6dbdc2284b
Bug 1286185 - Add sys_fadvise64 to seccomp whitelist. r=gcp
...
MozReview-Commit-ID: CkX1txdLAMg
2016-07-20 06:36:00 +02:00
622813449c
Bug 1286324 - Make fork() non-fatal in Linux content sandbox. r=jhector
...
fork() will now fail with EPERM instead of crashing; see code comment
and bug for more info. Tested with GTK3 Oxygen theme and SCIM, which
both seem to work. Also verified that GMP child processes still crash
on fork().
--HG--
extra : rebase_source : 267c4cb892b691502a9d7760bca4d23fee3fe449
2016-07-14 15:00:00 -04:00
54f8b7b221
Bug 1286413 - Add CASES_FOR_fchown and use it. r=gcp
...
--HG--
extra : rebase_source : b16522c25182223094fe2ed9ae18d5894bf6f9f1
2016-07-13 01:18:02 +02:00
cd4a2ce973
Backed out changeset 535e23baec4a (bug 1286119) for landing with wrong bugnumber
...
--HG--
extra : rebase_source : dede3bd9767b450934308a4c3de215a8837be93a
2016-07-14 13:51:16 +02:00
c58d37220b
Bug 1286527 - Add sys_semop to seccomp whitelist. r=gcp
2016-07-13 15:03:30 +02:00
a6c28f48e6
Bug 1286119 - Add CASES_FOR_fchown and use it. r=gcp
2016-07-13 01:18:02 +02:00
50053496e7
Bug 1286033 - Add sys_semctl to seccomp whitelist and fix sys_semget. r=gcp
...
--HG--
extra : rebase_source : 798fc3366d54abb256807952aa6e50438a8f8c7a
2016-07-12 04:42:00 +02:00
5c72f0a928
Bug 1285946 - Add sys_readv to seccomp whitelist. r=gcp
2016-07-11 18:51:33 +02:00
620e4db84f
Bug 1285827 - Add sys_link to seccomp whitelist. r=gcp
2016-07-11 19:38:53 +02:00
3e3082511c
Bug 1285816 - Add sys_accept4 to seccomp whitelist. r=gcp
...
MozReview-Commit-ID: 8NTeEtX9wMz
2016-07-11 00:12:49 +02:00
085ce99e60
Bug 1285771 - Add sys_mlock to seccomp whitelist. r=gcp
2016-07-11 19:32:55 +02:00
bb409b10ab
Bug 1285293 - Add fstatfs to seccomp-bpf whitelist. r=tedd
...
For some reason libfontconfig really Needs To Know.
MozReview-Commit-ID: KSET8D5h9xf
--HG--
extra : rebase_source : 10c5df6a4b8b85be120a9828686d0c63e3fff5d4
2016-07-11 10:54:48 +02:00
c4c92abf28
Bug 1285525 - Add sys_semget to seccomp-bpf whitelist. r=tedd
...
MozReview-Commit-ID: 1yV0uqiMSru
--HG--
extra : rebase_source : cbc57f22fc4b5818b1ac9857446d2190eaa359c2
2016-07-11 10:15:31 +02:00
2071bf3b6c
Bug 1285287 - Use proper macros to whitelist getres*id. r=gcp
2016-07-08 17:59:41 +02:00
b3b0630046
Bug 1285507 - Whitelist memfd_create (used for Sealed Files IPC). r=jhector
...
MozReview-Commit-ID: 7UE6hyDiC6H
--HG--
extra : rebase_source : ef1fcbf9e2aefbf2b215e18a459ce72d4e0abc5c
extra : histedit_source : 02ba293c9af543f850c6ddeb2ca214f7527e3923
2016-07-08 17:12:30 +02:00
aa5c174aa4
Bug 742434 - Part 2: Introduce pref to control content sandbox. r=jld
...
MozReview-Commit-ID: JQAQAbHUObN
--HG--
extra : rebase_source : 42a14a28503b685125f27faa40ae4efc920c5c5d
2016-06-16 12:39:07 +02:00
feca70c6cc
Bug 742434 - Part 1: Make ContentSecurityPolicy constructor explicit. r=gcp
...
MozReview-Commit-ID: HrBpcQ1BYFI
--HG--
extra : rebase_source : 0505ff9f9260627a0519e1f0ea536efd7af0210e
2016-07-05 03:07:00 +02:00
3ab8691db7
Bug 1284452 - Add sys_getrandom to seccomp whitelist. r=gcp
...
