|
Line
Link Here
|
| 0 |
-- a/sandbox/policy/linux/bpf_utility_policy_linux.cc |
0 |
++ b/sandbox/policy/linux/bpf_utility_policy_linux.cc |
|
Lines 34-40
Link Here
|
| 34 |
case __NR_fdatasync: |
34 |
case __NR_fdatasync: |
| 35 |
case __NR_fsync: |
35 |
case __NR_fsync: |
| 36 |
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ |
36 |
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ |
| 37 |
defined(__aarch64__) |
37 |
defined(__aarch64__) || defined(__powerpc64__) |
| 38 |
case __NR_getrlimit: |
38 |
case __NR_getrlimit: |
| 39 |
#endif |
39 |
#endif |
| 40 |
#if defined(__i386__) || defined(__arm__) |
40 |
#if defined(__i386__) || defined(__arm__) |
| 41 |
-- a/sandbox/policy/linux/bpf_renderer_policy_linux.cc |
41 |
++ b/sandbox/policy/linux/bpf_renderer_policy_linux.cc |
|
Lines 77-83
Link Here
|
| 77 |
case __NR_ftruncate64: |
77 |
case __NR_ftruncate64: |
| 78 |
#endif |
78 |
#endif |
| 79 |
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ |
79 |
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ |
| 80 |
defined(__aarch64__) |
80 |
defined(__aarch64__) || defined(__powerpc64__) |
| 81 |
case __NR_getrlimit: |
81 |
case __NR_getrlimit: |
| 82 |
case __NR_setrlimit: |
82 |
case __NR_setrlimit: |
| 83 |
// We allow setrlimit to dynamically adjust the address space limit as |
83 |
// We allow setrlimit to dynamically adjust the address space limit as |
| 84 |
-- a/sandbox/linux/bpf_dsl/linux_syscall_ranges.h |
84 |
++ b/sandbox/linux/bpf_dsl/linux_syscall_ranges.h |
|
Lines 58-66
Link Here
|
| 58 |
|
58 |
|
| 59 |
#elif defined(__powerpc64__) |
59 |
#elif defined(__powerpc64__) |
| 60 |
|
60 |
|
| 61 |
#include <asm/unistd.h> |
61 |
#include <asm-generic/unistd.h> |
| 62 |
#define MIN_SYSCALL 0u |
62 |
#define MIN_SYSCALL 0u |
| 63 |
#define MAX_PUBLIC_SYSCALL 386u |
63 |
#define MAX_PUBLIC_SYSCALL __NR_syscalls |
| 64 |
#define MAX_SYSCALL MAX_PUBLIC_SYSCALL |
64 |
#define MAX_SYSCALL MAX_PUBLIC_SYSCALL |
| 65 |
|
65 |
|
| 66 |
#else |
66 |
#else |
| 67 |
-- a/sandbox/linux/services/credentials.cc |
67 |
++ b/sandbox/linux/services/credentials.cc |
|
Lines 90-96
Link Here
|
| 90 |
|
90 |
|
| 91 |
int clone_flags = CLONE_FS | LINUX_SIGCHLD; |
91 |
int clone_flags = CLONE_FS | LINUX_SIGCHLD; |
| 92 |
void* tls = nullptr; |
92 |
void* tls = nullptr; |
| 93 |
#if (defined(ARCH_CPU_X86_64) || defined(ARCH_CPU_ARM_FAMILY)) && \ |
93 |
// RAJA this might be it... |
|
|
94 |
#if (defined(ARCH_CPU_X86_64) || defined(ARCH_CPU_ARM_FAMILY) || \ |
| 95 |
defined(ARCH_CPU_PPC64_FAMILY)) && \ |
| 94 |
!defined(MEMORY_SANITIZER) |
96 |
!defined(MEMORY_SANITIZER) |
| 95 |
// Use CLONE_VM | CLONE_VFORK as an optimization to avoid copying page tables. |
97 |
// Use CLONE_VM | CLONE_VFORK as an optimization to avoid copying page tables. |
| 96 |
// Since clone writes to the new child's TLS before returning, we must set a |
98 |
// Since clone writes to the new child's TLS before returning, we must set a |
|
Lines 98-103
Link Here
|
| 98 |
// glibc performs syscalls by calling a function pointer in TLS, so we do not |
100 |
// glibc performs syscalls by calling a function pointer in TLS, so we do not |
| 99 |
// attempt this optimization. |
101 |
// attempt this optimization. |
| 100 |
// TODO(crbug.com/1247458) Broken in MSan builds after LLVM f1bb30a4956f. |
102 |
// TODO(crbug.com/1247458) Broken in MSan builds after LLVM f1bb30a4956f. |
|
|
103 |
// |
| 104 |
// NOTE: Without CLONE_VM, fontconfig will attempt to reload configuration |
| 105 |
// in every thread. Since the rendered threads are sandboxed without |
| 106 |
// filesystem access (e.g. to /etc/fonts/fonts.conf) this will cause font |
| 107 |
// configuraiton loading failures and no fonts will be displayed! |
| 101 |
clone_flags |= CLONE_VM | CLONE_VFORK | CLONE_SETTLS; |
108 |
clone_flags |= CLONE_VM | CLONE_VFORK | CLONE_SETTLS; |
| 102 |
|
109 |
|
| 103 |
char tls_buf[PTHREAD_STACK_MIN] = {0}; |
110 |
char tls_buf[PTHREAD_STACK_MIN] = {0}; |
| 104 |
-- a/linux/seccomp-bpf-helpers/sigsys_handlers.cc |
111 |
++ b/linux/seccomp-bpf-helpers/sigsys_handlers.cc |
|
Lines 358-364
Link Here
|
| 358 |
if (args.nr == __NR_fstatat_default) { |
358 |
if (args.nr == __NR_fstatat_default) { |
| 359 |
if (*reinterpret_cast<const char*>(args.args[1]) == '\0' && |
359 |
if (*reinterpret_cast<const char*>(args.args[1]) == '\0' && |
| 360 |
args.args[3] == static_cast<uint64_t>(AT_EMPTY_PATH)) { |
360 |
args.args[3] == static_cast<uint64_t>(AT_EMPTY_PATH)) { |
| 361 |
return syscall(__NR_fstat_default, static_cast<int>(args.args[0]), |
361 |
int fd = static_cast<int>(args.args[0]); |
|
|
362 |
#if defined(__powerpc64__) |
| 363 |
// On ppc64+glibc, some syscalls seem to accidentally negate the first |
| 364 |
// parameter which causes checks against it to fail. For now, manually |
| 365 |
// negate them back. |
| 366 |
// TODO: Investigate the root cause and fix in glibc |
| 367 |
if (fd < 0) |
| 368 |
fd = -fd; |
| 369 |
#endif |
| 370 |
return syscall(__NR_fstat_default, fd, |
| 362 |
reinterpret_cast<default_stat_struct*>(args.args[2])); |
371 |
reinterpret_cast<default_stat_struct*>(args.args[2])); |
| 363 |
} |
372 |
} |
| 364 |
return -reinterpret_cast<intptr_t>(fs_denied_errno); |
373 |
return -reinterpret_cast<intptr_t>(fs_denied_errno); |
