From: Kostya Serebryany <kcc@google.com>
Date: Mon, 15 May 2017 23:37:54 +0000 (+0000)
Subject: [asan] make asan under sandboxes more robust
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=130fca18828731e843ae0ccaecfb5b419ded3b1d;p=platform%2Fupstream%2Fllvm.git

[asan] make asan under sandboxes more robust

llvm-svn: 303132
---

diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_procmaps_linux.cc b/compiler-rt/lib/sanitizer_common/sanitizer_procmaps_linux.cc
index fdf85b7..7e4a44b 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_procmaps_linux.cc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_procmaps_linux.cc
@@ -18,8 +18,8 @@
 namespace __sanitizer {
 
 void ReadProcMaps(ProcSelfMapsBuff *proc_maps) {
-  CHECK(ReadFileToBuffer("/proc/self/maps", &proc_maps->data,
-                         &proc_maps->mmaped_size, &proc_maps->len));
+  ReadFileToBuffer("/proc/self/maps", &proc_maps->data, &proc_maps->mmaped_size,
+                   &proc_maps->len);
 }
 
 static bool IsOneOf(char c, char c1, char c2) {
diff --git a/compiler-rt/test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc b/compiler-rt/test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc
new file mode 100644
index 0000000..a845721
--- /dev/null
+++ b/compiler-rt/test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc
@@ -0,0 +1,30 @@
+// REQUIRES: x86_64-target-arch
+// RUN: %clangxx_asan  %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+#include <sanitizer/common_interface_defs.h>
+#include <sched.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+int main() {
+  __sanitizer_sandbox_arguments args = {0};
+  // should cache /proc/self/maps
+  __sanitizer_sandbox_on_notify(&args);
+
+  if (unshare(CLONE_NEWUSER)) {
+    printf("unshare failed\n");
+    abort();
+  }
+
+  // remove access to /proc/self/maps
+  if (chroot("/tmp")) {
+    printf("chroot failed\n");
+    abort();
+  }
+
+  *(volatile int*)0x42 = 0;
+// CHECK: AddressSanitizer: SEGV on unknown address 0x000000000042
+// CHECK-NOT: AddressSanitizer CHECK failed
+// CHECK: SUMMARY: AddressSanitizer: SEGV
+}