Closed Bug 1715461 Opened 3 years ago Closed 3 years ago

Linux/ARM64 syscall list re-generation

Categories

(Core :: Security: Process Sandboxing, enhancement)

Product:
Core
Component:
Security: Process Sandboxing
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
91 Branch
Tracking Flags:
Tracking Status
firefox91 --- fixed

People

(Reporter: gerard-majax, Assigned: gerard-majax)

References

Details

Attachments

(1 file)

Bug 1715461 - Improve ARM64 syscall generation r?gcp
48 bytes, text/x-phabricator-request
Details | Review

In bug 1714459 we re-generated the list, but its processing might have been too naive.

(In reply to Alexandre LISSY :gerard-majax from comment #0)

In bug 1714459 we re-generated the list, but its processing might have been too naive.

Specifically, looking at diff git diff 6d3944f0e0d8716183f173b6aecf1ba1fc2e298a..bookmarks/central security/sandbox/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h:

@@ -323,8 +329,8 @@
 #define __NR_readlinkat 78
 #endif

-#if !defined(__NR_newfstatat)
-#define __NR_newfstatat 79
+#if !defined(__NR_fstatat)
+#define __NR_fstatat 79
 #endif

 #if !defined(__NR_fstat)
@@ -343,6 +349,10 @@

This might trigger https://searchfox.org/mozilla-central/rev/79d73b4aff88dd4a0f06dd3789e1148c49b0de60/security/sandbox/linux/broker/SandboxBrokerUtils.h#29

Now, the diff generated by git diff 6d3944f0e0d8716183f173b6aecf1ba1fc2e298a.. security/sandbox/chromium/sandbox/linux/system_headers/arm64_linux_syscalls.h looks like:

@@ -11,6 +18,10 @@
 #define __NR_io_setup 0
 #endif

+#if !defined(__NR_newfstatat)
+#define __NR_newfstatat __NR_fstatat
+#endif
+
 #if !defined(__NR_io_destroy)
 #define __NR_io_destroy 1
 #endif
@@ -323,8 +334,8 @@
 #define __NR_readlinkat 78
 #endif

-#if !defined(__NR_newfstatat)
-#define __NR_newfstatat 79
+#if !defined(__NR_fstatat)
+#define __NR_fstatat 79
 #endif

 #if !defined(__NR_fstat)
@@ -983,6 +994,10 @@

It also makes sure we don't include wrong syscalls like we did, e.g., with __NR_clock_gettime64 and others because of __BITS_PER_LONG which is supposed to be defined at 64 by https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/arch/arm64/include/uapi/asm/bitsperlong.h?h=v5.8#n20

try to make sure we don't break on aarch64 (already verified locally): https://treeherder.mozilla.org/jobs?repo=try&revision=d1d6cddf2daa5feaad102d62f366727b7f196bf0

Pushed by alissy@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/6db320536cbc
Improve ARM64 syscall generation r=gcp

https://hg.mozilla.org/mozilla-central/rev/6db320536cbc

Status: NEW → RESOLVED
Closed: 3 years ago
status-firefox91: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 91 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: