Mercurial > mozreview > gecko / changeset / 15cdb7a47e4f42dcf7894eb40240c041806ca396
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1384804 - Allow libnuma to read /proc/self/status, block get_mempolicy. r?jld draft
authorGian-Carlo Pascutto <gcp@mozilla.com>
Thu, 17 Aug 2017 16:59:41 +0200
changeset 648314 15cdb7a47e4f42dcf7894eb40240c041806ca396
parent 647668 6240e75545e67d545e583055e95557610a5fadde
child 726779 b9e42c08059361b1e3c8caa89633210bbf8d7676
push id74705
push usergpascutto@mozilla.com
push dateThu, 17 Aug 2017 15:40:27 +0000
reviewersjld
bugs1384804
milestone57.0a1
Bug 1384804 - Allow libnuma to read /proc/self/status, block get_mempolicy. r?jld MozReview-Commit-ID: EHPVoFQ6jVZ
security/sandbox/linux/SandboxFilter.cpp file | annotate | diff | comparison | revisions
security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp file | annotate | diff | comparison | revisions 
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -836,19 +836,16 @@ public:
 #ifdef __NR_fadvise64_64
     case __NR_fadvise64_64:
       return Allow();
 #endif
 
     case __NR_fallocate:
       return Allow();
 
-    case __NR_get_mempolicy:
-      return Allow();
-
 #endif // DESKTOP
 
 #ifdef __NR_getrandom
     case __NR_getrandom:
       return Allow();
 #endif
 
       // nsSystemInfo uses uname (and we cache an instance, so
--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
@@ -224,17 +224,19 @@ SandboxBrokerPolicyFactory::SandboxBroke
 #endif
 }
 
 #ifdef MOZ_CONTENT_SANDBOX
 UniquePtr<SandboxBroker::Policy>
 SandboxBrokerPolicyFactory::GetContentPolicy(int aPid, bool aFileProcess)
 {
   // Policy entries that vary per-process (currently the only reason
-  // that can happen is because they contain the pid) are added here.
+  // that can happen is because they contain the pid) are added here,
+  // as well as entries that depend on preferences or paths not available
+  // in early startup.
 
   MOZ_ASSERT(NS_IsMainThread());
   // File broker usage is controlled through a pref.
   if (GetEffectiveContentSandboxLevel() <= 1) {
     return nullptr;
   }
 
   MOZ_ASSERT(mCommonContentPolicy);
@@ -264,16 +266,21 @@ SandboxBrokerPolicyFactory::GetContentPo
 
   // Bug 1198550: the profiler's replacement for dl_iterate_phdr
   policy->AddPath(rdonly, nsPrintfCString("/proc/%d/maps", aPid).get());
 
   // Bug 1198552: memory reporting.
   policy->AddPath(rdonly, nsPrintfCString("/proc/%d/statm", aPid).get());
   policy->AddPath(rdonly, nsPrintfCString("/proc/%d/smaps", aPid).get());
 
+  // Bug 1384804, notably comment 15
+  // Used by libnuma, included by x265/ffmpeg, who falls back
+  // to get_mempolicy if this fails
+  policy->AddPath(rdonly, nsPrintfCString("/proc/%d/status", aPid).get());
+
   // userContent.css and the extensions dir sit in the profile, which is
   // normally blocked and we can't get the profile dir earlier in startup,
   // so this must happen here.
   nsCOMPtr<nsIFile> profileDir;
   nsresult rv = NS_GetSpecialDirectory(NS_APP_USER_PROFILE_50_DIR,
                                        getter_AddRefs(profileDir));
   if (NS_SUCCEEDED(rv)) {
       nsCOMPtr<nsIFile> workDir;
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:59Z.