Bug 1770703 - Duplicated ioctl() case when building with MOZ_ASAN r=gcp
authorAlexandre Lissy <lissyx+mozillians@lissyx.dyndns.org>
Mon, 23 May 2022 09:51:28 +0000
changeset 618529 f5495c74793db90bdc7a1b75dad36e61938d1066
parent 618528 29620639de7a259a583824f2577993d08270bf8e
child 618530 a520a5c1a007e898aca68385b8517c28a92649a0
push id163312
push useralissy@mozilla.com
push dateMon, 23 May 2022 09:58:16 +0000
treeherderautoland@f5495c74793d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgcp
bugs1770703
milestone102.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1770703 - Duplicated ioctl() case when building with MOZ_ASAN r=gcp Differential Revision: https://phabricator.services.mozilla.com/D147057
security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -1136,52 +1136,53 @@ class SandboxPolicyCommon : public Sandb
         // per-CPU data; exposing information about CPU numbers and
         // when threads are migrated or preempted isn't great but the
         // risk should be relatively low.
       case __NR_rseq:
         return Allow();
 
       case __NR_ioctl: {
         Arg<unsigned long> request(1);
+#ifdef MOZ_ASAN
+        Arg<int> fd(0);
+#endif // MOZ_ASAN
         // Make isatty() return false, because none of the terminal
         // ioctls will be allowed; libraries sometimes call this for
         // various reasons (e.g., to decide whether to emit ANSI/VT
         // color codes when logging to stderr).  glibc uses TCGETS and
         // musl uses TIOCGWINSZ.
         //
         // This is required by ffmpeg
         return If(AnyOf(request == TCGETS, request == TIOCGWINSZ),
                   Error(ENOTTY))
+#ifdef MOZ_ASAN
+            // ASAN's error reporter wants to know if stderr is a tty.
+            .ElseIf(fd == STDERR_FILENO, Error(ENOTTY))
+#endif // MOZ_ASAN
             .Else(SandboxPolicyBase::EvaluateSyscall(sysno));
       }
 
       CASES_FOR_dup2:  // See ConnectTrapCommon
         if (mBrokeredConnect) {
           return Allow();
         }
         return SandboxPolicyBase::EvaluateSyscall(sysno);
 
 #ifdef MOZ_ASAN
-        // ASAN's error reporter wants to know if stderr is a tty.
-      case __NR_ioctl: {
-        Arg<int> fd(0);
-        return If(fd == STDERR_FILENO, Error(ENOTTY)).Else(InvalidSyscall());
-      }
-
         // ...and before compiler-rt r209773, it will call readlink on
         // /proc/self/exe and use the cached value only if that fails:
       case __NR_readlink:
       case __NR_readlinkat:
         return Error(ENOENT);
 
         // ...and if it found an external symbolizer, it will try to run it:
         // (See also bug 1081242 comment #7.)
       CASES_FOR_stat:
         return Error(ENOENT);
-#endif
+#endif // MOZ_ASAN
 
       default:
         return SandboxPolicyBase::EvaluateSyscall(sysno);
     }
   }
 };
 
 // The process-type-specific syscall rules start here: