Merge mozilla-central to mozilla-autoland. r=merge a=merge CLOSED TREE
authorAttila Craciun <acraciun@mozilla.com>
Fri, 27 Oct 2017 16:21:11 +0300
changeset 388713 d8e1ed6dd42c040e8f9e7a6c3d3248a8b15e3865
parent 388711 8a0ea908547d4a26c35a4997b7423c452ee5800a (current diff)
parent 388712 ae49d4a5762264ded3aae4006baddc2203b79b94 (diff)
child 388714 2ac09a374b698d7cbb4cc50bf8245305aa07a347
push id54232
push useracraciun@mozilla.com
push dateFri, 27 Oct 2017 13:21:26 +0000
treeherderautoland@d8e1ed6dd42c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmerge, merge
milestone58.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Merge mozilla-central to mozilla-autoland. r=merge a=merge CLOSED TREE
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -534,49 +534,16 @@ private:
 
   static intptr_t SocketpairDatagramTrap(ArgsRef aArgs, void* aux) {
     auto fds = reinterpret_cast<int*>(aArgs.args[3]);
     // Return sequential packet sockets instead of the expected
     // datagram sockets; see bug 1355274 for details.
     return ConvertError(socketpair(AF_UNIX, SOCK_SEQPACKET, 0, fds));
   }
 
-  static intptr_t StatFsTrap(ArgsRef aArgs, void* aux) {
-    auto path = reinterpret_cast<const char*>(aArgs.args[0]);
-    // *buf could be either struct statfs or struct statfs64,
-    // depending on syscall -- and the kernel ABI structs in
-    // <asm/statfs.h> are not the same as the C API structs in
-    // <sys/statfs.h>.  Since we're not touching any of the fields,
-    // avoid all that and just use void*.
-    auto buf = reinterpret_cast<void*>(aArgs.args[1]);
-
-    int fd = open(path, O_RDONLY);
-    if (fd < 0) {
-      return -errno;
-    }
-
-    intptr_t rv;
-    switch (aArgs.nr) {
-    case __NR_statfs:
-      rv = DoSyscall(__NR_fstatfs, fd, buf);
-      break;
-#ifdef __NR_statfs64
-    case __NR_statfs64:
-      rv = DoSyscall(__NR_fstatfs64, fd, buf);
-      break;
-#endif
-    default:
-      MOZ_ASSERT(false);
-      rv = -ENOSYS;
-    }
-
-    close(fd);
-    return rv;
-  }
-
 public:
   explicit ContentSandboxPolicy(SandboxBrokerClient* aBroker,
                                 const std::vector<int>& aSyscallWhitelist)
     : mBroker(aBroker),
       mSyscallWhitelist(aSyscallWhitelist) {}
   ~ContentSandboxPolicy() override = default;
   Maybe<ResultExpr> EvaluateSocketCall(int aCall) const override {
     switch(aCall) {
@@ -719,23 +686,22 @@ public:
       }
     }
 
     switch (sysno) {
 #ifdef DESKTOP
     case __NR_getppid:
       return Trap(GetPPidTrap, nullptr);
 
-    CASES_FOR_statfs:
-      return Trap(StatFsTrap, nullptr);
-
       // Filesystem syscalls that need more work to determine who's
       // using them, if they need to be, and what we intend to about it.
     case __NR_getcwd:
+    CASES_FOR_statfs:
     CASES_FOR_fstatfs:
+    case __NR_quotactl:
     CASES_FOR_fchown:
     case __NR_fchmod:
     case __NR_flock:
       return Allow();
 
       // Bug 1354731: proprietary GL drivers try to mknod() their devices
     case __NR_mknod: {
       Arg<mode_t> mode(1);