Closed Bug 971635 Opened 10 years ago Closed 10 years ago

[seccomp] Seccomp violation when taking a photo on Buri

Categories

(Firefox OS Graveyard :: General, defect)

x86
macOS
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 971514

People

(Reporter: pauljt, Unassigned)

References

Details

After applying the patch for 970676, I get the camera app crashes when I take a photo. Logcat output looks like:

E/mm-camera(  157): out2CbCrImageHeight = 160
E/mm-camera(  157): out2CbCrImageWidthIn64BitWords = 60
E/mm-camera(  157): out2CbCrBurstLen = 1
E/mm-camera(  157): out2CbCrNumRows = 160
E/mm-camera(  157): out2CbCrRowIncIn64bitIncs = 60
E/mm-camera(  157): axi_config AXI Configuration success 
E/mm-camera(  157): config_MSG_ID_RESET_ACK: 3375
E/mm-camera(  157): config_MSG_ID_RESET_ACK: 3405
E/Sandbox ( 1107): seccomp sandbox violation: pid 1107, syscall 251, args 12 3 3 1139358312 12 1139358312.  Killing process.
I/Gecko   (  645): [Parent 645] WARNING: pipe error (115): Connection reset by peer: file /Volumes/b2gdisk.dmg/B2G/gecko/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 445
I/Gecko   (  645): 
I/Gecko   (  645): ###!!! [Parent][MessageChannel] Error: Channel error: cannot send/recv
I/Gecko   (  645): 

I am using a debug build, built a couple hours ago.
Syscall 251 seems to be __NR_epoll_ctl

Searching through moz-central, Nuwa.cpp uses this:

1222 extern "C" MFBT_API int
1223 __wrap_epoll_ctl(int aEpollFd, int aOp, int aFd, struct epoll_event *aEvent) {
1224   int rv = REAL(epoll_ctl)(aEpollFd, aOp, aFd, aEvent);
1225 
1226   if (!sIsNuwaProcess || rv == -1) {
1227     return rv;
1228   }

There are other uses, but the camera was working yesterday, so maybe this is the culprit.
Seccomp filter does not whitelist epoll_ctl. I allows epoll_wait though:

http://mxr.mozilla.org/mozilla-central/source/security/sandbox/linux/seccomp_filter.h#120
I try building the same version of gecko but without applying jld's patch (see bug 970676), and I don't get any crash.
Sorry; I ran into this myself and analyzed it but forgot to update the patch.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.