Bug 1037211 - Remove MOZ_CONTENT_SANDBOX_REPORTER by making it always true. r=kang r=ted
authorJed Davis <jld@mozilla.com>
Thu, 17 Jul 2014 14:57:28 -0700
changeset 216717 c361be2aeb66ec71289f34a5edfcc7a2527afbf8
parent 216716 286635a5a1e1d01298f1eb45380390b20ee0dcd7
child 216718 c6886d31a30be5c3da61c6d213aea17295ec213c
push id515
push userraliiev@mozilla.com
push dateMon, 06 Oct 2014 12:51:51 +0000
treeherdermozilla-release@267c7a481bef [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskang, ted
bugs1037211
milestone33.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1037211 - Remove MOZ_CONTENT_SANDBOX_REPORTER by making it always true. r=kang r=ted
configure.in
security/sandbox/linux/Sandbox.cpp
security/sandbox/linux/SandboxAssembler.cpp
security/sandbox/linux/SandboxFilter.cpp
--- a/configure.in
+++ b/configure.in
@@ -3871,17 +3871,16 @@ MOZ_LOCALE_SWITCHER=
 MOZ_ANDROID_SEARCH_ACTIVITY=
 MOZ_ANDROID_MLS_STUMBLER=
 ACCESSIBILITY=1
 MOZ_TIME_MANAGER=
 MOZ_PAY=
 MOZ_AUDIO_CHANNEL_MANAGER=
 NSS_NO_LIBPKIX=
 MOZ_CONTENT_SANDBOX=
-MOZ_CONTENT_SANDBOX_REPORTER=1
 JSGC_USE_EXACT_ROOTING=
 JSGC_GENERATIONAL=
 
 case "$target_os" in
     mingw*)
         NS_ENABLE_TSF=1
         AC_DEFINE(NS_ENABLE_TSF)
         ;;
@@ -6433,27 +6432,16 @@ MOZ_ARG_ENABLE_BOOL(content-sandbox,
     MOZ_CONTENT_SANDBOX=)
 
 if test -n "$MOZ_CONTENT_SANDBOX"; then
     AC_DEFINE(MOZ_CONTENT_SANDBOX)
 fi
 
 AC_SUBST(MOZ_CONTENT_SANDBOX)
 
-MOZ_ARG_ENABLE_BOOL(content-sandbox-reporter,
-[ --enable-content-sandbox-reporter        Enable syscall reporter to troubleshoot syscalls denied by the content-processes sandbox],
-    MOZ_CONTENT_SANDBOX_REPORTER=1,
-    MOZ_CONTENT_SANDBOX_REPORTER=)
-
-if test -n "$MOZ_CONTENT_SANDBOX_REPORTER"; then
-    AC_DEFINE(MOZ_CONTENT_SANDBOX_REPORTER)
-fi
-
-AC_SUBST(MOZ_CONTENT_SANDBOX_REPORTER)
-
 dnl ========================================================
 dnl =
 dnl = Module specific options
 dnl =
 dnl ========================================================
 MOZ_ARG_HEADER(Individual module options)
 
 dnl ========================================================
--- a/security/sandbox/linux/Sandbox.cpp
+++ b/security/sandbox/linux/Sandbox.cpp
@@ -107,17 +107,16 @@ SandboxLogJSStack(void)
  * This is the SIGSYS handler function. It is used to report to the user
  * which system call has been denied by Seccomp.
  * This function also makes the process exit as denying the system call
  * will otherwise generally lead to unexpected behavior from the process,
  * since we don't know if all functions will handle such denials gracefully.
  *
  * @see InstallSyscallReporter() function.
  */
-#ifdef MOZ_CONTENT_SANDBOX_REPORTER
 static void
 Reporter(int nr, siginfo_t *info, void *void_context)
 {
   ucontext_t *ctx = static_cast<ucontext_t*>(void_context);
   unsigned long syscall_nr, args[6];
   pid_t pid = getpid(), tid = syscall(__NR_gettid);
 
   if (nr != SIGSYS) {
@@ -190,17 +189,16 @@ InstallSyscallReporter(void)
   }
   if (sigemptyset(&mask) ||
     sigaddset(&mask, SIGSYS) ||
     sigprocmask(SIG_UNBLOCK, &mask, nullptr)) {
       return -1;
   }
   return 0;
 }
-#endif
 
 /**
  * This function installs the syscall filter, a.k.a. seccomp.
  * PR_SET_NO_NEW_PRIVS ensures that it is impossible to grant more
  * syscalls to the process beyond this point (even after fork()).
  * SECCOMP_MODE_FILTER is the "bpf" mode of seccomp which allows
  * to pass a bpf program (in our case, it contains a syscall
  * whitelist).
@@ -436,21 +434,19 @@ SetCurrentProcessSandbox()
 {
 #if !defined(ANDROID) && defined(PR_LOGGING)
   if (!gSeccompSandboxLog) {
     gSeccompSandboxLog = PR_NewLogModule("SeccompSandbox");
   }
   PR_ASSERT(gSeccompSandboxLog);
 #endif
 
-#if defined(MOZ_CONTENT_SANDBOX_REPORTER)
   if (InstallSyscallReporter()) {
     LOG_ERROR("install_syscall_reporter() failed\n");
   }
-#endif
 
   if (IsSandboxingSupported()) {
     BroadcastSetThreadSandbox();
   }
 }
 
 } // namespace mozilla
 
--- a/security/sandbox/linux/SandboxAssembler.cpp
+++ b/security/sandbox/linux/SandboxAssembler.cpp
@@ -134,17 +134,13 @@ SandboxAssembler::RetDeny(int aErrno)
                                SECCOMP_RET_ERRNO + aErrno,
                                nullptr);
 }
 
 Instruction *
 SandboxAssembler::RetKill()
 {
   return mCode.MakeInstruction(BPF_RET + BPF_K,
-#ifdef MOZ_CONTENT_SANDBOX_REPORTER
                                SECCOMP_RET_TRAP,
-#else
-                               SECCOMP_RET_KILL,
-#endif
                                nullptr);
 }
 
 } // namespace mozilla
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -96,18 +96,18 @@ SandboxFilterImpl::Build() {
 #endif
 
   /* Most used system calls should be at the top of the whitelist
    * for performance reasons. The whitelist BPF filter exits after
    * processing any ALLOW_SYSCALL macro.
    *
    * How are those syscalls found?
    * 1) via strace -p <child pid> or/and
-   * 2) with MOZ_CONTENT_SANDBOX_REPORTER set, the child will report which system call
-   *    has been denied by seccomp-bpf, just before exiting, via NSPR.
+   * 2) the child will report which system call has been denied by seccomp-bpf,
+   *    just before exiting, via NSPR or Android logging.
    * System call number to name mapping is found in:
    * bionic/libc/kernel/arch-arm/asm/unistd.h
    * or your libc's unistd.h/kernel headers.
    *
    * Current list order has been optimized through manual guess-work.
    * It could be further optimized by analyzing the output of:
    * 'strace -c -p <child pid>' for most used web apps.
    */