ALSA uses ioctls that alias with tty ioctls and are blocked by sandboxing

RESOLVED FIXED in Firefox 58

Status

()

enhancement
P1
normal
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: jld, Assigned: jld)

Tracking

Trunk
mozilla58
Unspecified
Linux
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox58 fixed)

Details

(crash signature)

Attachments

(1 attachment)

Bug 1405891 blocked ioctls with a type field of 'T' == 0x54, which has traditionally been used for ttys (with a few generic ioctls like FIOCLEX thrown in, sometimes, depending on platform, and sometimes 't' is also used; it's complicated).

But it turns out that ALSA also uses the 'T' space:

#define SNDRV_TIMER_IOCTL_PVERSION     _IOR('T', 0x00, int)

Probably we should just not even try to filter ioctls if MOZ_ALSA is defined, and hope that cubeb remoting eventually makes this problem go away.
Crash Signature: [@ libc-2.26.so@0xed0c7 ] [@ libc-2.26.so@0xed157 ] → [@ libc-2.26.so@0xed0c7 ] [@ libc-2.26.so@0xed157 ] [@ libc-2.23.so@0xe0067 ] [@ libc-2.25.so@0xefbf7 ] [@ libc-2.24.so@0xe0e07 ]
Comment on attachment 8918479 [details]
Bug 1408493 - Don't restrict ioctl() in sandboxed content if ALSA might be used.

https://reviewboard.mozilla.org/r/189330/#review194898
Attachment #8918479 - Flags: review?(gpascutto) → review+
Pushed by jedavis@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/56d157b594af
Don't restrict ioctl() in sandboxed content if ALSA might be used. r=gcp
https://hg.mozilla.org/mozilla-central/rev/56d157b594af
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla58
You need to log in before you can comment on or make changes to this bug.