FS#67978 - [firefox] Endless seccomp sandbox violation messages fill system logs after startup
Attached to Project:
Arch Linux
Opened by Michel Koss (MichelKoss1) - Wednesday, 23 September 2020, 22:25 GMT
Last edited by Jan Alexander Steffens (heftig) - Thursday, 24 September 2020, 18:49 GMT
Opened by Michel Koss (MichelKoss1) - Wednesday, 23 September 2020, 22:25 GMT
Last edited by Jan Alexander Steffens (heftig) - Thursday, 24 September 2020, 18:49 GMT
|
Details
Description:
After launch it start to print seccomp sandbox violation messages in a loop which fills all system logs in a matter of time. Example below: Sandbox: unsupported fd-relative fstatat(33, "", 0x772E6E40DEE0, 4096) Sandbox: seccomp sandbox violation: pid 78, tid 78, syscall 262, args 33 105997348032911 131041301946080 4096 4096 1. Sandbox: unsupported fd-relative fstatat(33, "", 0x772E6E40DDD0, 4096) Sandbox: seccomp sandbox violation: pid 78, tid 78, syscall 262, args 33 105997348032911 131041301945808 4096 4096 1. Sandbox: unsupported fd-relative fstatat(31, "", 0x78F29F2736B0, 4096) Sandbox: seccomp sandbox violation: pid 132, tid 132, syscall 262, args 31 109526025425295 132983447566000 4096 4096 1. Sandbox: unsupported fd-relative fstatat(31, "", 0x78F29F2735A0, 4096) Sandbox: seccomp sandbox violation: pid 132, tid 132, syscall 262, args 31 109526025425295 132983447565728 4096 4096 1. Sandbox: unsupported flags 2048 in fstatat(-100, "/home/user/.config/gtk-3.0/colors.css", 0x606762AFD8A0, 2304) Sandbox: seccomp sandbox violation: pid 78, tid 101, syscall 262, args 4294967196 105997164508032 105997153589408 2304 2304 1. Sandbox: unsupported flags 2048 in fstatat(-100, "/home/user/.config/gtk-3.0/colors.css", 0x606762AFD8A0, 2304) Sandbox: seccomp sandbox violation: pid 78, tid 101, syscall 262, args 4294967196 105997164716736 105997153589408 2304 2304 1. Sandbox: unsupported fd-relative fstatat(51, "", 0x772E6E40FCD0, 4096) Adding syscall no 262 to whitelist is a temporary workaround. Similar report for debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970196 I wasn't able to reproduce it in official firefox flatpak so this may be downstream issue. Additional info: * Firefox 80,81, fresh config Steps to reproduce: Launch firefox and observe flood of messages in journal. |
This task depends upon
Closed by Jan Alexander Steffens (heftig)
Thursday, 24 September 2020, 18:49 GMT
Reason for closing: Fixed
Additional comments about closing: firefox 81.0-2
Thursday, 24 September 2020, 18:49 GMT
Reason for closing: Fixed
Additional comments about closing: firefox 81.0-2
I would like to ask Arch to backport aforementioned patch https://hg.mozilla.org/mozilla-central/rev/80baa04419c4 to ff 81 because this bug is so annoying.