From 448f393c294f322d93e3af3207009d61fa8639c6 Mon Sep 17 00:00:00 2001 From: Sandboxed API Team Date: Mon, 27 Sep 2021 05:07:48 -0700 Subject: [PATCH] Enable mmap for msan (it's already enabled for asan and tsan) PiperOrigin-RevId: 399163710 Change-Id: I2cebb6136adb00a53e4baf18d343cf80191efcb0 --- sandboxed_api/sandbox2/policybuilder.cc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/sandboxed_api/sandbox2/policybuilder.cc b/sandboxed_api/sandbox2/policybuilder.cc index c523ee0..6bcf14c 100644 --- a/sandboxed_api/sandbox2/policybuilder.cc +++ b/sandboxed_api/sandbox2/policybuilder.cc @@ -193,6 +193,11 @@ PolicyBuilder& PolicyBuilder::AllowSystemMalloc() { PolicyBuilder& PolicyBuilder::AllowLlvmSanitizers() { if constexpr (sapi::sanitizers::IsAny()) { + // *san use a custom allocator that runs mmap under the hood. For example: + // https://github.com/llvm/llvm-project/blob/596d534ac3524052df210be8d3c01a33b2260a42/compiler-rt/lib/asan/asan_allocator.cpp#L980 + // https://github.com/llvm/llvm-project/blob/62ec4ac90738a5f2d209ed28c822223e58aaaeb7/compiler-rt/lib/sanitizer_common/sanitizer_allocator_secondary.h#L98 + AllowMmap(); + AddPolicyOnSyscall(__NR_madvise, { ARG_32(2), JEQ32(MADV_DONTDUMP, ALLOW), @@ -204,13 +209,8 @@ PolicyBuilder& PolicyBuilder::AllowLlvmSanitizers() { } if constexpr (sapi::sanitizers::IsASan()) { AllowSyscall(__NR_sigaltstack); - // asan uses a custom allocator that runs mmap under the hood. For example: - // https://github.com/llvm/llvm-project/blob/596d534ac3524052df210be8d3c01a33b2260a42/compiler-rt/lib/asan/asan_allocator.cpp#L980 - // https://github.com/llvm/llvm-project/blob/62ec4ac90738a5f2d209ed28c822223e58aaaeb7/compiler-rt/lib/sanitizer_common/sanitizer_allocator_secondary.h#L98 - AllowMmap(); } if constexpr (sapi::sanitizers::IsTSan()) { - AllowMmap(); AllowSyscall(__NR_munmap); AddPolicyOnSyscall(__NR_mprotect, {