95 lines
3.7 KiB
Diff
95 lines
3.7 KiB
Diff
|
diff -up firefox-101.0/security/sandbox/linux/SandboxFilter.cpp.D146271.diff firefox-101.0/security/sandbox/linux/SandboxFilter.cpp
|
||
|
--- firefox-101.0/security/sandbox/linux/SandboxFilter.cpp.D146271.diff 2022-05-27 01:16:59.000000000 +0200
|
||
|
+++ firefox-101.0/security/sandbox/linux/SandboxFilter.cpp 2022-06-09 09:59:35.569235176 +0200
|
||
|
@@ -125,28 +125,12 @@ namespace mozilla {
|
||
|
// denied if no broker client is provided by the concrete class.
|
||
|
class SandboxPolicyCommon : public SandboxPolicyBase {
|
||
|
protected:
|
||
|
- enum class ShmemUsage : uint8_t {
|
||
|
- MAY_CREATE,
|
||
|
- ONLY_USE,
|
||
|
- };
|
||
|
-
|
||
|
- enum class AllowUnsafeSocketPair : uint8_t {
|
||
|
- NO,
|
||
|
- YES,
|
||
|
- };
|
||
|
-
|
||
|
+ // Subclasses can assign these in their constructors to loosen the
|
||
|
+ // default settings.
|
||
|
SandboxBrokerClient* mBroker = nullptr;
|
||
|
bool mMayCreateShmem = false;
|
||
|
bool mAllowUnsafeSocketPair = false;
|
||
|
|
||
|
- explicit SandboxPolicyCommon(SandboxBrokerClient* aBroker,
|
||
|
- ShmemUsage aShmemUsage,
|
||
|
- AllowUnsafeSocketPair aAllowUnsafeSocketPair)
|
||
|
- : mBroker(aBroker),
|
||
|
- mMayCreateShmem(aShmemUsage == ShmemUsage::MAY_CREATE),
|
||
|
- mAllowUnsafeSocketPair(aAllowUnsafeSocketPair ==
|
||
|
- AllowUnsafeSocketPair::YES) {}
|
||
|
-
|
||
|
SandboxPolicyCommon() = default;
|
||
|
|
||
|
typedef const sandbox::arch_seccomp_data& ArgsRef;
|
||
|
@@ -1228,11 +1212,13 @@ class ContentSandboxPolicy : public Sand
|
||
|
public:
|
||
|
ContentSandboxPolicy(SandboxBrokerClient* aBroker,
|
||
|
ContentProcessSandboxParams&& aParams)
|
||
|
- : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE,
|
||
|
- AllowUnsafeSocketPair::YES),
|
||
|
- mParams(std::move(aParams)),
|
||
|
+ : mParams(std::move(aParams)),
|
||
|
mAllowSysV(PR_GetEnv("MOZ_SANDBOX_ALLOW_SYSV") != nullptr),
|
||
|
- mUsingRenderDoc(PR_GetEnv("RENDERDOC_CAPTUREOPTS") != nullptr) {}
|
||
|
+ mUsingRenderDoc(PR_GetEnv("RENDERDOC_CAPTUREOPTS") != nullptr) {
|
||
|
+ mBroker = aBroker;
|
||
|
+ mMayCreateShmem = true;
|
||
|
+ mAllowUnsafeSocketPair = true;
|
||
|
+ }
|
||
|
|
||
|
~ContentSandboxPolicy() override = default;
|
||
|
|
||
|
@@ -1762,9 +1748,10 @@ UniquePtr<sandbox::bpf_dsl::Policy> GetM
|
||
|
// segments, so it may need file brokering.
|
||
|
class RDDSandboxPolicy final : public SandboxPolicyCommon {
|
||
|
public:
|
||
|
- explicit RDDSandboxPolicy(SandboxBrokerClient* aBroker)
|
||
|
- : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE,
|
||
|
- AllowUnsafeSocketPair::NO) {}
|
||
|
+ explicit RDDSandboxPolicy(SandboxBrokerClient* aBroker) {
|
||
|
+ mBroker = aBroker;
|
||
|
+ mMayCreateShmem = true;
|
||
|
+ }
|
||
|
|
||
|
#ifndef ANDROID
|
||
|
Maybe<ResultExpr> EvaluateIpcCall(int aCall, int aArgShift) const override {
|
||
|
@@ -1875,9 +1862,10 @@ UniquePtr<sandbox::bpf_dsl::Policy> GetD
|
||
|
// the SocketProcess sandbox looks like.
|
||
|
class SocketProcessSandboxPolicy final : public SandboxPolicyCommon {
|
||
|
public:
|
||
|
- explicit SocketProcessSandboxPolicy(SandboxBrokerClient* aBroker)
|
||
|
- : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE,
|
||
|
- AllowUnsafeSocketPair::NO) {}
|
||
|
+ explicit SocketProcessSandboxPolicy(SandboxBrokerClient* aBroker) {
|
||
|
+ mBroker = aBroker;
|
||
|
+ mMayCreateShmem = true;
|
||
|
+ }
|
||
|
|
||
|
static intptr_t FcntlTrap(const sandbox::arch_seccomp_data& aArgs,
|
||
|
void* aux) {
|
||
|
@@ -2013,9 +2001,10 @@ UniquePtr<sandbox::bpf_dsl::Policy> GetS
|
||
|
|
||
|
class UtilitySandboxPolicy : public SandboxPolicyCommon {
|
||
|
public:
|
||
|
- explicit UtilitySandboxPolicy(SandboxBrokerClient* aBroker)
|
||
|
- : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE,
|
||
|
- AllowUnsafeSocketPair::NO) {}
|
||
|
+ explicit UtilitySandboxPolicy(SandboxBrokerClient* aBroker) {
|
||
|
+ mBroker = aBroker;
|
||
|
+ mMayCreateShmem = true;
|
||
|
+ }
|
||
|
|
||
|
ResultExpr PrctlPolicy() const override {
|
||
|
Arg<int> op(0);
|