Closed Bug 1285293 Opened 7 years ago Closed 7 years ago

Seccomp sandbox violation: sys_fstatfs called in content process of Firefox desktop

Categories

(Core :: Security: Process Sandboxing, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla50
Tracking Status
firefox50 --- fixed

People

(Reporter: tedd, Assigned: tedd)

References

Details

Crash Data

Attachments

(1 file)

Crash report https://crash-stats.mozilla.com/report/index/cb319ce5-785b-4b31-874b-352dc2160707

shows that sys_fstatfs is called in the content process on x86_64.
statfs is fairly innocent in that the most useful thing it returns is the free space on the disk. But why oh why does fontconfig need to know that?
For some reason libfontconfig really Needs To Know.

Review commit: https://reviewboard.mozilla.org/r/63252/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/63252/
Attachment #8769279 - Flags: review?(julian.r.hector)
https://reviewboard.mozilla.org/r/63252/#review60196

See comment.

::: security/sandbox/linux/SandboxFilter.cpp:522
(Diff revision 1)
>      case __NR_quotactl:
>      case __NR_utimes:
>      case __NR_unlink:
>      case __NR_fchown:
>      case __NR_fchmod:
> +    case __NR_fstatfs:

There is fstatfs and fstatfs64, fstatfs should be defined on all architectures (x86, x86_64, arm, arm64), and fstatfs64 is defined on all but x86_64.

I think we should define a CASE_FOR_fstatfs similar to this: https://dxr.mozilla.org/mozilla-central/source/security/sandbox/linux/SandboxFilterUtil.h#94
Comment on attachment 8769279 [details]
1285293 - Add fstatfs to seccomp-bpf whitelist.

https://reviewboard.mozilla.org/r/63252/#review60200
Attachment #8769279 - Flags: review?(julian.r.hector) → review-
Comment on attachment 8769279 [details]
1285293 - Add fstatfs to seccomp-bpf whitelist.

Review request updated; see interdiff: https://reviewboard.mozilla.org/r/63252/diff/1-2/
Attachment #8769279 - Attachment description: Bug 1285293 - Add fstatfs to seccomp-bpf whitelist. → 1285293 - Add fstatfs to seccomp-bpf whitelist.
Attachment #8769279 - Flags: review- → review?(julian.r.hector)
Comment on attachment 8769279 [details]
1285293 - Add fstatfs to seccomp-bpf whitelist.

https://reviewboard.mozilla.org/r/63252/#review60280

lgtm
Attachment #8769279 - Flags: review?(julian.r.hector) → review+
https://hg.mozilla.org/mozilla-central/rev/e82b92329a05
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
Crash Signature: [@ libc-2.23.so@0xda2c7 ] [@ libc-2.23.so@0xf6567 ] [@ libc-2.22.so@0xdb907 ] [@ libc-2.19.so@0xdb987 ] [@ libc-2.23.so@0xf2b27 ] [@ libc-2.23.so@0xdb617 ]
You need to log in before you can comment on or make changes to this bug.