diff options
author | Rahat Mahmood <rahat@google.com> | 2018-11-15 15:13:52 -0800 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-11-15 15:14:38 -0800 |
commit | f7aa9371247a3e7d8c490ac0fd4c4f3ff6de2017 (patch) | |
tree | 29124ad310c0beb8d7778a7fad5b420953333523 /pkg/sentry/kernel | |
parent | 6ef08c2bc2be1cc93bdf42bba5b96a0968a94552 (diff) |
Advertise vsyscall support via /proc/<pid>/maps.
Also update test utilities for probing vsyscall support and add a
metric to see if vsyscalls are actually used in sandboxes.
PiperOrigin-RevId: 221698834
Change-Id: I57870ecc33ea8c864bd7437833f21aa1e8117477
Diffstat (limited to 'pkg/sentry/kernel')
-rw-r--r-- | pkg/sentry/kernel/BUILD | 1 | ||||
-rw-r--r-- | pkg/sentry/kernel/task_syscall.go | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/pkg/sentry/kernel/BUILD b/pkg/sentry/kernel/BUILD index 389824b25..10d7b97c2 100644 --- a/pkg/sentry/kernel/BUILD +++ b/pkg/sentry/kernel/BUILD @@ -131,6 +131,7 @@ go_library( "//pkg/cpuid", "//pkg/eventchannel", "//pkg/log", + "//pkg/metric", "//pkg/refs", "//pkg/secio", "//pkg/sentry/arch", diff --git a/pkg/sentry/kernel/task_syscall.go b/pkg/sentry/kernel/task_syscall.go index 0318adb35..2a39ebc68 100644 --- a/pkg/sentry/kernel/task_syscall.go +++ b/pkg/sentry/kernel/task_syscall.go @@ -21,6 +21,7 @@ import ( "gvisor.googlesource.com/gvisor/pkg/abi/linux" "gvisor.googlesource.com/gvisor/pkg/bits" + "gvisor.googlesource.com/gvisor/pkg/metric" "gvisor.googlesource.com/gvisor/pkg/sentry/arch" "gvisor.googlesource.com/gvisor/pkg/sentry/memmap" "gvisor.googlesource.com/gvisor/pkg/sentry/usermem" @@ -60,6 +61,8 @@ const ( ERESTART_RESTARTBLOCK = SyscallRestartErrno(516) ) +var vsyscallCount = metric.MustCreateNewUint64Metric("/kernel/vsyscall_count", false /* sync */, "Number of times vsyscalls were invoked by the application") + // Error implements error.Error. func (e SyscallRestartErrno) Error() string { // Descriptions are borrowed from strace. @@ -325,6 +328,8 @@ func (*runSyscallExit) execute(t *Task) taskRunState { // indicated by an execution fault at address addr. doVsyscall returns the // task's next run state. func (t *Task) doVsyscall(addr usermem.Addr, sysno uintptr) taskRunState { + vsyscallCount.Increment() + // Grab the caller up front, to make sure there's a sensible stack. caller := t.Arch().Native(uintptr(0)) if _, err := t.CopyIn(usermem.Addr(t.Arch().Stack()), caller); err != nil { |