corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
546,803 Commits 1 Branch 0 Tags
80b1443c29c901b4f15e3c9d39a1f86d2e6a6cc0
Commit Graph

319 Commits

Author SHA1 Message Date
Bob Owen
1a1bfafc76 Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld 2016-11-23 13:36:59 +00:00
Wei-Cheng Pan
b9ffbceace Bug 1046166 - Add sandbox white list for userContent.css on Windows. r=bobowen 
MozReview-Commit-ID: LQT67vC12y2
 2016-11-17 12:02:16 +08:00
Randall Barker
10b09ea2de Bug 1314466 - part 4, update GeckoChildProcessHost to call LaunchAndroidService r=billm 2016-11-14 16:45:23 -08:00
Jed Davis
04f6c9cce4 Bug 1313218 - Preload libmozsandbox.so in child processes on Linux. r=tedd r=billm r=glandium 
Preloading libmozsandbox allows the symbol interpositions used by
sandboxing to be defined there instead of statically linked into the
executable; this patch also does that.

MozReview-Commit-ID: FL1QWLSKA0S
 2016-11-04 18:16:05 -06:00
Nathan Froyd
69c7cbb11f Bug 1312549 - use equality comparison rather than ordered comparison in ~GeckoChildProcessHost; r=billm 
clang has recently made |x $RELATIONAL_OP 0|, where |x| is a variable of
pointer type, to be an error.  On Windows,
GeckoChildProcessHost::mChildProcessHandle is a HANDLE, which is really
just a pointer.  So the comparison |> 0| in ~GeckoChildProcessHost is
invalid.  Fortunately, we can use an equality comparison here and it
amounts to the same thing.
 2016-10-25 23:08:11 -04:00
David Anderson
c9d420360d Use firefox.exe for launching the GPU process on Windows. (bug 1309890, r=jld) 2016-10-13 23:55:07 -07:00
Haik Aftandilian
73e4ac839c Bug 1290619 - Content sandbox rules should use actual profile directory, not Profiles/*/ regex's; r=jimm 
Passes the profile dir to the content process as a -profile CLI
option so that the correct profile dir can be used in the OS X content
sandbox rules.  Only enabled on OS X for now.

On Nightly, profile directories will now be read/write protected
from the content process (apart from a few profile subdirectories) even
when they don't reside in ~/Library.

xpcshell tests invoke the content process without providing a
profile directory. In that case, we don't need to add filesystem
profile dir. read/write exclusion rules to the sandbox.

This patch adds two new macros to the content sandbox rule set:
|profileDir| holds the path to the profile or the emptry string;
|hasProfileDir| is a boolean (1 or 0) that indicates whether or
not the profile directory rules should be added. If |hasProfileDir|
is 0, profile directory exclusion rules don't need to be added
and |profileDir| is not used.

MozReview-Commit-ID: rrTcQwTNdT
 2016-08-30 13:32:21 -07:00
Igor
9c81c3c1ee Bug 1293384 - Part 2: Rename Snprintf.h header to Sprintf.h. r=froydnj 2016-08-14 23:43:21 -07:00
Igor
972b8460e2 Bug 1293384 - Part 1: Rename snprintf_literal to SprintfLiteral. r=froydnj 2016-08-14 23:44:00 -07:00
Alexandre Lissy
b2834a3543 Bug 1284674 - Remove NUWA r=cyu 
MozReview-Commit-ID: GyMRNzOBKw6
 2016-08-02 14:54:00 +02:00
Cervantes Yu
6aab14a9f3 Bug 1253575 - Fallback to DuplicateHandle() when base::OpenPrivilegedProcessHandle() fails when starting a child process. r=krizsa 
MozReview-Commit-ID: 2nglWFJgfja
 2016-06-23 17:50:37 +08:00
David Anderson
4e7835b6d1 Add the GPU process as a sandbox broker peer. (bug 1289895, r=bobowen) 2016-07-27 23:17:54 -07:00
Makoto Kato
b741c6a47b Bug 1289500 - Don't load GTK IM module on content process. r=masayuki 
Now content sandbox process is enabled.  Since uim-mozc uses vfork, it causes sandbox violation.  It is unnecessary to load IM module on content process becasue we don't use GTK IM APIs on content process.

