1430274 - ALSA sound (still or again?) not working in Firefox 58 due to sandboxing

Status: RESOLVED FIXED

(Core :: Security: Process Sandboxing, defect, P2)

Description

[Harald van Dijk]

Attachment: alsa.patch

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0
Build ID: 20180108204807

Steps to reproduce:

Build Firefox 58.0b15 with --enable-alsa. Launch it and attempt to play some audio file.


Actual results:

Nothing happens. There is no sound.


Expected results:

There should be sound.

Running Firefox under strace shows this looks like bug #1408493:

[pid 11469] --- SIGSYS {si_signo=SIGSYS, si_code=SYS_SECCOMP, si_errno=EPERM, si_call_addr=0x7f32b80bd7f7, si_syscall=__NR_ioctl, si_arch=AUDIT_ARCH_X86_64} ---

The fix for that bug is part of the Firefox 58.0b15 sources, but it appears to have no effect because it is conditional on a MOZ_ALSA macro, which is never defined for this particular source file. It's defined in security/sandbox/linux/broker/moz.build, but this particular source file is instead pulled in by security/sandbox/linux/moz.build. After defining the macro there as well, sound does work.

Comment 1

[lemonnier.k]

Same problem here, I built it from the gentoo overlay this afternoon.
To add to the report, here is the output in console when firefox tries to play sound :

Sandbox: seccomp sandbox violation: pid 31952, tid 32177, syscall 16, args 40 2147767296 139911738197304 0 0 0.
Sandbox: seccomp sandbox violation: pid 31952, tid 32177, syscall 16, args 40 2147767296 139911738197320 0 0 0.
[Child 31952, MediaPlayback #1] WARNING: 7f3fc89c2f40 OpenCubeb() failed to init cubeb: file /var/tmp/portage/www-client/firefox-58.0_beta15/work/firefox-58.0b15/dom/media/AudioStream.cpp, line 387
[Child 31952, MediaPlayback #2] WARNING: Decoder=7f3fc74cd800 [OnMediaSinkAudioError]: file /var/tmp/portage/www-client/firefox-58.0_beta15/work/firefox-58.0b15/dom/media/MediaDecoderStateMachine.cpp, line 3642

Looks like there is indeed a sandbox problem. I can't try with pulseaudio though, no idea if that's limited only to alsa or not.

Comment 2

[lemonnier.k]

Beta 16 with Harald van Dijk's patch works fine.

Comment 3

[Jed Davis [:jld] ⟨⏰|UTC-7⟩ ⟦he/him⟧]

I noticed this when I was looking at audio-related sandboxing rules last night.  I think we missed this at first because bug 1407487 enabled audio remoting on Nightly at around the same time, so it wouldn't have been observable until 58 became beta (where audio remoting isn't enabled because it still had some open bugs).

Harald, can you attach the patch in Mercurial format? [1]  Or you can just write a commit message and I can reformat it.

[1] https://developer.mozilla.org/en-US/docs/Mercurial/Using_Mercurial#How_can_I_generate_a_patch_for_somebody_else_to_check-in_for_me.3F

Comment 4

[Harald van Dijk]

Attachment: alsa.patch

(In reply to Jed Davis [:jld] (⏰UTC-7) from comment #3)
> Harald, can you attach the patch in Mercurial format?

Sure, followed the instructions there for git format-patch followed by git-patch-to-hg-patch, is it okay like this?

Comment 5

[Pulsebot]

Pushed by jedavis@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/b2a41379cc75
Define MOZ_ALSA for more source files. r=jld

Comment 6

[Noemi Erli[:noemi_erli]]

https://hg.mozilla.org/mozilla-central/rev/b2a41379cc75