From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id DF1E4139696 for ; Fri, 19 May 2017 19:44:42 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 101DFE0C31; Fri, 19 May 2017 19:44:40 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id CB234E0C31 for ; Fri, 19 May 2017 19:44:39 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 630DF341686 for ; Fri, 19 May 2017 19:44:38 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id CEC6F745E for ; Fri, 19 May 2017 19:44:36 +0000 (UTC) From: "Ian Stakenvicius" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Ian Stakenvicius" Message-ID: <1495223068.fc0e8a516716dab4430d5fd44d603c61f415e6cb.axs@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: www-client/firefox/files/, www-client/firefox/ X-VCS-Repository: repo/gentoo X-VCS-Files: www-client/firefox/files/firefox-53-turn_off_crash_on_seccomp_fail.patch www-client/firefox/firefox-53.0-r1.ebuild www-client/firefox/firefox-53.0.ebuild X-VCS-Directories: www-client/firefox/files/ www-client/firefox/ X-VCS-Committer: axs X-VCS-Committer-Name: Ian Stakenvicius X-VCS-Revision: fc0e8a516716dab4430d5fd44d603c61f415e6cb X-VCS-Branch: master Date: Fri, 19 May 2017 19:44:36 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 9890f40d-0dc6-4f10-b713-65997141cdd7 X-Archives-Hash: 5691d870ec8f691a755b5b7fcf722998 commit: fc0e8a516716dab4430d5fd44d603c61f415e6cb Author: Ian Stakenvicius gentoo org> AuthorDate: Thu May 18 14:55:15 2017 +0000 Commit: Ian Stakenvicius gentoo org> CommitDate: Fri May 19 19:44:28 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fc0e8a51 www-client/firefox: disable seccomp fatality so widevinecdm doesn't crash This is a backport of a commit introduced to firefox-54. Package-Manager: Portage-2.3.3, Repoman-2.3.1 ...firefox-53-turn_off_crash_on_seccomp_fail.patch | 100 +++++++++++++++++++++ ...{firefox-53.0.ebuild => firefox-53.0-r1.ebuild} | 1 + 2 files changed, 101 insertions(+) diff --git a/www-client/firefox/files/firefox-53-turn_off_crash_on_seccomp_fail.patch b/www-client/firefox/files/firefox-53-turn_off_crash_on_seccomp_fail.patch new file mode 100644 index 00000000000..2d0c06b3e76 --- /dev/null +++ b/www-client/firefox/files/firefox-53-turn_off_crash_on_seccomp_fail.patch @@ -0,0 +1,100 @@ + +# HG changeset patch +# User Jed Davis +# Date 1485552350 25200 +# Node ID 7781de08a1c6d84a92e9d54a78ac9f54f8c4c240 +# Parent 952f0a7824ad897dd0f76318b567341e7d8ad46d +Bug 1286865 - Step 0: Turn off crash-on-seccomp-fail by default on non-nightly. r=gcp + +MozReview-Commit-ID: 1It6HNizbAc + +diff --git a/security/sandbox/linux/Sandbox.cpp b/security/sandbox/linux/Sandbox.cpp +--- a/security/sandbox/linux/Sandbox.cpp ++++ b/security/sandbox/linux/Sandbox.cpp +@@ -68,16 +68,18 @@ MOZ_IMPORT_API void + } // extern "C" + #endif // MOZ_ASAN + + // Signal number used to enable seccomp on each thread. + int gSeccompTsyncBroadcastSignum = 0; + + namespace mozilla { + ++static bool gSandboxCrashOnError = false; ++ + // This is initialized by SandboxSetCrashFunc(). + SandboxCrashFunc gSandboxCrashFunc; + + #ifdef MOZ_GMP_SANDBOX + // For media plugins, we can start the sandbox before we dlopen the + // module, so we have to pre-open the file and simulate the sandboxed + // open(). + static SandboxOpenedFile gMediaPluginFile; +@@ -143,25 +145,28 @@ SigSysHandler(int nr, siginfo_t *info, v + args[2] = SECCOMP_PARM3(&savedCtx); + args[3] = SECCOMP_PARM4(&savedCtx); + args[4] = SECCOMP_PARM5(&savedCtx); + args[5] = SECCOMP_PARM6(&savedCtx); + + // TODO, someday when this is enabled on MIPS: include the two extra + // args in the error message. + SANDBOX_LOG_ERROR("seccomp sandbox violation: pid %d, syscall %d," +- " args %d %d %d %d %d %d. Killing process.", ++ " args %d %d %d %d %d %d.%s", + pid, syscall_nr, +- args[0], args[1], args[2], args[3], args[4], args[5]); ++ args[0], args[1], args[2], args[3], args[4], args[5], ++ gSandboxCrashOnError ? " Killing process." : ""); + +- // Bug 1017393: record syscall number somewhere useful. +- info->si_addr = reinterpret_cast(syscall_nr); ++ if (gSandboxCrashOnError) { ++ // Bug 1017393: record syscall number somewhere useful. ++ info->si_addr = reinterpret_cast(syscall_nr); + +- gSandboxCrashFunc(nr, info, &savedCtx); +- _exit(127); ++ gSandboxCrashFunc(nr, info, &savedCtx); ++ _exit(127); ++ } + } + + /** + * This function installs the SIGSYS handler. This is slightly + * complicated because we want to use Chromium's handler to dispatch + * to specific trap handlers defined in the policy, but we also need + * the full original signal context to give to Breakpad for crash + * dumps. So we install Chromium's handler first, then retrieve its +@@ -510,16 +515,31 @@ void + SandboxEarlyInit(GeckoProcessType aType) + { + const SandboxInfo info = SandboxInfo::Get(); + if (info.Test(SandboxInfo::kUnexpectedThreads)) { + return; + } + MOZ_RELEASE_ASSERT(IsSingleThreaded()); + ++ // Set gSandboxCrashOnError if appropriate. This doesn't need to ++ // happen this early, but for now it's here so that I don't need to ++ // add NSPR dependencies for PR_GetEnv. ++ // ++ // This also means that users with "unexpected threads" setups won't ++ // crash even on nightly. ++#ifdef NIGHTLY_BUILD ++ gSandboxCrashOnError = true; ++#endif ++ if (const char* envVar = getenv("MOZ_SANDBOX_CRASH_ON_ERROR")) { ++ if (envVar[0]) { ++ gSandboxCrashOnError = envVar[0] != '0'; ++ } ++ } ++ + // Which kinds of resource isolation (of those that need to be set + // up at this point) can be used by this process? + bool canChroot = false; + bool canUnshareNet = false; + bool canUnshareIPC = false; + + switch (aType) { + case GeckoProcessType_Default: + diff --git a/www-client/firefox/firefox-53.0.ebuild b/www-client/firefox/firefox-53.0-r1.ebuild similarity index 99% rename from www-client/firefox/firefox-53.0.ebuild rename to www-client/firefox/firefox-53.0-r1.ebuild index a911896f0de..80f3c55995f 100644 --- a/www-client/firefox/firefox-53.0.ebuild +++ b/www-client/firefox/firefox-53.0-r1.ebuild @@ -125,6 +125,7 @@ src_prepare() { # Apply our patches eapply "${WORKDIR}/firefox" eapply "${FILESDIR}"/musl_drop_hunspell_alloc_hooks.patch + eapply "${FILESDIR}"/${PN}-53-turn_off_crash_on_seccomp_fail.patch # Enable gnomebreakpad if use debug ; then