Bug 1543790 - Fix RDD sandboxing conditions so the parent and child processes agree. r=gcp
authorJed Davis <jld@mozilla.com>
Tue, 16 Apr 2019 13:53:20 +0000
changeset 469789 75d2b35c092f
parent 469788 01d9700306a4
child 469790 a38b2423065c
push id35882
push usercbrindusan@mozilla.com
push dateWed, 17 Apr 2019 15:54:01 +0000
treeherdermozilla-central@37185c0ae520 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgcp
bugs1543790
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1543790 - Fix RDD sandboxing conditions so the parent and child processes agree. r=gcp If the system doesn't support seccomp-bpf, the parent process won't try to set up sandboxing, but the child process has a separate check that didn't test for this, and ends up failing a release assertion (in SandboxReporterClient, but we also release-assert that installing the seccomp-bpf policy succeeds). This patch just fixes the child-side conditional to match the intended behavior, but in the long term we should consider redesigning SandboxInfo to avoid this. Differential Revision: https://phabricator.services.mozilla.com/D27624
security/sandbox/linux/Sandbox.cpp
--- a/security/sandbox/linux/Sandbox.cpp
+++ b/security/sandbox/linux/Sandbox.cpp
@@ -647,17 +647,18 @@ void SetMediaPluginSandbox(const char* a
   files->Add("/proc/self/auxv");  // Info also in process's address space.
 #endif
 
   // Finally, start the sandbox.
   SetCurrentProcessSandbox(GetMediaSandboxPolicy(files));
 }
 
 void SetRemoteDataDecoderSandbox(int aBroker) {
-  if (PR_GetEnv("MOZ_DISABLE_RDD_SANDBOX") != nullptr) {
+  if (!SandboxInfo::Get().Test(SandboxInfo::kHasSeccompBPF) ||
+      PR_GetEnv("MOZ_DISABLE_RDD_SANDBOX")) {
     if (aBroker >= 0) {
       close(aBroker);
     }
     return;
   }
 
   gSandboxReporterClient =
       new SandboxReporterClient(SandboxReport::ProcType::RDD);