MozReview-Commit-ID: 8CW916cJsUZ
2016-07-05 13:51:57 +02:00
30cb0bf87f
Backed out changeset 3601419d2e4b (bug 742434) for test failures like /content-security-policy/media-src/media-src-7_3.html timeouts
2016-07-05 12:25:55 +02:00
d90190d784
Backed out changeset 730fcdccb26e (bug 742434)
2016-07-05 12:25:41 +02:00
a4e6059aeb
Bug 742434 - Part 2: Introduce pref to control content sandbox. r=jld
...
MozReview-Commit-ID: HyNozlK5SAE
2016-06-16 12:39:07 +02:00
21e153fc19
Bug 742434 - Part 1: Make ContentSecurityPolicy constructor explicit. r=gcp
...
MozReview-Commit-ID: HrBpcQ1BYFI
2016-07-05 03:07:00 +02:00
0a5cac2ffc
Backed out 2 changesets (bug 742434)
...
Backed out changeset 4e0e2373e234 (bug 742434)
Backed out changeset 66a937c6ca0e (bug 742434)
MozReview-Commit-ID: 8Chchv4HUL
--HG--
extra : rebase_source : 78f35317a643a48c3f45ec34d88fe321d71d04d1
2016-07-04 18:00:53 +02:00
c50fb0578f
Bug 742434 - Part 1: Introduce pref to control content sandbox. r=jld
...
MozReview-Commit-ID: CuSCwcwRiND
2016-06-16 12:39:07 +02:00
d56f275c43
Bug 1273852 - Update chromium's list of linux-x86-32 syscalls. r=jld
...
MozReview-Commit-ID: KpjitH5GQEq
--HG--
extra : rebase_source : d45c7d0c1bf13481fe30ec484a15a409771f04ff
2016-06-08 20:36:04 +02:00
a7f65e7eac
Bug 1273852 - Allow getsockopt in EvaluateSocketCall. r=jld
...
MozReview-Commit-ID: F9rVM0VKmUR
--HG--
extra : rebase_source : 86271db1e6c24a4ca98ccb0580cd608c2a4cc580
2016-06-08 19:05:08 +02:00
d270c42cdd
Bug 1273852 - Always add seccomp-bpf socketcall dispatcher. r=jld
...
For 32-bit Linux 4.3+, always add socketcall dispatcher even if relevant
syscalls are known, because both entry points will exist.
See Linux kernel commit:
commit 9dea5dc921b5f4045a18c63eb92e84dc274d17eb
Author: Andy Lutomirski <luto@kernel.org>
Date: Tue Jul 14 15:24:24 2015 -0700
x86/entry/syscalls: Wire up 32-bit direct socket calls
MozReview-Commit-ID: I3GEvolGfsR
--HG--
extra : rebase_source : c358a6d39d9bf5701150e58f1002f6c6dc91cd6f
2016-06-29 20:34:40 +02:00
97a43c0b93
Bug 1276927: Define HAVE_ANDROID_OS before including 'android_filesystem_config.h', r=fabrice
...
The preprocessor token HAVE_ANDROID_OS configures 'android_filesystem_config.h'
to include the correct header files from the environment.
MozReview-Commit-ID: oKwdjzDjij
2016-06-16 08:43:51 +01:00
7d6335ca2d
Bug 1276927: Fix B2G sandboxing code to build with Android NDK, r=fabrice
...
This patch fixes an incorrect C++ namespace of STL datastructures.
MozReview-Commit-ID: FYx38sTzF4I
2016-06-16 08:43:51 +01:00
809cc61389
Backed out changeset a4f95658a29b (bug 1276927)
2016-06-15 12:24:14 +02:00
bb691db120
Backed out changeset b6c190b08824 (bug 1276927)
2016-06-15 12:23:52 +02:00
565a7b74dc
Bug 1276927: Define HAVE_ANDROID_OS before including 'android_filesystem_config.h', r=fabrice
...
The preprocessor token HAVE_ANDROID_OS configures 'android_filesystem_config.h'
to include the correct header files from the environment.
MozReview-Commit-ID: oKwdjzDjij
2016-06-15 10:59:49 +01:00
652691d85a
Bug 1276927: Fix B2G sandboxing code to build with Android NDK, r=fabrice
...
This patch fixes an incorrect C++ namespace of STL datastructures.
MozReview-Commit-ID: FYx38sTzF4I
2016-06-15 10:59:48 +01:00
14d815c27e
Bug 1275920 - Add sys_rt_tgsigqueueinfo to seccomp whitelist r=jld
...
--HG--
extra : rebase_source : 4808d641597e40e124be0bae1e10ad37570355c9
2016-05-27 19:29:21 +02:00
d543e16807
Bug 1273859 - Add sys_pwrite64 to seccomp whitelist for content process. r=jld
...
MozReview-Commit-ID: FsJ8ER9B9EY
--HG--
extra : rebase_source : a76bb584e8804a3f73abf2c821fa2d9d25997a17
2016-05-18 14:39:20 +02:00
5714578c95
Bug 1278528: Don't try to initialize the sandbox TargetServices when we are not sandboxed. r=jimm
...
MozReview-Commit-ID: EpXy9LYXwQL
2016-06-07 14:03:51 +01:00
d5bb492be4
Bug 1274873 - Part 2: Move signal handler set up to SandboxEarlyInit() r=jld
2016-05-26 16:20:44 +02:00
1f2003d5b1
Bug 1274873 - Part 1: Change search order for free signal r=jld
2016-05-26 16:19:28 +02:00
efa443d4d3
Backed out changeset ae5286493f15 (bug 1274873) for frequent timeouts in browser_ManifestObtainer_obtain.js
...
--HG--
extra : rebase_source : 5aa2340db1e93f26feb5c3173b8af4aacdb60b31
2016-06-07 12:07:16 +02:00
1d324ed30a
Backed out changeset 62646bfa1f95 (bug 1274873)
...
--HG--
extra : rebase_source : 644a5678b4f8e32e9809583cf7eb88fb0a518f31
2016-06-07 12:06:51 +02:00
fd5c167bdc
Bug 1276470 - Add sys_statfs to seccomp whitelist. r=jld
2016-05-28 20:33:49 +02:00
1b857c2f98
Bug 1274873 - Part 2: Move signal handler set up to SandboxEarlyInit() r=jld
2016-05-26 16:20:44 +02:00
1c0ad8ce67
Bug 1274873 - Part 1: Change search order for free signal r=jld
2016-05-26 16:19:28 +02:00
99f34a0cfe
Bug 1272764 - Remove OS X 10.6-10.8-Specific Sandboxing Code (fix indentation); r=bobowen
2016-06-06 13:15:00 +02:00
ad91978a78
Bug 1272764 - Remove OS X 10.6-10.8-Specific Sandboxing Code; r=bobowen
2016-06-06 13:15:00 +02:00
6c0e1dc69f
Bug 1146873 - Handling sandbox policy setup failures. r=bobowen
2016-06-06 15:13:33 +02:00
c0be03a3bd
Bug 1272772 - Inline system.sb and remove unneeded rules (removes unneeded rules); r=gcp
2016-06-01 15:40:00 +02:00
5b9493970f
Bug 1272772 - Inline system.sb and remove unneeded rules (removes unused macros); r=gcp
2016-06-01 15:40:00 +02:00
3cb7c0e726
Bug 1272772 - Inline system.sb and remove unneeded rules (inline system.sb rules); r=gcp
2016-06-01 15:40:00 +02:00
d0f949dad4
Bug 1275786 - Add sys_listen to seccomp whitelist. r=jld
...
--HG--
extra : rebase_source : 7028482ca148f63e53e1fe915d0be507b5116c84
2016-05-27 16:00:50 +02:00
cb6d29b0b7
Bug 1275785 - Add sys_bind to seccomp whitelist. r=jld
...
--HG--
extra : rebase_source : 90d403a3b21547ff7f280b2bff7746f4b8e32fe3
2016-05-27 15:58:51 +02:00
5eb8b17162
Bug 1275781 - Add sys_accept to seccomp whitelist. r=jld
...
--HG--
extra : rebase_source : e4761ce8c466987f54ddd41603fa626923fe0865
2016-05-27 15:56:35 +02:00
7c418a5f4a
Bug 1276420 - Widevine plugin crashing on OS X due to -stdlib=libc++ and sandboxing interaction; r=gcp
2016-06-01 12:26:04 -07:00
687dcb9a8f
Backed out changesets d3bde9a513bb and 9fd1d6aeed21 (bug 1272764) for causing startup crashing on OSX 10.9. a=me
2016-05-27 14:50:50 -04:00
0c9bf9e670
Bug 1272764 - Indentation and whitespace cleanups. r=bobowen
...
--HG--
extra : rebase_source : d3ac9c55cbe4924702fad32dabbc97ac921cce07
2016-05-26 00:08:00 -04:00
4c4557e85c
Bug 1272764 - Remove OS X 10.6-10.8-specific sandboxing code. r=bobowen
...
--HG--
extra : rebase_source : 94630f8208b4ee1e3664e61425c083a05157e64d
2016-05-26 00:07:00 -04:00
c6be1d0d13
Bug 1274826 - Bypass building SandboxHooks on Gonk r=jld
...
MozReview-Commit-ID: 3TVdcY7aXvW
--HG--
extra : rebase_source : b734c54ad4e7b8fff384f399b84014410b4cf719
2016-05-26 01:02:25 +02:00
ecee115838
Bug 1250125: Make a 0 security.sandbox.content.level turn off the content process sandbox. r=TimAbraldes
...
