Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-16 23:05:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1647957 - Allow RDD and Socket processes to read /proc/self/{statm,smaps} on Linux r=gcp

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D114853
This commit is contained in:
Alexandre Lissy 2021-05-11 16:23:23 +00:00
parent 4b378464f2
commit 7f76b6c221
2 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
View File

@ -276,6 +276,13 @@ static void AddSharedMemoryPaths(SandboxBroker::Policy* aPolicy, pid_t aPid) {
}
}
static void AddMemoryReporting(SandboxBroker::Policy* aPolicy, pid_t aPid) {
// Bug 1198552: memory reporting.
// Bug 1647957: memory reporting.
aPolicy->AddPath(rdonly, nsPrintfCString("/proc/%d/statm", aPid).get());
aPolicy->AddPath(rdonly, nsPrintfCString("/proc/%d/smaps", aPid).get());
}
static void AddDynamicPathList(SandboxBroker::Policy* policy,
const char* aPathListPref, int perms) {
nsAutoCString pathList;
@ -667,8 +674,7 @@ UniquePtr<SandboxBroker::Policy> SandboxBrokerPolicyFactory::GetContentPolicy(
policy->AddPath(rdonly, nsPrintfCString("/proc/%d/maps", aPid).get());
// Bug 1198552: memory reporting.
policy->AddPath(rdonly, nsPrintfCString("/proc/%d/statm", aPid).get());
policy->AddPath(rdonly, nsPrintfCString("/proc/%d/smaps", aPid).get());
AddMemoryReporting(policy.get(), aPid);
// Bug 1384804, notably comment 15
// Used by libnuma, included by x265/ffmpeg, who falls back
@ -703,6 +709,9 @@ SandboxBrokerPolicyFactory::GetRDDPolicy(int aPid) {
policy->AddDir(rdonly, "/usr/lib32");
policy->AddDir(rdonly, "/usr/lib64");
// Bug 1647957: memory reporting.
AddMemoryReporting(policy.get(), aPid);
// Firefox binary dir.
// Note that unlike the previous cases, we use NS_GetSpecialDirectory
// instead of GetSpecialSystemDirectory. The former requires a working XPCOM
@ -763,6 +772,9 @@ SandboxBrokerPolicyFactory::GetSocketProcessPolicy(int aPid) {
// profiling. See Bug 1626385.
AddSharedMemoryPaths(policy.get(), aPid);
// Bug 1647957: memory reporting.
AddMemoryReporting(policy.get(), aPid);
// Firefox binary dir.
// Note that unlike the previous cases, we use NS_GetSpecialDirectory
// instead of GetSpecialSystemDirectory. The former requires a working XPCOM

3
toolkit/components/aboutmemory/tests/chrome.ini
View File

@ -21,14 +21,11 @@ skip-if =
[test_aboutmemory5.xhtml]
skip-if =
asan # Bug 1116230
socketprocess_networking # Bug 1116230
os == "linux" && bits == 64 && debug # Bug 1683002
[test_aboutmemory6.xhtml]
[test_aboutmemory7.xhtml]
[test_memoryReporters.xhtml]
skip-if = socketprocess_networking
[test_memoryReporters2.xhtml]
skip-if = socketprocess_networking
[test_sqliteMultiReporter.xhtml]
[test_dumpGCAndCCLogsToFile.xhtml]
skip-if = (verify && debug && (os == 'mac'))