Bug 1384804 - Allow libnuma to read /proc/self/status, block get_mempolicy. r?jld
MozReview-Commit-ID: EHPVoFQ6jVZ
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -836,19 +836,16 @@ public:
#ifdef __NR_fadvise64_64
case __NR_fadvise64_64:
return Allow();
#endif
case __NR_fallocate:
return Allow();
- case __NR_get_mempolicy:
- return Allow();
-
#endif // DESKTOP
#ifdef __NR_getrandom
case __NR_getrandom:
return Allow();
#endif
// nsSystemInfo uses uname (and we cache an instance, so
--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
@@ -224,17 +224,19 @@ SandboxBrokerPolicyFactory::SandboxBroke
#endif
}
#ifdef MOZ_CONTENT_SANDBOX
UniquePtr<SandboxBroker::Policy>
SandboxBrokerPolicyFactory::GetContentPolicy(int aPid, bool aFileProcess)
{
// Policy entries that vary per-process (currently the only reason
- // that can happen is because they contain the pid) are added here.
+ // that can happen is because they contain the pid) are added here,
+ // as well as entries that depend on preferences or paths not available
+ // in early startup.
MOZ_ASSERT(NS_IsMainThread());
// File broker usage is controlled through a pref.
if (GetEffectiveContentSandboxLevel() <= 1) {
return nullptr;
}
MOZ_ASSERT(mCommonContentPolicy);
@@ -264,16 +266,21 @@ SandboxBrokerPolicyFactory::GetContentPo
// Bug 1198550: the profiler's replacement for dl_iterate_phdr
policy->AddPath(rdonly, nsPrintfCString("/proc/%d/maps", aPid).get());
// Bug 1198552: memory reporting.
policy->AddPath(rdonly, nsPrintfCString("/proc/%d/statm", aPid).get());
policy->AddPath(rdonly, nsPrintfCString("/proc/%d/smaps", aPid).get());
+ // Bug 1384804, notably comment 15
+ // Used by libnuma, included by x265/ffmpeg, who falls back
+ // to get_mempolicy if this fails
+ policy->AddPath(rdonly, nsPrintfCString("/proc/%d/status", aPid).get());
+
// userContent.css and the extensions dir sit in the profile, which is
// normally blocked and we can't get the profile dir earlier in startup,
// so this must happen here.
nsCOMPtr<nsIFile> profileDir;
nsresult rv = NS_GetSpecialDirectory(NS_APP_USER_PROFILE_50_DIR,
getter_AddRefs(profileDir));
if (NS_SUCCEEDED(rv)) {
nsCOMPtr<nsIFile> workDir;