1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Julien Cristau <jcristau@mozilla.com>
Date: Sun, 6 Sep 2020 20:20:39 +0000
Subject: [PATCH] Bug 1660901 - ignore AT_NO_AUTOMOUNT in fstatat system call.
r=jld
Per the manpage "Both stat() and lstat() act as though AT_NO_AUTOMOUNT
was set.", so don't bail if it's set in a call to fstatat.
Differential Revision: https://phabricator.services.mozilla.com/D89121
---
security/sandbox/linux/SandboxFilter.cpp | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp
index 4087bdc07e01..c4f6c318ad1c 100644
--- a/security/sandbox/linux/SandboxFilter.cpp
+++ b/security/sandbox/linux/SandboxFilter.cpp
@@ -254,9 +254,10 @@ class SandboxPolicyCommon : public SandboxPolicyBase {
fd, path, buf, flags);
return BlockedSyscallTrap(aArgs, nullptr);
}
- if ((flags & ~AT_SYMLINK_NOFOLLOW) != 0) {
+ if ((flags & ~(AT_SYMLINK_NOFOLLOW | AT_NO_AUTOMOUNT)) != 0) {
SANDBOX_LOG_ERROR("unsupported flags %d in fstatat(%d, \"%s\", %p, %d)",
- (flags & ~AT_SYMLINK_NOFOLLOW), fd, path, buf, flags);
+ (flags & ~(AT_SYMLINK_NOFOLLOW | AT_NO_AUTOMOUNT)), fd,
+ path, buf, flags);
return BlockedSyscallTrap(aArgs, nullptr);
}
return (flags & AT_SYMLINK_NOFOLLOW) == 0 ? broker->Stat(path, buf)
|
