Open
Bug 1641401
Opened 4 years ago
Updated 16 days ago
Prune the socket process sandbox policy
Categories
(Core :: Security: Process Sandboxing, enhancement, P5)
Tracking
()
NEW
People
(Reporter: jld, Unassigned)
References
Details
I notice that parts of the socket process seccomp-bpf policy are copied from the content policy and have comments referring to things like OpenGL, fonts, and audio; they can probably be removed. Also, the ioctl policy can probably be changed to default deny — content was made default-allow because of concern about breaking GPU drivers (see bug 1302711), which wouldn't apply — but the socket process may need to allow the SIOC* family (see <linux/sockios.h> and SOCK_IOC_TYPE).
|
||
Updated•4 years ago
|
Priority: -- → P2
|
|
||
Updated•4 years ago
|
Severity: -- → S4
Priority: P2 → P5
|
|
||
Comment 1•16 days ago
|
||
Looks like the socket process does need SENDMMSG:
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Crash reason: SIGSYS / SYS_SECCOMP
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Crash address: 0x0000000000000133
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Crashing instruction: `cmp rax, -0x1000`
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - No memory accessed by instruction
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Process uptime: not available
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO -
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Thread 11 DNS Resolver #3 (crashed)
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - 0 libc.so.6 + 0x123547
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - rax = 0x0000000000000133 rdx = 0x0000000000000002
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - rcx = 0x00007fb3416fd547 rbx = 0x0000000000000006
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - rsi = 0x00007fb32b1cf8a0 rdi = 0x0000000000000006
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - rbp = 0x00007fb32b1cf8a0 rsp = 0x00007fb32b1cf700
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - r8 = 0x0000000000000000 r9 = 0x000000000002d99c
[task 2024-10-02T09:48:42.954Z] 09:48:42 INFO - r10 = 0x0000000000004000 r11 = 0x0000000000000293
[task 2024-10-02T09:48:42.954Z] 09:48:42 INFO - r12 = 0x0000000000000002 r13 = 0x0000000000004000
[task 2024-10-02T09:48:42.954Z] 09:48:42 INFO - r14 = 0x0000000000000000 r15 = 0x0000000000000000
|
||
Comment 2•16 days ago
|
||
(In reply to Gian-Carlo Pascutto [:gcp] from comment #1)
Looks like the socket process does need SENDMMSG:
[task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Crash reason: SIGSYS / SYS_SECCOMP [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Crash address: 0x0000000000000133 [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Crashing instruction: `cmp rax, -0x1000` [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - No memory accessed by instruction [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Process uptime: not available [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - Thread 11 DNS Resolver #3 (crashed) [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - 0 libc.so.6 + 0x123547 [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - rax = 0x0000000000000133 rdx = 0x0000000000000002 [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - rcx = 0x00007fb3416fd547 rbx = 0x0000000000000006 [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - rsi = 0x00007fb32b1cf8a0 rdi = 0x0000000000000006 [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - rbp = 0x00007fb32b1cf8a0 rsp = 0x00007fb32b1cf700 [task 2024-10-02T09:48:42.953Z] 09:48:42 INFO - r8 = 0x0000000000000000 r9 = 0x000000000002d99c [task 2024-10-02T09:48:42.954Z] 09:48:42 INFO - r10 = 0x0000000000004000 r11 = 0x0000000000000293 [task 2024-10-02T09:48:42.954Z] 09:48:42 INFO - r12 = 0x0000000000000002 r13 = 0x0000000000004000 [task 2024-10-02T09:48:42.954Z] 09:48:42 INFO - r14 = 0x0000000000000000 r15 = 0x0000000000000000
and recvmmsg on android: https://bugzilla.mozilla.org/show_bug.cgi?id=1912626
You need to log in
before you can comment on or make changes to this bug.
Description
•