Closed Bug 943774 Opened 6 years ago Closed 6 years ago

The crash reporter doesn't work on seccomp-enabled non-profiling B2G builds.

Categories

(Core :: Security, defect)

ARM
Gonk (Firefox OS)
defect
Not set

Tracking

()

RESOLVED FIXED
mozilla28

People

(Reporter: jld, Assigned: jld)

References

Details

Attachments

(1 file, 1 obsolete file)

Breakpad calls sigaction in its signal handler; among other uses, it checks that nothing else cleared its SA_SIGINFO flag before proceeding.  If we kill the process at that point, we don't get a crash dump.  We currently allow sigaction on profiling builds and only profiling builds, meaning that production builds don't produce crash dumps when sandboxed, which is bad.

In the exciting future of bug 920372, we'd be able to allow sigaction to be used to read the signal disposition but not change it — however, we'd also have to modify both Breakpad and the IPC code that determines whether an exited child crashed (and maybe more things I'm not thinking of yet) in order to avoid recursive crashes.

In the less exciting present: Allowing a process to change its signal handlers doesn't grant it access to resources it doesn't already have, so it seems to me that allowing it is an acceptable risk (and certainly a much smaller risk than other interfaces we're already allowing with the expectation of restricting them later).
Attachment #8339132 - Flags: review?(gdestuynder)
Fix obvious mistake in preprocessor directives.
Attachment #8339132 - Attachment is obsolete: true
Attachment #8339132 - Flags: review?(gdestuynder)
Attachment #8339181 - Flags: review?(gdestuynder)
Comment on attachment 8339181 [details] [diff] [review]
bug943774-sandbox-allow-sigaction-hg1.diff

Review of attachment 8339181 [details] [diff] [review]:
-----------------------------------------------------------------

yes, sigaction is ok.
Attachment #8339181 - Flags: review?(gdestuynder) → review+
→ b2g-inbound.
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/fdd48523bfbe
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla28
You need to log in before you can comment on or make changes to this bug.