Jacek Caban
bd67a7a508
Bug 1201438 - Fixup for builds with disabled sandbox.
2015-09-09 14:17:12 +02:00
Bob Owen
aa4bbfbed6
Bug 1201438: Add non-sandboxed Windows content processes as target peers for handle duplication. r=bbondy
2015-09-08 11:18:12 +01:00
Mike Hommey
9de7ac58a9
Bug 1189967 - Be slightly more explicit about some conversions to std::wstring. r=nfroyd
2015-08-23 22:20:19 +09:00
Bob Owen
75807e86d1
Bug 1189352: Fix NSPR_LOG_FILE with absolute paths for sandboxed child on Windows. r=bbondy
2015-08-03 07:58:43 +01:00
Jesse Ruderman
6785bc0e32
Bug 1024259: Use NS_FREE_PERMANENT_DATA more consistently. r=mccr8
2015-07-31 12:11:48 -07:00
Bob Owen
f76e5c325c
Bug 1171796: Add sandbox rule for child process NSPR log file on Windows. r=bbondy
...
This also moves the initialization of the sandbox TargetServices to earlier in
plugin-container.cpp content_process_main, because it needs to happen before
xul.dll loads.
2015-07-30 10:04:42 +01:00
Mike Hommey
dce35f78a7
Bug 1187533 - Change how Gtk+2 plugin-container is started on Gtk+3 builds. r=billm
...
The current situation looks like this: Firefox launches the plugin-container
with two environment variables set:
LD_LIBRARY_PATH=$FIREFOX_DIR:$LD_LIBRARY_PATH
LD_PRELOAD=$FIREFOX_DIR/libmozgtk2.so:$LD_PRELOAD
libxul.so has a dependency on libmozgtk.so (without "2"), but libmozgtk2.so
has a SONAME of libmozgtk.so, so ld.so recognizes libmozgtk2.so as a
dependency of libxul.so, and uses it instead of the actual libmozgtk.so,
making the plugin-container use Gtk+2 instead of Gtk+3 to load Gtk+2 plugins.
Now, ASan sets things up in shared libraries such that they needs a symbol
from the executable binary. So in the case of plugin-container, the
plugin-container executable itself contains some ASan symbols such as
__asan_init_v3. libmozgtk2.so, OTOH, contains an undefined weak reference to
that symbol, like all other Firefox shared libraries.
Since libmozgtk2.so is LD_PRELOADed, it is loaded _before_ the
plugin-container executable, and __asan_init_v3 can't be resolved.
Disabling ASan for libmozgtk2.so would be a possibility, but the build system
doesn't really know how to do that, and filtering out -fsanitize=address
can be fragile.
The alternative possibility, implemented here, is to change the library
loading strategy, renaming libmozgtk2.so to gtk2/libmozgtk.so, and setting
the following environment variable when Firefox launches the plugin-container:
LD_LIBRARY_PATH=$FIREFOX_DIR/gtk2:$FIREFOX_DIR:$LD_LIBRARY_PATH
2015-07-28 08:19:13 +09:00
Andrew McCreight
7e0540b9ce
Bug 1089816 - Let ASan content processes run to completion. r=billm
...
There are a variety of ways that the parent and child process ensure that
the child process exits quickly in opt builds, but for AddressSanitizer
builds we want to let the child process to run to completion, so that we
can get a LeakSanitizer report.
This requires adding some addition LSan suppressions, because running
LSan in child processes detects some new leaks.
