140069 2015-01-04 20:00:21 -0800 [GStreamer] Disable gst-plugin-scanner if seccomp filters are enabled 2015-03-23 13:25:35 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) PC Linux RESOLVED FIXED P2 Normal --- 142978 110014 1 mcatanzaro mcatanzaro cgarcia commit-queue mcatanzaro pnormand slomo tmpsantos oldest_to_newest 1058642 0 mcatanzaro 2015-01-04 20:00:21 -0800 If seccomp filters are enabled, any child processes we create are doomed if they try to use a trapped syscall: the child will receive SIGSYS and dump core. There appears to be no way around this. Fortunately, the gstreamer developers had mad prescience and provided us with a way to move plugin scanning in-process, so we don't need the helper binary at all. 1058643 1 243957 mcatanzaro 2015-01-04 20:05:48 -0800 Created attachment 243957 Patch 1058678 2 243957 commit-queue 2015-01-05 01:23:09 -0800 Comment on attachment 243957 Patch Clearing flags on attachment: 243957 Committed r177896: <http://trac.webkit.org/changeset/177896> 1058679 3 commit-queue 2015-01-05 01:23:13 -0800 All reviewed patches have been landed. Closing bug. 1058974 4 slomo 2015-01-06 03:47:28 -0800 Note that putting the plugin scanning in-process has two huge disadvantages though. You will dlopen() all (changed) plugins, which in turn loads all dependent libraries... and they will never be unloaded again for this process. And if any plugin crashes during initialization, it will just take your application process with it. Disabling the plugin scanner can't be the right solution for this approach, and if there's no other way I would say that seccomp is currently broken by design. 1059057 5 mcatanzaro 2015-01-06 10:52:00 -0800 (In reply to comment #4) > Disabling the plugin scanner can't be the right solution for this approach, > and if there's no other way I would say that seccomp is currently broken by > design. I'm glad I CCed you. Let's discuss this in bug #140131. 1079360 6 commit-queue 2015-03-23 13:24:09 -0700 Re-opened since this is blocked by bug 142978 1079363 7 mcatanzaro 2015-03-23 13:25:35 -0700 Go away bug, we'll use bug #140131 for this. 243957 2015-01-04 20:05:48 -0800 2015-01-05 01:23:09 -0800 Patch 0006-GStreamer-Disable-gst-plugin-scanner-if-seccomp-filt.patch text/plain 2931 mcatanzaro RnJvbSA3MTUzMDU0ZmU4NmU5MzdkMzhjNTEzNzgyN2YzMTVkMjViZmQ0YjU1IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBNaWNoYWVsIENhdGFuemFybyA8bWNhdGFuemFyb0BpZ2FsaWEu Y29tPgpEYXRlOiBUdWUsIDMwIERlYyAyMDE0IDE4OjQwOjEyIC0wNjAwClN1YmplY3Q6IFtQQVRD SCA2LzZdIFtHU3RyZWFtZXJdIERpc2FibGUgZ3N0LXBsdWdpbi1zY2FubmVyIGlmIHNlY2NvbXAg ZmlsdGVycwogYXJlIGVuYWJsZWQKCklmIHNlY2NvbXAgZmlsdGVycyBhcmUgZW5hYmxlZCwgYW55 IGNoaWxkIHByb2Nlc3NlcyB3ZSBjcmVhdGUgYXJlIGRvb21lZAppZiB0aGV5IHRyeSB0byB1c2Ug YSB0cmFwcGVkIHN5c2NhbGw6IHRoZSBjaGlsZCB3aWxsIHJlY2VpdmUgU0lHU1lTIGFuZApkdW1w IGNvcmUuIFRoZXJlIGFwcGVhcnMgdG8gYmUgbm8gd2F5IGFyb3VuZCB0aGlzLgoKRm9ydHVuYXRl bHksIHRoZSBnc3RyZWFtZXIgZGV2ZWxvcGVycyBoYWQgbWFkIHByZXNjaWVuY2UgYW5kIHByb3Zp ZGVkCnVzIHdpdGggYSB3YXkgdG8gbW92ZSBwbHVnaW4gc2Nhbm5pbmcgaW4tcHJvY2Vzcywgc28g d2UgZG9uJ3QgbmVlZCB0aGUKaGVscGVyIGJpbmFyeSBhdCBhbGwuCi0tLQogU291cmNlL1dlYkNv cmUvQ2hhbmdlTG9nICAgICAgICAgICAgICAgICAgICAgICAgICAgIHwgMjEgKysrKysrKysrKysr