Line
Link Here
|
0 |
-- a/sandbox/policy/linux/bpf_utility_policy_linux.cc |
0 |
++ b/sandbox/policy/linux/bpf_utility_policy_linux.cc |
Lines 34-40
Link Here
|
34 |
case __NR_fdatasync: |
34 |
case __NR_fdatasync: |
35 |
case __NR_fsync: |
35 |
case __NR_fsync: |
36 |
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ |
36 |
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ |
37 |
defined(__aarch64__) |
37 |
defined(__aarch64__) || defined(__powerpc64__) |
38 |
case __NR_getrlimit: |
38 |
case __NR_getrlimit: |
39 |
#endif |
39 |
#endif |
40 |
#if defined(__i386__) || defined(__arm__) |
40 |
#if defined(__i386__) || defined(__arm__) |
41 |
-- a/sandbox/policy/linux/bpf_renderer_policy_linux.cc |
41 |
++ b/sandbox/policy/linux/bpf_renderer_policy_linux.cc |
Lines 77-83
Link Here
|
77 |
case __NR_ftruncate64: |
77 |
case __NR_ftruncate64: |
78 |
#endif |
78 |
#endif |
79 |
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ |
79 |
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \ |
80 |
defined(__aarch64__) |
80 |
defined(__aarch64__) || defined(__powerpc64__) |
81 |
case __NR_getrlimit: |
81 |
case __NR_getrlimit: |
82 |
case __NR_setrlimit: |
82 |
case __NR_setrlimit: |
83 |
// We allow setrlimit to dynamically adjust the address space limit as |
83 |
// We allow setrlimit to dynamically adjust the address space limit as |
84 |
-- a/sandbox/linux/bpf_dsl/linux_syscall_ranges.h |
84 |
++ b/sandbox/linux/bpf_dsl/linux_syscall_ranges.h |
Lines 58-66
Link Here
|
58 |
|
58 |
|
59 |
#elif defined(__powerpc64__) |
59 |
#elif defined(__powerpc64__) |
60 |
|
60 |
|
61 |
#include <asm/unistd.h> |
61 |
#include <asm-generic/unistd.h> |
62 |
#define MIN_SYSCALL 0u |
62 |
#define MIN_SYSCALL 0u |
63 |
#define MAX_PUBLIC_SYSCALL 386u |
63 |
#define MAX_PUBLIC_SYSCALL __NR_syscalls |
64 |
#define MAX_SYSCALL MAX_PUBLIC_SYSCALL |
64 |
#define MAX_SYSCALL MAX_PUBLIC_SYSCALL |
65 |
|
65 |
|
66 |
#else |
66 |
#else |
67 |
-- a/sandbox/linux/services/credentials.cc |
67 |
++ b/sandbox/linux/services/credentials.cc |
Lines 90-96
Link Here
|
90 |
|
90 |
|
91 |
int clone_flags = CLONE_FS | LINUX_SIGCHLD; |
91 |
int clone_flags = CLONE_FS | LINUX_SIGCHLD; |
92 |
void* tls = nullptr; |
92 |
void* tls = nullptr; |
93 |
#if (defined(ARCH_CPU_X86_64) || defined(ARCH_CPU_ARM_FAMILY)) && \ |
93 |
// RAJA this might be it... |
|
|
94 |
#if (defined(ARCH_CPU_X86_64) || defined(ARCH_CPU_ARM_FAMILY) || \ |
95 |
defined(ARCH_CPU_PPC64_FAMILY)) && \ |
94 |
!defined(MEMORY_SANITIZER) |
96 |
!defined(MEMORY_SANITIZER) |
95 |
// Use CLONE_VM | CLONE_VFORK as an optimization to avoid copying page tables. |
97 |
// Use CLONE_VM | CLONE_VFORK as an optimization to avoid copying page tables. |
96 |
// Since clone writes to the new child's TLS before returning, we must set a |
98 |
// Since clone writes to the new child's TLS before returning, we must set a |
Lines 98-103
Link Here
|
98 |
// glibc performs syscalls by calling a function pointer in TLS, so we do not |
100 |
// glibc performs syscalls by calling a function pointer in TLS, so we do not |
99 |
// attempt this optimization. |
101 |
// attempt this optimization. |
100 |
// TODO(crbug.com/1247458) Broken in MSan builds after LLVM f1bb30a4956f. |
102 |
// TODO(crbug.com/1247458) Broken in MSan builds after LLVM f1bb30a4956f. |
|
|
103 |
// |
104 |
// NOTE: Without CLONE_VM, fontconfig will attempt to reload configuration |
105 |
// in every thread. Since the rendered threads are sandboxed without |
106 |
// filesystem access (e.g. to /etc/fonts/fonts.conf) this will cause font |
107 |
// configuraiton loading failures and no fonts will be displayed! |
101 |
clone_flags |= CLONE_VM | CLONE_VFORK | CLONE_SETTLS; |
108 |
clone_flags |= CLONE_VM | CLONE_VFORK | CLONE_SETTLS; |
102 |
|
109 |
|
103 |
char tls_buf[PTHREAD_STACK_MIN] = {0}; |
110 |
char tls_buf[PTHREAD_STACK_MIN] = {0}; |
104 |
-- a/linux/seccomp-bpf-helpers/sigsys_handlers.cc |
111 |
++ b/linux/seccomp-bpf-helpers/sigsys_handlers.cc |
Lines 358-364
Link Here
|
358 |
if (args.nr == __NR_fstatat_default) { |
358 |
if (args.nr == __NR_fstatat_default) { |
359 |
if (*reinterpret_cast<const char*>(args.args[1]) == '\0' && |
359 |
if (*reinterpret_cast<const char*>(args.args[1]) == '\0' && |
360 |
args.args[3] == static_cast<uint64_t>(AT_EMPTY_PATH)) { |
360 |
args.args[3] == static_cast<uint64_t>(AT_EMPTY_PATH)) { |
361 |
return syscall(__NR_fstat_default, static_cast<int>(args.args[0]), |
361 |
int fd = static_cast<int>(args.args[0]); |
|
|
362 |
#if defined(__powerpc64__) |
363 |
// On ppc64+glibc, some syscalls seem to accidentally negate the first |
364 |
// parameter which causes checks against it to fail. For now, manually |
365 |
// negate them back. |
366 |
// TODO: Investigate the root cause and fix in glibc |
367 |
if (fd < 0) |
368 |
fd = -fd; |
369 |
#endif |
370 |
return syscall(__NR_fstat_default, fd, |
362 |
reinterpret_cast<default_stat_struct*>(args.args[2])); |
371 |
reinterpret_cast<default_stat_struct*>(args.args[2])); |
363 |
} |
372 |
} |
364 |
return -reinterpret_cast<intptr_t>(fs_denied_errno); |
373 |
return -reinterpret_cast<intptr_t>(fs_denied_errno); |