New issue
Advanced search Search tips

Issue 701137 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Mar 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Android
Pri: 1
Type: Bug

Blocking:
issue 166704



Sign in to add a comment

M58 Seccomp Crashes sandbox::CrashSIGSYS_Handler

Project Member Reported by rsesek@chromium.org, Mar 13 2017

Issue description

We're seeing a slight uptick in the sandbox::CrashSIGSYS_Handler crash signature on M58. 

Analysis of the seccomp-sigsys crash key shows the distribution of the system call violations:

Arch   nr 
arm    7         2
       17        1
       43        1
       110       1
       128       1
       294     151  (__NR_setsockopt)
       356       9  (__NR_eventfd2)
arm64  19        1  (__NR_eventfd2)
x86    218     686  (__NR_mincore)


For arm setsockopt:
arg2  arg3
1     2         7  (SO_REUSEADDR)
      7         1  (SO_SNDBUF)
      20      131  (SO_RCVTIMEO)


I will expand the whitelist for setsockopt to include SO_RCVTIMEO and SO_REUSEADDR for __NR_setsockopt.

__NR_mincore seems pretty obscure and is only being reported on x86 devices. It looks like libunwind uses it here: https://android.googlesource.com/platform/external/libunwind/+/android-6.0.1_r79/src/x86/Ginit.c#117. We could maybe EPERM it, but that seems like it'd break libunwind (and in https://crash.corp.google.com/browse?q=reportid=%275da5cf6480000000%27#0 we see: libart.so --> libbacktrace.so --> libunwindo.so), so that may not work.
 
Project Member

Comment 1 by bugdroid1@chromium.org, Mar 15 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/daa4b8602914d859d3f59726fae30cad0c072f8a

commit daa4b8602914d859d3f59726fae30cad0c072f8a
Author: rsesek <rsesek@chromium.org>
Date: Wed Mar 15 20:50:14 2017

[Android] Seccomp whitelist expansion for M58.

This permits __NR_mincore on x86 and allows more options for
__NR_setsockopt.

BUG= 701137 
R=jorgelo@chromium.org

Review-Url: https://codereview.chromium.org/2755743002
Cr-Commit-Position: refs/heads/master@{#457198}

[modify] https://crrev.com/daa4b8602914d859d3f59726fae30cad0c072f8a/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc

Comment 2 by rsesek@chromium.org, Mar 20 2017

Labels: Merge-Request-58
Project Member

Comment 3 by sheriffbot@chromium.org, Mar 20 2017

Labels: -Merge-Request-58 Hotlist-Merge-Approved Merge-Approved-58
Your change meets the bar and is auto-approved for M58. Please go ahead and merge the CL to branch 3029 manually. Please contact milestone owner if you have questions.
Owners: amineer@(Android), cmasso@(iOS), bhthompson@(ChromeOS), govind@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 4 by bugdroid1@chromium.org, Mar 20 2017

Labels: -merge-approved-58 merge-merged-3029
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/c245477cba2641ae360fff6a021b44666fd70391

commit c245477cba2641ae360fff6a021b44666fd70391
Author: Robert Sesek <rsesek@chromium.org>
Date: Mon Mar 20 15:35:10 2017

[Android] Seccomp whitelist expansion for M58.

This permits __NR_mincore on x86 and allows more options for
__NR_setsockopt.

BUG= 701137 
R=jorgelo@chromium.org

Review-Url: https://codereview.chromium.org/2755743002
Cr-Commit-Position: refs/heads/master@{#457198}
(cherry picked from commit daa4b8602914d859d3f59726fae30cad0c072f8a)

Review-Url: https://codereview.chromium.org/2762683002 .
Cr-Commit-Position: refs/branch-heads/3029@{#297}
Cr-Branched-From: 939b32ee5ba05c396eef3fd992822fcca9a2e262-refs/heads/master@{#454471}

[modify] https://crrev.com/c245477cba2641ae360fff6a021b44666fd70391/content/common/sandbox_linux/android/sandbox_bpf_base_policy_android.cc

Comment 5 by rsesek@chromium.org, Mar 20 2017

Status: Fixed (was: Assigned)

Sign in to add a comment