In gfx/skia/trunk/src/core/SkUtilsArm.cpp, the function sk_cpu_arm_check_neon opens "/cpu/procinfo". It also calls android_getCpuFeatures performing the same kind of action on Android. It looks like it is yet another external library we can't modify to manually remote open calls (cf gfx/skia/README_MOZILLA).

Move process sandboxing bugs to their new, separate component. (Sorry for the bugspam; filter on 3c21328c-8cfb-4819-9d88-f6e965067350.)

With recent Skia updates, we have modified Skia to use our own mozilla::supports_neon() call instead of using Skia's own checking. This theoretically should resolve this problems on Android builds. Does it look okay now?

Julian, could you have a look? I looked quickly at the code, but I'm behind regarding the last changes in the sandbox. Please forward if you know a better person. Thx!

Sure I can take a look, but how can it violate seccomp. Unless it is the b2g emulator, all the other platforms either don't have seccomp enabled or sys_open() is whitelisted. Where did you encounter this?

This is one of the B2G “reduce filesystem whitelist” bugs — it's an issue that's not breaking things currently, but it would block removing a whitelist entry. Rewording the summaries for this kind of bug might make that clearer.

Ok thanks :jld, I think this is not an issue right now, and we probably have to handle sys_open slightly different on desktop.

B2G-specific sandboxing bugs are WONTFIX. (I'm reasonably sure these bugs don't have implications for other platforms, but comment if I missed something.)