MozReview-Commit-ID: GrPlmazzEMd
 2016-07-27 10:24:42 +09:00
Bob Owen
0c54111f6f Bug 1287984: Add rule to allow content process to duplicate handles to other non-broker processes. r=jimm 
MozReview-Commit-ID: A79P9G9t7Ax
 2016-07-20 14:41:18 +01:00
Chris Peterson
6c0f810682 Bug 1277106 - Part 2: Expand MOZ_UTF16() strings to u"" string literals. r=Waldo 2016-07-20 22:03:25 -07:00
Alexandre Lissy
488e2a5709 Bug 1282559 - Followup for 1277705 and remove SetHandle() on Gonk r=billm 
MozReview-Commit-ID: 2Xzl5UBcUrV
 2016-06-27 22:32:44 +02:00
Bill McCloskey
93ebdff431 Bug 1277705 - Remove child_process_info (r=dvander) 2016-06-24 13:16:14 -07:00
Bill McCloskey
5c0499ab88 Bug 1277705 - Remove waitable_event_watcher (r=dvander) 2016-06-24 13:15:41 -07:00
Bill McCloskey
1f1db1f0e1 Bug 1268559 - Go back to ContentParent controlling process shutdown (i.e., backout bug 1262898) (r=dvander) 2016-06-24 13:13:45 -07:00
David Anderson
effaa2762a Add skeletal code for launching a GPU process. (bug 1271180 part 4, r=billm,jrmuizel) 2016-06-10 22:27:24 -04:00
Phil Ringnalda
fb45b46515 Back out 5 changesets (bug 1271180) for static analysis bustage 
CLOSED TREE

Backed out changeset cfb53b780b18 (bug 1271180)
Backed out changeset 204b084385f8 (bug 1271180)
Backed out changeset 353da876be33 (bug 1271180)
Backed out changeset 4472dfbc1dc6 (bug 1271180)
Backed out changeset 81079e787b8a (bug 1271180)
 2016-06-11 00:46:09 -07:00
David Anderson
960e333e42 Add skeletal code for launching a GPU process. (bug 1271180 part 4, r=billm,jrmuizel) 2016-06-10 22:27:24 -04:00
Bob Owen
234469274c Bug 1278528: Don't try to initialize the sandbox TargetServices when we are not sandboxed. r=jimm 
MozReview-Commit-ID: EpXy9LYXwQL
 2016-06-07 14:03:51 +01:00
Gabor Krizsanits
281d701435 Bug 1146873 - Handling sandbox policy setup failures. r=bobowen 2016-06-06 15:13:33 +02:00
Jed Davis
48dd26ae20 Bug 1114647 - Use firefox for child processes instead of plugin-container. r=ted 
Disabled on Mac (content processes need to use plugin-container.app for
UI reasons) and on Linux unless --disable-sandboxing (build issues).

Based on work by George Wright <george@mozilla.com>.
 2016-06-03 12:49:39 -07:00
Honza Bambas
061eaf305c Bug 1275117 - Fix static strings leaks when mozlogging is on. r=jduell 2016-05-31 08:11:00 -04:00
Haik Aftandilian
fe720c9597 Bug 1275430 - Add telemetry and logging to record content process failures to start; r=billm 
MozReview-Commit-ID: LWeZbDBwfX5
 2016-06-01 15:13:59 -07:00
Andrew McCreight
0514236009 Bug 1276318, part 2 - Fix mode lines in ipc/glue. r=billm 
MessageChannel.{h,cpp}, MessageLink.{h,cpp}, and ProtocolUtils.h are
using 4-space indent so I left those alone.
 2016-05-27 14:54:31 -07:00
Andrew McCreight
b600e22f3e Bug 1276318, part 1 - Fix leading tabs in ipc/glue. r=billm 
Also remove a weird mode line so the script can fix it more easily in
the next part.
 2016-05-27 14:54:30 -07:00
Honza Bambas
5095d3a1e2 Bug 1270752 - Fix lifetime of buffer passed to PR_SetEnv(). r=jduell 2016-05-26 03:18:00 -04:00
Bob Owen
d07e000180 Bug 1250125: Make a 0 security.sandbox.content.level turn off the content process sandbox. r=TimAbraldes 
This also fixes a bug where we weren't setting parts of the policy correctly for levels 3 to 9.

MozReview-Commit-ID: IXsg2nGOqoa
 2016-05-25 09:06:23 +01:00
Kyle Huey
3bd84c39ed Bug 1272415: Don't include task.h everywhere. r=froydnj 2016-05-12 15:15:43 -07:00
Kyle Huey
b972c94d0f Bug 1268313: Part 7 - Move NS_NewRunnableMethod and friends to mozilla::NewRunnableMethod. r=froydnj 2016-05-05 01:45:00 -07:00
Kyle Huey
b91ceaea75 Bug 1268313: Part 2 - Replace some NewRunnableMethods with NS_NewNonOwningRunnableMethod. r=froydnj 2016-05-05 01:44:59 -07:00
Carsten "Tomcat" Book
d10653e369 Backed out changeset fd833da413ad (bug 1268313) 2016-04-29 14:21:25 +02:00
Carsten "Tomcat" Book
aadd508ffe Backed out changeset 85ce8cb0639a (bug 1268313) 2016-04-29 14:21:16 +02:00
Kyle Huey
e62a0823c9 Bug 1268313: Part 7 - Move NS_NewRunnableMethod and friends to mozilla::NewRunnableMethod. r=froydnj 2016-04-28 14:08:25 -07:00
Kyle Huey
b334682d78 Bug 1268313: Part 2 - Replace some NewRunnableMethods with NS_NewNonOwningRunnableMethod. r=froydnj 2016-04-28 14:08:24 -07:00
Kyle Huey
f3e34e67b3 Bug 1266595: Replace Chromium Task with Runnable. r=froydnj 2016-04-27 17:06:05 -07:00
Bas Schouten
2d102ed23e Bug 1262898: Keep the GeckoChildProcessHost alive for the lifetime of the CompositorBridge and ImageBridge parent actors. r=jimm r=nical 
MozReview-Commit-ID: 1rsWqRpbhgN
 2016-04-25 03:54:07 +00:00
Chris Pearce
c47ff27825 Bug 1245789 - Load Widevine CDM with sandbox level USER_RESTRICTED instead of USER_LOCKDOWN. r=bobowen 
Otherwise Widevine CDM won't load on Windows. Other GMPs are still loaded at USER_LOCKDOWN.

MozReview-Commit-ID: aCTG1tQuwt
 2016-04-12 16:12:20 +12:00
George Wright
4b6255d510 Revert "Bug 1114647 - Rename "plugin-container" to "firefox-webcontent" and create a new executable target for Win32 called "firefox-plugin-container" r=ted,jhamer" because of widespread breakage due to whitelisted executable names in third parties 
This reverts commit a94b5f861bd0d25043a3bb7a0c3128acf8c0b93a.
 2016-04-08 13:34:40 -04:00
George Wright
89316736c1 Revert "Bug 1261416 - Rename firefox-plugin-container back to plugin-container to satisfy Flash's protected mode checks, and ensure that we launch the correct binary r=ted" because of widespread breakage due to whitelisted executable names in third parties 
This reverts commit 2d44e8ffaf63a32292f8e5b8fdd1485d0a462afc.
 2016-04-08 13:33:27 -04:00
Bill McCloskey
5dbc026b0c Bug 1235633 - IPC OOM mitigation by eliminating buffer copying (r=jld) 2016-04-07 17:15:26 -07:00
George Wright
2b21d6e072 Bug 1261416 - Rename firefox-plugin-container back to plugin-container to satisfy Flash's protected mode checks, and ensure that we launch the correct binary r=ted 2016-04-04 18:03:33 -04:00
George Wright
47045c3266 Bug 1114647 - Rename "plugin-container" to "firefox-webcontent" and create a new executable target for Win32 called "firefox-plugin-container" r=ted,jhamer 2016-04-01 02:12:59 -04:00
Kyle Huey
20d0dc7286 Bug 1259294: Part 2 - Use MOZ_ALWAYS_SUCCEEDS. r=froydnj 2016-03-28 10:28:15 -07:00
Honza Bambas
a358f0e3ef Bug 1248565 - Let child processes have its own MOZ_LOG_FILE. r=erahm 2016-03-11 08:24:00 -05:00
Cervantes Yu
f9580897e4 Bug 1253575 - Annotate the crash report on failure in opening the process handle for plugin or content process. r=billm 2016-03-10 16:07:57 +08:00
Ehsan Akhgari
5942467b69 Bug 1251226 - Avoid passing a std::wstring through the variadic method; r=bobowen 2016-02-25 11:12:18 -05:00