Bug 945498 - Use breakpad to report seccomp violations as crashes. r=ted, r=kang

Upstream issue for breakpad patch: https://breakpad.appspot.com/1114003/

ipc/chromium/src/base/process_util_posix.cc

@@ -267,6 +267,7 @@ bool DidProcessCrash(bool* child_exited, ProcessHandle handle) {
 
   if (WIFSIGNALED(status)) {
     switch(WTERMSIG(status)) {
+      case SIGSYS:
       case SIGSEGV:
       case SIGILL:
       case SIGABRT:

security/sandbox/linux/Sandbox.cpp

@@ -8,11 +8,13 @@
 #include <stdio.h>
 #include <sys/ptrace.h>
 #include <sys/prctl.h>
+#include <sys/syscall.h>
 #include <signal.h>
 #include <string.h>
 
 #include "mozilla/ArrayUtils.h"
 #include "mozilla/NullPtr.h"
+#include "nsExceptionHandler.h"
 #if defined(ANDROID)
 #include "android_ucontext.h"
 #include <android/log.h>
@@ -65,7 +67,8 @@ static void
 Reporter(int nr, siginfo_t *info, void *void_context)
 {
   ucontext_t *ctx = static_cast<ucontext_t*>(void_context);
-  unsigned long syscall, args[6];
+  unsigned long syscall_nr, args[6];
+  pid_t pid = getpid(), tid = syscall(__NR_gettid);
 
   if (nr != SIGSYS) {
     return;
@@ -77,7 +80,7 @@ Reporter(int nr, siginfo_t *info, void *void_context)
     return;
   }
 
-  syscall = SECCOMP_SYSCALL(ctx);
+  syscall_nr = SECCOMP_SYSCALL(ctx);
   args[0] = SECCOMP_PARM1(ctx);
   args[1] = SECCOMP_PARM2(ctx);
   args[2] = SECCOMP_PARM3(ctx);
@@ -85,10 +88,20 @@ Reporter(int nr, siginfo_t *info, void *void_context)
   args[4] = SECCOMP_PARM5(ctx);
   args[5] = SECCOMP_PARM6(ctx);
 
-  LOG_ERROR("seccomp sandbox violation: pid %u, syscall %lu, args %lu %lu %lu"
-            " %lu %lu %lu.  Killing process.", getpid(), syscall,
+  LOG_ERROR("seccomp sandbox violation: pid %d, syscall %lu, args %lu %lu %lu"
+            " %lu %lu %lu.  Killing process.", pid, syscall_nr,
             args[0], args[1], args[2], args[3], args[4], args[5]);
 
+  bool dumped = CrashReporter::WriteMinidumpForSigInfo(nr, info, void_context);
+  if (!dumped) {
+    LOG_ERROR("Failed to write minidump");
+  }
+
+  // Try to reraise, so the parent sees that this process crashed.
+  // (If tgkill is forbidden, then seccomp will raise SIGSYS, which
+  // also accomplishes that goal.)
+  signal(SIGSYS, SIG_DFL);
+  syscall(__NR_tgkill, pid, tid, nr);
   _exit(127);
 }
 

toolkit/crashreporter/breakpad-patches/18-bug945498-expose-handle-signal.patch

@@ -0,0 +1,28 @@
+commit 443e11243cf3c88087b70602822d9e228f60d40a
+Author: Jed Davis <jld@mozilla.com>
+Date:   Wed Jan 29 12:06:33 2014 -0800
+
+    Bug 945498: Use breakpad to report seccomp violations as crashes.
+
+diff --git a/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h b/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h
+index 7155419..c0039bc 100644
+--- a/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h
++++ b/toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h
+@@ -219,6 +219,9 @@ class ExceptionHandler {
+ 
+   // Force signal handling for the specified signal.
+   bool SimulateSignalDelivery(int sig);
++
++  // Report a crash signal from an SA_SIGINFO signal handler.
++  bool HandleSignal(int sig, siginfo_t* info, void* uc);
+  private:
+   // Save the old signal handlers and install new ones.
+   static bool InstallHandlersLocked();
+@@ -231,7 +234,6 @@ class ExceptionHandler {
+   void WaitForContinueSignal();
+ 
+   static void SignalHandler(int sig, siginfo_t* info, void* uc);
+-  bool HandleSignal(int sig, siginfo_t* info, void* uc);
+   static int ThreadEntry(void* arg);
+   bool DoDump(pid_t crashing_process, const void* context,
+               size_t context_size);

toolkit/crashreporter/google-breakpad/src/client/linux/handler/exception_handler.h

@@ -219,6 +219,9 @@ class ExceptionHandler {
 
   // Force signal handling for the specified signal.
   bool SimulateSignalDelivery(int sig);
+
+  // Report a crash signal from an SA_SIGINFO signal handler.
+  bool HandleSignal(int sig, siginfo_t* info, void* uc);
  private:
   // Save the old signal handlers and install new ones.
   static bool InstallHandlersLocked();
@@ -231,7 +234,6 @@ class ExceptionHandler {
   void WaitForContinueSignal();
 
   static void SignalHandler(int sig, siginfo_t* info, void* uc);
-  bool HandleSignal(int sig, siginfo_t* info, void* uc);
   static int ThreadEntry(void* arg);
   bool DoDump(pid_t crashing_process, const void* context,
               size_t context_size);

toolkit/crashreporter/nsExceptionHandler.cpp

@@ -1739,6 +1739,13 @@ nsresult WriteMinidumpForException(EXCEPTION_POINTERS* aExceptionInfo)
 }
 #endif
 
+#ifdef XP_LINUX
+bool WriteMinidumpForSigInfo(int signo, siginfo_t* info, void* uc)
+{
+  return gExceptionHandler->HandleSignal(signo, info, uc);
+}
+#endif
+
 #ifdef XP_MACOSX
 nsresult AppendObjCExceptionInfoToAppNotes(void *inException)
 {

toolkit/crashreporter/nsExceptionHandler.h

@@ -22,6 +22,10 @@
 #include <mach/mach.h>
 #endif
 
+#if defined(XP_LINUX)
+#include <signal.h>
+#endif
+
 class nsIFile;
 template<class KeyClass, class DataType> class nsDataHashtable;
 class nsCStringHashKey;
@@ -69,6 +73,9 @@ void RenameAdditionalHangMinidump(nsIFile* minidump, nsIFile* childMinidump,
 #ifdef XP_WIN32
   nsresult WriteMinidumpForException(EXCEPTION_POINTERS* aExceptionInfo);
 #endif
+#ifdef XP_LINUX
+  bool WriteMinidumpForSigInfo(int signo, siginfo_t* info, void* uc);
+#endif
 #ifdef XP_MACOSX
   nsresult AppendObjCExceptionInfoToAppNotes(void *inException);
 #endif