KysrKysrKysrCiAuLi4vZ3JhcGhpY3MvZ3N0cmVhbWVyL0dTdHJlYW1lclV0aWxpdGllcy5jcHAg ICAgICAgfCAgOCArKysrKysrKwogMiBmaWxlcyBjaGFuZ2VkLCAyOSBpbnNlcnRpb25zKCspCgpk aWZmIC0tZ2l0IGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nIGIvU291cmNlL1dlYkNvcmUvQ2hh bmdlTG9nCmluZGV4IDExNDM5OWIuLjEwZGFmODkgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJDb3Jl L0NoYW5nZUxvZworKysgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKQEAgLTEsMyArMSwyNCBA QAorMjAxNS0wMS0wNCAgTWljaGFlbCBDYXRhbnphcm8gIDxtY2F0YW56YXJvQGlnYWxpYS5jb20+ CisKKyAgICAgICAgW0dTdHJlYW1lcl0gRGlzYWJsZSBnc3QtcGx1Z2luLXNjYW5uZXIgaWYgc2Vj Y29tcCBmaWx0ZXJzIGFyZSBlbmFibGVkCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3Jn L3Nob3dfYnVnLmNnaT9pZD0xNDAwNjkKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9P UFMhKS4KKworICAgICAgICBJZiBzZWNjb21wIGZpbHRlcnMgYXJlIGVuYWJsZWQsIGFueSBjaGls ZCBwcm9jZXNzZXMgd2UgY3JlYXRlIGFyZSBkb29tZWQKKyAgICAgICAgaWYgdGhleSB0cnkgdG8g dXNlIGEgdHJhcHBlZCBzeXNjYWxsOiB0aGUgY2hpbGQgd2lsbCByZWNlaXZlIFNJR1NZUyBhbmQK KyAgICAgICAgZHVtcCBjb3JlLiBUaGVyZSBhcHBlYXJzIHRvIGJlIG5vIHdheSBhcm91bmQgdGhp cy4KKworICAgICAgICBGb3J0dW5hdGVseSwgdGhlIGdzdHJlYW1lciBkZXZlbG9wZXJzIGhhZCBt YWQgcHJlc2NpZW5jZSBhbmQgcHJvdmlkZWQKKyAgICAgICAgdXMgd2l0aCBhIHdheSB0byBtb3Zl IHBsdWdpbiBzY2FubmluZyBpbi1wcm9jZXNzLCBzbyB3ZSBkb24ndCBuZWVkIHRoZQorICAgICAg ICBoZWxwZXIgYmluYXJ5IGF0IGFsbC4KKworICAgICAgICBObyBuZXcgdGVzdHMgYmVjYXVzZSB0 aGlzIGlzIGNvdmVyZWQgYnkgZXhpc3RpbmcgdGVzdHMgd2hlbiBzZWNjb21wCisgICAgICAgIGZp bHRlcnMgYXJlIGVuYWJsZWQuCisKKyAgICAgICAgKiBwbGF0Zm9ybS9ncmFwaGljcy9nc3RyZWFt ZXIvR1N0cmVhbWVyVXRpbGl0aWVzLmNwcDoKKyAgICAgICAgKFdlYkNvcmU6OmluaXRpYWxpemVH U3RyZWFtZXIpOgorCiAyMDE0LTEyLTE5ICBNeWxlcyBDLiBNYXhmaWVsZCAgPG1tYXhmaWVsZEBh cHBsZS5jb20+CiAKICAgICAgICAgW1NWRyAtPiBPVEYgQ29udmVydGVyXSBNYWtlIHBsYWNlaG9s ZGVycyBtb3JlIHJvYnVzdApkaWZmIC0tZ2l0IGEvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vZ3Jh cGhpY3MvZ3N0cmVhbWVyL0dTdHJlYW1lclV0aWxpdGllcy5jcHAgYi9Tb3VyY2UvV2ViQ29yZS9w bGF0Zm9ybS9ncmFwaGljcy9nc3RyZWFtZXIvR1N0cmVhbWVyVXRpbGl0aWVzLmNwcAppbmRleCBi Y2U0MThkLi40ZDc3MzVkIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9ncmFw aGljcy9nc3RyZWFtZXIvR1N0cmVhbWVyVXRpbGl0aWVzLmNwcAorKysgYi9Tb3VyY2UvV2ViQ29y ZS9wbGF0Zm9ybS9ncmFwaGljcy9nc3RyZWFtZXIvR1N0cmVhbWVyVXRpbGl0aWVzLmNwcApAQCAt MTMyLDYgKzEzMiwxNCBAQCBib29sIGluaXRpYWxpemVHU3RyZWFtZXIoKQogICAgIGlmIChnc3Rf aXNfaW5pdGlhbGl6ZWQoKSkKICAgICAgICAgcmV0dXJuIHRydWU7CiAKKyNpZiBFTkFCTEUoU0VD Q09NUF9GSUxURVJTKQorICAgIC8vIFRoZSBnc3QtcGx1Z2luLXNjYW5uZXIgaGVscGVyIGJpbmFy eSB3aWxsIHJlY2VpdmUgU0lHU1lTIGFuZCBkdW1wIGNvcmUKKyAgICAvLyB3aGVuIGl0IGF0dGVt cHRzIHRvIG9wZW4gYSBmaWxlLiBEaXNhYmxlIGl0IHNvIHRoYXQgcGx1Z2luIHNjYW5uaW5nCisg ICAgLy8gb2NjdXJzIGluLXByb2Nlc3MuIFRoZSBkaXNhZHZhbnRhZ2UgaXMgdGhhdCBhIHBsdWdp biB0aGF0IGNyYXNoZXMgd2hpbGUKKyAgICAvLyBsb2FkaW5nIHdpbGwgbm93IGNyYXNoIHRoZSB3 ZWIgcHJvY2Vzcy4KKyAgICBnc3RfcmVnaXN0cnlfZm9ya19zZXRfZW5hYmxlZChGQUxTRSk7Cisj ZW5kaWYKKwogICAgIEdVbmlxdWVPdXRQdHI8R0Vycm9yPiBlcnJvcjsKICAgICAvLyBGSVhNRTog V2Ugc2hvdWxkIHByb2JhYmx5IHBhc3MgdGhlIGFyZ3VtZW50cyBmcm9tIHRoZSBjb21tYW5kIGxp bmUuCiAgICAgYm9vbCBnc3RJbml0aWFsaXplZCA9IGdzdF9pbml0X2NoZWNrKDAsIDAsICZlcnJv ci5vdXRQdHIoKSk7Ci0tIAoyLjEuMAoK