From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Julien Cristau Date: Sun, 6 Sep 2020 20:20:39 +0000 Subject: [PATCH] Bug 1660901 - ignore AT_NO_AUTOMOUNT in fstatat system call. r=jld Per the manpage "Both stat() and lstat() act as though AT_NO_AUTOMOUNT was set.", so don't bail if it's set in a call to fstatat. Differential Revision: https://phabricator.services.mozilla.com/D89121 --- security/sandbox/linux/SandboxFilter.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp index 4087bdc07e01..c4f6c318ad1c 100644 --- a/security/sandbox/linux/SandboxFilter.cpp +++ b/security/sandbox/linux/SandboxFilter.cpp @@ -254,9 +254,10 @@ class SandboxPolicyCommon : public SandboxPolicyBase { fd, path, buf, flags); return BlockedSyscallTrap(aArgs, nullptr); } - if ((flags & ~AT_SYMLINK_NOFOLLOW) != 0) { + if ((flags & ~(AT_SYMLINK_NOFOLLOW | AT_NO_AUTOMOUNT)) != 0) { SANDBOX_LOG_ERROR("unsupported flags %d in fstatat(%d, \"%s\", %p, %d)", - (flags & ~AT_SYMLINK_NOFOLLOW), fd, path, buf, flags); + (flags & ~(AT_SYMLINK_NOFOLLOW | AT_NO_AUTOMOUNT)), fd, + path, buf, flags); return BlockedSyscallTrap(aArgs, nullptr); } return (flags & AT_SYMLINK_NOFOLLOW) == 0 ? broker->Stat(path, buf)