From 17a5de7a0d190454d00e7d093a60c679598f5f2e Mon Sep 17 00:00:00 2001
From: Kostya Serebryany <kcc@google.com>
Date: Mon, 15 May 2017 23:37:54 +0000
Subject: [asan] make asan under sandboxes more robust

git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@303132 91177308-0d34-0410-b5e6-96231b3b80d8
---
 lib/sanitizer_common/sanitizer_procmaps_linux.cc   |  4 +--
 .../Linux/sanbox_read_proc_self_maps_test.cc       | 30 ++++++++++++++++++++++
 2 files changed, 32 insertions(+), 2 deletions(-)
 create mode 100644 test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc

diff --git a/lib/sanitizer_common/sanitizer_procmaps_linux.cc b/lib/sanitizer_common/sanitizer_procmaps_linux.cc
index fdf85b77a..7e4a44be9 100644
--- a/lib/sanitizer_common/sanitizer_procmaps_linux.cc
+++ b/lib/sanitizer_common/sanitizer_procmaps_linux.cc
@@ -18,8 +18,8 @@
 namespace __sanitizer {
 
 void ReadProcMaps(ProcSelfMapsBuff *proc_maps) {
-  CHECK(ReadFileToBuffer("/proc/self/maps", &proc_maps->data,
-                         &proc_maps->mmaped_size, &proc_maps->len));
+  ReadFileToBuffer("/proc/self/maps", &proc_maps->data, &proc_maps->mmaped_size,
+                   &proc_maps->len);
 }
 
 static bool IsOneOf(char c, char c1, char c2) {
diff --git a/test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc b/test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc
new file mode 100644
index 000000000..a845721d5
--- /dev/null
+++ b/test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc
@@ -0,0 +1,30 @@
+// REQUIRES: x86_64-target-arch
+// RUN: %clangxx_asan  %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+#include <sanitizer/common_interface_defs.h>
+#include <sched.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+int main() {
+  __sanitizer_sandbox_arguments args = {0};
+  // should cache /proc/self/maps
+  __sanitizer_sandbox_on_notify(&args);
+
+  if (unshare(CLONE_NEWUSER)) {
+    printf("unshare failed\n");
+    abort();
+  }
+
+  // remove access to /proc/self/maps
+  if (chroot("/tmp")) {
+    printf("chroot failed\n");
+    abort();
+  }
+
+  *(volatile int*)0x42 = 0;
+// CHECK: AddressSanitizer: SEGV on unknown address 0x000000000042
+// CHECK-NOT: AddressSanitizer CHECK failed
+// CHECK: SUMMARY: AddressSanitizer: SEGV
+}
-- 
cgit v1.2.3