Seccomp sandbox violation: sys_get_mempolicy called in content process of Firefox desktop

RESOLVED FIXED in Firefox 50

Status

()

Core
Security: Process Sandboxing
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: tedd, Assigned: tedd)

Tracking

unspecified
mozilla50
Points:
---

Firefox Tracking Flags

(firefox50 fixed)

Details

(Whiteboard: sblc1, crash signature)

Attachments

(1 attachment)

Updated

2 years ago
Whiteboard: sblc1
Crash Signature: [@ libc-2.23.so@0x100c19 ]
This is used by ffmpeg / libavcodec to decide the thread pool strategy for H264/H265 decoding.

It's harmless but on the other hand it's also pointless attack surface.
(Assignee)

Comment 2

2 years ago
Created attachment 8774437 [details] [diff] [review]
Add sys_get_mempolicy to seccomp whitelist. r=gcp

Try push: https://treeherder.mozilla.org/#/jobs?repo=try&revision=c6f75781c4fc
Assignee: nobody → julian.r.hector
Status: NEW → ASSIGNED
Attachment #8774437 - Flags: review?(gpascutto)
Attachment #8774437 - Flags: review?(gpascutto) → review+
(Assignee)

Comment 3

2 years ago
Try in Comment 2.

Please check-in after Bug 1285770 (to avoid merge conflicts)
Keywords: checkin-needed

Comment 4

2 years ago
Pushed by cbook@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/c941e8a13954
Add sys_get_mempolicy to seccomp whitelist. r=gcp
Keywords: checkin-needed

Comment 5

2 years ago
bugherder
https://hg.mozilla.org/mozilla-central/rev/c941e8a13954
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
status-firefox50: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
You need to log in before you can comment on or make changes to this bug.