Bug 1572618 - Statically link the rlbox library to libxul. r=firefox-build-system-reviewers,nika,andi

We still rely on dynamic loading to find the symbols, but since we get
them from libxul, we don't need to load the library before activating
the process sandbox anymore.

Differential Revision: https://phabricator.services.mozilla.com/D128333

browser/installer/package-manifest.in

@@ -109,9 +109,6 @@
 @BINPATH@/@DLL_PREFIX@mozwayland@DLL_SUFFIX@
 #endif
 #endif
-#ifdef MOZ_USING_WASM_SANDBOXING
-@BINPATH@/@DLL_PREFIX@rlbox@DLL_SUFFIX@
-#endif
 
 ; We don't have a complete view of which dlls to expect when doing an artifact
 ; build because we haven't run the relevant parts of configure, so we guess

dom/ipc/ContentChild.cpp

@@ -101,7 +101,6 @@
 #include "mozilla/ipc/FileDescriptorSetChild.h"
 #include "mozilla/ipc/FileDescriptorUtils.h"
 #include "mozilla/ipc/GeckoChildProcessHost.h"
-#include "mozilla/ipc/LibrarySandboxPreload.h"
 #include "mozilla/ipc/PChildToParentStreamChild.h"
 #include "mozilla/ipc/PParentToChildStreamChild.h"
 #include "mozilla/ipc/ProcessChild.h"
@@ -1702,10 +1701,6 @@ mozilla::ipc::IPCResult ContentChild::RecvSetProcessSandbox(
   // at some point; see bug 880808.
 #if defined(MOZ_SANDBOX)
 
-#  ifdef MOZ_USING_WASM_SANDBOXING
-  mozilla::ipc::PreloadSandboxedDynamicLibrary();
-#  endif
-
   bool sandboxEnabled = true;
 #  if defined(XP_LINUX)
   // On Linux, we have to support systems that can't use any sandboxing.

ipc/glue/LibrarySandboxPreload.cpp

@@ -5,6 +5,7 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "LibrarySandboxPreload.h"
+#include "nsXPCOMPrivate.h"  // for XPCOM_DLL
 
 #include "BinaryPath.h"
 #include "prlink.h"
@@ -19,7 +20,7 @@ PathString GetSandboxedRLBoxPath() {
     MOZ_CRASH("Library preload failure: Failed to get binary file\n");
   }
 
-  rv = libFile->SetNativeLeafName(MOZ_DLL_PREFIX "rlbox" MOZ_DLL_SUFFIX ""_ns);
+  rv = libFile->SetNativeLeafName(XPCOM_DLL ""_ns);
   if (NS_FAILED(rv)) {
     MOZ_CRASH("Library preload failure: Failed to get library file\n");
   }
@@ -40,16 +41,5 @@ PRLibrary* PreloadLibrary(const PathString& path) {
   return ret;
 }
 
-void PreloadSandboxedDynamicLibrary() {
-  // The process level sandbox does not allow loading of dynamic libraries.
-  // This preloads wasm sandboxed libraries before the process level sandbox is
-  // enabled. Currently, this is only needed for Linux and Windows.
-#if (defined(XP_LINUX) || defined(XP_WIN)) && defined(MOZ_USING_WASM_SANDBOXING)
-  if (!PreloadLibrary(GetSandboxedRLBoxPath())) {
-    MOZ_CRASH("Library preload failure: Failed to load librlbox\n");
-  }
-#endif
-}
-
 }  // namespace ipc
 }  // namespace mozilla

ipc/glue/LibrarySandboxPreload.h

@@ -13,7 +13,6 @@
 namespace mozilla {
 namespace ipc {
 PathString GetSandboxedRLBoxPath();
-void PreloadSandboxedDynamicLibrary();
 }  // namespace ipc
 }  // namespace mozilla
 #endif

mobile/android/installer/package-manifest.in

@@ -78,10 +78,6 @@
 @BINPATH@/@DLL_PREFIX@gvr@DLL_SUFFIX@
 #endif
 
-#ifdef MOZ_USING_WASM_SANDBOXING
-@BINPATH@/@DLL_PREFIX@rlbox@DLL_SUFFIX@
-#endif
-
 [xpcom]
 @BINPATH@/package-name.txt
 

security/rlbox/moz.build

@@ -20,7 +20,7 @@ SOURCES += [
     "/third_party/wasm2c/wasm2c/wasm-rt-wasi.c",
 ]
 
-GeckoSharedLibrary("rlbox", linkage=None)
+FINAL_LIBRARY = "xul"
 
 NoVisibilityFlags()