From 0d056e01307db1918e2c1761fd0dd5a9cd828fd3 Mon Sep 17 00:00:00 2001 From: Toshihito Kikuchi Date: Thu, 13 Feb 2020 05:49:03 +0000 Subject: [PATCH] Bug 1614885 - Do not attempt to bootstrap a child process if the launcher failed to boostrap the browser process. r=aklotz Bug 1522830 added the call to `InitializeDllBlocklistOOP` in `SandboxBroker::LaunchApp` to enable the new dll blocklist and telemetry in sandbox processes. If the browser process fails to bootstrap a process for some reason, firefox starts without any crash nor any content processes because of that change. What is worse is that this problem persists even after the launcher process was disabled. To mitigate it, this patch stops an attempt to bootstrap a child process if the launcher process already failed to do it. With this, if something bad happens in the first launch, the launcher process is automatically disabled via registry and next time firefox will work normally. So a user will see the launching problem only once. We will follow up the bootstrap issue. Differential Revision: https://phabricator.services.mozilla.com/D62636 --HG-- extra : moz-landing-system : lando --- browser/app/winlauncher/DllBlocklistInit.cpp | 24 ++++++++++++++++++- browser/app/winlauncher/DllBlocklistInit.h | 3 +++ .../app/winlauncher/LauncherProcessWin.cpp | 3 ++- 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/browser/app/winlauncher/DllBlocklistInit.cpp b/browser/app/winlauncher/DllBlocklistInit.cpp index 2d75c59d8f73..ebb26d329692 100644 --- a/browser/app/winlauncher/DllBlocklistInit.cpp +++ b/browser/app/winlauncher/DllBlocklistInit.cpp @@ -33,9 +33,14 @@ LauncherVoidResultWithLineInfo InitializeDllBlocklistOOP( return mozilla::Ok(); } +LauncherVoidResultWithLineInfo InitializeDllBlocklistOOPFromLauncher( + const wchar_t* aFullImagePath, HANDLE aChildProcess) { + return mozilla::Ok(); +} + #else -LauncherVoidResultWithLineInfo InitializeDllBlocklistOOP( +static LauncherVoidResultWithLineInfo InitializeDllBlocklistOOPInternal( const wchar_t* aFullImagePath, HANDLE aChildProcess) { CrossProcessDllInterceptor intcpt(aChildProcess); intcpt.Init(L"ntdll.dll"); @@ -127,6 +132,23 @@ LauncherVoidResultWithLineInfo InitializeDllBlocklistOOP( return Ok(); } +LauncherVoidResultWithLineInfo InitializeDllBlocklistOOP( + const wchar_t* aFullImagePath, HANDLE aChildProcess) { + // We come here when the browser process launches a sandbox process. + // If the launcher process already failed to bootstrap the browser process, + // we should not attempt to bootstrap a child process. + if (!(gBlocklistInitFlags & eDllBlocklistInitFlagWasBootstrapped)) { + return Ok(); + } + + return InitializeDllBlocklistOOPInternal(aFullImagePath, aChildProcess); +} + +LauncherVoidResultWithLineInfo InitializeDllBlocklistOOPFromLauncher( + const wchar_t* aFullImagePath, HANDLE aChildProcess) { + return InitializeDllBlocklistOOPInternal(aFullImagePath, aChildProcess); +} + #endif // defined(MOZ_ASAN) || defined(_M_ARM64) } // namespace mozilla diff --git a/browser/app/winlauncher/DllBlocklistInit.h b/browser/app/winlauncher/DllBlocklistInit.h index d9b3c97077e5..758b36f13395 100644 --- a/browser/app/winlauncher/DllBlocklistInit.h +++ b/browser/app/winlauncher/DllBlocklistInit.h @@ -16,6 +16,9 @@ namespace mozilla { LauncherVoidResultWithLineInfo InitializeDllBlocklistOOP( const wchar_t* aFullImagePath, HANDLE aChildProcess); +LauncherVoidResultWithLineInfo InitializeDllBlocklistOOPFromLauncher( + const wchar_t* aFullImagePath, HANDLE aChildProcess); + } // namespace mozilla #endif // mozilla_DllBlocklistInit_h diff --git a/browser/app/winlauncher/LauncherProcessWin.cpp b/browser/app/winlauncher/LauncherProcessWin.cpp index b9b77e9dbf67..ee2c290bfc70 100644 --- a/browser/app/winlauncher/LauncherProcessWin.cpp +++ b/browser/app/winlauncher/LauncherProcessWin.cpp @@ -43,7 +43,8 @@ static mozilla::LauncherVoidResult PostCreationSetup( const wchar_t* aFullImagePath, HANDLE aChildProcess, HANDLE aChildMainThread, const bool aIsSafeMode) { - return mozilla::InitializeDllBlocklistOOP(aFullImagePath, aChildProcess); + return mozilla::InitializeDllBlocklistOOPFromLauncher(aFullImagePath, + aChildProcess); } #if !defined( \