StarMirror/sandboxed-api
1
0
Fork 0
mirror of https://github.com/google/sandboxed-api.git synced 2024-03-22 13:11:30 +08:00
Code Issues Projects Releases Wiki Activity

Log more info for seccomp setup failure

Browse Source 
PiperOrigin-RevId: 368618345
Change-Id: Ia1559ece8f83cf27623adab4baa141cd8cfdf143
This commit is contained in:
Wiktor Garbacz 2021-04-15 05:09:12 -07:00 committed by Copybara-Service
parent 6a679a407d
commit c15b5cb123
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sandboxed_api/sandbox2/client.cc
View File

@ -219,10 +219,14 @@ void Client::ApplyPolicyAndBecomeTracee() {
SAPI_RAW_CHECK(ret == kSandbox2ClientDone,
"invalid confirmation from executor");
SAPI_RAW_CHECK(
int result =
syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC,
reinterpret_cast<uintptr_t>(&prog)) == 0,
"setting SECCOMP_FILTER_FLAG_TSYNC flag");
reinterpret_cast<uintptr_t>(&prog));
SAPI_RAW_PCHECK(result != -1, "setting seccomp filter");
SAPI_RAW_PCHECK(result == 0,
"synchronizing threads using SECCOMP_FILTER_FLAG_TSYNC flag "
"for thread=%d",
result);
}
int Client::GetMappedFD(const std::string& name) {