Bug 1457092 - Disable codepaths forbidden by pledge() when being sandboxed on OpenBSD. r=froydnj
authorLandry Breuil <landry@openbsd.org>
Wed, 22 Aug 2018 05:29:00 -0400
changeset 433085 3ad8c54c6dc8978a3317544bea487cef8860db50
parent 433084 411427c1f5fe876edcd92f31b3c86bbb8d509ac7
child 433086 a8facd78c24282a792310cb154aae29c531a116a
push id34499
push usercsabou@mozilla.com
push dateThu, 23 Aug 2018 21:40:51 +0000
treeherdermozilla-central@49b70f7e6817 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersfroydnj
bugs1457092
milestone63.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1457092 - Disable codepaths forbidden by pledge() when being sandboxed on OpenBSD. r=froydnj
widget/nsShmImage.cpp
xpcom/base/nsDebugImpl.cpp
xpcom/base/nsMemoryReporterManager.cpp
--- a/widget/nsShmImage.cpp
+++ b/widget/nsShmImage.cpp
@@ -62,16 +62,22 @@ bool nsShmImage::UseShm()
   return gShmAvailable;
 }
 
 bool
 nsShmImage::CreateShmSegment()
 {
   size_t size = SharedMemory::PageAlignedSize(mStride * mSize.height);
 
+#if defined(__OpenBSD__) && defined(MOZ_SANDBOX)
+  static mozilla::LazyLogModule sPledgeLog("SandboxPledge");
+  MOZ_LOG(sPledgeLog, mozilla::LogLevel::Debug,
+         ("%s called when pledged, returning false\n", __func__));
+  return false;
+#endif
   mShmId = shmget(IPC_PRIVATE, size, IPC_CREAT | 0600);
   if (mShmId == -1) {
     return false;
   }
   mShmAddr = (uint8_t*) shmat(mShmId, nullptr, 0);
   mShmSeg = xcb_generate_id(mConnection);
 
   // Mark the handle removed so that it will destroy the segment when unmapped.
--- a/xpcom/base/nsDebugImpl.cpp
+++ b/xpcom/base/nsDebugImpl.cpp
@@ -175,16 +175,20 @@ nsDebugImpl::GetAssertionCount(int32_t* 
   return NS_OK;
 }
 
 NS_IMETHODIMP
 nsDebugImpl::GetIsDebuggerAttached(bool* aResult)
 {
   *aResult = false;
 
+#if defined(__OpenBSD__) && defined(MOZ_SANDBOX)
+  // no access to KERN_PROC_PID sysctl when pledge'd
+  return NS_OK;
+#endif
 #if defined(XP_WIN)
   *aResult = ::IsDebuggerPresent();
 #elif defined(XP_MACOSX) || defined(__DragonFly__) || defined(__FreeBSD__) \
    || defined(__NetBSD__) || defined(__OpenBSD__)
   // Specify the info we're looking for
   int mib[] = {
     CTL_KERN,
     KERN_PROC,
--- a/xpcom/base/nsMemoryReporterManager.cpp
+++ b/xpcom/base/nsMemoryReporterManager.cpp
@@ -188,16 +188,22 @@ SystemHeapSize(int64_t* aSizeOut)
 #define KP_SIZE(kp) ((kp.p_vm_dsize + kp.p_vm_ssize                     \
                       + kp.p_vm_tsize) * getpagesize())
 #define KP_RSS(kp) (kp.p_vm_rssize * getpagesize())
 #endif
 
 static MOZ_MUST_USE nsresult
 GetKinfoProcSelf(KINFO_PROC* aProc)
 {
+#if defined(__OpenBSD__) && defined(MOZ_SANDBOX)
+  static LazyLogModule sPledgeLog("SandboxPledge");
+  MOZ_LOG(sPledgeLog, LogLevel::Debug,
+         ("%s called when pledged, returning NS_ERROR_FAILURE\n", __func__));
+  return NS_ERROR_FAILURE;
+#endif
   int mib[] = {
     CTL_KERN,
     KERN_PROC,
     KERN_PROC_PID,
     getpid(),
 #if defined(__NetBSD__) || defined(__OpenBSD__)
     sizeof(KINFO_PROC),
     1,