зеркало из https://github.com/mozilla/gecko-dev.git
Bug 945498 - Use breakpad to report seccomp violations as crashes. r=ted, r=kang
Upstream issue for breakpad patch: https://breakpad.appspot.com/1114003/
This commit is contained in:
Родитель
4f3f54d192
Коммит
9af16a662a
|
@ -267,6 +267,7 @@ bool DidProcessCrash(bool* child_exited, ProcessHandle handle) {
|
|||
|
||||
if (WIFSIGNALED(status)) {
|
||||
switch(WTERMSIG(status)) {
|
||||
case SIGSYS:
|
||||
case SIGSEGV:
|
||||
case SIGILL:
|
||||
case SIGABRT:
|
||||
|
|
|
@ -8,11 +8,13 @@
|
|||
#include <stdio.h>
|
||||
#include <sys/ptrace.h>
|
||||
#include <sys/prctl.h>
|
||||
#include <sys/syscall.h>
|
||||
#include <signal.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "mozilla/ArrayUtils.h"
|
||||
#include "mozilla/NullPtr.h"
|
||||
#include "nsExceptionHandler.h"
|
||||
#if defined(ANDROID)
|
||||
#include "android_ucontext.h"
|
||||
#include <android/log.h>
|
||||
|
@ -65,7 +67,8 @@ static void
|
|||
Reporter(int nr, siginfo_t *info, void *void_context)
|
||||
{
|
||||
ucontext_t *ctx = static_cast<ucontext_t*>(void_context);
|
||||
unsigned long syscall, args[6];
|
||||
unsigned long syscall_nr, args[6];
|
||||
pid_t pid = getpid(), tid = syscall(__NR_gettid);
|
||||
|
||||
if (nr != SIGSYS) {
|
||||
return;
|
||||
|
@ -77,7 +80,7 @@ Reporter(int nr, siginfo_t *info, void *void_context)
|
|||
return;
|
||||
}
|
||||
|
||||
syscall = SECCOMP_SYSCALL(ctx);
|
||||
syscall_nr = SECCOMP_SYSCALL(ctx);
|
||||
args[0] = SECCOMP_PARM1(ctx);
|
||||
args[1] = SECCOMP_PARM2(ctx);
|
||||
args[2] = SECCOMP_PARM3(ctx);
|
||||
|
@ -85,10 +88,20 @@ Reporter(int nr, siginfo_t *info, void *void_context)
|
|||
args[4] = SECCOMP_PARM5(ctx);
|
||||
args[5] = SECCOMP_PARM6(ctx);
|
||||
|
||||
LOG_ERROR("seccomp sandbox violation: pid %u, syscall %lu, args %lu %lu %lu"
|
||||
" %lu %lu %lu. Killing process.", getpid(), syscall,
|
||||
LOG_ERROR("seccomp sandbox violation: pid %d, syscall %lu, args %lu %lu %lu"
|
||||
" %lu %lu %lu. Killing process.", pid, syscall_nr,
|
||||
args[0], args[1], args[2], args[3], args[4], args[5]);
|
||||
|
||||
bool dumped = CrashReporter::WriteMinidumpForSigInfo(nr, info, void_context);
|
||||
if (!dumped) {
|
||||
LOG_ERROR("Failed to write minidump");
|
||||
}
|
||||
|
||||
// Try to reraise, so the parent sees that this process crashed.
|
||||
// (If tgkill is forbidden, then seccomp will raise SIGSYS, which
|
||||
// also accomplishes that goal.)
|
||||
signal(SIGSYS, SIG_DFL);
|
||||
syscall(__NR_tgkill, pid, tid, nr);
|
||||
_exit(127);
|
||||
}
|
||||
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
commit 443e11243cf3c88087b70602822d9e228f60d40a
|
||||
Author: Jed Davis <jld@mozilla.com>
|
||||
Date: Wed Jan 29 12:06:33 2014 -0800
|
||||
|
||||
Bug 945498: Use breakpad to report seccomp violations as crashes.
