path: root/D146271.diff

diff -up firefox-101.0/security/sandbox/linux/SandboxFilter.cpp.D146271.diff firefox-101.0/security/sandbox/linux/SandboxFilter.cpp
--- firefox-101.0/security/sandbox/linux/SandboxFilter.cpp.D146271.diff	2022-05-27 01:16:59.000000000 +0200
+++ firefox-101.0/security/sandbox/linux/SandboxFilter.cpp	2022-06-09 09:59:35.569235176 +0200
@@ -125,28 +125,12 @@ namespace mozilla {
 // denied if no broker client is provided by the concrete class.
 class SandboxPolicyCommon : public SandboxPolicyBase {
  protected:
-  enum class ShmemUsage : uint8_t {
-    MAY_CREATE,
-    ONLY_USE,
-  };
-
-  enum class AllowUnsafeSocketPair : uint8_t {
-    NO,
-    YES,
-  };
-
+  // Subclasses can assign these in their constructors to loosen the
+  // default settings.
   SandboxBrokerClient* mBroker = nullptr;
   bool mMayCreateShmem = false;
   bool mAllowUnsafeSocketPair = false;
 
-  explicit SandboxPolicyCommon(SandboxBrokerClient* aBroker,
-                               ShmemUsage aShmemUsage,
-                               AllowUnsafeSocketPair aAllowUnsafeSocketPair)
-      : mBroker(aBroker),
-        mMayCreateShmem(aShmemUsage == ShmemUsage::MAY_CREATE),
-        mAllowUnsafeSocketPair(aAllowUnsafeSocketPair ==
-                               AllowUnsafeSocketPair::YES) {}
-
   SandboxPolicyCommon() = default;
 
   typedef const sandbox::arch_seccomp_data& ArgsRef;
@@ -1228,11 +1212,13 @@ class ContentSandboxPolicy : public Sand
  public:
   ContentSandboxPolicy(SandboxBrokerClient* aBroker,
                        ContentProcessSandboxParams&& aParams)
-      : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE,
-                            AllowUnsafeSocketPair::YES),
-        mParams(std::move(aParams)),
+      : mParams(std::move(aParams)),
         mAllowSysV(PR_GetEnv("MOZ_SANDBOX_ALLOW_SYSV") != nullptr),
-        mUsingRenderDoc(PR_GetEnv("RENDERDOC_CAPTUREOPTS") != nullptr) {}
+        mUsingRenderDoc(PR_GetEnv("RENDERDOC_CAPTUREOPTS") != nullptr) {
+    mBroker = aBroker;
+    mMayCreateShmem = true;
+    mAllowUnsafeSocketPair = true;
+  }
 
   ~ContentSandboxPolicy() override = default;
 
@@ -1762,9 +1748,10 @@ UniquePtr<sandbox::bpf_dsl::Policy> GetM
 // segments, so it may need file brokering.
 class RDDSandboxPolicy final : public SandboxPolicyCommon {
  public:
-  explicit RDDSandboxPolicy(SandboxBrokerClient* aBroker)
-      : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE,
-                            AllowUnsafeSocketPair::NO) {}
+  explicit RDDSandboxPolicy(SandboxBrokerClient* aBroker) {
+    mBroker = aBroker;
+    mMayCreateShmem = true;
+  }
 
 #ifndef ANDROID
   Maybe<ResultExpr> EvaluateIpcCall(int aCall, int aArgShift) const override {
@@ -1875,9 +1862,10 @@ UniquePtr<sandbox::bpf_dsl::Policy> GetD
 // the SocketProcess sandbox looks like.
 class SocketProcessSandboxPolicy final : public SandboxPolicyCommon {
  public:
-  explicit SocketProcessSandboxPolicy(SandboxBrokerClient* aBroker)
-      : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE,
-                            AllowUnsafeSocketPair::NO) {}
+  explicit SocketProcessSandboxPolicy(SandboxBrokerClient* aBroker) {
+    mBroker = aBroker;
+    mMayCreateShmem = true;
+  }
 
   static intptr_t FcntlTrap(const sandbox::arch_seccomp_data& aArgs,
                             void* aux) {
@@ -2013,9 +2001,10 @@ UniquePtr<sandbox::bpf_dsl::Policy> GetS
 
 class UtilitySandboxPolicy : public SandboxPolicyCommon {
  public:
-  explicit UtilitySandboxPolicy(SandboxBrokerClient* aBroker)
-      : SandboxPolicyCommon(aBroker, ShmemUsage::MAY_CREATE,
-                            AllowUnsafeSocketPair::NO) {}
+  explicit UtilitySandboxPolicy(SandboxBrokerClient* aBroker) {
+    mBroker = aBroker;
+    mMayCreateShmem = true;
+  }
 
   ResultExpr PrctlPolicy() const override {
     Arg<int> op(0);