >= __NR_Linux + __NR_Linux_syscalls))

[jln (very slow on Chromium), 2014/05/02 20:42:04]

What is the value of __NR_linux?

We need to make sure that sysno can be printed by the code below (with 4
digits).

We might want to do
if (sysno >= __NR_linux) sysno = sysno - __NR_linux; else sysno = 0;

(and keep the following if (sysno >= 1024) sysno = 0)

[nedeljko, 2014/05/07 15:40:05]

Value of __NR_Linux for is either 4000, 5000 or 6000 depending on ABI and max
value for syscall is __NR_Linux + __NR_Linux_syscalls.
Nevertheless, I decided to truncate value as you suggested because of the
function CrashSIGSYS_Handler that uses only 12 bits for syscall number.

As for keeping if (sysno >= 1024) sysno = 0), on mips max offset from min
syscall number to max number is 350 (__NR_Linux_syscalls) so I didnt keep that
if statement.

One more thing: on O32 ABI the start of syscall range (4000) is also valid
syscall number, so I decided to use the value that is out of range for
appropriate ABI (__NR_Linux + 1000)

+    sysno = 0;
+#else
   if (sysno >= 1024)
     sysno = 0;
+#endif
   // TODO(markus): replace with async-signal safe snprintf when available.
   const size_t kNumDigits = 4;
   char sysno_base10[kNumDigits];
   uint32_t rem = sysno;
   uint32_t mod = 0;
   for (int i = kNumDigits - 1; i >= 0; i--) {
     mod = rem % 10;
     rem /= 10;
     sysno_base10[i] = '0' + mod;
   }
   static const char kSeccompErrorPrefix[] =
       __FILE__":**CRASHING**:" SECCOMP_MESSAGE_COMMON_CONTENT " in syscall ";
   static const char kSeccompErrorPostfix[] = "\n";
   WriteToStdErr(kSeccompErrorPrefix, sizeof(kSeccompErrorPrefix) - 1);
   WriteToStdErr(sysno_base10, sizeof(sysno_base10));
   WriteToStdErr(kSeccompErrorPostfix, sizeof(kSeccompErrorPostfix) - 1);
 }
 
 }  // namespace.
 
 namespace sandbox {
 
 intptr_t CrashSIGSYS_Handler(const struct arch_seccomp_data& args, void* aux) {
   uint32_t syscall = args.nr;
+#if defined(__mips__)
+  // On MIPS syscall numbers are in different range than on x86 and ARM

[jln (very slow on Chromium), 2014/05/02 20:42:04]

Let's make a function TruncSysnoToValu(int sysno, int max_value); instead of
duplicating.

[nedeljko, 2014/05/07 15:40:05]

Done.

+  if ((syscall < __NR_Linux) || (syscall >= __NR_Linux + __NR_Linux_syscalls))
+    syscall = 0;
+#else
   if (syscall >= 1024)
     syscall = 0;
+#endif
   PrintSyscallError(syscall);
 
   // Encode 8-bits of the 1st two arguments too, so we can discern which socket
   // type, which fcntl, ... etc., without being likely to hit a mapped
   // address.
   // Do not encode more bits here without thinking about increasing the
   // likelihood of collision with mapped pages.
   syscall |= ((args.args[0] & 0xffUL) << 12);
   syscall |= ((args.args[1] & 0xffUL) << 20);
   // Purposefully dereference the syscall as an address so it'll show up very
@@ skipping 86 matching lines @@
 
 const char* GetPrctlErrorMessageContentForTests() {
   return SECCOMP_MESSAGE_PRCTL_CONTENT;
 }
 
 const char* GetIoctlErrorMessageContentForTests() {
   return SECCOMP_MESSAGE_IOCTL_CONTENT;
 }
 
 }  // namespace sandbox.