readlink() is not white listed by sandbox on Lollipop Gonk

RESOLVED FIXED in Firefox 39



4 years ago
4 years ago


(Reporter: sotaro, Assigned: jld)


Gonk (Firefox OS)
Dependency tree / graph

Firefox Tracking Flags

(blocking-b2g:2.2+, firefox37 wontfix, firefox38 wontfix, firefox39 fixed, b2g-v2.2 fixed, b2g-master fixed)


(crash signature)


(1 attachment)



4 years ago
readlink() is white listed by Bug 974227. But it seems not work on Lollipop Gonk.

See Bug 1137515 comment 14.

Comment 1

4 years ago
This bug blocks b2g:v2.2+ bug.
blocking-b2g: --- → 2.2?
Simple patch is simple; rs?(kang).

Sotaro, can you verify that this patch fixes the crash?  I have a Lollipop-capable device, but it looks like there are other patches needed to make WebRTC work on Lollipop in order to reproduce this bug.
Assignee: nobody → jld
Attachment #8573646 - Flags: review?(gdestuynder)
Attachment #8573646 - Flags: feedback?(sotaro.ikeda.g)


4 years ago
blocking-b2g: 2.2? → 2.2+
Comment on attachment 8573646 [details] [diff] [review]
Patch: whitelist readlinkat.

Review of attachment 8573646 [details] [diff] [review]:

rather similar risk with both readlink/readlinkat
Attachment #8573646 - Flags: review?(gdestuynder) → review+

Comment 4

4 years ago
Comment on attachment 8573646 [details] [diff] [review]
Patch: whitelist readlinkat.

Thanks! I confirmed the fix by applying the patch.
Attachment #8573646 - Flags: feedback?(sotaro.ikeda.g) → feedback+
Component: Security → Security: Process Sandboxing
Keywords: checkin-needed
Last Resolved: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla39
Crash Signature: [@ ]
Crash Signature: [@ ] → [@ ] [@ readlinkat ]


4 years ago

Comment 8

4 years ago
Jed, could the patch be uplifted to b2g v2.2?
Flags: needinfo?(jld)
(In reply to Sotaro Ikeda [:sotaro] from comment #8)
> Jed, could the patch be uplifted to b2g v2.2?

Yes.  It will merge more cleanly if the patch from bug 1134942 is uplifted first — and I think we'd need that one on v2.2 as well, if we're supporting Lollipop there?
Flags: needinfo?(jld)
(In reply to Jed Davis [:jld] from comment #9)
> (In reply to Sotaro Ikeda [:sotaro] from comment #8)
> > Jed, could the patch be uplifted to b2g v2.2?
> Yes.

…on second thought, I should do a try run to make sure the new syscall names don't break any of the builds; there are some changes to the Chromium headers that I think weren't on the 37 branch.

Comment 11

4 years ago
Yes, lollipos support of b2g-v2.2 is necessary. Bug 1094121 is a meta bug of supporting lollipop.

 - Bug 1094121 - (gonk-L) [meta] Android L Porting for B2G


4 years ago
Blocks: 1141472
Comment on attachment 8573646 [details] [diff] [review]
Patch: whitelist readlinkat.

NOTE: please apply this patch after the one from bug 1134942 to avoid unnecessary merge conflicts.

[Approval Request Comment]
Bug caused by (feature/regressing bug #): bug 1094121
User impact if declined: App crashes and test failures on B2G Lollipop; WebRTC and window.crypto.subtle are known to be affected.
Testing completed: 
Risk to taking this patch (and alternatives if risky): None; it just causes system calls to succeed that would previously result in a crash.
String or UUID changes made by this patch: None.
Attachment #8573646 - Flags: approval-mozilla-b2g37?
(In reply to Jed Davis [:jld] from comment #12)
> Testing completed:

Also, built locally for nexus-5-l and verified it fixes bug 1141472.
Attachment #8573646 - Flags: approval-mozilla-b2g37? → approval-mozilla-b2g37+
Duplicate of this bug: 1144699
You need to log in before you can comment on or make changes to this bug.