This also fixes a bug where we weren't setting parts of the policy correctly for levels 3 to 9.
MozReview-Commit-ID: IXsg2nGOqoa
--HG--
extra : rebase_source : 65c76a581dcd498c7d7d5b01e4f4e140acdb244f
2016-05-25 09:06:23 +01:00
e8fd20fdcf
Bug 1098428 - Add Linux sandboxing information to Telemetry. r=gfritzsche
...
MozReview-Commit-ID: 6Un4yNzxGgg
--HG--
extra : rebase_source : fc8762b9802fab071cb194513a5ad390ae7984f3
2016-05-18 18:37:44 +02:00
be11014a2b
Backed out changeset 767f65379fdf (bug 1098428) for causing linux crashes on a CLOSED TREE
2016-05-24 13:03:00 +02:00
42b1907a65
Bug 1098428 - Add Linux sandboxing information to Telemetry. r=gfritzsche
...
MozReview-Commit-ID: GtIPsRqq5hr
--HG--
extra : rebase_source : 6b918e5119f15536c9437c27cfee413577268b78
2016-05-18 18:37:44 +02:00
5894681e14
Bug 1274553 - Properly handle stat() requests in permissive mode. r=jld
...
MozReview-Commit-ID: IeFwQ2Gv21z
--HG--
extra : rebase_source : 0198c5df41f728f85bea149a10dfe0b7c0fae43f
2016-05-20 14:42:50 +02:00
0946db2658
Bug 1271794 - Use SSE2 instructions on win32. r=glandium
...
We've decided supporting the small number of x86 machines
without SSE2 instructions is no longer worth the cost in
developer time nor the performance impact for other users.
https://groups.google.com/d/msg/mozilla.dev.platform/dZC39mj5V-s/Xt_UqZXkAAAJ
Set -arch:SSE2 by default on x86 if an arch hasn't already
been supplied. This ensures we'll continue to build with
the right instruction set if the compiler changes its default
in the future, while still allowing custom builds to set
a lower minimum.
Also updates the filter to strip all arch switches on win64
when building the sandbox. The 64-bit compiler doesn't
support -arch:SSE2 either.
MozReview-Commit-ID: JzTRGPn9vzI
2016-05-18 11:06:30 -07:00
e809e9f918
Bug 1035125 Part 9: Link Chromium sandbox into firefox.exe instead of having a separate DLL. r=aklotz,glandium
...
MozReview-Commit-ID: 1vgDPjpcwz3
--HG--
extra : rebase_source : 40966d98ca6c37f30884639d648907b4760ae240
2016-05-15 16:41:40 +01:00
c43bf02cda
Bug 1035125 Part 8: Pass sandboxing pointers through XRE_InitChildProcess instead of linking to more functions in xul. r=aklotz,glandium
...
MozReview-Commit-ID: 5AiktOArpfU
--HG--
extra : rebase_source : 1ba3be949e2bfeb3b67687ab05d43342852ab764
2016-05-15 16:35:22 +01:00
209b6e6e18
Bug 1035125 Part 7: Remove unused functions in security/sandbox/chromium/base/time/time.h to avoid nspr dependency. r=aklotz
...
MozReview-Commit-ID: 4TwVMQGTXUU
--HG--
extra : rebase_source : 0757390f3ff6fc71242ae09d95e1934d3e80fa26
2016-05-15 16:23:57 +01:00
43b53afacf
Bug 1035125 Part 6: Take Chromium commit 3181ba39ee787e1b40f4aea4be23f4f666ad0945 to add Windows 10 version to enumeration. r=aklotz
...
MozReview-Commit-ID: 8sR9F72JJ1k
--HG--
extra : rebase_source : bc911fbaa12c8186e2c9539e21fe776282280304
2016-05-15 16:23:57 +01:00
71b3258726
Bug 1035125 Part 4: Back out changeset 8ae39d920f5c and associated subsequent changes. r=glandium
...
The original changeset that is being backed out had comment:
Bug 1023941 - Part 2: Static-link the CRT into plugin-container.exe.
MozReview-Commit-ID: 1iPJghgd0t2
--HG--
extra : rebase_source : cbed4e43f51af8ea0c3adbfc150ed029fe0d0f57
2016-05-15 16:23:57 +01:00
353ee65255
Bug 1272513 - Part 1: Suppress -Wshadow warnings-as-errors in some directories. r=glandium
2016-05-11 00:00:01 -07:00
01b38f360c
Bug 1267453 - Amazon Widevine rejects HDCP on MacBook Pro with or without an external display. r=gcp
...
--HG--
extra : amend_source : 6a8094ddea6ac6c50e8ec8c11e0656eaddafc20e
2016-05-02 19:33:08 +02:00
6491a25e6f
Bug 1268579 - Add inotify_rm_watch to the seccomp-bpf whitelist. r=jld
...
MozReview-Commit-ID: DvaHjOa5GOv
--HG--
extra : rebase_source : 1105ebd32973f8608c4c8b21dc72ba9313661735
2016-04-28 20:04:06 +02:00
2511b2c327
Bug 1267550 (part 2) - Rename MOZ_WARN_UNUSED_RESULT as MOZ_MUST_USE. r=froydnj.
...
It's an annotation that is used a lot, and should be used even more, so a
shorter name is better.
MozReview-Commit-ID: 1VS4Dney4WX
--HG--
extra : rebase_source : b26919c1b0fcb32e5339adeef5be5becae6032cf
2016-04-27 14:16:50 +10:00
4c291ae709
Bug 1176099 - Fix missing NULL check r=luke
...
MozReview-Commit-ID: ICNQNqJZzA8
2016-04-28 20:41:14 +02:00
3871240519
Bug 1176099 - Add hooks for sigprocmask/pthread_sigmask. r=jld r=glandium
2016-04-21 13:17:50 +00:00
1942e09c83
Bug 1266298 - Add sys_fchmod to seccomp whitelist r=jld
...
MozReview-Commit-ID: 4kFgfxhCMFl
--HG--
extra : transplant_source : h%D1%90%ACfP%DC%5C%CB%CC%84%CE%B7%40%17%14%B1%10%FC%AA
2016-04-21 15:59:53 +02:00
eae4a312af
Bug 1261751 - Problems with OS X Sandboxed TempDir and Rules. r=bobowen r=gcp
...
--HG--
extra : amend_source : 2011128c7e5406d7865da2b24f81facf7889cb0e
2016-04-16 09:00:29 +02:00
d9a01beca2
Bug 1259283 - Add sys_fchown to seccomp whitelist. r=jld
2016-04-13 12:41:19 +00:00
e1b5ef463a
Bug 1264226: Don't use '_COARSE' Posix clocks if not defined, r=jld
...
Not all systems (i.e., Gonk) support CLOCK_MONOTONIC_COARSE and
CLOCK_REALTIME_COARSE. With this patch, we don't refer to them if
they are not supported.
2016-04-14 10:12:39 +02:00
cb3b390405
Bug 1245789 - Whitelist functions needed by Widevine CDM in GMP child processes. r=jed
...
MozReview-Commit-ID: C6bpItv1qpi
2016-04-12 16:12:21 +12:00
114ad957d2
Bug 1245789 - Load Widevine CDM with sandbox level USER_RESTRICTED instead of USER_LOCKDOWN. r=bobowen
...
Otherwise Widevine CDM won't load on Windows. Other GMPs are still loaded at USER_LOCKDOWN.
MozReview-Commit-ID: aCTG1tQuwt
2016-04-12 16:12:20 +12:00
2d64db058c
Bug 1259273 - Add sys_unlink to seccomp-bpf whitelist. r=jld
2016-04-06 19:48:23 +00:00
907939a278
Bug 1256992 Part 2: Move SandboxBroker Initialization earlier and add telemetry and extra null checks. r=aklotz
...
MozReview-Commit-ID: Fu05wLn27UG
2016-04-07 08:28:14 +01:00
6a9168778b
Bug 1124033 - Disable C4311 and C4312 in directories exhibiting warnings; r=ehsan
...
There are a long tail of C4311 and C4312 warnings in VS2015. Rather than
wait until all of them are fixed to land VS2015, we're taking the easy
way out and disabling these warnings in every directory currently
exhibiting a warning. This is evil. But it is a lesser evil than
globally disabling C4311 and C4312. At least with this approach new
C4311 and C4312 warnings in directories that aren't suppressing them
shouldn't be introduced.
MozReview-Commit-ID: 2cwWrjMD6B9
--HG--
extra : rebase_source : 3e7b8ea042765fdf138f5ca93a0f9dab75a95fcd
2016-03-23 17:19:20 -07:00
db4259c176
Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley
2016-03-23 08:10:43 +00:00
bc347a401b
Bug 1257919 part 10. Make the caller and formattedStack getters on JSStackFrame take an explicit JSContext. r=khuey
2016-03-22 13:50:35 -04:00
42b3bbe27a
Bug 1257919 part 8. Make the line/column number getters on JSStackFrame take an explicit JSContext. r=khuey
2016-03-22 13:50:31 -04:00
54987c5cc1
Bug 1257919 part 7. Make the name getter on JSStackFrame take an explicit JSContext. r=khuey
2016-03-22 13:50:31 -04:00
efa07c06d1
Bug 1257919 part 6. Make the filename getter on JSStackFrame take an explicit JSContext. r=khuey
2016-03-22 13:50:31 -04:00
0e9bf1445a
Backed out changeset 6e95ee3cd4c6 (bug 1257919)
2016-03-22 21:10:21 +01:00
e6e4d30446
Backed out changeset c4faeb0be959 (bug 1257919)
2016-03-22 21:10:12 +01:00
336c2cc4ae
Backed out changeset 08f1c7239cdf (bug 1257919)
2016-03-22 21:10:01 +01:00
8b2bf79a7a
Backed out changeset ff81c52375ba (bug 1257919)
2016-03-22 21:09:32 +01:00
8062407932
Bug 1257919 part 10. Make the caller and formattedStack getters on JSStackFrame take an explicit JSContext. r=khuey
2016-03-22 13:50:35 -04:00
5df498fbd2
Bug 1257919 part 8. Make the line/column number getters on JSStackFrame take an explicit JSContext. r=khuey
2016-03-22 13:50:31 -04:00
cc563df19f
Bug 1257919 part 7. Make the name getter on JSStackFrame take an explicit JSContext. r=khuey
2016-03-22 13:50:31 -04:00
38af226a36
Bug 1257919 part 6. Make the filename getter on JSStackFrame take an explicit JSContext. r=khuey
2016-03-22 13:50:31 -04:00
417d5d9533
Backed out changeset 0fedfd441a06 (bug 1256992) for gtest failures
2016-03-22 09:54:55 +01:00
72e4566fa4
Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley
2016-03-22 07:40:03 +00:00
4ab279264e
Bug 1257036 - Disable C4302 to unblock compilation on VS2015; r=bobowen
...
As part of unblocking building with VS2015u1 in automation, I'm mass
disabling compiler warnings that are turned into errors. This is not
the preferred mechanism to fix compilation warnings. But the warning
occurs in third party code, so my hands are tied.
MozReview-Commit-ID: A0UF2RHJzVo
--HG--
extra : rebase_source : 3fc5300f6f67274162f4d65fd83eb9c18b4bf716
2016-03-16 13:27:59 -07:00
b58a16b4d9
Bug 1256499 - Disable C4311 and C4312 to unblock compilation on VS2015; r=bobowen
...
As part of unblocking building with VS2015u1 in automation, I'm mass
disabling compiler warnings that are turned into errors. This is not
the preferred mechanism to fix compilation warnings. But the warning
occurs in third party code, so my hands are tied.
MozReview-Commit-ID: BCXQcEejre9
--HG--
extra : rebase_source : a36a432edc834ec806dd4341f247143b178902a4
2016-03-15 11:28:52 -07:00
7aa5c525a3
Bug 1256490 - Disable C4302 to unblock compilation on VS2015; r=bobowen
...
As part of unblocking building with VS2015u1 in automation, I'm mass
disabling compiler warnings that are turned into errors. This is not
the preferred mechanism to fix compilation warnings. But the warning
occurs in third party code, so my hands are tied.
MozReview-Commit-ID: 6n8nl517Ly
--HG--
extra : rebase_source : 19c1c012e1ddf15accbdf1a1050e4d607f9c7b31
2016-03-14 17:00:09 -07:00
bda0bd02db
Bug 1253194: Suppress -Wimplicit-fallthrough clang warning for intentional fallthrough in icu_utf.cc (which is imported code). r=bobowen
2016-03-04 09:00:40 -08:00
3cdbeb2bd6
Bug 1237847 - [e10s] Null deref crash when running test_pluginstream_newstream.html; r=bobowen
...
Modify the Mac sandbox to allow temporary files to be created in a
parent-specified subdirectory of NS_OS_TEMP_DIR. This is similar to the
Windows approach. The parent provides a UUID in a preference which is
used by the content process to form the subdirectory name.
MozReview-Commit-ID: 6BONpfZz8ZI
--HG--
extra : rebase_source : ad18e091918356a1a40c13f1453972b4512ad476
2016-02-25 15:26:13 -08:00
f9727da7b1
Bug 1188045 - Part 1: Move the definition of sandboxTarget::Instance() out-of-line; r=bobowen,glandium
...
This is required so that delay-loading xul.dll works with clang-cl.
2016-02-22 09:55:09 -05:00
ed46787107
Bug 1219369: In Windows debug builds allow write access to TEMP for logging purposes. r=tabraldes
2016-02-09 08:31:18 +00:00
73686ad0d7
Bug 1173371 Part 2: Change Chromium sandbox to allow rules for files on network drives to be added. a=aklotz
2016-02-01 08:59:00 +00:00
0b2edad801
Bug 1173371 Part 1: Take Chromium commit 0e49d029d5a1a25d971880b9e44d67ac70b31a80 for sandbox code. r=aklotz
...
