diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml index 61cfa875f808..6dca1cbc5da7 100644 --- a/modules/libpref/init/StaticPrefList.yaml +++ b/modules/libpref/init/StaticPrefList.yaml @@ -11355,15 +11355,18 @@ mirror: always do_not_use_directly: true # Consumers should use SandboxSettings to ask. + +# Whether win32k is disabled for content processes. +# true means win32k system calls are not permitted. +# (This cannot be put behind the XP_WIN and MOZ_SANDBOX guards because +# "Nightly Experiments" has no way to filter options based on OS or other +# CPP defines, and it fails if the pref doesn't exist) +- name: security.sandbox.content.win32k-disable + type: RelaxedAtomicBool + value: false + mirror: always + #if defined(XP_WIN) && defined(MOZ_SANDBOX) - - # Whether win32k is disabled for content processes. - # true means win32k system calls are not permitted. -- name: security.sandbox.content.win32k-disable - type: RelaxedAtomicBool - value: @IS_NIGHTLY_BUILD@ - mirror: always - # Note: win32k is currently _not_ disabled for GMP due to intermittent test # failures, where the GMP process fails very early. See bug 1449348. - name: security.sandbox.gmp.win32k-disable diff --git a/toolkit/components/featuregates/Features.toml b/toolkit/components/featuregates/Features.toml index 576f3a50ee5c..f5c741f22ada 100644 --- a/toolkit/components/featuregates/Features.toml +++ b/toolkit/components/featuregates/Features.toml @@ -113,6 +113,16 @@ bug-numbers = [1643027] is-public = true default-value = false +[win32-lockdown] +title = "experimental-features-win32k-lockdown" +description = "experimental-features-win32k-lockdown-description" +restart-required = true +preference = "security.sandbox.content.win32k-disable" +type = "boolean" +bug-numbers = [1697865] +is-public = true +default-value = false + [url-bar-ime-search] title = "experimental-features-ime-search" description = "experimental-features-ime-search-description" diff --git a/toolkit/content/tests/chrome/chrome.ini b/toolkit/content/tests/chrome/chrome.ini index 0327b12c3d2c..ef4ce40855d5 100644 --- a/toolkit/content/tests/chrome/chrome.ini +++ b/toolkit/content/tests/chrome/chrome.ini @@ -55,7 +55,6 @@ support-files = prefs = gfx.font_rendering.fallback.async=false widget.non-native-theme.enabled=false - security.sandbox.content.win32k-disable=false [test_about_networking.html] [test_arrowpanel.xhtml] diff --git a/toolkit/locales/en-US/toolkit/featuregates/features.ftl b/toolkit/locales/en-US/toolkit/featuregates/features.ftl index 76ab05a0744e..c413d062aaa8 100644 --- a/toolkit/locales/en-US/toolkit/featuregates/features.ftl +++ b/toolkit/locales/en-US/toolkit/featuregates/features.ftl @@ -63,6 +63,11 @@ experimental-features-webrtc-global-mute-toggles = .label = WebRTC Global Mute Toggles experimental-features-webrtc-global-mute-toggles-description = Add controls to the WebRTC global sharing indicator that allow users to globally mute their microphone and camera feeds. +# Win32k Lockdown +experimental-features-win32k-lockdown = + .label = Win32k Lockdown +experimental-features-win32k-lockdown-description = Disable use of Win32k APIs in browser tabs. Provides an increase in security but may currently be unstable or glitchy. (Windows only) + # JS JIT Warp project experimental-features-js-warp = .label = JavaScript JIT: Warp