This patch introduces ipcclientcerts, a PKCS#11 module that the socket process
can load to get access to client certificates and keys managed by the parent
process. This enables client certificate authentication to work with the socket
process (particularly for keys stored outside of NSS, as with osclientcerts or
third-party PKCS#11 modules).
Depends on D130820
Differential Revision: https://phabricator.services.mozilla.com/D122392
The former is broken because of a lack of a app.mozbuild file and has
been broken for years.
The latter doesn't do anything useful outside --enable-project=extensions
because all the subdirectories of extensions/ are already covered by
other flags (or always used):
- auth, via --enable-negotiateauth (default on)
- permissions, always
- pref, via --enable-pref-extensions (default on)
- spellcheck, always
- universalchardet, via --enable-universalchardet (default on)
Also, nothing sets MOZ_EXTENSIONS_DEFAULT anymore.
Differential Revision: https://phabricator.services.mozilla.com/D133970
The former is broken because of a lack of a app.mozbuild file and has
been broken for years.
The latter doesn't do anything useful outside --enable-project=extensions
because all the subdirectories of extensions/ are already covered by
other flags (or always used):
- auth, via --enable-negotiateauth (default on)
- permissions, always
- pref, via --enable-pref-extensions (default on)
- spellcheck, always
- universalchardet, via --enable-universalchardet (default on)
Also, nothing sets MOZ_EXTENSIONS_DEFAULT anymore.
Differential Revision: https://phabricator.services.mozilla.com/D133970
Normally we always want GeckoResult callbacks to run in the same thread where
the GeckoResult has been created.
In the case where we don't have a looper, however, we cannot do that. For
delegate calls, we are going to send the call to the UI thread, so we can use
the UI thread to run the callback (which is what the embedder would have to do
in this case, anyway).
Differential Revision: https://phabricator.services.mozilla.com/D134056
It's consistently set to bundle for all Darwin targets, and that's the
only value we really care about. Removing MOZ_FS_LAYOUT reduces the
differences between old-configure and js/src/old-configure one tiny bit.
Differential Revision: https://phabricator.services.mozilla.com/D133150
This patch introduces ipcclientcerts, a PKCS#11 module that the socket process
can load to get access to client certificates and keys managed by the parent
process. This enables client certificate authentication to work with the socket
process (particularly for keys stored outside of NSS, as with osclientcerts or
third-party PKCS#11 modules).
Differential Revision: https://phabricator.services.mozilla.com/D122392
This is required to replace the existing MOZ_FORCE_ENABLE_FISSION environment
variables in environments which use that. In the future we'll want to stop
passing any environment variable when not passing a flag to `./mach run`
however that will require changes to the default test behaviour in bug 1744091.
Differential Revision: https://phabricator.services.mozilla.com/D133006
This patch introduces ipcclientcerts, a PKCS#11 module that the socket process
can load to get access to client certificates and keys managed by the parent
process. This enables client certificate authentication to work with the socket
process (particularly for keys stored outside of NSS, as with osclientcerts or
third-party PKCS#11 modules).
Differential Revision: https://phabricator.services.mozilla.com/D122392
Add a function to GPUProcessManager to force the GPU process to crash,
and expose it through gfxInfo. Expose this to geckoview tests via the
test-support webextension.
Add a junit test GpuCrashTest, which triggers a GPU process crash and
ensures the crash reporter was notified.
Additionally, ensure the TestCrashHandler service is stopped in
between tests, as otherwise only the first crash test to run will be
notified of the crash.
Differential Revision: https://phabricator.services.mozilla.com/D132812
Rename ContentCrashHandler.jsm to ChildCrashHandler.jsm as it is now
responsible for all types of child process crashes. Have it observe
"compositor:process-aborted" in addition to
"ipc:content-shutdown". Additionally, rename the
"GeckoView:ContentCrashReport" event it sends to
"GeckoView:ChildCrashReport".
In GPUChild::ActorDestroy, provide an out variable for
GenerateCrashReport to return the dump ID, and stuff this in to a
property bag, along with "abnormal: true", sent to
"compositor:process-aborted" observers.
In ChildCrashHandler, set the "processType" argument sent with the
GeckoView:ChildCrashReport event to BACKGROUND_CHILD for GPU process
crashes, and FOREGROUND_CHILD otherwise.
Differential Revision: https://phabricator.services.mozilla.com/D132810
Currently the geckoview crash reporter has an EXTRA_CRASH_FATAL
argument, which indicates whether a crash is fatal, ie it occured in
the parent process and cannot be recovered from. Crashes in content
processes are by contrast deemed non-fatal, as the application can
recover from them.
With the upcoming GPU process on Android we will start collecting GPU
process crashes. These are certainly not fatal, and in fact should
barely be noticed by users. Applications may want a way to distinguish
between non-fatal but prominent content process crashes, and barely
noticeable GPU process crashes, so that they can avoid showing an
intrusive UI for GPU process crashes.