From Chromium commit comment:
Sandbox: Add support for file system policies that use implied device paths.
A policy rule of the form \HarddiskVolume0\Foo\bar allows sandboxed code
to use \\.\HarddiskVolume0\Foo\bar directly.
2016-02-01 08:59:00 +00:00
ab4e3a0d42
Bug 1218816 - Remove useless semicolons. Found by coccinelle. r=Ehsan
...
--HG--
extra : rebase_source : 7d2cc56b6553cd7a8d848d3c660f30735bd82eec
2016-01-22 16:58:49 +01:00
48de284e31
Bug 1222500 - Handle unexpected thread creation better on desktop Linux. r=gdestuynder
2015-11-30 18:21:00 +01:00
05eb71c3a0
Bug 1229804: Use the correct string length in Windows sandbox logging. r=tabraldes
2015-12-03 11:19:14 +00:00
4b2655c8d9
Bug 1215303 - Part 2 - automatically enable broker when in permissive mode r=jld
2015-11-13 12:29:47 +00:00
46f56a1f0e
Bug 1215303 - Part 1 - add permissive mode r=jld
2015-11-13 12:27:45 +00:00
8be1ae39c7
Bug 1207790 - Fix sandbox build for older Linux distributions. r=gdestuynder
2015-10-30 15:13:00 +01:00
9985829ecc
Bug 1219392 - Capitalize mozilla::unused to avoid conflicts. r=froydnj
2015-11-02 07:53:26 +02:00
e31f20875c
Bug 1215734 - Expand GeckoMediaPlugin sandbox policy for Clang 3.7 ASan. r=kang
2015-10-22 11:19:37 -07:00
2233e7518a
Bug 1187031: Move back to using USER_LOCKDOWN for the GMP sandbox policy on Windows. r=aklotz
...
This also removes turning off optimization for the Load function. That was an
attempt to fix the side-by-side loading. It may also have helped with ensuring
that the memsets were not optimized, but that has been fixed by Bug 1208892.
2015-10-21 08:46:57 +01:00
faf361396a
Bug 1201935 - Allow reading from TmpD in OS X content processes. r=smichaud
...
--HG--
extra : rebase_source : 68565c447e3731e9c562514e8355044cfd8c28b9
2015-10-07 13:41:00 +02:00
1ae9d0519b
Bug 930258 - Part 3: a file broker policy for the B2G emulator. r=kang
2015-10-07 22:13:08 -07:00
562c4e7b57
Bug 930258 - Part 2: seccomp-bpf integration. r=kang
2015-10-07 22:13:08 -07:00
bd859174ac
Bug 930258 - Part 1: The file broker, and unit tests for it. r=kang f=froydnj
2015-10-07 22:13:08 -07:00
0db519c66f
Bug 1207401 - Send B2G sandbox logging to both stderr and logcat. r=kang
2015-10-05 09:21:39 -07:00
96010550f8
Bug 1207972: Move to using USER_INTERACTIVE and JOB_INTERACTIVE by default for the Windows content sandbox. r=tabraldes
2015-10-05 11:10:46 +01:00
218db8d580
Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir, tighten earlier patch. r=areinald
2015-09-10 15:32:42 -05:00
4b37ff400c
Bug 1200336: Apply fix for Chromium issue 482784 for sandbox bug when built with VS2015. r=tabraldes
2015-09-10 08:25:20 +01:00
52cee33b7e
Bug 1199481 - Complain more when entering sandboxing code as root. r=kang
2015-08-28 13:37:00 +02:00
7c8e037b3f
Bug 1199413 - Fix MOZ_DISABLE_GMP_SANDBOX so it disables all the sandboxing. r=kang
...
Bonus fix: don't start the chroot helper unless we're going to use
it. For this to matter, you'd need a system with unprivileged user
namespaces but no seccomp-bpf (or fake it with env vars) *and* to set
media.gmp.insecure.allow, so this is more to set a good example for
future changes to this code than for functional reasons.
2015-08-28 12:18:00 +02:00
866768c43e
Bug 1197943: Turn off MITIGATION_STRICT_HANDLE_CHECKS for NPAPI process sandbox for causing hangs. r=aklotz
2015-09-09 08:45:25 +01:00
cd5643f4d3
Bug 1201438: Add non-sandboxed Windows content processes as target peers for handle duplication. r=bbondy
2015-09-08 11:18:12 +01:00
6dbfc47ad8
Bug 1190032 - Sandbox failure in nsPluginHost::GetPluginTempDir. r=areinald
2015-09-03 19:28:30 -05:00
f44287005f
Bug 1198334 (part 1) - Replace the opt-in FAIL_ON_WARNINGS with the opt-out ALLOW_COMPILER_WARNINGS. r=glandium.
