To reliably detect corrupt APK, this patch adds a GeckoLoader.verifyCRC
call to enable verification of CRC before extracting libs.
MozReview-Commit-ID: 5EpIfwREGIv
This removes the need for the content process to have permissions to create new
files on macOS, allowing more aggressive sandboxing.
MozReview-Commit-ID: 8agL5jwxDSL
--HG--
extra : rebase_source : 17ebcef3e9d24f3d4e7515e3fae95e65cef76a79
MozReview-Commit-ID: 270iURVhNRu
This patch builds upon the existing DLL services functionality:
1) We add code to obtain the name of the subject from the cert used to sign a
binary (if present). This code is added inside mozglue because in the future
we will be using this code from the DLL blocklist, which is also located
there.
2) We add annotation functionality that registers itself for DLL load events
and updates crash reporter annotations as new libraries are loaded. It also
annotates any existing libraries that are also in memory at the time that the
CertAnnotator is first instantiated. This all happens off main thread, with
the exception of actually making the annotation when in a child process.
--HG--
extra : rebase_source : 2e3726d37356479aee81915caed04fe7af74c815
MozReview-Commit-ID: 270iURVhNRu
This patch builds upon the existing DLL services functionality:
1) We add code to obtain the name of the subject from the cert used to sign a
binary (if present). This code is added inside mozglue because in the future
we will be using this code from the DLL blocklist, which is also located
there.
2) We add annotation functionality that registers itself for DLL load events
and updates crash reporter annotations as new libraries are loaded. It also
annotates any existing libraries that are also in memory at the time that the
CertAnnotator is first instantiated. This all happens off main thread, with
the exception of actually making the annotation when in a child process.
--HG--
extra : rebase_source : f86c1a6fd2a44f21a71e7a7418267b3b0d5feeec
MozReview-Commit-ID: 270iURVhNRu
This patch builds upon the existing DLL services functionality:
1) We add code to obtain the name of the subject from the cert used to sign a
binary (if present). This code is added inside mozglue because in the future
we will be using this code from the DLL blocklist, which is also located
there.
2) We add annotation functionality that registers itself for DLL load events
and updates crash reporter annotations as new libraries are loaded. It also
annotates any existing libraries that are also in memory at the time that the
CertAnnotator is first instantiated. This all happens off main thread, with
the exception of actually making the annotation when in a child process.
--HG--
extra : rebase_source : e032ee8c4cf71e5225b51797443764549f4bbe56
Unified headers have a complete <elf.h> so we should include that
instead of <linux/elf.h>.
MozReview-Commit-ID: DkQv2vk1Q62
--HG--
extra : rebase_source : 7cd9eb04532c14b1dd0dc8747448b89d16e4f118
Unified headers have a complete <elf.h> so we should include that
instead of <linux/elf.h>.
MozReview-Commit-ID: DkQv2vk1Q62
--HG--
extra : rebase_source : 43b3fa15042246d2c3ec37a3ca904822b0f68d0c
It was added in bug 683127 as a forced include for nspr, and
accidentally became unused after bug 1230117, but it turns out that all
versions of Android we care about nowadays (and probably back then) now
support dladdr.
--HG--
extra : rebase_source : 024244627c215de2d35e2f4595b7612eb1723996
When looping through the debugger helper links during our
dl_iterate_phdr implementation, we effectively race with other threads
dlclose()ing libraries while we're working.
We do have a (rather involved) check in place to ensure that elf headers
are readable. But it turns out in practice, some dlclose() do happen
between the check and the actual read of the elf headers.
Unfortunately, we can't lock the system linker while we're looping, so a
better approach is to only loop through the libraries we loaded, and
rely on the system dl_iterate_phdr to iterate over the (remaining)
system libraries.
Unfortunately (again), Android versions < 5.0 don't have a system
dl_iterate_phdr, so we have to rely on the old iterator when it's not
present.
--HG--
extra : rebase_source : 3fd07589ed1939411ef72f481b7c72f761d53701
We're going to introduce two code paths that need to fill dl_phdr_info
from different iterators, so first move the code to a separate class,
that both code paths will be able to call.
--HG--
extra : rebase_source : a50663ad8d15d4f7a28d7138824003df5edd7f1c
The same exists in mozilla/MacroArgs.h, avoiding a macro redefined warning
when building on non-Android.
--HG--
extra : rebase_source : 6e3502ddf9deb96b29e3663f5867f852a2912401
Because one entry point is simpler than two, we make replace_init fulfil
both the roles of replace_init and replace_get_bridge.
Note this should be binary compatible with older replace-malloc
libraries, albeit not detecting their bridge (and with the
previous change, they do not register anyways). So loading older
replace-malloc libraries should do nothing, but not crash in awful ways.
--HG--
extra : rebase_source : aaf83e706ee34f45cfa75551a2f0998e5c5b8726
The allocator API is a moving target, and every time we change it, the
surface for replace-malloc libraries grows. This causes some build
system problems, because of the tricks in replace_malloc.mk, which
require the full list of symbols.
Considering the above and the goal of moving some of the replace-malloc
libraries into mozglue, it becomes simpler to reduce the replace-malloc
exposure to the initialization functions.
So instead of the allocator poking into replace-malloc libraries for all
the functions, we expect their replace_init function to alter the table
of allocator functions it's passed to register its own functions.
This means replace-malloc implementations now need to copy the original
table, which is not a bad thing, as it allows function calls with one
level of indirection less. It also replace_init functions to not
actually register the replace-malloc functions in some cases, which will
be useful when linking some replace-malloc libraries into mozglue.
Note this is binary compatible with previously built replace-malloc
libraries, but because those libraries wouldn't update the function
table, they would stay disabled.
--HG--
extra : rebase_source : 2518f6ebe76b4c82359e98369de6a5a8c3ca9967
These flags are only relevant on OS X, and will not be necessary soon, so this
commit moves them to a separate variable while we move the remainder of the
ldflags to mozbuild.
MozReview-Commit-ID: 1NDgz3HIYpT
--HG--
extra : rebase_source : 6e9b5f5a5be5ff916db89a0b73896b9058eb040e
We assume CLOCK_MONOTONIC as timebase for events on Wayland and use that to translates GDK event times to gecko timestamps.
MozReview-Commit-ID: LWd2KWTQeha
--HG--
extra : rebase_source : 1839d35989b9c29c60dd33d445db79afc75af9ab
We already dealt with issues around dlsym not resolving weak symbols
with libc in bug 1081034. This fix applies the same workaround to libm,
which solves the isnanf issue.
The previous fix for looking up __isnanf is no longer needed.
The comment with the accompanying change explains things, but the short
version is that clang generates full calls to isnanf, which our
dlsym-based symbol lookup in the custom linker cannot handle correctly.
We therefore need to do extra work for isnanf to find the correct symbol.