2015-07-27 12:49:48 -07:00
Brad Lassey
99e21866e1
bug 1161166 - Use mach shared memory for shared memory on OSX r=billm
2015-06-17 00:38:38 -04:00
Markus Stange
eb92e8ae6a
Bug 971811 - Don't prepend an empty existing DYLD_INSERT_LIBRARIES path when launching the plugin. r=smichaud
2015-06-10 12:54:52 -04:00
Wes Kocher
2a932fffd8
Backed out changeset 1be05715932f (bug 1161166)
2015-06-09 15:12:21 -07:00
Brad Lassey
3aef53f002
Bug 1161166 - Use mach shared memory for shared memory on OSX. r=billm
2015-06-09 09:56:50 -04:00
James Willcox
51501fcfc5
Bug 1141693 - Build and use a PIE plugin-container on Android 5.0+. Based on a patch by Mike Hommey. r=me,glandium
2015-06-03 10:26:16 -05:00
James Willcox
94edfc6be5
Backout fb6329699801 for x86 breakage on a CLOSED TREE
2015-05-14 15:40:00 -05:00
James Willcox
0faf957f85
Bug 1141693 - Build and use a PIE plugin-container on Android 5.0+. Based on a patch by Mike Hommey. r=me,glandium
2015-05-14 14:52:10 -05:00
Mike Conley
16367a6360
Bug 1146955 - Unify pluginID for GMP and runID for NPAPI plugins to use the same internal incrementor. r=jesup, mrbkap.
2015-04-27 15:09:45 -04:00
Bob Owen
7517f0b07d
Bug 1119878 Part 2: Change IPC code to hold ProcessID instead of ProcessHandle. r=billm, r=dvander, r=aklotz, r=cpearce
2015-04-01 09:40:35 +01:00
Bob Owen
3ec652be22
Bug 1137166: Change the Content moreStrict sandbox pref to an integer to indicate the level of sandboxing. r=tabraldes
2015-03-10 08:03:12 +00:00
Bob Owen
919ea04738
Bug 1132021 - Add a new sandbox level for Windows NPAPI to use USER_LIMITED access token level. r=bsmedberg, r=bbondy
2015-02-11 16:25:43 +00:00
Bob Owen
4811c84eb6
Bug 1127230: Change the NPAPI sandbox prefs to integers to indicate the level of sandboxing. r=bsmedberg
2015-01-30 17:48:15 +00:00
Bob Owen
3c47ad15a2
Bug 1126402: Add a pref to enable a more strict version of the Windows NPAPI process sandbox. r=bsmedberg, r=bbondy
2015-01-29 08:13:07 +00:00
Bob Owen
168d7961a5
Bug 1123245 Part 3: Add prefs for the Windows NPAPI process sandbox. r=bsmedberg
2015-01-23 08:32:21 +00:00
Bob Owen
74cbd37267
Bug 1123245 Part 1: Enable an open sandbox on Windows NPAPI processes. r=josh, r=tabraldes
2015-01-23 08:32:20 +00:00
Aaron Klotz
6b64b990a0
Bug 998863: Asynchronous Plugin Initialization, Part 8: Plugin process launch changes; r=josh
2014-12-29 16:13:28 -07:00
Phil Ringnalda
4227fff1a3
Backed out 15 changesets (bug 1070755, bug 998863) for e10s bustage
...
CLOSED TREE
Backed out changeset 076d1d47d601 (bug 1070755
2014-12-24 18:28:45 -08:00
Aaron Klotz
ca2e03dcae
Bug 998863: Asynchronous Plugin Initialization, Part 8: Plugin process launch changes; r=josh
2014-12-24 17:56:53 -07:00
Bob Owen
fbf7d6754b
Bug 928044 Part 2: Enable the content sandbox by default on Windows with an open policy. r=tabraldes,glandium,jimm
2014-11-29 17:12:18 +00:00
Stephen Pohl
743f796a95
Bug 1077282: Cleanup uses of GreD vs GreBinD, introcuded by v2 signature changes on OSX. Based on initial patch by rstrong. r=bsmedberg
2014-10-10 15:06:57 -04:00
Stephen Pohl
07c4a2cdfe
Mac v2 signing - Bug 1059504 - Avoid plugin-container from crashing due to the new v2 bundle structure on OSX. r=bsmedberg
2014-09-29 11:51:17 -07:00
Stephen Pohl
270318b6fa
Mac v2 signing - Bug 1050944 - Get Firefox to launch and run on OSX with the new .app bundle structure, made necessary by Apple's v2 signatures. r=smichaud, r=ted, sr=bsmedberg
2014-09-29 11:51:04 -07:00
Jacek Caban
4b704173b4
Bug 1063511 - Fix mingw builds after bug 1027906. r=tabraldes
2014-09-08 10:35:24 +02:00
Bob Owen
87d90d8b96
Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg
...
