Bug 1080165 - Allow setpriority() to fail without crashing in media plugins on Linux. r=kang, a=lmandel
authorJed Davis <jld@mozilla.com>
Thu, 16 Oct 2014 12:42:00 +0200
changeset 225778 5c014e511661
parent 225777 a963eab53a09
child 225779 42f43b1c896e
push id4014
push userryanvm@gmail.com
push date2014-10-22 23:37 +0000
treeherdermozilla-beta@27b0655c1385 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskang, lmandel
bugs1080165
milestone34.0
Bug 1080165 - Allow setpriority() to fail without crashing in media plugins on Linux. r=kang, a=lmandel
security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -376,16 +376,19 @@ void SandboxFilterImplGMP::Build() {
 
 #if SYSCALL_EXISTS(set_robust_list)
   Allow(SYSCALL(set_robust_list));
 #endif
 
   // NSPR can call this when creating a thread, but it will accept a
   // polite "no".
   Deny(EACCES, SYSCALL(getpriority));
+  // But if thread creation races with sandbox startup, that call
+  // could succeed, and then we get one of these:
+  Deny(EACCES, SYSCALL(setpriority));
 
   // Stack bounds are obtained via pthread_getattr_np, which calls
   // this but doesn't actually need it:
   Deny(ENOSYS, SYSCALL(sched_getaffinity));
 
 #ifdef MOZ_ASAN
   Allow(SYSCALL(sigaltstack));
 #endif