Closed Bug 1502228 Opened 6 years ago Closed 6 years ago

[Mac] With sandbox early startup enabled, some form elements are not rendered

Categories

(Core :: Security: Process Sandboxing, defect, P1)

Product:
Core
Component:
Security: Process Sandboxing
Version:
65 Branch
Platform:
Unspecified
macOS
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla65
Tracking Flags:
Tracking Status
firefox65 --- fixed

People

(Reporter: haik, Assigned: haik)

References

Details

Attachments

(1 file)

Bug 1502228 - [Mac] With sandbox early startup enabled, some form elements are not rendered r?Alex_Gaynor
46 bytes, text/x-phabricator-request
Details | Review 
With security.sandbox.content.mac.earlyinit=true (introduced with bug 1431441), some form elements are not rendered and OpenCL errors are printed on the CLI console. See bug 1498869 where this was first reported when security.sandbox.content.mac.earlyinit was set to true by default on Nightly.

This problem appears to be caused by content processes not being able to access their associated shader cache directory. For example,

  /var/folders/hf/.../C/org.mozilla.plugincontainer/com.apple.metal

Code in macOS Metal library calls confstr(3) to get the path to the cache dir which contains the shader cache. With early startup, the calls to confstr() fail. Adding access to the service "com.apple.system.opendirectoryd.membership" allows the confstr() call to work.

We need to allow access to "com.apple.system.opendirectoryd.membership" and the directories needed by the shader cache in order to draw UI elements.
Assignee: nobody → haftandilian
Priority: -- → P1
I can only reproduce the rendering issue on 10.14 after also testing on 10.11 and 10.13. After some more debugging, I found that allowing read-metadata access to (subpath "/private/var") avoids the UI rendering issue. It doesn't prevent confstr() failures or failures to access the shader cache (see bug 1499487), but those don't appear to cause problems. Using dtruss and opensnoop, I haven't found stacks for code trying to stat files in /private/var so I don't know exactly which library is dependent on the read-metadata, but I suspect it is the Metal/graphics due to the OpenCL error output. This could be related to deprecation of OpenGL and OpenCL in favor of Metal in 10.14. Will post patches allowing read-metadata for the /var symlink and /private/var.
See Also: → 1499487
Add the /private/var directory to the list of file-read-metadata paths to avoid rendering issues on macOS 10.14 when sandbox early startup is enabled.
I tried adding file-read-metadata to a more restricted path within /private/var, but anything more restrictive such as (subpath "/private/var/folders") triggered the rendering problem.
Pushed by haftandilian@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/fdeb43b7bc65
[Mac] With sandbox early startup enabled, some form elements are not rendered r=Alex_Gaynor
Blocks: 1501126
https://hg.mozilla.org/mozilla-central/rev/fdeb43b7bc65
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox65: affectedfixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla65
Blocks: 1505573
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: