Linux Sandbox: LOG error if a previous SIGSYS handler exists.

SIGSYS is a reserved signal on Linux for the seccomp-bpf sandbox. If a previous handler for SIGSYS exists, log an error. BUG=178166 R=markus@chromium.org Review URL: https://codereview.chromium.org/23960006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@221539 0039d316-1c4b-4281-b951-d872f2087c98
author: jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-09-05 23:25:17 +0000
committer: jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-09-05 23:25:17 +0000
commit: 3bbc01727c811b056b71c97a6259dd967d8f031f (patch)
tree: 8fc7ea9c86bf6758fe7ba2e53c92c8916455ada0 /sandbox
parent: d537003da9f47ea1b1cfcf28cafdda517ed13a79 (diff)
download: chromium_src-3bbc01727c811b056b71c97a6259dd967d8f031f.zip
chromium_src-3bbc01727c811b056b71c97a6259dd967d8f031f.tar.gz
chromium_src-3bbc01727c811b056b71c97a6259dd967d8f031f.tar.bz2
1 files changed, 15 insertions, 1 deletions
diff --git a/sandbox/linux/seccomp-bpf/trap.cc b/sandbox/linux/seccomp-bpf/trap.cc
index 3c30de35..33271e2 100644
--- a/sandbox/linux/seccomp-bpf/trap.cc
+++ b/sandbox/linux/seccomp-bpf/trap.cc
@@ -61,6 +61,14 @@ void SetIsInSigHandler() {
   }
 }
 
+bool IsDefaultSignalAction(const struct sigaction& sa) {
+  if (sa.sa_flags & SA_SIGINFO ||
+      sa.sa_handler != SIG_DFL) {
+    return false;
+  }
+  return true;
+}
+
 }  // namespace
 
 namespace playground2 {
@@ -74,10 +82,16 @@ Trap::Trap()
   struct sigaction sa = { };
   sa.sa_sigaction = SigSysAction;
   sa.sa_flags = SA_SIGINFO | SA_NODEFER;
-  if (sigaction(SIGSYS, &sa, NULL) < 0) {
+  struct sigaction old_sa;
+  if (sigaction(SIGSYS, &sa, &old_sa) < 0) {
     SANDBOX_DIE("Failed to configure SIGSYS handler");
   }
 
+  if (!IsDefaultSignalAction(old_sa)) {
+    // TODO(jln): make this FATAL, at least in DEBUG mode.
+    LOG(ERROR) << "Existing signal handler when trying to install SIGSYS";
+  }
+
   // Unmask SIGSYS
   sigset_t mask;
   if (sigemptyset(&mask) ||
author	jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-09-05 23:25:17 +0000
committer	jln@chromium.org <jln@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-09-05 23:25:17 +0000
commit	3bbc01727c811b056b71c97a6259dd967d8f031f (patch)
tree	8fc7ea9c86bf6758fe7ba2e53c92c8916455ada0 /sandbox
parent	d537003da9f47ea1b1cfcf28cafdda517ed13a79 (diff)
download	chromium_src-3bbc01727c811b056b71c97a6259dd967d8f031f.zip chromium_src-3bbc01727c811b056b71c97a6259dd967d8f031f.tar.gz chromium_src-3bbc01727c811b056b71c97a6259dd967d8f031f.tar.bz2