libgio somtimes(?) uses FIONREAD, which is blocked by sandboxing

RESOLVED FIXED in Firefox 58

Status

()

enhancement
P1
normal
RESOLVED FIXED
2 years ago
11 months ago

People

(Reporter: jld, Assigned: jld)

Tracking

Trunk
mozilla58
Unspecified
Linux
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox58 fixed)

Details

(crash signature)

Attachments

(1 attachment)

We're seeing uses of the ioctl FIONREAD, which was blocked along with the rest of the tty and generic ioctls in bug 1405891, apparently from libgio (part of glib).  I'm not entirely sure why, but one of the uses in the glibc source involves inotify, so if we can't find out the root cause we may want to revisit this after bug 1408497.

FIONREAD seems relatively harmless, so we could just allow it.
Crash Signature: [@ libc-2.19.so@0xf11e7 ] [@ libc-2.19.so@0xe11c7 ] [@ libc-2.19.so@0xf4e67 ] → [@ libc-2.19.so@0xf11e7 ] [@ libc-2.19.so@0xe11c7 ] [@ libc-2.19.so@0xf4e67 ] [@ libc-2.20.so@0xed557 ]
Yes, it's inotify.  From bp-757f5e48-d892-4a1c-9d5a-7359d0171013:

$ addr2line -Cfie /usr/lib/debug/.build-id/ad/d7fa14e4cf429a1e3708e18efe45f1bab31047.debug 0xf36d9
ik_source_check
/build/buildd/glib2.0-2.40.2/./gio/inotify/inotify-kernel.c:123
Comment on attachment 8918478 [details]
Bug 1408498 - Allow FIONREAD in sandboxed content processes, for libgio.

https://reviewboard.mozilla.org/r/189326/#review194896
Attachment #8918478 - Flags: review?(gpascutto) → review+
Pushed by jedavis@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/17d6725388ef
Allow FIONREAD in sandboxed content processes, for libgio. r=gcp
https://hg.mozilla.org/mozilla-central/rev/17d6725388ef
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla58
Assignee: nobody → jld
You need to log in before you can comment on or make changes to this bug.