Landry Breuil <[email protected]> wrote: > On Sat, Jul 04, 2020 at 05:58:07PM +1000, Jonathan Gray wrote: > > On Fri, Jul 03, 2020 at 11:14:02PM -0400, Joe Gidi wrote: > > > Hello, > > > > > > > firefox seems to be doing a dlopen after it has unveil'd and can't > > open libLLVM. unveil removes visibility of parts of the filesystem, > > but it has to be done in the right place. > > i dont think firefox itself is doing this dlopen, rather MESA ? > https://searchfox.org/mozilla-central/search?q=libllvm > > > 37357 firefox NAMI "/usr/lib/libLLVM.so.2.0" > > 37357 firefox RET open -1 errno 2 No such file or directory > > > > this can be reproduced on other hardware by forcing swrast which also > > uses libLLVM > > > > LIBGL_ALWAYS_SOFTWARE=1 firefox > > > > this a firefox specific problem which does not occur with chromium > > Since unveil doesnt allow wildcards, i guess adding '/usr/lib r' to > /etc/firefox/unveil.gpu is the way to go. I dont have a machine with > amdgpu, and it doesnt seem to help LIBGL_ALWAYS_SOFTWARE=1 firefox > httpss://get.webgl.org here but maybe that's unrelated.
Doesn't it mean the attempt at privsep is out of order?
