diff options
| author | rickyz <rickyz@chromium.org> | 2015-01-28 23:00:45 -0800 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-01-29 07:01:46 +0000 |
| commit | ff97bf241072f6dbce00e49c215462ae0c0b7c24 (patch) | |
| tree | daeec4af2ba217e13e75b72bda649a7f64201dab /sandbox | |
| parent | 5d8a530b942dd6786cbe7a484b8b6a9ce9fe2499 (diff) | |
| download | chromium_src-ff97bf241072f6dbce00e49c215462ae0c0b7c24.zip chromium_src-ff97bf241072f6dbce00e49c215462ae0c0b7c24.tar.gz chromium_src-ff97bf241072f6dbce00e49c215462ae0c0b7c24.tar.bz2 | |
Allow getrusage under ASAN.
BUG=413528
Review URL: https://codereview.chromium.org/890493002
Cr-Commit-Position: refs/heads/master@{#313674}
Diffstat (limited to 'sandbox')
4 files changed, 42 insertions, 0 deletions
diff --git a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc index 214b99c..afa74cb 100644 --- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc @@ -109,6 +109,11 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, return Allow(); } + // Used when RSS limiting is enabled in sanitizers. + if (sysno == __NR_getrusage) { + return RestrictGetrusage(); + } + if (sysno == __NR_sigaltstack) { // Required for better stack overflow detection in ASan. Disallowed in // non-ASan builds. diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc index 42d98bb..64a6bb0 100644 --- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc +++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc @@ -304,4 +304,9 @@ ResultExpr RestrictPrlimit64(pid_t target_pid) { return If(pid == 0 || pid == target_pid, Allow()).Else(CrashSIGSYS()); } +ResultExpr RestrictGetrusage() { + const Arg<int> who(0); + return If(who == RUSAGE_SELF, Allow()).Else(CrashSIGSYS()); +} + } // namespace sandbox. diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h index 8bde616..d557c5f 100644 --- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h +++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h @@ -91,6 +91,10 @@ SANDBOX_EXPORT bpf_dsl::ResultExpr RestrictSchedTarget(pid_t target_pid, // or target_pid. SANDBOX_EXPORT bpf_dsl::ResultExpr RestrictPrlimit64(pid_t target_pid); +// Restricts the |who| argument of getrusage to RUSAGE_SELF (meaning the calling +// process). +SANDBOX_EXPORT bpf_dsl::ResultExpr RestrictGetrusage(); + } // namespace sandbox. #endif // SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_PARAMETERS_RESTRICTIONS_H_ diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc index b76b8e1..e374ed2 100644 --- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc +++ b/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions_unittests.cc @@ -240,6 +240,34 @@ BPF_DEATH_TEST_C(ParameterRestrictions, sys_prlimit64(kInitPID, RLIMIT_AS, NULL, NULL); } +class RestrictGetrusagePolicy : public bpf_dsl::Policy { + public: + RestrictGetrusagePolicy() {} + ~RestrictGetrusagePolicy() override {} + + ResultExpr EvaluateSyscall(int sysno) const override { + switch (sysno) { + case __NR_getrusage: + return RestrictGetrusage(); + default: + return Allow(); + } + } +}; + +BPF_TEST_C(ParameterRestrictions, getrusage_allowed, RestrictGetrusagePolicy) { + struct rusage usage; + BPF_ASSERT_EQ(0, getrusage(RUSAGE_SELF, &usage)); +} + +BPF_DEATH_TEST_C(ParameterRestrictions, + getrusage_crash_not_self, + DEATH_SEGV_MESSAGE(sandbox::GetErrorMessageContentForTests()), + RestrictGetrusagePolicy) { + struct rusage usage; + getrusage(RUSAGE_CHILDREN, &usage); +} + } // namespace } // namespace sandbox |