Security/B2G/2014 02 11
From MozillaWiki
Contents
FirefoxOS Security Team Meeting
1pm PST, B2G Vidyo room Prior notes are here: https://wiki.mozilla.org/Security/B2G/2014_02_4
Agenda Items
Seccomp/Sandboxing
- Goals:
- Mochitests need to be running on emulators with seccomp enabled
- Gaia UI Automated tests need to pass at the same rate as a non-seccomp build
- Daily smoketests should pass at the same rate as a non-seccomp build
- Have an ability to pref off the feature if something goes horribly wrong
- Testing progress
- Buri
- Smoketests run, mainly passing
- Gecko Mochitests run? passed: 276, failed: 116, todo: 25
- Buri
*** problems with the testrunner, mainly. Still investigating
- seems like a lot of failed, but need to compare to master
- noticed a lot variance (testing environment,
- e.g. tests will fail because on french network
- most failures are related to the test runner
- Gaia-ui-tests? [arroway] I've been running some of them, but it's pretty slow so I'll have complete coverage tomorrow. No seccomp violation at the moment.
- Emulator?
- Other devices?
- Peak & Keon
Use nightly peak & keon
- [cr] ran a rather huge set of tests around calls, sms, radio, flight mode, sensors, camera, sim card, bluetooth, wifi, hotspot, USB, sd card, alerts, sound volume, music, video
- all on Keon, partly also on Peak
- found several bugs, but none triggered by seccomp
[actions] [pt] https://docs.google.com/a/mozilla.com/document/d/1som_jWCaKgTx1hKLxin6dG8hBWhJpsh2CAPSc1zKMNI/edit# [arroway] build patched version of buri + marrionette
News
horrible news are horrible:
- [kang] seccomp & threading
- cat /proc/<pid>/task/status
- ps -t
- b2g-ps "SEC" (2 = enabled, 0 = disabled)
- [kang] setuid & bionic & threading
