Closed Bug 1284452 Opened 9 years ago Closed 9 years ago

Seccomp sandbox violation: sys_getrandom called in content process of Firefox desktop

Categories

(Core :: Security: Process Sandboxing, defect)

Product:
Core
Component:
Security: Process Sandboxing
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla50
Tracking Flags:
Tracking Status
firefox50 --- fixed

People

(Reporter: tedd, Assigned: tedd)

References

Details

(Whiteboard: sblc1)

Attachments

(1 file, 1 obsolete file)

Add sys_getrandom to seccomp whitelist r=gcp
927 bytes, patch
gcp
: review+
Details | Diff | Splinter Review
Inbound test runs into a seccomp violation while calling sys_getrandom: https://treeherder.mozilla.org/logviewer.html#?job_id=31195021&repo=mozilla-inbound#L1878
Comment on attachment 8767944 [details] [diff] [review] Add sys_getrandom to seccomp whitelist r=gcp Review of attachment 8767944 [details] [diff] [review]: ----------------------------------------------------------------- ::: security/sandbox/linux/SandboxFilter.cpp @@ +641,1 @@ > #endif // DESKTOP I traced the call to Rusts' standard lib. Given that we will be using that on Android too at some point, I think it's better to put it outside the DESKTOP ifdef.
Attachment #8767944 - Flags: review?(gpascutto)
makes sense :gcp, here is the updated patch. I cancelled the previous try run, here is the one with this patch: https://treeherder.mozilla.org/#/jobs?repo=try&revision=4dbf21fcc023
Attachment #8767944 - Attachment is obsolete: true
Attachment #8767955 - Flags: review?(gpascutto)
Attachment #8767955 - Flags: review?(gpascutto) → review+
https://hg.mozilla.org/mozilla-central/rev/bd4db3e235a4
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox50: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: