From 46297bb82074e5668a000f13525f22c12cafe8c4 Mon Sep 17 00:00:00 2001 From: Chris Martin Date: Fri, 30 Apr 2021 19:54:39 +0000 Subject: [PATCH] Bug 1708545 - Only disable GfxInfo::Init() with Win32k lockdown enabled r=bobowen It looks like it was too hopeful that we would be able to get rid of all usage of GfxInfo::Init() from content process. Since it looks like there may be some rare cases where the browser asserts, we should preface the assertions to only happen with Win32k lockdown enabled to allow the user to continue to use their browser while foxfooding this feature. Differential Revision: https://phabricator.services.mozilla.com/D113984 --- widget/windows/GfxInfo.cpp | 70 ++++++++++++++++++-------------------- 1 file changed, 34 insertions(+), 36 deletions(-) diff --git a/widget/windows/GfxInfo.cpp b/widget/windows/GfxInfo.cpp index 28dffb41d1a6..662018b9120f 100644 --- a/widget/windows/GfxInfo.cpp +++ b/widget/windows/GfxInfo.cpp @@ -22,6 +22,7 @@ #include "mozilla/gfx/Logging.h" #include "mozilla/SSE.h" #include "mozilla/ArrayUtils.h" +#include "mozilla/WindowsProcessMitigations.h" #include #include @@ -40,9 +41,10 @@ using namespace mozilla::widget; NS_IMPL_ISUPPORTS_INHERITED(GfxInfo, GfxInfoBase, nsIGfxInfoDebug) #endif -static void AssertNotContentProcess() { - MOZ_DIAGNOSTIC_ASSERT(!XRE_IsContentProcess(), - "Invalid Windows GfxInfo API used in content process"); +static void AssertNotWin32kLockdown() { + // Check that we are not in Win32k lockdown + MOZ_DIAGNOSTIC_ASSERT(!IsWin32kLockedDown(), + "Invalid Windows GfxInfo API with Win32k lockdown"); } /* GetD2DEnabled and GetDwriteEnabled shouldn't be called until after @@ -76,14 +78,14 @@ GfxInfo::GetDWriteVersion(nsAString& aDwriteVersion) { NS_IMETHODIMP GfxInfo::GetHasBattery(bool* aHasBattery) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); *aHasBattery = mHasBattery; return NS_OK; } int32_t GfxInfo::GetMaxRefreshRate(bool* aMixed) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); int32_t maxRefreshRate = -1; if (aMixed) { @@ -366,10 +368,6 @@ static bool HasBattery() { HANDLE mHandle; }; - MOZ_ASSERT(!XRE_IsContentProcess(), - "Win32k Lockdown doesn't support querying the battery in content " - "process"); - HDEVINFO hdev = ::SetupDiGetClassDevs(&GUID_DEVCLASS_BATTERY, nullptr, nullptr, DIGCF_PRESENT | DIGCF_DEVICEINTERFACE); @@ -460,10 +458,10 @@ static bool HasBattery() { nsresult GfxInfo::Init() { nsresult rv = GfxInfoBase::Init(); - // If we are in a content process, we can't call any of the many Win32k - // APIs below. Any method that accesses members of this class should assert - // that it's not used in content - if (XRE_IsContentProcess()) { + // If we are locked down in a content process, we can't call any of the + // Win32k APIs below. Any method that accesses members of this class should + // assert that it's not used in content + if (IsWin32kLockedDown()) { return rv; } @@ -910,7 +908,7 @@ nsresult GfxInfo::Init() { NS_IMETHODIMP GfxInfo::GetAdapterDescription(nsAString& aAdapterDescription) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterDescription = mDeviceString[mActiveGPUIndex]; return NS_OK; @@ -918,7 +916,7 @@ GfxInfo::GetAdapterDescription(nsAString& aAdapterDescription) { NS_IMETHODIMP GfxInfo::GetAdapterDescription2(nsAString& aAdapterDescription) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterDescription = mDeviceString[1 - mActiveGPUIndex]; return NS_OK; @@ -926,7 +924,7 @@ GfxInfo::GetAdapterDescription2(nsAString& aAdapterDescription) { NS_IMETHODIMP GfxInfo::RefreshMonitors() { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); mDisplayInfo.Clear(); @@ -965,7 +963,7 @@ GfxInfo::RefreshMonitors() { NS_IMETHODIMP GfxInfo::GetAdapterRAM(uint32_t* aAdapterRAM) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); uint32_t result = 0; if (NS_FAILED(GetKeyValue(mDeviceKey[mActiveGPUIndex].get(), @@ -984,7 +982,7 @@ GfxInfo::GetAdapterRAM(uint32_t* aAdapterRAM) { NS_IMETHODIMP GfxInfo::GetAdapterRAM2(uint32_t* aAdapterRAM) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); uint32_t result = 0; if (mHasDualGPU) { @@ -1005,7 +1003,7 @@ GfxInfo::GetAdapterRAM2(uint32_t* aAdapterRAM) { NS_IMETHODIMP GfxInfo::GetAdapterDriver(nsAString& aAdapterDriver) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); if (NS_FAILED(GetKeyValue(mDeviceKey[mActiveGPUIndex].get(), L"InstalledDisplayDrivers", aAdapterDriver, @@ -1016,7 +1014,7 @@ GfxInfo::GetAdapterDriver(nsAString& aAdapterDriver) { NS_IMETHODIMP