Bug 943774 - Allow sigaction when sandboxed, for the crash reporter. r=kang
authorJed Davis <jld@mozilla.com>
Tue, 03 Dec 2013 18:45:17 -0500
changeset 174334 fdd48523bfbe0dac009be30e989a6aec6271259f
parent 174333 6ede459abb057c6f4454736df432b04a1d3508d2
child 174335 a7c22bdbf800459aa6d0f9f0a0ee07a1636bb043
push id445
push userffxbld
push dateMon, 10 Mar 2014 22:05:19 +0000
treeherdermozilla-release@dc38b741b04e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskang
bugs943774
milestone28.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 943774 - Allow sigaction when sandboxed, for the crash reporter. r=kang
security/sandbox/linux/seccomp_filter.h
--- a/security/sandbox/linux/seccomp_filter.h
+++ b/security/sandbox/linux/seccomp_filter.h
@@ -44,39 +44,40 @@
   ALLOW_SYSCALL(fcntl64),
 #else
 #define SECCOMP_WHITELIST_ARCH_LOW
 #endif
 
 /* Architecture-specific very infrequently used syscalls */
 #if defined(__arm__)
 #define SECCOMP_WHITELIST_ARCH_LAST \
+  ALLOW_SYSCALL(sigaction), \
+  ALLOW_SYSCALL(rt_sigaction), \
   ALLOW_ARM_SYSCALL(breakpoint), \
   ALLOW_ARM_SYSCALL(cacheflush), \
   ALLOW_ARM_SYSCALL(usr26), \
   ALLOW_ARM_SYSCALL(usr32), \
   ALLOW_ARM_SYSCALL(set_tls),
+#elif defined(__i386__)
+#define SECCOMP_WHITELIST_ARCH_LAST \
+  ALLOW_SYSCALL(sigaction), \
+  ALLOW_SYSCALL(rt_sigaction),
+#elif defined(__x86_64__)
+#define SECCOMP_WHITELIST_ARCH_LAST \
+  ALLOW_SYSCALL(rt_sigaction),
 #else
 #define SECCOMP_WHITELIST_ARCH_LAST
 #endif
 
 /* System calls used by the profiler */
 #ifdef MOZ_PROFILING
-# ifdef __NR_sigaction
-#  define SECCOMP_WHITELIST_PROFILING \
-  ALLOW_SYSCALL(sigaction), \
-  ALLOW_SYSCALL(rt_sigaction), \
+#define SECCOMP_WHITELIST_PROFILING \
   ALLOW_SYSCALL(tgkill),
-# else
-#  define SECCOMP_WHITELIST_PROFILING \
-  ALLOW_SYSCALL(rt_sigaction), \
-  ALLOW_SYSCALL(tgkill),
-# endif
 #else
-# define SECCOMP_WHITELIST_PROFILING
+#define SECCOMP_WHITELIST_PROFILING
 #endif
 
 /* Architecture-specific syscalls that should eventually be removed */
 #if defined(__arm__)
 #define SECCOMP_WHITELIST_ARCH_TOREMOVE \
   ALLOW_SYSCALL(fstat64), \
   ALLOW_SYSCALL(stat64), \
   ALLOW_SYSCALL(lstat64), \