Bug 1543858 - Adjust Linux sandbox policies to tolerate glibc's qsort. r=gcp
authorJed Davis <jld@mozilla.com>
Tue, 16 Apr 2019 06:50:50 +0000
changeset 469805 01d9700306a4
parent 469804 2a745d4407f4
child 469806 75d2b35c092f
push id112825
push usercbrindusan@mozilla.com
push dateWed, 17 Apr 2019 15:58:37 +0000
treeherdermozilla-inbound@7bd43da7830c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgcp
bugs1543858
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1543858 - Adjust Linux sandbox policies to tolerate glibc's qsort. r=gcp Differential Revision: https://phabricator.services.mozilla.com/D27632
security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -624,16 +624,23 @@ class SandboxPolicyCommon : public Sandb
         // Terminate threads or the process
       case __NR_exit:
       case __NR_exit_group:
         return Allow();
 
       case __NR_getrandom:
         return Allow();
 
+#ifdef DESKTOP
+        // Bug 1543858: glibc's qsort calls sysinfo to check the
+        // memory size; it falls back to assuming there's enough RAM.
+      case __NR_sysinfo:
+        return Error(EPERM);
+#endif
+
 #ifdef MOZ_ASAN
         // ASAN's error reporter wants to know if stderr is a tty.
       case __NR_ioctl: {
         Arg<int> fd(0);
         return If(fd == STDERR_FILENO, Error(ENOTTY)).Else(InvalidSyscall());
       }
 
         // ...and before compiler-rt r209773, it will call readlink on