diff options
Diffstat (limited to 'security/sandbox/linux')
| -rw-r--r-- | security/sandbox/linux/SandboxFilter.cpp | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp index 2eec3b27a7..a3b70e7889 100644 --- a/security/sandbox/linux/SandboxFilter.cpp +++ b/security/sandbox/linux/SandboxFilter.cpp @@ -1595,9 +1595,6 @@ class ContentSandboxPolicy : public SandboxPolicyCommon { case __NR_clone: return ClonePolicy(Error(EPERM)); - case __NR_clone3: - return Error(ENOSYS); - # ifdef __NR_fadvise64 case __NR_fadvise64: return Allow(); @@ -1842,20 +1839,24 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon { bool aHasArgs) const override { switch (aCall) { // These are for X11. + // + // FIXME (bug 1884449): X11 is blocked now so we probably don't + // need these, but they're relatively harmless. case SYS_GETSOCKNAME: case SYS_GETPEERNAME: case SYS_SHUTDOWN: return Some(Allow()); -#ifdef MOZ_ENABLE_V4L2 case SYS_SOCKET: // Hardware-accelerated decode uses EGL to manage hardware surfaces. // When initialised it tries to connect to the Wayland server over a // UNIX socket. It still works fine if it can't connect to Wayland, so // don't let it create the socket (but don't kill the process for // trying). + // + // We also see attempts to connect to an X server on desktop + // Linux sometimes (bug 1882598). return Some(Error(EACCES)); -#endif default: return SandboxPolicyCommon::EvaluateSocketCall(aCall, aHasArgs); @@ -1945,6 +1946,10 @@ class RDDSandboxPolicy final : public SandboxPolicyCommon { CASES_FOR_fstatfs: return Allow(); + // nvidia drivers may attempt to spawn nvidia-modprobe + case __NR_clone: + return ClonePolicy(Error(EPERM)); + // Pass through the common policy. default: return SandboxPolicyCommon::EvaluateSyscall(sysno); |