39
edits
Changes
→Use in Gecko: Update for bug 1055310
* Sandbox.h: the public interface; used when a child process is ready to enter sandboxed mode
* SandboxFilter.cpp: the sandbox policy definitions* SandboxAssembler.{h,cpp}: implements the policies in terms of the Chromium CodeGen moduleand trap handlers for intercepted syscalls* Sandbox.cpp: the code that starts the sandbox and handles violations (note: this is changing soon; see {{bug|1041886}}).* arm_linux_syscalls.h and other *_linux_syscalls.h: syscall number definitions; grep these to translate syscall numbers seen in error messages (use the file corresponding to the architecture in question)
=== Seccomp reporter ===
seccomp sandbox violation: pid %u, syscall %lu, args %lu %lu %lu %lu %lu. Killing Process.
Note that the SIGSYS handler is also used for syscalls that we want to intercept and “polyfill” with some other action; in that case it modifies the signal context and returns, instead of crashing.
=== How do I check my processes are sandboxed by seccomp? ===