|
||||
|
||||
diff --git a/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h b/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h
|
||||
index 7155419..c0039bc 100644
|
||||
--- a/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h
|
||||
+++ b/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h
|
||||
@@ -219,6 +219,9 @@ class ExceptionHandler {
|
||||
|
||||
// Force signal handling for the specified signal.
|
||||
bool SimulateSignalDelivery(int sig);
|
||||
+
|
||||
+ // Report a crash signal from an SA_SIGINFO signal handler.
|
||||
+ bool HandleSignal(int sig, siginfo_t* info, void* uc);
|
||||
private:
|
||||
// Save the old signal handlers and install new ones.
|
||||
static bool InstallHandlersLocked();
|
||||
@@ -231,7 +234,6 @@ class ExceptionHandler {
|
||||
void WaitForContinueSignal();
|
||||
|
||||
static void SignalHandler(int sig, siginfo_t* info, void* uc);
|
||||
- bool HandleSignal(int sig, siginfo_t* info, void* uc);
|
||||
static int ThreadEntry(void* arg);
|
||||
bool DoDump(pid_t crashing_process, const void* context,
|
||||
size_t context_size);
|
|
@ -219,6 +219,9 @@ class ExceptionHandler {
|
|||
|
||||
// Force signal handling for the specified signal.
|
||||
bool SimulateSignalDelivery(int sig);
|
||||
|
||||
// Report a crash signal from an SA_SIGINFO signal handler.
|
||||
bool HandleSignal(int sig, siginfo_t* info, void* uc);
|
||||
private:
|
||||
// Save the old signal handlers and install new ones.
|
||||
static bool InstallHandlersLocked();
|
||||
|
@ -231,7 +234,6 @@ class ExceptionHandler {
|
|||
void WaitForContinueSignal();
|
||||
|
||||
static void SignalHandler(int sig, siginfo_t* info, void* uc);
|
||||
bool HandleSignal(int sig, siginfo_t* info, void* uc);
|
||||
static int ThreadEntry(void* arg);
|
||||
bool DoDump(pid_t crashing_process, const void* context,
|
||||
size_t context_size);
|
||||
|
|
|
@ -1739,6 +1739,13 @@ nsresult WriteMinidumpForException(EXCEPTION_POINTERS* aExceptionInfo)
|
|||
}
|
||||
#endif
|
||||
|
||||
#ifdef XP_LINUX
|
||||
bool WriteMinidumpForSigInfo(int signo, siginfo_t* info, void* uc)
|
||||
{
|
||||
return gExceptionHandler->HandleSignal(signo, info, uc);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef XP_MACOSX
|
||||
nsresult AppendObjCExceptionInfoToAppNotes(void *inException)
|
||||
{
|
||||
|
|
|
@ -22,6 +22,10 @@
|
|||
#include <mach/mach.h>
|
||||
#endif
|
||||
|
||||
#if defined(XP_LINUX)
|
||||
#include <signal.h>
|
||||
#endif
|
||||
|
||||
class nsIFile;
|
||||
template<class KeyClass, class DataType> class nsDataHashtable;
|
||||
class nsCStringHashKey;
|
||||
|
@ -69,6 +73,9 @@ void RenameAdditionalHangMinidump(nsIFile* minidump, nsIFile* childMinidump,
|
|||
#ifdef XP_WIN32
|
||||
nsresult WriteMinidumpForException(EXCEPTION_POINTERS* aExceptionInfo);
|
||||
#endif
|
||||
#ifdef XP_LINUX
|
||||
bool WriteMinidumpForSigInfo(int signo, siginfo_t* info, void* uc);
|
||||
#endif
|
||||
#ifdef XP_MACOSX
|
||||
nsresult AppendObjCExceptionInfoToAppNotes(void *inException);
|
||||
#endif
|
||||
|
|
Загрузка…
Ссылка в новой задаче