Bug 1912481 p2: Give read access to the Windows system binary dir. r=handyman

This is to allow Windows DLLs that are not used in all content processes to load later if they are required. Differential Revision: https://phabricator.services.mozilla.com/D218964
2024-08-22 09:16:38 +00:00 · 2024-08-22 09:16:38 +00:00 · 3f27e32e97
--- a/dom/ipc/ContentChild.cpp
+++ b/dom/ipc/ContentChild.cpp
@ -1740,27 +1740,11 @@ mozilla::ipc::IPCResult ContentChild::RecvSetProcessSandbox(
  ::LoadLibraryW(L"mozavutil.dll");

  if (GetEffectiveContentSandboxLevel() > 7) {
-    // Library required for timely audio processing.
-    ::LoadLibraryW(L"avrt.dll");
    // Libraries required by Network Security Services (NSS).
    ::LoadLibraryW(L"freebl3.dll");
    ::LoadLibraryW(L"softokn3.dll");
-    // Library required by DirectWrite in some fall-back scenarios.
-    ::LoadLibraryW(L"textshaping.dll");
-    // Microsoft libraries that are required for WMF software encoding.
-    ::LoadLibraryW(L"mfplat.dll");
-    ::LoadLibraryW(L"mf.dll");
-    ::LoadLibraryW(L"dxva2.dll");
-    ::LoadLibraryW(L"evr.dll");
-    ::LoadLibraryW(L"mfh264enc.dll");
    // Cache value that is retrieved from a registry entry.
    Unused << GetCpuFrequencyMHz();
-#    if defined(DEBUG)
-    // Library used in some debug testing.
-    ::LoadLibraryW(L"dbghelp.dll");
-    // Required for WMF shutdown, not required for opt due to quick exit.
-    ::LoadLibraryW(L"ole32.dll");
-#    endif
  }
  mozilla::SandboxTarget::Instance()->StartSandbox();
 #  elif defined(XP_MACOSX)
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
+++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
@ -1021,6 +1021,24 @@ void SandboxBroker::SetSecurityLevelForContentProcess(int32_t aSandboxLevel,
      }
    }

+    // Add access to Windows system binary dir to allow DLLs that are not
+    // required in all content processes to load later.
+    wchar_t* systemBinPath;
+    if (SUCCEEDED(::SHGetKnownFolderPath(FOLDERID_System, 0, nullptr,
+                                         &systemBinPath))) {
+      std::wstring systemBinPathStr = systemBinPath;
+      ::CoTaskMemFree(systemBinPath);
+      systemBinPathStr += L"\\*";
+      result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES,
+                                sandbox::TargetPolicy::FILES_ALLOW_READONLY,
+                                systemBinPathStr.c_str());
+      if (sandbox::SBOX_ALL_OK != result) {
+        NS_ERROR("Failed to add rule for system bin dir.");
+        LOG_E("Failed (ResultCode %d) to add read access to: %S", result,
+              systemBinPathStr.c_str());
+      }
+    }
+
    // Read access for MF Media Source Activate and subkeys/values.
    result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_REGISTRY,
                              sandbox::TargetPolicy::REG_ALLOW_READONLY,