mozilla-central: changeset 159554:96fad9bdc012439b4462333c72d2503bf6c5335d

author	Vicamo Yang <vyang@mozilla.com>
	Mon, 09 Dec 2013 21:02:54 +0800
changeset 159554	96fad9bdc012439b4462333c72d2503bf6c5335d
parent 159553	dec3e196ed65901c39ff61ee6cbc34b5f60b7336
child 159555	66acce483c48dfd3869aa1240a89a620b1e8aa86
push id	25802
push user	ryanvm@gmail.com
push date	Mon, 09 Dec 2013 22:42:43 +0000
treeherder	mozilla-central@802e95c30288 [default view] [failures only]
perfherder	[talos] [build metrics] [platform microbench] (compared to previous push)
reviewers	kang, jld
bugs	944625
milestone	28.0a1
first release with	nightly linux32 df82be9d89a5 / 29.0a1 / 20131210030202 / files nightly linux64 df82be9d89a5 / 29.0a1 / 20131210030202 / files nightly mac df82be9d89a5 / 29.0a1 / 20131210030202 / files nightly win32 df82be9d89a5 / 29.0a1 / 20131210030202 / files nightly win64 df82be9d89a5 / 29.0a1 / 20131210030202 / files
last release without	nightly linux32 edac8cba9f78 / 28.0a1 / 20131208030204 / files nightly linux64 edac8cba9f78 / 28.0a1 / 20131208030204 / files nightly mac edac8cba9f78 / 28.0a1 / 20131208030204 / files nightly win32 edac8cba9f78 / 28.0a1 / 20131208030204 / files nightly win64 edac8cba9f78 / 28.0a1 / 20131208030204 / files

--- a/security/sandbox/linux/seccomp_filter.h
+++ b/security/sandbox/linux/seccomp_filter.h
@@ -76,25 +76,29 @@
 #endif
 
 /* Architecture-specific syscalls that should eventually be removed */
 #if defined(__arm__)
 #define SECCOMP_WHITELIST_ARCH_TOREMOVE \
   ALLOW_SYSCALL(fstat64), \
   ALLOW_SYSCALL(stat64), \
   ALLOW_SYSCALL(lstat64), \
+  ALLOW_SYSCALL(socketpair), \
+  ALLOW_SYSCALL(sendmsg), \
   ALLOW_SYSCALL(sigprocmask),
 #elif defined(__i386__)
 #define SECCOMP_WHITELIST_ARCH_TOREMOVE \
   ALLOW_SYSCALL(fstat64), \
   ALLOW_SYSCALL(stat64), \
   ALLOW_SYSCALL(lstat64), \
   ALLOW_SYSCALL(sigprocmask),
 #else
-#define SECCOMP_WHITELIST_ARCH_TOREMOVE
+#define SECCOMP_WHITELIST_ARCH_TOREMOVE \
+  ALLOW_SYSCALL(socketpair), \
+  ALLOW_SYSCALL(sendmsg),
 #endif
 
 /* Architecture-specific syscalls for desktop linux */
 #if defined(__arm__)
 #define SECCOMP_WHITELIST_ARCH_DESKTOP_LINUX
 #elif defined(__i386__)
 #define SECCOMP_WHITELIST_ARCH_DESKTOP_LINUX
 #elif defined(__x86_64__)
@@ -247,18 +251,16 @@
   /* open() is for some legacy APIs such as font loading. */ \
   /* See bug 906996 for removing unlink(). */ \
   SECCOMP_WHITELIST_ARCH_TOREMOVE \
   ALLOW_SYSCALL(open), \
   ALLOW_SYSCALL(prctl), \
   ALLOW_SYSCALL(access), \
   ALLOW_SYSCALL(unlink), \
   ALLOW_SYSCALL(fsync), \
-  ALLOW_SYSCALL(socketpair), \
-  ALLOW_SYSCALL(sendmsg), \
   /* Should remove all of the following in the future, if possible */ \
   ALLOW_SYSCALL(getpriority), \
   ALLOW_SYSCALL(setpriority), \
   SECCOMP_WHITELIST_PROFILING \
   SECCOMP_WHITELIST_B2G_LOW \
   /* Always last and always OK calls */ \
   SECCOMP_WHITELIST_ARCH_LAST \
   /* restart_syscall is called internally, generally when debugging */ \