glibc 2.32 rseq support incompatible with Firefox sandbox

Carlos O'Donell carlos@redhat.com
Fri Jul 10 03:16:58 GMT 2020


On 7/9/20 2:10 PM, Gian-Carlo Pascutto via Libc-alpha wrote:
> We try to proactively patch these in when we become aware of the need. It's
> also possible to add them via prefs so you don't need a browser rebuild,
> see: https://wiki.mozilla.org/Security/Sandbox#Customization_Settings

Gian-Carlo,

Thanks for this information.

I can confirm that setting 334 (rseq) in security.sandbox.content.syscall_whitelist
is enough to fix the tabs crashing in Firefox in Fedora Rawhide.

However, the OpenH264 video playback in the sandbox is still broken in the most
recent update of glibc that I'm testing in Fedora Rawhide.

Florian,

To test this I did temp Rawhide sync to master (-18) and so somewhere between
commit c6aac3bf3663709cdefde5f5d5e9e875d607be5e and
commit c363f834cfcbf5efa5449ef13f62233a6d5b9422 we break the OpenH264 decoding
(I used a local Fedora Rawhide VM for testing on x86_64).

I see this repeating with MOZ_SANDBOX_LOGGING=1:
Sandbox: policy for /dev/shm/org.mozilla.ipc.4406.: 1 -> 47
... seccomp-bpf program ...
###!!! [Child][MessageChannel::SendAndWait] Error: Channel error: cannot send/recv
Sandbox: EOF from pid 4232

Which I don't see in Rawhide's -17 before I do the update (which includes the
most recent 68 commits).

So something else is still causing problems for the sandbox even with 334 in the
syscall_whitelist.

-- 
Cheers,
Carlos.



More information about the Libc-alpha mailing list