Bug 1290618 - Allow PR_SET_PTRACER in Linux sandbox policies to avoid recursive crash. r=tedd,a=lizzard
authorJed Davis <jld@mozilla.com>
Mon, 01 Aug 2016 15:44:00 +0200
changeset 342271 5ceb958e95c78e9e3d66cfc5ece4a45c8ec4fb07
parent 342270 74d54db8df58660f37d9c4c23bb4b56bea4e20db
child 342272 98f5bd2a3d5e53e393d2ff191c6b365451bf9ff7
push id1183
push userraliiev@mozilla.com
push dateMon, 05 Sep 2016 20:01:49 +0000
treeherdermozilla-release@3148731bed45 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerstedd, lizzard
bugs1290618
milestone49.0
Bug 1290618 - Allow PR_SET_PTRACER in Linux sandbox policies to avoid recursive crash. r=tedd,a=lizzard MozReview-Commit-ID: Dt50vkgXQTt
security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -36,16 +36,20 @@ using namespace sandbox::bpf_dsl;
 // (Warning: these are wrong on PA-RISC.)
 #ifndef MADV_NOHUGEPAGE
 #define MADV_NOHUGEPAGE 15
 #endif
 #ifndef MADV_DONTDUMP
 #define MADV_DONTDUMP 16
 #endif
 
+#ifndef PR_SET_PTRACER
+#define PR_SET_PTRACER 0x59616d61
+#endif
+
 // To avoid visual confusion between "ifdef ANDROID" and "ifndef ANDROID":
 #ifndef ANDROID
 #define DESKTOP
 #endif
 
 // This file defines the seccomp-bpf system call filter policies.
 // See also SandboxFilterUtil.h, for the CASES_FOR_* macros and
 // SandboxFilterBase::Evaluate{Socket,Ipc}Call.
@@ -119,17 +123,18 @@ public:
   virtual ResultExpr PrctlPolicy() const {
     // Note: this will probably need PR_SET_VMA if/when it's used on
     // Android without being overridden by an allow-all policy, and
     // the constant will need to be defined locally.
     Arg<int> op(0);
     return Switch(op)
       .CASES((PR_GET_SECCOMP, // BroadcastSetThreadSandbox, etc.
               PR_SET_NAME,    // Thread creation
-              PR_SET_DUMPABLE), // Crash reporting
+              PR_SET_DUMPABLE, // Crash reporting
+              PR_SET_PTRACER), // Debug-mode crash handling
              Allow())
       .Default(InvalidSyscall());
   }
 
   virtual Maybe<ResultExpr> EvaluateSocketCall(int aCall) const override {
     switch (aCall) {
     case SYS_RECVMSG:
     case SYS_SENDMSG: