20f1afb0b5
Bug 1806041 - limit CIG checking to nightly builds r=yjuglaret
...
Differential Revision: https://phabricator.services.mozilla.com/D165997
2023-01-05 14:59:48 +00:00
d86f570a9a
Bug 1808379 - don't return reference to temporary object r=yjuglaret
...
Differential Revision: https://phabricator.services.mozilla.com/D165995
2023-01-05 12:40:28 +00:00
11543ba854
Bug 1802290 - Remove +x permissions on more files r=linter-reviewers,andi
...
Differential Revision: https://phabricator.services.mozilla.com/D165841
2023-01-03 08:17:50 +00:00
bd687d3319
Bug 1744362 - Part 12: fix build and some tests r=handyman
...
- In sandboxBroker.cpp Be more careful about checking whether GetDependentModules() is returning an empty span to avoid ASAN problems
- In TestCrossProcessWin.cpp, make UniquePtr live as long as the Span that wraps it
- In LauncherRegistryInfo, mingw doesn't allow using `constexpr` with expressions containing '|', so just make flags `const` instead.
Differential Revision: https://phabricator.services.mozilla.com/D165561
2022-12-30 20:10:06 +00:00
61206c170d
Bug 1744362 - Part 5: Access the shared section through DllServices r=handyman
...
Differential Revision: https://phabricator.services.mozilla.com/D164487
2022-12-30 20:10:03 +00:00
5e31c1c2cf
Backed out 12 changesets (bug 1744362) for causing build bustages.
...
Backed out changeset 3f63f21115e2 (bug 1744362)
Backed out changeset 0df403e8f6ba (bug 1744362)
Backed out changeset 34f51e6aee96 (bug 1744362)
Backed out changeset 39ff51df4a45 (bug 1744362)
Backed out changeset da9133df4cd4 (bug 1744362)
Backed out changeset 315c57948afa (bug 1744362)
Backed out changeset a2d8f526e0ff (bug 1744362)
Backed out changeset 401ebbc0159d (bug 1744362)
Backed out changeset 2911fe484cc3 (bug 1744362)
Backed out changeset d1f4b99f352b (bug 1744362)
Backed out changeset 0a3ce8ea039e (bug 1744362)
Backed out changeset ab1292118c00 (bug 1744362)
2022-12-27 22:54:30 +02:00
90ae8103e3
Bug 1744362 - Part 12: fix build and some tests r=handyman
...
- In sandboxBroker.cpp Be more careful about checking whether GetDependentModules() is returning an empty span to avoid ASAN problems
- In TestCrossProcessWin.cpp, make UniquePtr live as long as the Span that wraps it
- In LauncherRegistryInfo, mingw doesn't allow using `constexpr` with expressions containing '|', so just make flags `const` instead.
Depends on D164738
Differential Revision: https://phabricator.services.mozilla.com/D165561
2022-12-27 20:06:43 +00:00
882bef3d41
Bug 1744362 - Part 5: Access the shared section through DllServices r=handyman
...
Differential Revision: https://phabricator.services.mozilla.com/D164487
2022-12-27 20:06:40 +00:00
822be63b67
Backed out 11 changesets (bug 1744362) for causing multiple failures and build bustages. CLOSED TREE
...
Backed out changeset 4b2e3689cea0 (bug 1744362)
Backed out changeset cf1db931c466 (bug 1744362)
Backed out changeset 8c87571dbb3e (bug 1744362)
Backed out changeset 8b50446f91e5 (bug 1744362)
Backed out changeset 848632184f56 (bug 1744362)
Backed out changeset acfdb2bcaa9f (bug 1744362)
Backed out changeset 80b67f7ea109 (bug 1744362)
Backed out changeset c88902b60d1f (bug 1744362)
Backed out changeset 438f74bb5b7c (bug 1744362)
Backed out changeset 704a4150d210 (bug 1744362)
Backed out changeset 1dd7e7c111da (bug 1744362)
2022-12-27 16:25:04 +02:00
99ea21dafe
Bug 1744362 - Part 5: Access the shared section through DllServices r=handyman
...
Differential Revision: https://phabricator.services.mozilla.com/D164487
2022-12-27 12:59:08 +00:00
f69e697461
Bug 1801836 - Remove no longer necessary 'from __future__' imports. r=linter-reviewers,glandium,webdriver-reviewers,perftest-reviewers,geckoview-reviewers,jld,ahal,owlish,afinder DONTBUILD
...
Differential Revision: https://phabricator.services.mozilla.com/D165395
2022-12-23 22:45:46 +00:00
e6d1635f6e
Bug 1772924 - Remove osfile.jsm usage in /security/sandbox/ r=haik
...
Differential Revision: https://phabricator.services.mozilla.com/D163404
2022-12-16 00:29:46 +00:00
a94c9b3808
Backed out changeset 9a6e4fbe0be0 (bug 1772924) for failures on browser_content_sandbox_fs_xdg.js. CLOSED TREE
2022-12-15 05:29:28 +02:00
2b616f5008
Bug 1772924 - Remove osfile.jsm usage in /security/sandbox/ r=haik
...
Differential Revision: https://phabricator.services.mozilla.com/D163404
2022-12-15 02:47:48 +00:00
21e1f65696
Bug 1784517 - Explicitly skip sandboxing tests on unsandboxed build types. r=jmaher
...
There are tools which consume `moz.build` files by reading every one in
the tree, rather than traversing `DIRS` for a specific build type (see
bug 1667271#89 for background); as a result, we can end up with
CI test jobs that try to run sandboxing tests on build types like Linux
ASan where `security/sandbox` isn't built, and fail.
This patch applies a suggested workaround: add an otherwise redundant
`skip-if` declaration to the test manifests to skip them on the platforms
where they're not part of the build.
Note that sandboxing is disabled in the presence of Linux ASan or TSan
by logic in `toolkit/moz.configure`, but for code coverage builds it's
done via the CI mozconfig files adding `--disable-sandbox`.
Differential Revision: https://phabricator.services.mozilla.com/D163411
2022-12-05 21:23:32 +00:00
8b95e44d5b
Bug 1800933 - Let ACG in RDD and WMF ride the trains. r=bobowen
...
Differential Revision: https://phabricator.services.mozilla.com/D163585
2022-12-01 14:11:15 +00:00
225f9f94b2
Bug 1802513 - Allow readlink(/proc/self/exe) in Utility sandbox for FFVPX r=gcp
...
Differential Revision: https://phabricator.services.mozilla.com/D163227
2022-11-30 10:10:22 +00:00
59bf1539b1
Bug 1541508 - Use Services.env in security/ r=keeler
...
Differential Revision: https://phabricator.services.mozilla.com/D160145
2022-11-25 19:09:10 +00:00
5c8c82f4e5
Bug 1790816 - Reformat security/ with isort. r=linter-reviewers,ahal DONTBUILD
...
# ignore-this-changeset
Differential Revision: https://phabricator.services.mozilla.com/D162666
2022-11-24 17:22:21 +00:00
d44f201e8f
Bug 1760668 - part 1: add ability to blocklist DLLs in socket process. r=gerard-majax
...
Differential Revision: https://phabricator.services.mozilla.com/D160586
2022-11-04 18:12:59 +00:00
4d37cf70f1
Backed out 19 changesets (bug 1541508) for causing xpcshell failures on test_notHeadlessByDefault.js CLOSED TREE
...
Backed out changeset 08476fa2bc27 (bug 1541508)
Backed out changeset 0bf7514845db (bug 1541508)
Backed out changeset aa612a5e9ef7 (bug 1541508)
Backed out changeset 6bb9360473f7 (bug 1541508)
Backed out changeset b3d8e92f50c2 (bug 1541508)
Backed out changeset fa40dded133e (bug 1541508)
Backed out changeset 2e7db4aa8d4f (bug 1541508)
Backed out changeset 6098e2eb62ea (bug 1541508)
Backed out changeset 2c599ee639c4 (bug 1541508)
Backed out changeset 7d44f6e2644c (bug 1541508)
Backed out changeset c1279c3d674c (bug 1541508)
Backed out changeset 8bd08a62a590 (bug 1541508)
Backed out changeset 740010cb005c (bug 1541508)
Backed out changeset 0bfc7dd85c62 (bug 1541508)
Backed out changeset c4374a351356 (bug 1541508)
Backed out changeset 44ccfeca7364 (bug 1541508)
Backed out changeset e944e706a523 (bug 1541508)
Backed out changeset 2c59d66f43e4 (bug 1541508)
Backed out changeset a1896eacb6f1 (bug 1541508)
2022-11-01 22:38:52 -04:00
8623565ec9
Bug 1541508 - Use Services.env in security/ r=keeler
...
Differential Revision: https://phabricator.services.mozilla.com/D160145
2022-11-02 02:08:57 +00:00
fe1a56461e
Bug 1797887 - Workaround: allow access to entire filesystem from GPU sandbox r=handyman,jrmuizel
...
Differential Revision: https://phabricator.services.mozilla.com/D160655
2022-10-28 16:58:01 +00:00
086ea0d49a
Bug 1783223 - Enable best ACG variant compatible with system media libraries in RDD on Nightly. r=bobowen
...
Differential Revision: https://phabricator.services.mozilla.com/D159180
2022-10-27 10:52:03 +00:00
a633bc97e8
Bug 1783223 - Use ACG-with-opt-out for 32-bit builds and Windows 10 1607 in audio decoder on Nightly. r=bobowen
...
Differential Revision: https://phabricator.services.mozilla.com/D159179
2022-10-27 10:52:02 +00:00
6bf1f506e7
Bug 1783223 - Define utility function for choosing an ACG variant compatible with system media libraries. r=bobowen
...
Differential Revision: https://phabricator.services.mozilla.com/D159178
2022-10-27 10:52:02 +00:00
36e8371ccf
Bug 1347710 - Add GPU sandbox to crash reporter annotations r=handyman,gsvelto
...
Differential Revision: https://phabricator.services.mozilla.com/D160278
2022-10-26 19:23:13 +00:00
7f3cba09e8
Bug 1795322 - Update toolkit modules references in remaining places. r=mossop,zeid,geckoview-reviewers,calu
...
Differential Revision: https://phabricator.services.mozilla.com/D160036
2022-10-26 08:06:37 +00:00
5f9da7b301
Backed out 12 changesets (bug 1795322) for causing multiple failures e.g. test_deletion_request_ping.py. CLOSED TREE
...
Backed out changeset aba25cbcda51 (bug 1795322)
Backed out changeset a4a35005ada9 (bug 1795322)
Backed out changeset 8e8d790eb0f4 (bug 1795322)
Backed out changeset db8903454bd3 (bug 1795322)
Backed out changeset 60cc71c61cad (bug 1795322)
Backed out changeset bc6a674994ad (bug 1795322)
Backed out changeset 6ac8a611f8c7 (bug 1795322)
Backed out changeset 9fb873ecfb31 (bug 1795322)
Backed out changeset c8a7a40c2a2f (bug 1795322)
Backed out changeset f2c118b6c6ce (bug 1795322)
Backed out changeset 38df43b4a70f (bug 1795322)
Backed out changeset 89aea8373411 (bug 1795322)
2022-10-25 23:47:58 +03:00
fc7befc08d
Bug 1795322 - Update toolkit modules references in remaining places. r=mossop,zeid,geckoview-reviewers,calu
...
Differential Revision: https://phabricator.services.mozilla.com/D160036
2022-10-25 19:49:28 +00:00
c294fd8665
Bug 1796391 - Force init signed policy rules for delayed mitigations on MSIX r=bobowen
...
Differential Revision: https://phabricator.services.mozilla.com/D159802
2022-10-20 17:03:43 +00:00
93ee7434b2
Backed out changeset 89d3bd40e892 (bug 1796391) as requested by gerard-majax CLOSED TREE
2022-10-20 12:37:37 -04:00
475f354462
Bug 1796391 - Always init signed policy rules r=bobowen
...
Differential Revision: https://phabricator.services.mozilla.com/D159802
2022-10-20 14:19:33 +00:00
6a92f8d147
Bug 1788596 - Use Utility process actor names for crash annotations r=gsvelto
...
Differential Revision: https://phabricator.services.mozilla.com/D156286
2022-10-06 15:51:56 +00:00
bb317b2bae
Bug 1788596 - Remove UTILITY_AUDIO_DECODING_GENERIC r=nika,media-playback-reviewers,alwu
...
Differential Revision: https://phabricator.services.mozilla.com/D156285
2022-10-06 15:51:56 +00:00
f4906ff3eb
Bug 1788596 - Merge UtilityAudioDecoderSandboxPolicy into UtilitySandboxPolicy r=jld
...
Differential Revision: https://phabricator.services.mozilla.com/D156284
2022-10-06 15:51:55 +00:00
9e30e89e90
Backed out 13 changesets (bug 1788596) for causing build bustage in toolkit/components/processtools/ProcInfo_common.cpp CLOSED TREE
...
Backed out changeset 620c85305800 (bug 1788596)
Backed out changeset 1f64776a859a (bug 1788596)
Backed out changeset 707e4c9c8801 (bug 1788596)
Backed out changeset 2221a97ebe97 (bug 1788596)
Backed out changeset d50fd0551159 (bug 1788596)
Backed out changeset 7e2ad8c47afb (bug 1788596)
Backed out changeset f87c5fb2c36f (bug 1788596)
Backed out changeset 61dd9a9eb714 (bug 1788596)
Backed out changeset a67c4ea1c8b3 (bug 1788596)
Backed out changeset 1be7af1214cf (bug 1788596)
Backed out changeset e99c7089bf93 (bug 1788596)
Backed out changeset 9a87f108548b (bug 1788596)
Backed out changeset 3dd59224f38b (bug 1788596)
2022-10-06 16:28:46 +03:00
16c9919af1
Bug 1788596 - Use Utility process actor names for crash annotations r=gsvelto
...
Differential Revision: https://phabricator.services.mozilla.com/D156286
2022-10-06 10:56:41 +00:00
1d211b0ec1
Bug 1788596 - Remove UTILITY_AUDIO_DECODING_GENERIC r=nika,media-playback-reviewers,alwu
...
Differential Revision: https://phabricator.services.mozilla.com/D156285
2022-10-06 10:56:41 +00:00
301e159051
Bug 1788596 - Merge UtilityAudioDecoderSandboxPolicy into UtilitySandboxPolicy r=jld
...
Differential Revision: https://phabricator.services.mozilla.com/D156284
2022-10-06 10:56:40 +00:00
2fb4e10f0d
Backed out 13 changesets (bug 1788596) for causing browser-chrome failures in security/sandbox/test/browser_sandbox_test.js CLOSED TREE
...
Backed out changeset 338c18d01cfd (bug 1788596)
Backed out changeset 9d4a5c557191 (bug 1788596)
Backed out changeset 1d1d15dbe44c (bug 1788596)
Backed out changeset e9d29218beba (bug 1788596)
Backed out changeset 397e6c6587f3 (bug 1788596)
Backed out changeset 077fd3a987ca (bug 1788596)
Backed out changeset 2fc674146915 (bug 1788596)
Backed out changeset 4ebb8837ee1a (bug 1788596)
Backed out changeset 9040533dabe1 (bug 1788596)
Backed out changeset 8b27ee4d4168 (bug 1788596)
Backed out changeset 93f50c2f0b9e (bug 1788596)
Backed out changeset 3e7125be66fa (bug 1788596)
Backed out changeset 63ee00ea9be6 (bug 1788596)
2022-10-06 10:28:00 +03:00
dd8daf38e3
Bug 1788596 - Use Utility process actor names for crash annotations r=gsvelto
...
Differential Revision: https://phabricator.services.mozilla.com/D156286
2022-10-06 06:14:06 +00:00
272b0c9273
Bug 1788596 - Remove UTILITY_AUDIO_DECODING_GENERIC r=nika,media-playback-reviewers,alwu
...
Differential Revision: https://phabricator.services.mozilla.com/D156285
2022-10-06 06:14:06 +00:00
592b1be2e3
Bug 1788596 - Merge UtilityAudioDecoderSandboxPolicy into UtilitySandboxPolicy r=jld
...
Differential Revision: https://phabricator.services.mozilla.com/D156284
2022-10-06 06:14:05 +00:00
adebd56af9
Bug 1766432 - Part 4: Enable Arbitrary Code Guard in MinGW builds. r=bobowen
...
Differential Revision: https://phabricator.services.mozilla.com/D157906
2022-09-29 15:29:15 +00:00
eaa892440f
Bug 1766432 - Part 3: Add Part 2 to the list of patches to apply when updating third-party. r=bobowen
...
Differential Revision: https://phabricator.services.mozilla.com/D157905
2022-09-29 15:29:15 +00:00
0b60970f1b
Bug 1766432 - Part 2: Propagate custom definition for PROCESS_MITIGATION_DYNAMIC_CODE_POLICY to third-party. r=bobowen
...
Differential Revision: https://phabricator.services.mozilla.com/D157904
2022-09-29 15:29:14 +00:00
a466bdb2c4
Bug 1780312 - Part 2: Allow fstatfs in the Linux RDD sandbox policy. r=gcp
...
As discussed in the last patch, allowing `fstatfs` will also make
`statfs` work on any path that the process could open for reading
(subject to sandbox policy).
Differential Revision: https://phabricator.services.mozilla.com/D157542
2022-09-21 17:57:54 +00:00
3b5c74387e
Bug 1780312 - Part 1: Move the statfs replacement into the common sandbox policy. r=gcp
...
We have code to handle `statfs` calls in content processes by
intercepting them and calling `open` and `fstatfs` instead; the former
is then recursively intercepted and brokered. This patch moves that
feature into the common policy, but does not allow `fstatfs` in any
other sandbox types (yet; see next patch). This doesn't affect security
because the caller could have attempted the `open` and `fstatfs`
syscalls itself.
Differential Revision: https://phabricator.services.mozilla.com/D157541
2022-09-21 17:57:54 +00:00
855f519b0a
Backed out changeset a389830fb63f (bug 1783223) for causing bug 1790713
2022-09-14 19:38:52 +03:00
Greg Stoll
Sylvestre Ledru
Toshihito Kikuchi
Butkovits Atila
Stanca Serban
Marco Castelluccio
Barret Rennie
Csoregi Natalia
Jed Davis
Yannis Juglaret
Alexandre Lissy
Cristian Tuns
Chris Martin
Mark Banner
Sandor Molnar
Narcis Beleuzu