Chromium Code Reviews Chromium Code Reviews
Issue 260793003:
[MIPS] Add seccomp bpf support (Closed)
Base URL: https://git.chromium.org/git/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/linux/seccomp-bpf/syscall.h" | 5 #include "sandbox/linux/seccomp-bpf/syscall.h" |
| 6 | 6 |
| 7 #include <asm/unistd.h> | 7 #include <asm/unistd.h> |
| 8 #include <errno.h> | 8 #include <errno.h> |
| 9 | 9 |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| (...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 161 // Restore the frame pointer. Also restore the program counter from | 161 // Restore the frame pointer. Also restore the program counter from |
| 162 // the link register; this makes us return to the caller. | 162 // the link register; this makes us return to the caller. |
| 163 #if defined(__thumb__) | 163 #if defined(__thumb__) |
| 164 "2:pop {r7, pc}\n" | 164 "2:pop {r7, pc}\n" |
| 165 ".cfi_endproc\n" | 165 ".cfi_endproc\n" |
| 166 #else | 166 #else |
| 167 "2:ldmfd sp!, {fp, pc}\n" | 167 "2:ldmfd sp!, {fp, pc}\n" |
| 168 #endif | 168 #endif |
| 169 ".fnend\n" | 169 ".fnend\n" |
| 170 "9:.size SyscallAsm, 9b-SyscallAsm\n" | 170 "9:.size SyscallAsm, 9b-SyscallAsm\n" |
| 171 #elif defined(__mips__) | |
|
jln (very slow on Chromium)
2014/05/02 20:42:04
I can't review this, do you know someone who can?
nedeljko
2014/05/07 15:40:05
petarj will do a review of this.
| |
| 172 ".text\n" | |
| 173 ".align 2\n" | |
| 174 ".type SyscallAsm, @function\n" | |
| 175 "SyscallAsm:.ent SyscallAsm, 0\n" | |
| 176 ".frame $sp, 32, $ra\n" | |
| 177 ".set push\n" | |
| 178 ".set noreorder\n" | |
| 179 "addiu $sp, $sp, -32\n" | |
| 180 "sw $ra, 28($sp)\n" | |
| 181 // Check if "v0" is negative. If so, do not attempt to make a | |
| 182 // system call. Instead, compute the return address that is visible | |
| 183 // to the kernel after we execute "syscall". This address can be | |
| 184 // used as a marker that BPF code inspects. | |
| 185 "bgez $v0, 1f\n" | |
| 186 " nop\n" | |
| 187 "la $v0, 2f\n" | |
| 188 "b 2f\n" | |
| 189 " addiu $v0, -12\n" | |
| 190 // On MIPS first four arguments go to registers a0 - a3 and any | |
| 191 // argument after that goes to stack. We can go ahead and directly | |
| 192 // copy the entries from the arguments array into the appropriate | |
| 193 // CPU registers and on the stack. | |
| 194 "1:lw $t0, 20($a0)\n" | |
| 195 "sw $t0, 20($sp)\n" | |
| 196 "lw $t0, 16($a0)\n" | |
| 197 "sw $t0, 16($sp)\n" | |
| 198 "lw $a3, 12($a0)\n" | |
| 199 "lw $a2, 8($a0)\n" | |
| 200 "lw $a1, 4($a0)\n" | |
| 201 "lw $a0, 0($a0)\n" | |
| 202 // Enter the kernel | |
| 203 "syscall\n" | |
| 204 // Return value is in v0 instead of syscall number. | |
| 205 "beqz $a3, 2f\n" | |
| 206 " nop\n" | |
| 207 // On error, MIPS returns errno from syscall instead of -errno. | |
| 208 // The purpose of this negation is for SyscallAsm to behave | |
| 209 // more like it would on other architectures. | |
| 210 "subu $v0, $zero, $v0\n" | |
| 211 // This is our "magic" return address that the BPF filter sees. | |
| 212 // Restore the return address from the stack. | |
| 213 "2:lw $ra, 28($sp)\n" | |
| 214 "jr $ra\n" | |
| 215 " addiu $sp, $sp, 32\n" | |
| 216 ".set pop\n" | |
| 217 ".end SyscallAsm\n" | |
| 218 ".size SyscallAsm,.-SyscallAsm\n" | |
| 171 #endif | 219 #endif |
| 172 ); // asm | 220 ); // asm |
| 173 | 221 |
| 174 intptr_t SandboxSyscall(int nr, | 222 intptr_t SandboxSyscall(int nr, |
| 175 intptr_t p0, intptr_t p1, intptr_t p2, | 223 intptr_t p0, intptr_t p1, intptr_t p2, |
| 176 intptr_t p3, intptr_t p4, intptr_t p5) { | 224 intptr_t p3, intptr_t p4, intptr_t p5) { |
| 177 // We rely on "intptr_t" to be the exact size as a "void *". This is | 225 // We rely on "intptr_t" to be the exact size as a "void *". This is |
| 178 // typically true, but just in case, we add a check. The language | 226 // typically true, but just in case, we add a check. The language |
| 179 // specification allows platforms some leeway in cases, where | 227 // specification allows platforms some leeway in cases, where |
| 180 // "sizeof(void *)" is not the same as "sizeof(void (*)())". We expect | 228 // "sizeof(void *)" is not the same as "sizeof(void (*)())". We expect |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 226 // In thumb mode, we cannot use "r7" as a general purpose register, as | 274 // In thumb mode, we cannot use "r7" as a general purpose register, as |
| 227 // it is our frame pointer. We have to manually manage and preserve it. | 275 // it is our frame pointer. We have to manually manage and preserve it. |
| 228 // In ARM mode, we have a dedicated frame pointer register and "r7" is | 276 // In ARM mode, we have a dedicated frame pointer register and "r7" is |
| 229 // thus available as a general purpose register. We don't preserve it, | 277 // thus available as a general purpose register. We don't preserve it, |
| 230 // but instead mark it as clobbered. | 278 // but instead mark it as clobbered. |
| 231 , "r7" | 279 , "r7" |
| 232 #endif // !defined(__thumb__) | 280 #endif // !defined(__thumb__) |
| 233 ); | 281 ); |
| 234 ret = inout; | 282 ret = inout; |
| 235 } | 283 } |
| 284 #elif defined(__mips__) | |
| 285 // In register v0 is syscall number before the call and | |
| 286 // return value from SyscallAsm after the call | |
| 287 register intptr_t ret __asm__("v0") = nr; | |
| 288 { | |
| 289 register const intptr_t *data __asm__("a0") = args; | |
| 290 asm volatile( | |
| 291 ".cprestore 32\n" | |
| 292 "jal SyscallAsm\n" | |
| 293 " nop\n" | |
| 294 // N.B. These are not the calling conventions normally used by the ABI. | |
| 295 : "=r"(ret) | |
| 296 : "0"(ret), "r"(data) | |
| 297 : "memory", "ra" | |
| 298 ); | |
| 299 } | |
| 236 #else | 300 #else |
| 237 errno = ENOSYS; | 301 errno = ENOSYS; |
| 238 intptr_t ret = -1; | 302 intptr_t ret = -1; |
| 239 #endif | 303 #endif |
| 240 return ret; | 304 return ret; |
| 241 } | 305 } |
| 242 | 306 |
| 243 } // namespace sandbox | 307 } // namespace sandbox |
| OLD | NEW |
