Bug 997409 - Add set_thread_area to seccomp whitelist if available. r=kang
authorJed Davis <jld@mozilla.com>
Thu, 17 Apr 2014 16:23:23 -0400
changeset 179497 dc0586595f8039894a875654a18e54c85e88df1c
parent 179496 55b4ac7353fdede62f8d423fe9d15284929eff53
child 179498 9f9e83390b460fa1ded4aa746bec47c3e9ff47dc
push id272
push userpvanderbeken@mozilla.com
push dateMon, 05 May 2014 16:31:18 +0000
reviewerskang
bugs997409
milestone31.0a1
Bug 997409 - Add set_thread_area to seccomp whitelist if available. r=kang
security/sandbox/linux/SandboxFilter.cpp
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -91,16 +91,19 @@ static struct sock_filter seccomp_filter
    * argument filtering */
   ALLOW_SYSCALL(ioctl),
   ALLOW_SYSCALL(close),
   ALLOW_SYSCALL(munmap),
   ALLOW_SYSCALL(mprotect),
   ALLOW_SYSCALL(writev),
   ALLOW_SYSCALL(clone),
   ALLOW_SYSCALL(brk),
+#if SYSCALL_EXISTS(set_thread_area)
+  ALLOW_SYSCALL(set_thread_area),
+#endif
 
   ALLOW_SYSCALL(getpid),
   ALLOW_SYSCALL(gettid),
   ALLOW_SYSCALL(getrusage),
   ALLOW_SYSCALL(madvise),
   ALLOW_SYSCALL(dup),
   ALLOW_SYSCALL(nanosleep),
   ALLOW_SYSCALL(poll),