Closed Bug 974230 Opened 11 years ago Closed 11 years ago

seccomp: deny socket() instead of crashing, for SCTP (bug 969715) and NSPR (bug 936230)

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla30

People

(Reporter: jld, Assigned: jld)

References

Details

Attachments

(1 file, 2 obsolete files)

bug974230-seccomp-workaround-socket-hg2.diff
(deleted), patch
jld
: review+
Details | Diff | Splinter Review
+++ This bug was initially created as a clone of Bug #969715 +++
Attached patch bug974230-seccomp-workaround-socket-hg0.diff (obsolete) (deleted) — Splinter Review
Attachment #8378026 - Flags: review?(gdestuynder)
Attached patch bug974230-seccomp-workaround-socket-hg1.diff (obsolete) (deleted) — Splinter Review
Slight fixup: We don't actually need <sys/socket.h>; that's left over from when I was testing conditionals on the socket domain.
Attachment #8378026 - Attachment is obsolete: true
Attachment #8378026 - Flags: review?(gdestuynder)
Attachment #8378029 - Flags: review?(gdestuynder)
A thought: this change is also a workaround for bug 946320 and allows a fix for bug 971152 (by backing out the current workaround for 946320). It's also a workaround that doesn't really harm our security, because the system call is still prevented.
Comment on attachment 8378029 [details] [diff] [review] bug974230-seccomp-workaround-socket-hg1.diff Review of attachment 8378029 [details] [diff] [review]: ----------------------------------------------------------------- ::: security/sandbox/linux/linux_seccomp.h @@ +244,5 @@ > #define DENY_SYSCALL(name) \ > BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_##name, 0, 1), \ > BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL) > > +#define FAIL_SYSCALL(name, err) \ maybe we could call it DENY_SYSCALL and the upper (l244) DENY_KILL_SYSCALL just for clarity
Attachment #8378029 - Flags: review?(gdestuynder) → review+
Adjusted names as suggested. Also removed comments making this specific to bug 969715. Carrying over r=kang.
Attachment #8378029 - Attachment is obsolete: true
Attachment #8378678 - Flags: review+
Summary: seccomp: deny socket() instead of crashing to placate WebRTC SCTP code (bug 969715) → seccomp: deny socket() instead of crashing, for SCTP (bug 969715) and NSPR (bug 936230)
https://hg.mozilla.org/mozilla-central/rev/f75f99b377ee
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla30
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: