1 files changed, 90 insertions, 0 deletions
diff --git a/D146273.diff b/D146273.diff
new file mode 100644
index 0000000..0d838e2
--- /dev/null
+++ b/D146273.diff
@@ -0,0 +1,90 @@
+diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
+--- a/security/sandbox/linux/SandboxFilter.cpp
++++ b/security/sandbox/linux/SandboxFilter.cpp
+@@ -699,10 +699,18 @@
+   Maybe<ResultExpr> EvaluateSocketCall(int aCall,
+                                        bool aHasArgs) const override {
+     switch (aCall) {
+       case SYS_RECVMSG:
+       case SYS_SENDMSG:
++        // These next four aren't needed for IPC or other core
++        // functionality at the time of this writing, but they're
++        // subsets of recvmsg/sendmsg so there's nothing gained by not
++        // allowing them here (and simplifying subclasses).
++      case SYS_RECVFROM:
++      case SYS_SENDTO:
++      case SYS_RECV:
++      case SYS_SEND:
+         return Some(Allow());
+ 
+       case SYS_SOCKETPAIR: {
+         // We try to allow "safe" (always connected) socketpairs when using the
+         // file broker, or for content processes, but we may need to fall back
+@@ -1253,12 +1261,10 @@
+   ~ContentSandboxPolicy() override = default;
+ 
+   Maybe<ResultExpr> EvaluateSocketCall(int aCall,
+                                        bool aHasArgs) const override {
+     switch (aCall) {
+-      case SYS_RECVFROM:
+-      case SYS_SENDTO:
+       case SYS_SENDMMSG:  // libresolv via libasyncns; see bug 1355274
+         return Some(Allow());
+ 
+ #ifdef ANDROID
+       case SYS_SOCKET:
+@@ -1268,18 +1274,21 @@
+       case SYS_CONNECT:
+         if (BelowLevel(4)) {
+           return Some(Allow());
+         }
+         return SandboxPolicyCommon::EvaluateSocketCall(aCall, aHasArgs);
+-      case SYS_RECV:
+-      case SYS_SEND:
++
++        // FIXME (bug 1761134): sockopts should be filtered
+       case SYS_GETSOCKOPT:
+       case SYS_SETSOCKOPT:
++        // These next 3 were needed for X11; they may not be needed
++        // with X11 lockdown, but there's not much attack surface here.
+       case SYS_GETSOCKNAME:
+       case SYS_GETPEERNAME:
+       case SYS_SHUTDOWN:
+         return Some(Allow());
++
+       case SYS_ACCEPT:
+       case SYS_ACCEPT4:
+         if (mUsingRenderDoc) {
+           return Some(Allow());
+         }
+@@ -1908,26 +1917,19 @@
+   }
+ 
+   Maybe<ResultExpr> EvaluateSocketCall(int aCall,
+                                        bool aHasArgs) const override {
+     switch (aCall) {
++      case SYS_SOCKET:
++      case SYS_CONNECT:
+       case SYS_BIND:
+         return Some(Allow());
+ 
+-      case SYS_SOCKET:
+-        return Some(Allow());
+-
+-      case SYS_CONNECT:
+-        return Some(Allow());
+-
+-      case SYS_RECVFROM:
+-      case SYS_SENDTO:
++        // FIXME(bug 1641401) do we really need this?
+       case SYS_SENDMMSG:
+         return Some(Allow());
+ 
+-      case SYS_RECV:
+-      case SYS_SEND:
+       case SYS_GETSOCKOPT:
+       case SYS_SETSOCKOPT:
+       case SYS_GETSOCKNAME:
+       case SYS_GETPEERNAME:
+       case SYS_SHUTDOWN:
+