You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
chromium/0001-linux-seccomp-bpf-ppc6...

38 lines
1.6 KiB

From b3a14db7637232d30c878cc1f1ad6d8037e81379 Mon Sep 17 00:00:00 2001
From: Shawn Anastasio <shawn@anastas.io>
Date: Tue, 15 Jan 2019 22:42:21 -0600
Subject: [PATCH] linux/seccomp-bpf: ppc64+glibc workaround in SIGSYS handler
Workaround for an apparent issue with glibc negating syscall
parameters. Observed on a ppc64le machine with glibc.
More investigation required.
---
sandbox/linux/seccomp-bpf/trap.cc | 14 ++++++++++++++
1 file changed, 14 insertions(+)
Index: chromium-120.0.6099.71/sandbox/linux/seccomp-bpf/trap.cc
===================================================================
--- chromium-120.0.6099.71.orig/sandbox/linux/seccomp-bpf/trap.cc
+++ chromium-120.0.6099.71/sandbox/linux/seccomp-bpf/trap.cc
@@ -232,6 +232,20 @@ void Trap::SigSys(int nr, LinuxSigInfo*
SetIsInSigHandler();
}
+#if defined(__powerpc64__)
+ // On ppc64+glibc, some syscalls seem to accidentally negate the first
+ // parameter which causes checks against it to fail. For now, manually
+ // negate them back.
+ // TODO(shawn@anastas.io): investigate this issue further
+ auto nr = SECCOMP_SYSCALL(ctx);
+ if (nr == __NR_openat || nr == __NR_mkdirat || nr == __NR_faccessat || nr == __NR_readlinkat ||
+ nr == __NR_renameat || nr == __NR_renameat2 || nr == __NR_newfstatat || nr == __NR_unlinkat) {
+ if (static_cast<int>(SECCOMP_PARM1(ctx)) > 0) {
+ SECCOMP_PARM1(ctx) = -SECCOMP_PARM1(ctx);
+ }
+ }
+#endif
+
// Copy the seccomp-specific data into a arch_seccomp_data structure. This
// is what we are showing to TrapFnc callbacks that the system call
// evaluator registered with the sandbox.