[compiler-rt] r303132 - [asan] make asan under sandboxes more robust

Kostya Serebryany via llvm-commits llvm-commits at lists.llvm.org
Mon May 15 17:03:47 PDT 2017 

Yea, probably.
Will this include fresh enough kernels that we care about?

On Mon, May 15, 2017 at 4:54 PM, Peter Collingbourne <peter at pcc.me.uk>
wrote:

> The test will fail if the kernel does not allow user namespaces, won't it?
>
> Peter
>
> On Mon, May 15, 2017 at 4:37 PM, Kostya Serebryany via llvm-commits <
> llvm-commits at lists.llvm.org> wrote:
>
>> Author: kcc
>> Date: Mon May 15 18:37:54 2017
>> New Revision: 303132
>>
>> URL: http://llvm.org/viewvc/llvm-project?rev=303132&view=rev
>> Log:
>> [asan] make asan under sandboxes more robust
>>
>> Added:
>>     compiler-rt/trunk/test/asan/TestCases/Linux/sanbox_read_proc
>> _self_maps_test.cc
>> Modified:
>>     compiler-rt/trunk/lib/sanitizer_common/sanitizer_procmaps_linux.cc
>>
>> Modified: compiler-rt/trunk/lib/sanitizer_common/sanitizer_procmaps_
>> linux.cc
>> URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sa
>> nitizer_common/sanitizer_procmaps_linux.cc?rev=303132&r1=
>> 303131&r2=303132&view=diff
>> ============================================================
>> ==================
>> --- compiler-rt/trunk/lib/sanitizer_common/sanitizer_procmaps_linux.cc
>> (original)
>> +++ compiler-rt/trunk/lib/sanitizer_common/sanitizer_procmaps_linux.cc
>> Mon May 15 18:37:54 2017
>> @@ -18,8 +18,8 @@
>>  namespace __sanitizer {
>>
>>  void ReadProcMaps(ProcSelfMapsBuff *proc_maps) {
>> -  CHECK(ReadFileToBuffer("/proc/self/maps", &proc_maps->data,
>> -                         &proc_maps->mmaped_size, &proc_maps->len));
>> +  ReadFileToBuffer("/proc/self/maps", &proc_maps->data,
>> &proc_maps->mmaped_size,
>> +                   &proc_maps->len);
>>  }
>>
>>  static bool IsOneOf(char c, char c1, char c2) {
>>
>> Added: compiler-rt/trunk/test/asan/TestCases/Linux/sanbox_read_proc
>> _self_maps_test.cc
>> URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/
>> asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc?
>> rev=303132&view=auto
>> ============================================================
>> ==================
>> --- compiler-rt/trunk/test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc
>> (added)
>> +++ compiler-rt/trunk/test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc
>> Mon May 15 18:37:54 2017
>> @@ -0,0 +1,30 @@
>> +// REQUIRES: x86_64-target-arch
>> +// RUN: %clangxx_asan  %s -o %t
>> +// RUN: not %run %t 2>&1 | FileCheck %s
>> +#include <sanitizer/common_interface_defs.h>
>> +#include <sched.h>
>> +#include <unistd.h>
>> +#include <stdio.h>
>> +#include <stdlib.h>
>> +
>> +int main() {
>> +  __sanitizer_sandbox_arguments args = {0};
>> +  // should cache /proc/self/maps
>> +  __sanitizer_sandbox_on_notify(&args);
>> +
>> +  if (unshare(CLONE_NEWUSER)) {
>> +    printf("unshare failed\n");
>> +    abort();
>> +  }
>> +
>> +  // remove access to /proc/self/maps
>> +  if (chroot("/tmp")) {
>> +    printf("chroot failed\n");
>> +    abort();
>> +  }
>> +
>> +  *(volatile int*)0x42 = 0;
>> +// CHECK: AddressSanitizer: SEGV on unknown address 0x000000000042
>> +// CHECK-NOT: AddressSanitizer CHECK failed
>> +// CHECK: SUMMARY: AddressSanitizer: SEGV
>> +}
>>
>>
>> _______________________________________________
>> llvm-commits mailing list
>> llvm-commits at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>>
>
>
>
> --
> --
> Peter
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170515/342b64a6/attachment.html>

More information about the llvm-commits mailing list