summaryrefslogblamecommitdiff
path: root/user/firefox-esr/seccomp-time64.patch
blob: 72cc28b5d6200e516847861a51cbdafbe0776f44 (plain) (tree)















































































































                                                                                                                                   
This drops the use of the chromium sandbox syscall headers which were
defining syscall numbers if they were undefined. This masked the time64
issue initially since while musl renamed several of the time32 syscall
numbers to catch breakage like this, these headers were silently
bringing them back. I did this by comparing the syscall numbers provided
by the chromium and musl headers and redefining the generic names to
their time64 counterparts.

For gettimeofday and settimeofday there does not appear to be a time64
counterpart so I have defined them as the time32 versions. For
settimeofday this should not matter (the seccomp filter will block this
by virture of not being on the whitelist - no content process needs to
set the time anyway).

It is not possible to entirely block the usage of time32 syscalls
because musl uses them internally when it can or in fallback paths.

I did not check the MIPS headers since we don't currently ship a MIPS
port, so in the future those includes should be examined and dropped
too...

--- firefox-68.8.0/security/sandbox/chromium/sandbox/linux/system_headers/linux_syscalls.h	2020-04-29 16:49:45.000000000 -0500
+++ firefox-68.8.0/security/sandbox/chromium/sandbox/linux/system_headers/linux_syscalls.h	2020-05-20 03:09:47.369457646 -0500
@@ -8,18 +8,7 @@
 
 #ifndef SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_SYSCALLS_H_
 #define SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_SYSCALLS_H_
-
-#if defined(__x86_64__)
-#include "sandbox/linux/system_headers/x86_64_linux_syscalls.h"
-#endif
-
-#if defined(__i386__)
-#include "sandbox/linux/system_headers/x86_32_linux_syscalls.h"
-#endif
-
-#if defined(__arm__) && defined(__ARM_EABI__)
-#include "sandbox/linux/system_headers/arm_linux_syscalls.h"
-#endif
+#include <sys/syscall.h>
 
 #if defined(__mips__) && (_MIPS_SIM == _ABIO32)
 #include "sandbox/linux/system_headers/mips_linux_syscalls.h"
@@ -33,5 +22,36 @@
 #include "sandbox/linux/system_headers/arm64_linux_syscalls.h"
 #endif
 
+#if !defined(__NR_clock_getres) && defined(__NR_clock_getres_time64)
+#define __NR_clock_getres __NR_clock_getres_time64
+#endif
+#if !defined(__NR_clock_gettime) && defined(__NR_clock_gettime64)
+#define __NR_clock_gettime __NR_clock_gettime64
+#endif
+#if !defined(__NR_clock_nanosleep) && defined(__NR_clock_nanosleep_time64)
+#define __NR_clock_nanosleep __NR_clock_nanosleep_time64
+#endif
+#if !defined(__NR_clock_settime) && defined(__NR_clock_settime64)
+#define __NR_clock_settime __NR_clock_settime64
+#endif
+#if !defined(__NR_gettimeofday) && defined(__NR_gettimeofday_time32)
+#define __NR_gettimeofday __NR_gettimeofday_time32
+#endif
+#if !defined(__NR_settimeofday) && defined(__NR_settimeofday_time32)
+#define __NR_settimeofday __NR_settimeofday_time32
+#endif
+#if !defined(__NR_timer_gettime) && defined(__NR_timer_gettime64)
+#define __NR_timer_gettime __NR_timer_gettime64
+#endif
+#if !defined(__NR_timer_settime) && defined(__NR_timer_settime64)
+#define __NR_timer_settime __NR_timer_settime64
+#endif
+#if !defined(__NR_timerfd_gettime) && defined(__NR_timerfd_gettime64)
+#define __NR_timerfd_gettime __NR_timerfd_gettime64
+#endif
+#if !defined(__NR_timerfd_settime) && defined(__NR_timerfd_settime64)
+#define __NR_timerfd_settime __NR_timerfd_settime64
+#endif
+
 #endif  // SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_SYSCALLS_H_
 
--- firefox-68.8.0/security/sandbox/linux/SandboxFilter.cpp	2020-04-29 16:49:45.000000000 -0500
+++ firefox-68.8.0/security/sandbox/linux/SandboxFilter.cpp	2020-05-19 23:33:27.829642593 -0500
@@ -478,6 +478,9 @@ class SandboxPolicyCommon : public Sandb
 
         // Thread synchronization
       case __NR_futex:
+#ifdef __NR_futex_time64
+      case __NR_futex_time64:
+#endif
         // FIXME: This could be more restrictive....
         return Allow();
 
@@ -488,6 +491,9 @@ class SandboxPolicyCommon : public Sandb
       case __NR_epoll_pwait:
       case __NR_epoll_ctl:
       case __NR_ppoll:
+#ifdef __NR_ppoll_time64
+      case __NR_ppoll_time64:
+#endif
       case __NR_poll:
         return Allow();
 
@@ -1017,6 +1023,9 @@ class ContentSandboxPolicy : public Sand
 
       CASES_FOR_select:
       case __NR_pselect6:
+#ifdef __NR_pselect6_time64
+      case __NR_pselect6_time64:
+#endif
         return Allow();
 
       CASES_FOR_getdents: