Bug 981949 - Whitelist ftruncate for seccomp-bpf sandboxing. r=kang, a=1.4+
authorJed Davis <jld@mozilla.com>
Tue, 15 Apr 2014 13:47:01 -0400
changeset 192840 2cdcd7e28256405bb7fd5a8020e69ce1b08fbfe7
parent 192839 3be2814c689703675df858414dde8ee635eec028
child 192841 14552046e040b34c56d58e63841f8d3fdac1acaf
push id474
push userasasaki@mozilla.com
push dateMon, 02 Jun 2014 21:01:02 +0000
treeherdermozilla-release@967f4cf1b31c [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskang, 1
bugs981949
milestone30.0a2
Bug 981949 - Whitelist ftruncate for seccomp-bpf sandboxing. r=kang, a=1.4+
security/sandbox/linux/seccomp_filter.h
--- a/security/sandbox/linux/seccomp_filter.h
+++ b/security/sandbox/linux/seccomp_filter.h
@@ -28,24 +28,26 @@
 #define SECCOMP_WHITELIST_ARCH_HIGH
 #endif
 
 /* Architecture-specific infrequently used syscalls */
 #if defined(__arm__)
 #define SECCOMP_WHITELIST_ARCH_LOW \
   ALLOW_SYSCALL(_newselect), \
   ALLOW_SYSCALL(_llseek), \
+  ALLOW_SYSCALL(ftruncate64), \
   ALLOW_SYSCALL(getuid32), \
   ALLOW_SYSCALL(geteuid32), \
   ALLOW_SYSCALL(sigreturn), \
   ALLOW_SYSCALL(fcntl64),
 #elif defined(__i386__)
 #define SECCOMP_WHITELIST_ARCH_LOW \
   ALLOW_SYSCALL(_newselect), \
   ALLOW_SYSCALL(_llseek), \
+  ALLOW_SYSCALL(ftruncate64), \
   ALLOW_SYSCALL(getuid32), \
   ALLOW_SYSCALL(geteuid32), \
   ALLOW_SYSCALL(sigreturn), \
   ALLOW_SYSCALL(fcntl64),
 #else
 #define SECCOMP_WHITELIST_ARCH_LOW \
   ALLOW_SYSCALL(select),
 #endif
@@ -258,16 +260,17 @@
   ALLOW_SYSCALL(clone), \
   ALLOW_SYSCALL(brk), \
   SECCOMP_WHITELIST_B2G_MED \
   ALLOW_SYSCALL(gettid), \
   ALLOW_SYSCALL(getrusage), \
   ALLOW_SYSCALL(madvise), \
   ALLOW_SYSCALL(dup), \
   ALLOW_SYSCALL(nanosleep), \
+  ALLOW_SYSCALL(ftruncate), \
   SECCOMP_WHITELIST_ARCH_LOW \
   /* Must remove all of the following in the future, when no longer used */ \
   /* open() is for some legacy APIs such as font loading. */ \
   /* See bug 906996 for removing unlink(). */ \
   SECCOMP_WHITELIST_ARCH_TOREMOVE \
   ALLOW_SYSCALL(open), \
   ALLOW_SYSCALL(readlink), /* Workaround for bug 964455 */ \
   ALLOW_SYSCALL(prctl), \