diff options
| -rw-r--r-- | AUTHORS | 1 | ||||
| -rw-r--r-- | sandbox/linux/seccomp-bpf/syscall.cc | 11 | ||||
| -rw-r--r-- | sandbox/linux/seccomp-bpf/syscall.h | 92 |
3 files changed, 81 insertions, 23 deletions
@@ -276,6 +276,7 @@ Naveen Bobbili <naveenbobbili@motorola.com> Naveen Bobbili <qghc36@motorola.com> Naveen Kumar S G <naveensg@samsung.com> Nayan Kumar K <qtc746@motorola.com> +Nedeljko Babic <nedeljko.babic@imgtec.com> Nikhil Bansal <n.bansal@samsung.com> Nikita Ofitserov <himikof@gmail.com> Ningxin Hu <ningxin.hu@intel.com> diff --git a/sandbox/linux/seccomp-bpf/syscall.cc b/sandbox/linux/seccomp-bpf/syscall.cc index 64c0b8e..0a028b72 100644 --- a/sandbox/linux/seccomp-bpf/syscall.cc +++ b/sandbox/linux/seccomp-bpf/syscall.cc @@ -8,6 +8,7 @@ #include <errno.h> #include "base/basictypes.h" +#include "base/logging.h" namespace sandbox { @@ -181,7 +182,9 @@ intptr_t Syscall::Call(int nr, intptr_t p2, intptr_t p3, intptr_t p4, - intptr_t p5) { + intptr_t p5, + intptr_t p6, + intptr_t p7) { // We rely on "intptr_t" to be the exact size as a "void *". This is // typically true, but just in case, we add a check. The language // specification allows platforms some leeway in cases, where @@ -192,6 +195,12 @@ intptr_t Syscall::Call(int nr, COMPILE_ASSERT(sizeof(void*) == sizeof(intptr_t), pointer_types_and_intptr_must_be_exactly_the_same_size); + // TODO(nedeljko): Enable use of more than six parameters on architectures + // where that makes sense. + DCHECK_EQ(p6, 0) << " Support for syscalls with more than six arguments not " + "added for this architecture"; + DCHECK_EQ(p7, 0) << " Support for syscalls with more than six arguments not " + "added for this architecture"; const intptr_t args[6] = {p0, p1, p2, p3, p4, p5}; // Invoke our file-scope assembly code. The constraints have been picked diff --git a/sandbox/linux/seccomp-bpf/syscall.h b/sandbox/linux/seccomp-bpf/syscall.h index 57970a3..10a1253 100644 --- a/sandbox/linux/seccomp-bpf/syscall.h +++ b/sandbox/linux/seccomp-bpf/syscall.h @@ -16,21 +16,8 @@ namespace sandbox { // low-level control. class SANDBOX_EXPORT Syscall { public: - // This performs system call |nr| with the arguments p0 to p5 from a constant - // userland address, which is for instance observable by seccomp-bpf filters. - // The constant userland address from which these system calls are made will - // be returned if |nr| is passed as -1. - // On error, this function will return a value between -1 and -4095 which - // should be interpreted as -errno. - static intptr_t Call(int nr, - intptr_t p0, - intptr_t p1, - intptr_t p2, - intptr_t p3, - intptr_t p4, - intptr_t p5); - - // System calls can take up to six parameters. Traditionally, glibc + // System calls can take up to six parameters (up to eight on some + // architectures). Traditionally, glibc // implements this property by using variadic argument lists. This works, but // confuses modern tools such as valgrind, because we are nominally passing // uninitialized data whenever we call through this function and pass less @@ -41,6 +28,47 @@ class SANDBOX_EXPORT Syscall { // necessary. // We have to use C-style cast operators as we want to be able to accept both // integer and pointer types. + template <class T0, + class T1, + class T2, + class T3, + class T4, + class T5, + class T6, + class T7> + static inline intptr_t + Call(int nr, T0 p0, T1 p1, T2 p2, T3 p3, T4 p4, T5 p5, T6 p6, T7 p7) { + return Call(nr, + (intptr_t)p0, + (intptr_t)p1, + (intptr_t)p2, + (intptr_t)p3, + (intptr_t)p4, + (intptr_t)p5, + (intptr_t)p6, + (intptr_t)p7); + } + + template <class T0, + class T1, + class T2, + class T3, + class T4, + class T5, + class T6> + static inline intptr_t + Call(int nr, T0 p0, T1 p1, T2 p2, T3 p3, T4 p4, T5 p5, T6 p6) { + return Call(nr, + (intptr_t)p0, + (intptr_t)p1, + (intptr_t)p2, + (intptr_t)p3, + (intptr_t)p4, + (intptr_t)p5, + (intptr_t)p6, + 0); + } + template <class T0, class T1, class T2, class T3, class T4, class T5> static inline intptr_t Call(int nr, T0 p0, T1 p1, T2 p2, T3 p3, T4 p4, T5 p5) { @@ -50,37 +78,57 @@ class SANDBOX_EXPORT Syscall { (intptr_t)p2, (intptr_t)p3, (intptr_t)p4, - (intptr_t)p5); + (intptr_t)p5, + 0, + 0); } template <class T0, class T1, class T2, class T3, class T4> static inline intptr_t Call(int nr, T0 p0, T1 p1, T2 p2, T3 p3, T4 p4) { - return Call(nr, p0, p1, p2, p3, p4, 0); + return Call(nr, p0, p1, p2, p3, p4, 0, 0, 0); } template <class T0, class T1, class T2, class T3> static inline intptr_t Call(int nr, T0 p0, T1 p1, T2 p2, T3 p3) { - return Call(nr, p0, p1, p2, p3, 0, 0); + return Call(nr, p0, p1, p2, p3, 0, 0, 0, 0); } template <class T0, class T1, class T2> static inline intptr_t Call(int nr, T0 p0, T1 p1, T2 p2) { - return Call(nr, p0, p1, p2, 0, 0, 0); + return Call(nr, p0, p1, p2, 0, 0, 0, 0, 0); } template <class T0, class T1> static inline intptr_t Call(int nr, T0 p0, T1 p1) { - return Call(nr, p0, p1, 0, 0, 0, 0); + return Call(nr, p0, p1, 0, 0, 0, 0, 0, 0); } template <class T0> static inline intptr_t Call(int nr, T0 p0) { - return Call(nr, p0, 0, 0, 0, 0, 0); + return Call(nr, p0, 0, 0, 0, 0, 0, 0, 0); } - static inline intptr_t Call(int nr) { return Call(nr, 0, 0, 0, 0, 0, 0); } + static inline intptr_t Call(int nr) { + return Call(nr, 0, 0, 0, 0, 0, 0, 0, 0); + } private: + // This performs system call |nr| with the arguments p0 to p7 from a constant + // userland address, which is for instance observable by seccomp-bpf filters. + // The constant userland address from which these system calls are made will + // be returned if |nr| is passed as -1. + // On error, this function will return a value between -1 and -4095 which + // should be interpreted as -errno. + static intptr_t Call(int nr, + intptr_t p0, + intptr_t p1, + intptr_t p2, + intptr_t p3, + intptr_t p4, + intptr_t p5, + intptr_t p6, + intptr_t p7); + DISALLOW_IMPLICIT_CONSTRUCTORS(Syscall); }; |