#include "base/debug/stack_trace.h"
#include "base/files/scoped_file.h"
#include "base/logging.h"
+#include "base/macros.h"
#include "base/memory/scoped_ptr.h"
#include "base/memory/singleton.h"
#include "base/posix/eintr_wrapper.h"
#include "sandbox/linux/services/yama.h"
#include "sandbox/linux/suid/client/setuid_sandbox_client.h"
-#if defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \
- defined(LEAK_SANITIZER) || defined(UNDEFINED_SANITIZER)
+#if defined(ANY_OF_AMTLU_SANITIZER)
#include <sanitizer/common_interface_defs.h>
#endif
VLOG(1) << activated_sandbox;
}
-#if !defined(ADDRESS_SANITIZER) && !defined(MEMORY_SANITIZER)
bool AddResourceLimit(int resource, rlim_t limit) {
struct rlimit old_rlimit;
if (getrlimit(resource, &old_rlimit))
int rc = setrlimit(resource, &new_rlimit);
return rc == 0;
}
-#endif
bool IsRunningTSAN() {
#if defined(THREAD_SANITIZER)
if (setuid_sandbox_client_ == NULL) {
LOG(FATAL) << "Failed to instantiate the setuid sandbox client.";
}
-#if defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \
- defined(LEAK_SANITIZER) || defined(UNDEFINED_SANITIZER)
+#if defined(ANY_OF_AMTLU_SANITIZER)
sanitizer_args_ = make_scoped_ptr(new __sanitizer_sandbox_arguments);
*sanitizer_args_ = {0};
#endif
void LinuxSandbox::PreinitializeSandbox() {
CHECK(!pre_initialized_);
seccomp_bpf_supported_ = false;
-#if defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \
- defined(LEAK_SANITIZER) || defined(UNDEFINED_SANITIZER)
+#if defined(ANY_OF_AMTLU_SANITIZER)
// Sanitizers need to open some resources before the sandbox is enabled.
// This should not fork, not launch threads, not open a directory.
__sanitizer_sandbox_on_notify(sanitizer_args());
bool LinuxSandbox::LimitAddressSpace(const std::string& process_type) {
(void) process_type;
-#if !defined(ADDRESS_SANITIZER) && !defined(MEMORY_SANITIZER)
+#if !defined(ADDRESS_SANITIZER) && !defined(MEMORY_SANITIZER) && \
+ !defined(THREAD_SANITIZER)
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
if (command_line->HasSwitch(switches::kNoSandbox)) {
return false;
return limited_as && limited_data;
#else
+ // Silence the compiler warning about unused function. This doesn't actually
+ // call AddResourceLimit().
+ ignore_result(AddResourceLimit);
base::SysInfo::AmountOfVirtualMemory();
return false;
-#endif // !defined(ADDRESS_SANITIZER) && !defined(MEMORY_SANITIZER)
+#endif // !defined(ADDRESS_SANITIZER) && !defined(MEMORY_SANITIZER) &&
+ // !defined(THREAD_SANITIZER)
}
bool LinuxSandbox::HasOpenDirectories() const {