From fc1bf47cd86638b08e03b90b60b0bc80dd1d6c28 Mon Sep 17 00:00:00 2001 From: Martin Stransky Date: Thu, 9 Jun 2022 11:14:27 +0200 Subject: Updated to 101.0.1, More VA-API sandbox fixes (mzbz#1769182) --- D146271.diff | 94 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 D146271.diff (limited to 'D146271.diff') diff --git a/D146271.diff b/D146271.diff new file mode 100644 index 0000000..fd2e0b0 --- /dev/null +++ b/D146271.diff @@ -0,0 +1,94 @@ +diff -up firefox-101.0/security/sandbox/linux/SandboxFilter.cpp.D146271.diff firefox-101.0/security/sandbox/linux/SandboxFilter.cpp +--- firefox-101.0/security/sandbox/linux/SandboxFilter.cpp.D146271.diff 2022-05-27 01:16:59.000000000 +0200 ++++ firefox-101.0/security/sandbox/linux/SandboxFilter.cpp 2022-06-09 09:59:35.569235176 +0200 +@@ -125,28 +125,12 @@ namespace mozilla { + // denied if no broker client is provided by the concrete class. + class SandboxPolicyCommon : public SandboxPolicyBase { + protected: +- enum class ShmemUsage : uint8_t { +- MAY_CREATE, +- ONLY_USE, +- }; +- +- enum class AllowUnsafeSocketPair : uint8_t { +- NO, +- YES, +- }; +- ++ // Subclasses can assign these in their constructors to loosen the ++ // default settings. + SandboxBrokerClient* mBroker = nullptr; + bool mMayCreateShmem = false; + bool mAllowUnsafeSocketPair = false; + +- explicit SandboxPolicyCommon(SandboxBrokerClient* aBroker, +- ShmemUsage aShmemUsage, +- AllowUnsafeSocketPair aAllowUnsafeSocketPair) +- : mBroker(aBroker), +- mMayCreateShmem(aShmemUsage == ShmemUsage::MAY_CREATE), +- mAllowUnsafeSocketPair(aAllowUnsafeSocketPair == +- AllowUnsafeSocketPair::YES) {} +- + SandboxPolicyCommon() = default; + + typedef const sandbox::arch_seccomp_data& ArgsRef; +@@ -1228,11 +1212,13 @@ class ContentSandboxPolicy : public Sand + public: + ContentSandboxPolicy(SandboxBrokerClient* aBroker, + ContentProcessSandboxParams&& aParams) +- : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE, +- AllowUnsafeSocketPair::YES), +- mParams(std::move(aParams)), ++ : mParams(std::move(aParams)), + mAllowSysV(PR_GetEnv("MOZ_SANDBOX_ALLOW_SYSV") != nullptr), +- mUsingRenderDoc(PR_GetEnv("RENDERDOC_CAPTUREOPTS") != nullptr) {} ++ mUsingRenderDoc(PR_GetEnv("RENDERDOC_CAPTUREOPTS") != nullptr) { ++ mBroker = aBroker; ++ mMayCreateShmem = true; ++ mAllowUnsafeSocketPair = true; ++ } + + ~ContentSandboxPolicy() override = default; + +@@ -1762,9 +1748,10 @@ UniquePtr GetM + // segments, so it may need file brokering. + class RDDSandboxPolicy final : public SandboxPolicyCommon { + public: +- explicit RDDSandboxPolicy(SandboxBrokerClient* aBroker) +- : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE, +- AllowUnsafeSocketPair::NO) {} ++ explicit RDDSandboxPolicy(SandboxBrokerClient* aBroker) { ++ mBroker = aBroker; ++ mMayCreateShmem = true; ++ } + + #ifndef ANDROID + Maybe EvaluateIpcCall(int aCall, int aArgShift) const override { +@@ -1875,9 +1862,10 @@ UniquePtr GetD + // the SocketProcess sandbox looks like. + class SocketProcessSandboxPolicy final : public SandboxPolicyCommon { + public: +- explicit SocketProcessSandboxPolicy(SandboxBrokerClient* aBroker) +- : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE, +- AllowUnsafeSocketPair::NO) {} ++ explicit SocketProcessSandboxPolicy(SandboxBrokerClient* aBroker) { ++ mBroker = aBroker; ++ mMayCreateShmem = true; ++ } + + static intptr_t FcntlTrap(const sandbox::arch_seccomp_data& aArgs, + void* aux) { +@@ -2013,9 +2001,10 @@ UniquePtr GetS + + class UtilitySandboxPolicy : public SandboxPolicyCommon { + public: +- explicit UtilitySandboxPolicy(SandboxBrokerClient* aBroker) +- : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE, +- AllowUnsafeSocketPair::NO) {} ++ explicit UtilitySandboxPolicy(SandboxBrokerClient* aBroker) { ++ mBroker = aBroker; ++ mMayCreateShmem = true; ++ } + + ResultExpr PrctlPolicy() const override { + Arg op(0); -- cgit