From 439764b703a5edd48aa878b86fbd07a117b6a3cc Mon Sep 17 00:00:00 2001 From: "mseaborn@chromium.org" Date: Mon, 30 Aug 2010 22:22:07 +0000 Subject: Pull seccomp-sandbox in via DEPS rather than using an in-tree copy This means changes to the sandbox won't have to be committed twice, to both trees. BUG=none TEST=smoke test of running chromium with --enable-seccomp-sandbox Review URL: http://codereview.chromium.org/3249003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@57921 0039d316-1c4b-4281-b951-d872f2087c98 --- sandbox/linux/seccomp/securemem.cc | 105 ------------------------------------- 1 file changed, 105 deletions(-) delete mode 100644 sandbox/linux/seccomp/securemem.cc (limited to 'sandbox/linux/seccomp/securemem.cc') diff --git a/sandbox/linux/seccomp/securemem.cc b/sandbox/linux/seccomp/securemem.cc deleted file mode 100644 index 5f07bbe..0000000 --- a/sandbox/linux/seccomp/securemem.cc +++ /dev/null @@ -1,105 +0,0 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "debug.h" -#include "mutex.h" -#include "sandbox_impl.h" -#include "securemem.h" - -namespace playground { - -void SecureMem::abandonSystemCall(int fd, int err) { - void* rc = reinterpret_cast(err); - if (err) { - Debug::message("System call failed\n"); - } - Sandbox::SysCalls sys; - if (Sandbox::write(sys, fd, &rc, sizeof(rc)) != sizeof(rc)) { - Sandbox::die("Failed to send system call"); - } -} - -void SecureMem::dieIfParentDied(int parentMapsFd) { - // The syscall_mutex_ should not be contended. If it is, we are either - // experiencing a very unusual load of system calls that the sandbox is not - // optimized for; or, more likely, the sandboxed process terminated while the - // trusted process was in the middle of waiting for the mutex. We detect - // this situation and terminate the trusted process. - int alive = !lseek(parentMapsFd, 0, SEEK_SET); - if (alive) { - char buf; - do { - alive = read(parentMapsFd, &buf, 1); - } while (alive < 0 && errno == EINTR); - } - if (!alive) { - Sandbox::die(); - } -} - -void SecureMem::lockSystemCall(int parentMapsFd, Args* mem) { - while (!Mutex::lockMutex(&Sandbox::syscall_mutex_, 500)) { - dieIfParentDied(parentMapsFd); - } - asm volatile( - #if defined(__x86_64__) - "lock; incq (%0)\n" - #elif defined(__i386__) - "lock; incl (%0)\n" - #else - #error Unsupported target platform - #endif - : - : "q"(&mem->sequence) - : "memory"); -} - -void SecureMem::sendSystemCallInternal(int fd, bool locked, int parentMapsFd, - Args* mem, int syscallNum, void* arg1, - void* arg2, void* arg3, void* arg4, - void* arg5, void* arg6) { - if (!locked) { - asm volatile( - #if defined(__x86_64__) - "lock; incq (%0)\n" - #elif defined(__i386__) - "lock; incl (%0)\n" - #else - #error Unsupported target platform - #endif - : - : "q"(&mem->sequence) - : "memory"); - } - mem->callType = locked ? -2 : -1; - mem->syscallNum = syscallNum; - mem->arg1 = arg1; - mem->arg2 = arg2; - mem->arg3 = arg3; - mem->arg4 = arg4; - mem->arg5 = arg5; - mem->arg6 = arg6; - asm volatile( - #if defined(__x86_64__) - "lock; incq (%0)\n" - #elif defined(__i386__) - "lock; incl (%0)\n" - #else - #error Unsupported target platform - #endif - : - : "q"(&mem->sequence) - : "memory"); - Sandbox::SysCalls sys; - if (Sandbox::write(sys, fd, &mem->callType, sizeof(int)) != sizeof(int)) { - Sandbox::die("Failed to send system call"); - } - if (parentMapsFd >= 0) { - while (!Mutex::waitForUnlock(&Sandbox::syscall_mutex_, 500)) { - dieIfParentDied(parentMapsFd); - } - } -} - -} // namespace -- cgit v1.1