diff options
author | Moonchild <mcwerewolf@gmail.com> | 2018-05-04 09:09:10 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-05-04 09:09:10 +0200 |
commit | 4a2aeb152e48c44efa57c140660e99792f4dd350 (patch) | |
tree | 7b786de2b175122814a53232268b1147a8bd0bfb /security/sandbox/linux/glue | |
parent | 20532e13937ab5fc8efcb2bfc4c0070dace40cd1 (diff) | |
parent | f265784e8cabaff17f4554cf2bd2c30217b6ec0f (diff) | |
download | UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar.gz UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar.lz UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.tar.xz UXP-4a2aeb152e48c44efa57c140660e99792f4dd350.zip |
Merge pull request #323 from MoonchildProductions/nuke-sandbox
Nuke sandbox
Diffstat (limited to 'security/sandbox/linux/glue')
-rw-r--r-- | security/sandbox/linux/glue/SandboxCrash.cpp | 131 | ||||
-rw-r--r-- | security/sandbox/linux/glue/moz.build | 29 |
2 files changed, 0 insertions, 160 deletions
diff --git a/security/sandbox/linux/glue/SandboxCrash.cpp b/security/sandbox/linux/glue/SandboxCrash.cpp deleted file mode 100644 index 8ead16bdf..000000000 --- a/security/sandbox/linux/glue/SandboxCrash.cpp +++ /dev/null @@ -1,131 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this file, - * You can obtain one at http://mozilla.org/MPL/2.0/. */ - -// This file needs to be linked into libxul, so it can access the JS -// stack and the crash reporter. Everything else in this directory -// should be able to be linked into its own shared library, in order -// to be able to isolate sandbox/chromium from ipc/chromium. - -#include "SandboxInternal.h" -#include "SandboxLogging.h" - -#include <unistd.h> -#include <sys/syscall.h> - -#include "mozilla/Unused.h" -#include "mozilla/dom/Exceptions.h" -#include "nsContentUtils.h" -#include "mozilla/StackWalk.h" -#include "nsString.h" -#include "nsThreadUtils.h" - -namespace mozilla { - -// Log JS stack info in the same place as the sandbox violation -// message. Useful in case the responsible code is JS and all we have -// are logs and a minidump with the C++ stacks (e.g., on TBPL). -static void -SandboxLogJSStack(void) -{ - if (!NS_IsMainThread()) { - // This might be a worker thread... or it might be a non-JS - // thread, or a non-NSPR thread. There's isn't a good API for - // dealing with this, yet. - return; - } - if (!nsContentUtils::XPConnect()) { - // There is no content (e.g., the process is a media plugin), in - // which case this will probably crash and definitely not work. - return; - } - nsCOMPtr<nsIStackFrame> frame = dom::GetCurrentJSStack(); - // If we got a stack, we must have a current JSContext. This is icky. :( - // Would be better if GetCurrentJSStack() handed out the JSContext it ended up - // using or something. - JSContext* cx = frame ? nsContentUtils::GetCurrentJSContext() : nullptr; - for (int i = 0; frame != nullptr; ++i) { - nsAutoString fileName, funName; - int32_t lineNumber; - - // Don't stop unwinding if an attribute can't be read. - fileName.SetIsVoid(true); - Unused << frame->GetFilename(cx, fileName); - lineNumber = 0; - Unused << frame->GetLineNumber(cx, &lineNumber); - funName.SetIsVoid(true); - Unused << frame->GetName(cx, funName); - - if (!funName.IsVoid() || !fileName.IsVoid()) { - SANDBOX_LOG_ERROR("JS frame %d: %s %s line %d", i, - funName.IsVoid() ? - "(anonymous)" : NS_ConvertUTF16toUTF8(funName).get(), - fileName.IsVoid() ? - "(no file)" : NS_ConvertUTF16toUTF8(fileName).get(), - lineNumber); - } - - nsCOMPtr<nsIStackFrame> nextFrame; - nsresult rv = frame->GetCaller(cx, getter_AddRefs(nextFrame)); - NS_ENSURE_SUCCESS_VOID(rv); - frame = nextFrame; - } -} - -static void SandboxPrintStackFrame(uint32_t aFrameNumber, void *aPC, void *aSP, - void *aClosure) -{ - char buf[1024]; - MozCodeAddressDetails details; - - MozDescribeCodeAddress(aPC, &details); - MozFormatCodeAddressDetails(buf, sizeof(buf), aFrameNumber, aPC, &details); - SANDBOX_LOG_ERROR("frame %s", buf); -} - -static void -SandboxLogCStack() -{ - // Skip 3 frames: one for this module, one for the signal handler in - // libmozsandbox, and one for the signal trampoline. - // - // Warning: this might not print any stack frames. MozStackWalk - // can't walk past the signal trampoline on ARM (bug 968531), and - // x86 frame pointer walking may or may not work (bug 1082276). - - MozStackWalk(SandboxPrintStackFrame, /* skip */ 3, /* max */ 0, - nullptr, 0, nullptr); - SANDBOX_LOG_ERROR("end of stack."); -} - -static void -SandboxCrash(int nr, siginfo_t *info, void *void_context) -{ - pid_t pid = getpid(), tid = syscall(__NR_gettid); - bool dumped = false; - - if (!dumped) { - SANDBOX_LOG_ERROR("crash reporter is disabled (or failed);" - " trying stack trace:"); - SandboxLogCStack(); - } - - // Do this last, in case it crashes or deadlocks. - SandboxLogJSStack(); - - // Try to reraise, so the parent sees that this process crashed. - // (If tgkill is forbidden, then seccomp will raise SIGSYS, which - // also accomplishes that goal.) - signal(SIGSYS, SIG_DFL); - syscall(__NR_tgkill, pid, tid, nr); -} - -static void __attribute__((constructor)) -SandboxSetCrashFunc() -{ - gSandboxCrashFunc = SandboxCrash; -} - -} // namespace mozilla diff --git a/security/sandbox/linux/glue/moz.build b/security/sandbox/linux/glue/moz.build deleted file mode 100644 index 0d40dcd63..000000000 --- a/security/sandbox/linux/glue/moz.build +++ /dev/null @@ -1,29 +0,0 @@ -# -*- Mode: python; python-indent: 4; indent-tabs-mode: nil; tab-width: 40 -*- -# vim: set filetype=python: -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -SOURCES += [ - '../../chromium/base/strings/safe_sprintf.cc', - '../SandboxLogging.cpp', - 'SandboxCrash.cpp', -] - -# Avoid Chromium logging dependency, because this is going into -# libxul. See also the comment in SandboxLogging.h. -SOURCES['../../chromium/base/strings/safe_sprintf.cc'].flags += ['-DNDEBUG'] - -LOCAL_INCLUDES += [ - '/security/sandbox/chromium', - '/security/sandbox/linux', -] - -USE_LIBS += [ - 'mozsandbox', -] - -FINAL_LIBRARY = 'xul' - -if CONFIG['GNU_CXX']: - CXXFLAGS += ['-Wno-error=shadow'] |