GfxInfo::GetAdapterDriver2(nsAString& aAdapterDriver) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); if (!mHasDualGPU) { aAdapterDriver.Truncate(); @@ -1036,7 +1034,7 @@ GfxInfo::GetAdapterDriverVendor(nsAString& aAdapterDriverVendor) { NS_IMETHODIMP GfxInfo::GetAdapterDriverVersion(nsAString& aAdapterDriverVersion) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterDriverVersion = mDriverVersion[mActiveGPUIndex]; return NS_OK; @@ -1044,7 +1042,7 @@ GfxInfo::GetAdapterDriverVersion(nsAString& aAdapterDriverVersion) { NS_IMETHODIMP GfxInfo::GetAdapterDriverDate(nsAString& aAdapterDriverDate) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterDriverDate = mDriverDate[mActiveGPUIndex]; return NS_OK; @@ -1058,7 +1056,7 @@ GfxInfo::GetAdapterDriverVendor2(nsAString& aAdapterDriverVendor) { NS_IMETHODIMP GfxInfo::GetAdapterDriverVersion2(nsAString& aAdapterDriverVersion) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterDriverVersion = mDriverVersion[1 - mActiveGPUIndex]; return NS_OK; @@ -1066,7 +1064,7 @@ GfxInfo::GetAdapterDriverVersion2(nsAString& aAdapterDriverVersion) { NS_IMETHODIMP GfxInfo::GetAdapterDriverDate2(nsAString& aAdapterDriverDate) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterDriverDate = mDriverDate[1 - mActiveGPUIndex]; return NS_OK; @@ -1074,7 +1072,7 @@ GfxInfo::GetAdapterDriverDate2(nsAString& aAdapterDriverDate) { NS_IMETHODIMP GfxInfo::GetAdapterVendorID(nsAString& aAdapterVendorID) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterVendorID = mAdapterVendorID[mActiveGPUIndex]; return NS_OK; @@ -1082,7 +1080,7 @@ GfxInfo::GetAdapterVendorID(nsAString& aAdapterVendorID) { NS_IMETHODIMP GfxInfo::GetAdapterVendorID2(nsAString& aAdapterVendorID) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterVendorID = mAdapterVendorID[1 - mActiveGPUIndex]; return NS_OK; @@ -1090,7 +1088,7 @@ GfxInfo::GetAdapterVendorID2(nsAString& aAdapterVendorID) { NS_IMETHODIMP GfxInfo::GetAdapterDeviceID(nsAString& aAdapterDeviceID) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterDeviceID = mAdapterDeviceID[mActiveGPUIndex]; return NS_OK; @@ -1098,7 +1096,7 @@ GfxInfo::GetAdapterDeviceID(nsAString& aAdapterDeviceID) { NS_IMETHODIMP GfxInfo::GetAdapterDeviceID2(nsAString& aAdapterDeviceID) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterDeviceID = mAdapterDeviceID[1 - mActiveGPUIndex]; return NS_OK; @@ -1106,7 +1104,7 @@ GfxInfo::GetAdapterDeviceID2(nsAString& aAdapterDeviceID) { NS_IMETHODIMP GfxInfo::GetAdapterSubsysID(nsAString& aAdapterSubsysID) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterSubsysID = mAdapterSubsysID[mActiveGPUIndex]; return NS_OK; @@ -1114,7 +1112,7 @@ GfxInfo::GetAdapterSubsysID(nsAString& aAdapterSubsysID) { NS_IMETHODIMP GfxInfo::GetAdapterSubsysID2(nsAString& aAdapterSubsysID) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); aAdapterSubsysID = mAdapterSubsysID[1 - mActiveGPUIndex]; return NS_OK; @@ -1130,7 +1128,7 @@ GfxInfo::GetIsGPU2Active(bool* aIsGPU2Active) { NS_IMETHODIMP GfxInfo::GetDisplayInfo(nsTArray& aDisplayInfo) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); for (auto displayInfo : mDisplayInfo) { nsString value; @@ -1147,7 +1145,7 @@ GfxInfo::GetDisplayInfo(nsTArray& aDisplayInfo) { NS_IMETHODIMP GfxInfo::GetDisplayWidth(nsTArray& aDisplayWidth) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); for (auto displayInfo : mDisplayInfo) { aDisplayWidth.AppendElement((uint32_t)displayInfo.mScreenWidth); @@ -1157,7 +1155,7 @@ GfxInfo::GetDisplayWidth(nsTArray& aDisplayWidth) { NS_IMETHODIMP GfxInfo::GetDisplayHeight(nsTArray& aDisplayHeight) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); for (auto displayInfo : mDisplayInfo) { aDisplayHeight.AppendElement((uint32_t)displayInfo.mScreenHeight); @@ -1187,7 +1185,7 @@ static void CheckForCiscoVPN() { } void GfxInfo::AddCrashReportAnnotations() { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); CheckForCiscoVPN(); @@ -1925,7 +1923,7 @@ nsresult GfxInfo::GetFeatureStatusImpl( int32_t aFeature, int32_t* aStatus, nsAString& aSuggestedDriverVersion, const nsTArray& aDriverInfo, nsACString& aFailureId, OperatingSystem* aOS /* = nullptr */) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); NS_ENSURE_ARG_POINTER(aStatus); aSuggestedDriverVersion.SetIsVoid(true); @@ -2017,7 +2015,7 @@ nsresult GfxInfo::GetFeatureStatusImpl( } nsresult GfxInfo::FindMonitors(JSContext* aCx, JS::HandleObject aOutArray) { - AssertNotContentProcess(); + AssertNotWin32kLockdown(); int deviceCount = 0; for (auto displayInfo : mDisplayInfo) {