Re: Enabling seccomp-bpf for content process on nightly Linux desktop

2016-07-06 Thread Jed Davis
Ted Mielczarek writes: > On Tue, Jul 5, 2016, at 11:18 PM, Jed Davis wrote: >> (However, there aren't automated >> tests to ensure it keeps working; "crashing the content process" isn't a >> use case that the test framework docs were very helpful with.) > > FYI, a number of

Re: Enabling seccomp-bpf for content process on nightly Linux desktop

2016-07-06 Thread Julian Hector
Here is an example crash report generated by a seccomp violation (I removed sys_unlink from the whitelist) https://crash-stats.mozilla.com/report/index/1a06f493-a4bf-40a1-a4eb-241aa2160706 The crash address is 0x57 which is 87 in decimal, which is the syscall number of unlink on x86_64 as seen

Re: Enabling seccomp-bpf for content process on nightly Linux desktop

2016-07-06 Thread Ted Mielczarek
On Tue, Jul 5, 2016, at 11:18 PM, Jed Davis wrote: > Benjamin Smedberg writes: > > > Assuming these crashes show up in crash-stats.mozilla.com, are there > > particular signatures, metadata, or other patterns that would let us say > > "this crash is caused by a sandbox

Re: Enabling seccomp-bpf for content process on nightly Linux desktop

2016-07-05 Thread Jed Davis
Steve Fink writes: > On 07/05/2016 01:33 AM, Julian Hector wrote: >> If you encounter a crash that may be due to seccomp, please file a bug in >> bugzilla and block Bug 1280415, we use it to track issues experienced on >> nightly. > > What would such a crash look like? Do they

Re: Enabling seccomp-bpf for content process on nightly Linux desktop

2016-07-05 Thread Jed Davis
Benjamin Smedberg writes: > Assuming these crashes show up in crash-stats.mozilla.com, are there > particular signatures, metadata, or other patterns that would let us say > "this crash is caused by a sandbox failure"? They should, and the expected distinguishing feature

Re: Enabling seccomp-bpf for content process on nightly Linux desktop

2016-07-05 Thread Benjamin Smedberg
Assuming these crashes show up in crash-stats.mozilla.com, are there particular signatures, metadata, or other patterns that would let us say "this crash is caused by a sandbox failure"? That seems like it would be fairly important, so that we can monitor this in the field. --BDS On Tue, Jul 5,

Re: Enabling seccomp-bpf for content process on nightly Linux desktop

2016-07-05 Thread Paul Theriault
> On 6 Jul 2016, at 3:39 AM, Steve Fink wrote: > > On 07/05/2016 01:33 AM, Julian Hector wrote: >> If you encounter a crash that may be due to seccomp, please file a bug in >> bugzilla and block Bug 1280415, we use it to track issues experienced on >> nightly. > > What would

Enabling seccomp-bpf for content process on nightly Linux desktop

2016-07-05 Thread Julian Hector
Hi everybody, during the last couple of month, the sandboxing team worked on getting our seccomp whitelist to a state that allowed us to enable seccomp on nightly for Linux desktop users. Our current sandboxing efforts can be tracked through the wiki at: https://wiki.mozilla.org/Security/Sandbox