New issue
Advanced search Search tips

Issue 868556 link

Starred by 3 users
Status: Fixed
Owner:
sergeyu@chromium.org
Closed: Aug 1
Components:
EstimatedDays: ----
NextAction: ----
OS: Fuchsia
Pri: 3
Type: Bug



Sign in to add a comment

Stop using FDIO_SPAWN_CLONE_STDIO for sandboxed processes

Project Member Reported by sergeyu@chromium.org, Jul 27 
FDIO_SPAWN_CLONE_STDIO clones FDs [0-2], but these handles may be used for files not related to stdio, so it may not be safe to clone then to sandboxed processes. Stop using FDIO_SPAWN_CLONE_STDIO and clone just STDERR stream.
Also somehow we need to ensure that stderr handle is valid in all chromium process. See https://fuchsia.atlassian.net/browse/ZX-2424 for details.
Project Member

Comment 1 by bugdroid1@chromium.org, Aug 1 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e297cf6060e6a8bf879f9c7654ce9df3aed465d1

commit e297cf6060e6a8bf879f9c7654ce9df3aed465d1
Author: Sergey Ulanov <sergeyu@chromium.org>
Date: Wed Aug 01 18:40:43 2018

[Fuchsia] Update launch options when starting context process.

1. /pkg, /svc and /config/ssl are now cloned to Context processes.
   https://crrev.com/1149262 removed FDIO_SPAWN_CLONE_NAMESPACE.
   As result the context process was failing to open /pkg/icudtl.dat.
2. Added FDIO_SPAWN_CLONE_JOB flag - job needs to be cloned so the
   context process can start its own children.
3. Updated SandboxPolicyFuchsia not to clone /tmp - it doesn't appear
   to be necessary for any sandboxed processes.
4. Removed FDIO_SPAWN_CLONE_STDIO for Context and sandboxed processes.
   Instead stderr is added fds_to_map.

Bug:  852145 ,  869216 ,  868556 
Change-Id: I89c429231cd0e295247c80f12e587e1c7335456b
Reviewed-on: https://chromium-review.googlesource.com/1155967
Commit-Queue: Sergey Ulanov <sergeyu@chromium.org>
Reviewed-by: Wez <wez@chromium.org>
Cr-Commit-Position: refs/heads/master@{#579872}
[modify] https://crrev.com/e297cf6060e6a8bf879f9c7654ce9df3aed465d1/content/common/sandbox_policy_fuchsia.cc
[modify] https://crrev.com/e297cf6060e6a8bf879f9c7654ce9df3aed465d1/webrunner/service/context_provider_impl.cc

Comment 2 by sergeyu@chromium.org, Aug 1

Status: Fixed (was: Available)
FDIO_SPAWN_CLONE_STDIO is still used in tests, but not when starting sandboxed processes.

Sign in to add a comment