Open
Bug 1025329
Opened 10 years ago
Updated 2 years ago
PR_GetNumberOfProcessors opens /sys/devices/system/cpu/present in content processes
Categories
(Core :: Security: Process Sandboxing, defect, P3)
Tracking
()
NEW
People
(Reporter: jld, Unassigned)
References
Details
(Whiteboard: sb+)
In nsprpub/pr/src/misc/prsystem.c: 221 const char *cpu_present = "/sys/devices/system/cpu/present"; 224 fin = fopen(cpu_present, "r");
Reporter | ||
Comment 1•10 years ago
|
||
Bionic also opens this file for sysconf(_SC_NPROCESSORS_CONF) and sysconf(_SC_NPROCESSORS_ONLN).
OS: Linux → Gonk (Firefox OS)
Hardware: x86_64 → All
Reporter | ||
Comment 2•9 years ago
|
||
Move process sandboxing bugs to the new Bugzilla component. (Sorry for the bugspam; filter on 3c21328c-8cfb-4819-9d88-f6e965067350.)
Component: Security → Security: Process Sandboxing
Reporter | ||
Comment 3•9 years ago
|
||
Sorry for the bugspam; filter on 086f2ac3-ac15-4299-889b-009181af5029.
Blocks: 1121295
Reporter | ||
Comment 4•9 years ago
|
||
Sorry for the bugspam; filter on 086f2ac3-ac15-4299-889b-009181af5029.
No longer blocks: 930258
Updated•8 years ago
|
Whiteboard: sb+
Reporter | ||
Comment 5•7 years ago
|
||
From the code referenced in comment #0, this could also affect desktop Linux (once we can get to a default-deny read policy and start pruning what's left).
OS: Gonk (Firefox OS) → Linux
Reporter | ||
Comment 6•7 years ago
|
||
Further notes: NSPR will fall back to sysconf(_SC_NPROCESSORS_CONF) if it gets an error from opening the sysfs file, but that just moves the problem down a layer. glibc tries readdir() on /sys/devices/system/cpu, then falls back to parsing /proc/cpuinfo if that fails, then just returns 1 if that fails. musl libc calls sched_getaffinity (and returns how many CPUs the process can actually use, rather than how many the hardware has); we currently allow that syscall for content processes, and it's not that dangerous.
Updated•7 years ago
|
Priority: -- → P3
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•