Bug 1543790 - Fix RDD sandboxing conditions so the parent and child processes agree. r=gcp
authorJed Davis <jld@mozilla.com>
Tue, 16 Apr 2019 13:53:20 +0000
changeset 528606 75d2b35c092f4b77c3855569e5dd8b6803e8e914
parent 528605 01d9700306a4babdee436d402b4bed5f37b1ec2a
child 528607 a38b2423065cdf70dd8db23a468c23de1d3b88dd
push id11265
push userffxbld-merge
push dateMon, 13 May 2019 10:53:39 +0000
treeherdermozilla-beta@77e0fe8dbdd3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgcp
bugs1543790
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1543790 - Fix RDD sandboxing conditions so the parent and child processes agree. r=gcp If the system doesn't support seccomp-bpf, the parent process won't try to set up sandboxing, but the child process has a separate check that didn't test for this, and ends up failing a release assertion (in SandboxReporterClient, but we also release-assert that installing the seccomp-bpf policy succeeds). This patch just fixes the child-side conditional to match the intended behavior, but in the long term we should consider redesigning SandboxInfo to avoid this. Differential Revision: https://phabricator.services.mozilla.com/D27624
security/sandbox/linux/Sandbox.cpp
--- a/security/sandbox/linux/Sandbox.cpp
+++ b/security/sandbox/linux/Sandbox.cpp
@@ -647,17 +647,18 @@ void SetMediaPluginSandbox(const char* a
   files->Add("/proc/self/auxv");  // Info also in process's address space.
 #endif
 
   // Finally, start the sandbox.
   SetCurrentProcessSandbox(GetMediaSandboxPolicy(files));
 }
 
 void SetRemoteDataDecoderSandbox(int aBroker) {
-  if (PR_GetEnv("MOZ_DISABLE_RDD_SANDBOX") != nullptr) {
+  if (!SandboxInfo::Get().Test(SandboxInfo::kHasSeccompBPF) ||
+      PR_GetEnv("MOZ_DISABLE_RDD_SANDBOX")) {
     if (aBroker >= 0) {
       close(aBroker);
     }
     return;
   }
 
   gSandboxReporterClient =
       new SandboxReporterClient(SandboxReport::ProcType::RDD);