Linux Sandbox: add RawSandboxDie()

Add an async signal safe version of SANDBOX_DIE(). BUG=277240 R=markus@chromium.org Review URL: https://codereview.chromium.org/23461032 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@221558 0039d316-1c4b-4281-b951-d872f2087c98
author: jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-09-06 01:28:16 +0000
committer: jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-09-06 01:28:16 +0000
commit: 835c5c46f1c5d3004b093e89149dca925bbd6397 (patch)
tree: 7193fc913ff2d4a6d0e6ea0741292db88999bae0 /sandbox/linux
parent: c6317be87d3c82c309a00ed245e01b72bc05b16e (diff)
download: chromium_src-835c5c46f1c5d3004b093e89149dca925bbd6397.zip
chromium_src-835c5c46f1c5d3004b093e89149dca925bbd6397.tar.gz
chromium_src-835c5c46f1c5d3004b093e89149dca925bbd6397.tar.bz2
4 files changed, 22 insertions, 6 deletions
diff --git a/sandbox/linux/seccomp-bpf/die.cc b/sandbox/linux/seccomp-bpf/die.cc
index 4962c4d..dfc59a5 100644
--- a/sandbox/linux/seccomp-bpf/die.cc
+++ b/sandbox/linux/seccomp-bpf/die.cc
@@ -55,6 +55,13 @@ void Die::SandboxDie(const char *msg, const char *file, int line) {
   ExitGroup();
 }
 
+void Die::RawSandboxDie(const char *msg) {
+  if (!msg)
+    msg = "";
+  RAW_LOG(FATAL, msg);
+  ExitGroup();
+}
+
 void Die::SandboxInfo(const char *msg, const char *file, int line) {
   if (!suppress_info_) {
   #if defined(SECCOMP_BPF_STANDALONE)
diff --git a/sandbox/linux/seccomp-bpf/die.h b/sandbox/linux/seccomp-bpf/die.h
index f15f108..7c95997 100644
--- a/sandbox/linux/seccomp-bpf/die.h
+++ b/sandbox/linux/seccomp-bpf/die.h
@@ -13,9 +13,13 @@ namespace playground2 {
 class Die {
  public:
   // This is the main API for using this file. Prints a error message and
-  // exits with a fatal error.
+  // exits with a fatal error. This is not async-signal safe.
   #define SANDBOX_DIE(m) playground2::Die::SandboxDie(m, __FILE__, __LINE__)
 
+  // An async signal safe version of the same API. Won't print the filename
+  // and line numbers.
+  #define RAW_SANDBOX_DIE(m) playground2::Die::RawSandboxDie(m)
+
   // Adds an informational message to the log file or stderr as appropriate.
   #define SANDBOX_INFO(m) playground2::Die::SandboxInfo(m, __FILE__, __LINE__)
 
@@ -31,6 +35,8 @@ class Die {
   static void SandboxDie(const char *msg, const char *file, int line)
     __attribute__((noreturn));
 
+  static void RawSandboxDie(const char *msg) __attribute__((noreturn));
+
   // This method gets called by SANDBOX_INFO(). There is normally no reason
   // to call it directly unless you are defining your own logging macro.
   static void SandboxInfo(const char *msg, const char *file, int line);
diff --git a/sandbox/linux/seccomp-bpf/trap.cc b/sandbox/linux/seccomp-bpf/trap.cc
index 33271e2..499c81b 100644
--- a/sandbox/linux/seccomp-bpf/trap.cc
+++ b/sandbox/linux/seccomp-bpf/trap.cc
@@ -118,8 +118,8 @@ Trap *Trap::GetInstance() {
 
 void Trap::SigSysAction(int nr, siginfo_t *info, void *void_context) {
   if (!global_trap_) {
-    SANDBOX_DIE("This can't happen. Found no global singleton instance "
-                "for Trap() handling.");
+    RAW_SANDBOX_DIE("This can't happen. Found no global singleton instance "
+                    "for Trap() handling.");
   }
   global_trap_->SigSys(nr, info, void_context);
 }
@@ -162,14 +162,14 @@ void Trap::SigSys(int nr, siginfo_t *info, void *void_context) {
     // safe and can lead to bugs. We should eventually implement a different
     // logging and reporting mechanism that is safe to be called from
     // the sigSys() handler.
-    SANDBOX_DIE("Sanity checks are failing after receiving SIGSYS.");
+    RAW_SANDBOX_DIE("Sanity checks are failing after receiving SIGSYS.");
   }
 
   intptr_t rc;
   if (has_unsafe_traps_ && GetIsInSigHandler(ctx)) {
     errno = old_errno;
     if (sigsys.nr == __NR_clone) {
-      SANDBOX_DIE("Cannot call clone() from an UnsafeTrap() handler.");
+      RAW_SANDBOX_DIE("Cannot call clone() from an UnsafeTrap() handler.");
     }
     rc = SandboxSyscall(sigsys.nr,
                         SECCOMP_PARM1(ctx), SECCOMP_PARM2(ctx),
diff --git a/sandbox/linux/seccomp-bpf/trap.h b/sandbox/linux/seccomp-bpf/trap.h
index db29757..2a4c6ed 100644
--- a/sandbox/linux/seccomp-bpf/trap.h
+++ b/sandbox/linux/seccomp-bpf/trap.h
@@ -90,7 +90,10 @@ class Trap {
   static Trap *GetInstance();
   static void SigSysAction(int nr, siginfo_t *info, void *void_context);
 
-  void SigSys(int nr, siginfo_t *info, void *void_context);
+  // Make sure that SigSys is not inlined in order to get slightly better crash
+  // dumps.
+  void SigSys(int nr, siginfo_t *info, void *void_context)
+      __attribute__ ((noinline));
   ErrorCode MakeTrapImpl(TrapFnc fnc, const void *aux, bool safe);
   bool SandboxDebuggingAllowedByUser() const;
author	jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-09-06 01:28:16 +0000
committer	jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-09-06 01:28:16 +0000
commit	835c5c46f1c5d3004b093e89149dca925bbd6397 (patch)
tree	7193fc913ff2d4a6d0e6ea0741292db88999bae0 /sandbox/linux
parent	c6317be87d3c82c309a00ed245e01b72bc05b16e (diff)
download	chromium_src-835c5c46f1c5d3004b093e89149dca925bbd6397.zip chromium_src-835c5c46f1c5d3004b093e89149dca925bbd6397.tar.gz chromium_src-835c5c46f1c5d3004b093e89149dca925bbd6397.tar.bz2