From owner-freebsd-gecko@freebsd.org Mon Jan 20 18:33:35 2020 Return-Path: Delivered-To: freebsd-gecko@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 97DFD222DDE for ; Mon, 20 Jan 2020 18:33:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 481gKW3bQVz4pmH for ; Mon, 20 Jan 2020 18:33:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 795C1222DDB; Mon, 20 Jan 2020 18:33:35 +0000 (UTC) Delivered-To: gecko@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 791EE222DDA for ; Mon, 20 Jan 2020 18:33:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 481gKW2YwQz4pmF for ; Mon, 20 Jan 2020 18:33:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5377627D94 for ; Mon, 20 Jan 2020 18:33:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 00KIXZu1008204 for ; Mon, 20 Jan 2020 18:33:35 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 00KIXZ8d008203 for gecko@FreeBSD.org; Mon, 20 Jan 2020 18:33:35 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: gecko@FreeBSD.org Subject: [Bug 243252] www/firefox core dumps after r522486 (failed to freeze shm) Date: Mon, 20 Jan 2020 18:33:35 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: rozhuk.im@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: gecko@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-gecko@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gecko Rendering Engine issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jan 2020 18:33:35 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D243252 --- Comment #21 from rozhuk.im@gmail.com --- Base system software uses cap_rights_limit(), but respect user: /usr/src/contrib/dma/dma-mbox-create.c: if (cap_rights_limit(maildirfd, &rights) < 0 && errno !=3D ENOSYS) /usr/src/contrib/tcpdump/tcpdump.c: if (cap_rights_limit(fd, &rights) <= 0 && errno !=3D ENOSYS) { /usr/src/contrib/traceroute/traceroute.c: #ifdef WITH_CASPER cansandbox =3D true; #else if (nflag) cansandbox =3D true; else cansandbox =3D false; #endif ... /usr/src/contrib/xz/src/xz/file_io.c: #ifdef HAVE_CAPSICUM // Capsicum needs FreeBSD 10.0 or later. cap_rights_t rights; if (cap_rights_limit(src_fd, cap_rights_init(&rights, CAP_EVENT, CAP_FCNTL, CAP_LOOKUP, CAP_READ, CAP_SEE= K))) goto error; /usr/src/crypto/openssh/sandbox-capsicum.c: if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno !=3D ENOSYS) /usr/src/lib/libutil/pidfile.c: if (cap_rights_limit(dirfd, cap_rights_init(&caprights, CAP_UNLINKAT)) < 0 && errno !=3D EN= OSYS) { goto failed; } ... /usr/src/sbin/hastd/subr.c: #ifdef HAVE_CAPSICUM capsicum =3D (cap_enter() =3D=3D 0); if (!capsicum) { pjdlog_common(LOG_DEBUG, 1, errno, "Unable to sandbox using capsicum"); } else if (res !=3D NULL) { cap_rights_t rights; static const unsigned long geomcmds[] =3D { DIOCGDELETE, DIOCGFLUSH }; PJDLOG_ASSERT(res->hr_role =3D=3D HAST_ROLE_PRIMARY || res->hr_role =3D=3D HAST_ROLE_SECONDARY); cap_rights_init(&rights, CAP_FLOCK, CAP_IOCTL, CAP_PREAD, CAP_PWRITE); if (cap_rights_limit(res->hr_localfd, &rights) =3D=3D -1) { pjdlog_errno(LOG_ERR, "Unable to limit capability rights on local descriptor"); } if (cap_ioctls_limit(res->hr_localfd, geomcmds, nitems(geomcmds)) =3D=3D -1) { pjdlog_errno(LOG_ERR, "Unable to limit allowed GEOM ioctls"); } ... /usr/src/sbin/ping/ping.c: if (cap_rights_limit(srecv, &rights) < 0 && errno !=3D ENOSYS) /usr/src/usr.bin/bsdiff/bspatch/bspatch.c: #ifndef WITHOUT_CAPSICUM if (cap_enter() < 0) { /* Failed to sandbox, fatal if CAPABILITY_MODE enabled */ if (errno !=3D ENOSYS) err(1, "failed to enter security sandbox"); } else { /* Capsicum Available */ cap_rights_init(&rights_ro, CAP_READ, CAP_FSTAT, CAP_SEEK); cap_rights_init(&rights_wr, CAP_WRITE); cap_rights_init(&rights_dir, CAP_UNLINKAT); if (cap_rights_limit(fileno(f), &rights_ro) < 0 || /usr/src/usr.sbin/iscsid/iscsid.c: error =3D cap_rights_limit(conn->conn_iscsi_fd, &rights); if (error !=3D 0 && errno !=3D ENOSYS) log_err(1, "cap_rights_limit"); So if you decide that cap_rights_limit() "must have" - ensure that other ag= ree with you and remove WITHO_CAPSICUM/WITHOUT_CAPSICUM from src and base system software before this patch. --=20 You are receiving this mail because: You are the assignee for the bug.=