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
Carsten "Tomcat" Book
5a27daa088
Backed out changeset 5adabc2818b2 (bug 1018966) for b2g bustage
2014-09-04 15:14:41 +02:00
Bob Owen
39525b95e4
Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg r=tabraldes
...
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
2014-06-11 15:32:37 +01:00
Josh Aas
7a98b469f2
Bug 1059479 - remove Chromium path service and trace events code. r=bent
2014-09-02 14:23:58 -05:00
Ehsan Akhgari
16c19a6627
Bug 1060997 - Fix more bad implicit constructors in IPC; r=smaug
2014-08-31 21:12:55 -04:00
Tim Abraldes
874e9b3768
bug 1027906. Set delayed token level for GMP plugin processes to USER_RESTRICTED. Whitelist certain files and registry keys that are required for EME plugins to successfully load. r=bobowen. r=jesup. r=bent.
2014-08-29 17:34:26 -07:00
Jacek Caban
fd9becba95
Bug 1042426 - Added --disable-sandbox option that disables building sandbox code. r=glandium
2014-08-27 16:32:55 +02:00
Georg Fritzsche
b655ae59e1
Bug 1041525 - Remove workaround for GMP SyncRunnable deadlock in Crashreporter::OOPInit() r=jesup
2014-07-24 18:16:08 +02:00
Randell Jesup
25baf54e3c
Bug 1041525: Disable GMP OOPInit() during SyncLaunch() until crashreporting fully hooked up r=gfritzsche
2014-07-21 10:24:29 -04:00
Randell Jesup
6629dcfc18
Backed out changeset 40954106dc7a (bug 1041525) (incorrect patch landed)
2014-07-21 10:24:25 -04:00
Randell Jesup
008473dedb
Bug 1041525: Disable GMP OOPInit() during SyncLaunch() until crashreporting fully hooked up r=gfritzsche
2014-07-21 09:59:13 -04:00
Benjamin Smedberg
b5cbbaed2c
Bug 1033522 - Only initialize the Windows Group ID for plugin processes: other process types don't need it. Refactor the saved GRE dir to use a path rather than a non-threadsafe nsIFile object, r=jimm
2014-07-17 11:15:09 -04:00
Tim Abraldes
73e36f4552
bug 985252. Build sandbox code regardless of whether --enable-content-sandbox/MOZ_CONTENT_SANDBOX is provided. Enable sandboxing of GMP plugins. Enable SandboxBroker to set different security policies for different process types. r=bbondy, r=cpearce, r=bent
2014-07-16 16:01:34 -07:00
Mike Hommey
5af4eb7cd5
Bug 1022259 - Only load Gtk+2 stub for plugin processes in Gtk+3 builds. r=bent,r=karlt
2014-06-10 16:00:42 +09:00
Emilio Pozuelo Monfort
39a178c0bf
Bug 624422 - Let plugin-container load libmozgtk2. r=glandium
2014-05-01 13:37:48 +02:00
Birunthan Mohanathas
67f217da62
Bug 869836 - Part 12: Use Assign('c') instead of AssignLiteral("c"). r=ehsan
2014-05-26 21:55:08 +03:00
Birunthan Mohanathas
9f41043f62
Bug 869836 - Part 3: Use Append('c') instead of AppendLiteral("c"). r=ehsan
2014-05-22 06:48:51 +03:00
Josh Aas
315bc6e054
Bustage fix for Gecko Media Plugins landing, bug 957928.
2014-05-17 23:25:36 -05:00
Josh Aas
ee4490b792
Bug 957928: Gecko Media Plugins implementation. No consumers in Gecko yet. r=bent
2014-05-17 22:05:46 -05:00
