mirror of
https://github.com/google/sandboxed-api.git
synced 2024-03-22 13:11:30 +08:00
Enable mmap for msan (it's already enabled for asan and tsan)
PiperOrigin-RevId: 399163710 Change-Id: I2cebb6136adb00a53e4baf18d343cf80191efcb0
This commit is contained in:
parent
c29c510e30
commit
448f393c29
|
@ -193,6 +193,11 @@ PolicyBuilder& PolicyBuilder::AllowSystemMalloc() {
|
||||||
|
|
||||||
PolicyBuilder& PolicyBuilder::AllowLlvmSanitizers() {
|
PolicyBuilder& PolicyBuilder::AllowLlvmSanitizers() {
|
||||||
if constexpr (sapi::sanitizers::IsAny()) {
|
if constexpr (sapi::sanitizers::IsAny()) {
|
||||||
|
// *san use a custom allocator that runs mmap under the hood. For example:
|
||||||
|
// https://github.com/llvm/llvm-project/blob/596d534ac3524052df210be8d3c01a33b2260a42/compiler-rt/lib/asan/asan_allocator.cpp#L980
|
||||||
|
// https://github.com/llvm/llvm-project/blob/62ec4ac90738a5f2d209ed28c822223e58aaaeb7/compiler-rt/lib/sanitizer_common/sanitizer_allocator_secondary.h#L98
|
||||||
|
AllowMmap();
|
||||||
|
|
||||||
AddPolicyOnSyscall(__NR_madvise, {
|
AddPolicyOnSyscall(__NR_madvise, {
|
||||||
ARG_32(2),
|
ARG_32(2),
|
||||||
JEQ32(MADV_DONTDUMP, ALLOW),
|
JEQ32(MADV_DONTDUMP, ALLOW),
|
||||||
|
@ -204,13 +209,8 @@ PolicyBuilder& PolicyBuilder::AllowLlvmSanitizers() {
|
||||||
}
|
}
|
||||||
if constexpr (sapi::sanitizers::IsASan()) {
|
if constexpr (sapi::sanitizers::IsASan()) {
|
||||||
AllowSyscall(__NR_sigaltstack);
|
AllowSyscall(__NR_sigaltstack);
|
||||||
// asan uses a custom allocator that runs mmap under the hood. For example:
|
|
||||||
// https://github.com/llvm/llvm-project/blob/596d534ac3524052df210be8d3c01a33b2260a42/compiler-rt/lib/asan/asan_allocator.cpp#L980
|
|
||||||
// https://github.com/llvm/llvm-project/blob/62ec4ac90738a5f2d209ed28c822223e58aaaeb7/compiler-rt/lib/sanitizer_common/sanitizer_allocator_secondary.h#L98
|
|
||||||
AllowMmap();
|
|
||||||
}
|
}
|
||||||
if constexpr (sapi::sanitizers::IsTSan()) {
|
if constexpr (sapi::sanitizers::IsTSan()) {
|
||||||
AllowMmap();
|
|
||||||
AllowSyscall(__NR_munmap);
|
AllowSyscall(__NR_munmap);
|
||||||
AddPolicyOnSyscall(__NR_mprotect,
|
AddPolicyOnSyscall(__NR_mprotect,
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue
Block a user