This deprecates the old EXTRA_CRASH_FATAL argument, and instead adds a
EXTRA_CRASH_PROCESS_TYPE argument to crash intents, whose value is a
String matching a new CRASHED_PROCESS_TYPE_* constant.
These constants are as follows:
* CRASHED_PROCESS_TYPE_MAIN: indicating a fatal main-process crash.
* CRASHED_PROCESS_TYPE_FOREGROUND_CHILD: indicating a recoverable but
obvious crash such as in a content process.
* CRASHED_PROCESS_TYPE_BACKGROUND_CHILD indicating a barely noticable
crash in a background process such as the GPU process
Differential Revision: https://phabricator.services.mozilla.com/D132809
To reduce test failure of inputConnection_sendKeyEvent, I would like to add more workaround.
As long as I run this fix in local 200 times, it is no failure.
Differential Revision: https://phabricator.services.mozilla.com/D132931
This patch introduces ipcclientcerts, a PKCS#11 module that the socket process
can load to get access to client certificates and keys managed by the parent
process. This enables client certificate authentication to work with the socket
process (particularly for keys stored outside of NSS, as with osclientcerts or
third-party PKCS#11 modules).
Differential Revision: https://phabricator.services.mozilla.com/D122392
Previously, the screenOrientation.lock API was for Fennec and not supported for Fenix and multi-process use. The overall idea is to now allow apps to use the API through a delegate and make asynchronous calls to LockDeviceOrientation. This required replacing the existing code that returned a default false bool to calls that perform the requested orientation change and instead return a promise that contained either an allow or deny value.
Returning a promise instead of a bool involved changing the API calls from the C++ side to Java. The new general control flow of screenOrientation lock follows: an app calls C++ ScreenOrientation.lock() which eventually dispatches LockOrientationTask to resolve the pending orientation promise. Hal.cpp sends an IPC call to the content process and RecvLockScreenOrientation retrieves the current instance of geckoRuntime and calls the java side LockScreenOrientation. Apps must create a delegate and override onOrientationLock to set the requested orientation. In geckoview's testing, this is done with the android API setRequestedOrientation. Once a device orientation change has been triggered, native OnOrientationChange calls to NotifyScreenConfigurationChange, which notifies all observers and dispatches a change event to resolve the pending orientation promise.
Testing:
I used a demo on the GeckoView Example (https://usefulangle.com/demos/105/screen.html) to test locking to landscape orientation. This required a change to the GVE to show the app from recreating the whole thing on orientation change. In the example AndroidManifest xml file, `orientation` prevents restart when orientation changes.
The Junit/Kotlin tests were to verify that the expected orientation delegate was called with the expected new orientation value, in an orientation change, if the new orientation was the same as the current, and if the pre-lock conditions such as being fullscreen were not met.
A static preference `dom.screenorientation.allow-lock` was added to the dom group, since it affects the ui dom) and is currently turned off. C++ can access it through its mirrored variable dom_screenorientation_allow_lock (same name but with underscores). The junit tests turn the preference on and test the lock feature.
Reference:
Orientation constant values:
C++
1 ScreenOrientation_PortraitPrimary); - vertical with button at bottom
2 ScreenOrientation_PortraitSecondary); - vertical with button at top
4 ScreenOrientation_LandscapePrimary); - horizational w button right
8 ScreenOrientation_LandscapeSecondary); - horization button left
16 ScreenOrientation_Default);
Java
1 GeckoScreenOrientation.ScreenOrientation.PORTRAIT_PRIMARY.value
2 GeckoScreenOrientation.ScreenOrientation.PORTRAIT_SECONDARY.value
4 GeckoScreenOrientation.ScreenOrientation.LANDSCAPE_PRIMARY.value
8 GeckoScreenOrientation.ScreenOrientation.LANDSCAPE_SECONDARY.value
Java public API
0 ActivityInfo.SCREEN_ORIENTATION_LANDSCAPE
1 Activitynfo.SCREEN_ORIENTATION_PORTRAIT
Android
1 ORIENTATION_PORTRAIT
2 ORIENTATION_LANDSCAPE
Differential Revision: https://phabricator.services.mozilla.com/D129427
Mike Hommey
Jonathan Almeida [:jonalmeida]
Eitan Isaacson
Dana Keeler
Sandor Molnar
Cathy Lu
Andreas Farre
Shane Caraveo
Agi Sferro
Norisz Fay
Cosmin Sabou
Makoto Kato
Nika Layzell
Marian-Vasile Laza
Cristian Tuns
Hiroyuki Ikezoe
Noemi Erli
Chris H-C
Jamie Nicol
Karl Tomlinson
Richa Sharma
owlishDeveloper
Andreea Pavel
Edgar Chen