Bug 1565575 - Allow access to AudioComponentRegistrar when doing audio remoting on OSX to be able to use system decoders. r=haik

When audio remoting is enabled, we can remove most of the sandbox exceptions,
except one, that allows using system calls to do decoding of audio and video
using system decoders (h264 and aac). Not doing that results in most mp4 files
to be unplayable, erroring out when doing calls like this:

https://searchfox.org/mozilla-central/rev/da855d65d1fbdd714190cab2c46130f7422f3699/dom/media/platforms/apple/AppleATDecoder.cpp:336
https://searchfox.org/mozilla-central/rev/da855d65d1fbdd714190cab2c46130f7422f3699/dom/media/platforms/apple/AppleATDecoder.cpp:545

We'll be able to remove it again when we'll use the RDD for everything, but in
the meantime, this exception is needed.

Differential Revision: https://phabricator.services.mozilla.com/D38465

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Paul Adenot 2019-07-22 08:22:40 +00:00
Родитель 914b7530c9
Коммит 6d321304a4
1 изменённых файлов: 5 добавлений и 5 удалений

Просмотреть файл

@ -360,6 +360,11 @@ static const char SandboxPolicyContent[] = R"SANDBOX_LITERAL(
(subpath "/Library/Extensis/UTC") ; bug 1469657
(regex #"\.fontvault/")
(home-subpath "/FontExplorer X/Font Library")))
(if (>= macosMinorVersion 13)
(allow mach-lookup
; bug 1565575
(global-name "com.apple.audio.AudioComponentRegistrar")))
)SANDBOX_LITERAL";
// These are additional rules that are added to the content process rules for
@ -384,11 +389,6 @@ static const char SandboxPolicyContentAudioAddend[] = R"SANDBOX_LITERAL(
(global-name "com.apple.audio.coreaudiod")
(global-name "com.apple.audio.audiohald"))
(if (>= macosMinorVersion 13)
(allow mach-lookup
; bug 1376163
(global-name "com.apple.audio.AudioComponentRegistrar")))
(allow iokit-open (iokit-user-client-class "IOAudioEngineUserClient"))
(allow file-read* (subpath "/Library/Audio/Plug-Ins"))