mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1498624 - pt1 - Implement OSX sandbox for RDD process. r=haik 

Differential Revision: https://phabricator.services.mozilla.com/D12376

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Michael Froman 2018-11-21 00:11:20 +00:00
Родитель c084ff85e4
Коммит be9430ed4b
2 изменённых файлов: 58 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

53
dom/media/ipc/RDDParent.cpp
Просмотреть файл

@ -22,6 +22,13 @@
#ifdef MOZ_GECKO_PROFILER #ifdef MOZ_GECKO_PROFILER
#include "ChildProfilerController.h" #include "ChildProfilerController.h"
#endif #endif
#if defined(XP_MACOSX) && defined(MOZ_SANDBOX)
#include "mozilla/Sandbox.h"
#include "nsMacUtilsImpl.h"
#include <Carbon/Carbon.h> // for CGSSetDenyWindowServerConnections
#endif
#include "nsDebugImpl.h" #include "nsDebugImpl.h"
#include "nsThreadManager.h" #include "nsThreadManager.h"
#include "ProcessUtils.h" #include "ProcessUtils.h"
@ -74,9 +81,55 @@ bool RDDParent::Init(base::ProcessId aParentPid, const char* aParentBuildID,
return true; return true;
} }
#if defined(XP_MACOSX) && defined(MOZ_SANDBOX)
extern "C" {
CGError CGSSetDenyWindowServerConnections(bool);
void CGSShutdownServerConnections();
};
static void StartRDDMacSandbox() {
// Close all current connections to the WindowServer. This ensures that the
// Activity Monitor will not label the content process as "Not responding"
// because it's not running a native event loop. See bug 1384336.
CGSShutdownServerConnections();
// Actual security benefits are only acheived when we additionally deny
// future connections.
CGError result = CGSSetDenyWindowServerConnections(true);
MOZ_DIAGNOSTIC_ASSERT(result == kCGErrorSuccess);
#if !MOZ_DIAGNOSTIC_ASSERT_ENABLED
Unused << result;
#endif
nsAutoCString appPath;
nsMacUtilsImpl::GetAppPath(appPath);
MacSandboxInfo info;
info.type = MacSandboxType_Plugin;
info.shouldLog = Preferences::GetBool("security.sandbox.logging.enabled") ||
PR_GetEnv("MOZ_SANDBOX_LOGGING");
info.appPath.assign(appPath.get());
// Per Haik, set appBinaryPath and pluginBinaryPath to '/dev/null' to
// make sure OSX sandbox policy isn't confused by empty strings for
// the paths.
info.appBinaryPath.assign("/dev/null");
info.pluginInfo.pluginBinaryPath.assign("/dev/null");
std::string err;
bool rv = mozilla::StartMacSandbox(info, err);
if (!rv) {
NS_WARNING(err.c_str());
MOZ_CRASH("mozilla::StartMacSandbox failed");
}
}
#endif
mozilla::ipc::IPCResult RDDParent::RecvInit() { mozilla::ipc::IPCResult RDDParent::RecvInit() {
Unused << SendInitComplete(); Unused << SendInitComplete();
#if defined(XP_MACOSX) && defined(MOZ_SANDBOX)
StartRDDMacSandbox();
#endif
return IPC_OK(); return IPC_OK();
} }

5
dom/media/ipc/moz.build
Просмотреть файл

@ -52,6 +52,11 @@ SOURCES += [
'VideoDecoderParent.cpp', 'VideoDecoderParent.cpp',
] ]
# so we can include nsMacUtilsImpl.h in RDDParent.cpp for sandboxing
LOCAL_INCLUDES += [
'/xpcom/base',
]
include('/ipc/chromium/chromium-config.mozbuild') include('/ipc/chromium/chromium-config.mozbuild')