...
The patch removes 455 occurrences of FAIL_ON_WARNINGS from moz.build files, and
adds 78 instances of ALLOW_COMPILER_WARNINGS. About half of those 78 are in
code we control and which should be removable with a little effort.
--HG--
extra : rebase_source : 82e3387abfbd5f1471e953961d301d3d97ed2973
2015-08-27 20:44:53 -07:00
7073895edf
Bug 1196403 - Apply crbug/522201 to support Windows 10 build 10525. r=bobowen
2015-08-25 19:21:08 +09:00
b7a032eb04
Bug 1004011 - Support SECCOMP_FILTER_FLAG_TSYNC if available. r=kang
...
--HG--
extra : rebase_source : 32be610d889fedb518e062a4a416331be21378d3
2015-08-11 16:30:00 -04:00
50e851b877
Bug 830801 - Part 2. Remove NOMINMAX define from moz.build. r=mshal
2015-08-03 10:07:09 +09:00
77826e3c4a
Bug 1171796: Add sandbox rule for child process NSPR log file on Windows. r=bbondy
...
This also moves the initialization of the sandbox TargetServices to earlier in
plugin-container.cpp content_process_main, because it needs to happen before
xul.dll loads.
2015-07-30 10:04:42 +01:00
265ad075b1
Bug 1175881 - about:sync-log can't read files on OS X with e10s on and content process sandbox enabled. r=areinald
2015-07-28 12:09:34 -05:00
315c4ad9c2
Bug 1186709 - Remove MOZ_IMPLICIT from security/sandbox/chromium. r=bobowen
2015-07-23 08:28:00 -04:00
39f6ab2a28
Bug 1157864 - Record chromium patch applied in previous commit. r=me
2015-07-22 15:48:49 -07:00
acfe5cf4cf
Bug 1157864 - chromium sandbox: Fix compilation for systems without <sys/cdefs.h>. r=jld
2015-02-05 22:41:38 +01:00
fc9b22c883
Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=gdestuynder r=glandium
...
This gives us a logging macro that's safe to use in async signal context
(cf. bug 1046210, where we needed this and didn't have it).
This patch also changes one of the format strings to work with
SafeSPrintf's format string dialect; upstream would probably take a
patch to handle those letters, but this is easier.
2015-07-09 12:09:00 +02:00
06bdcaaa33
Bug 1181704 - Import chromium SafeSPrintf. r=bobowen
...
This also imports the unit tests but doesn't arrange to run them.
Including the tests in our xul-gtest is possible but not trivial: there
are logging dependencies, and they use a different #include path for
gtest.h (which we'd need to patch).
Upstream revision: df7cc6c04725630dd4460f29d858a77507343b24.
2015-07-09 12:04:00 +02:00
c00da5ced5
Backed out 2 changesets (bug 1181704) for static build bustage CLOSED TREE
...
Backed out changeset fbf7aca43c3a (bug 1181704)
Backed out changeset 8864c0587ced (bug 1181704)
2015-07-13 16:51:17 -07:00
60984b0ab1
Bug 1181704 - Use chromium SafeSPrintf for sandbox logging. r=kang r=glandium
...
This gives us a logging macro that's safe to use in async signal context
(cf. bug 1046210, where we needed this and didn't have it).
This patch also changes one of the format strings to work with
SafeSPrintf's format string dialect; upstream would probably take a
patch to handle those letters, but this is easier.
2015-07-13 16:17:58 -07:00
c5ffe92d42
Bug 1181704 - Import chromium SafeSPrintf. r=bobowen
...
This does not include the upstream unit tests. Including the tests
in our xul-gtest is possible but not trivial: there are logging
dependencies, and they use a different #include path for gtest.h (which
we'd need to patch).
Upstream revision: df7cc6c04725630dd4460f29d858a77507343b24.
2015-07-13 16:17:58 -07:00
258ad59e3f
Bug 1171931 - Refactor duplicated code using XRE_IsParent/ContentProcess. r=froydnj
2015-07-03 18:29:00 -07:00
2e341f2ff1
Bug 1177594: Use a USER_RESTRICTED token level on GMP process when integrity levels are available. r=cpearce
2015-06-26 14:19:12 +01:00
5f5c327690
Backed out changeset 8b4e4083639e (bug 1171931) for B2G debug emulator bustage.
2015-06-25 19:48:42 -04:00
702a59d135
Bug 1171931 - Refactor duplicated code using XRE_IsParent/ContentProcess. r=froydnj
...
--HG--
extra : rebase_source : 2ecbe6c1dd8a7ad8dc529b53349ad431cf1116c9
2015-06-24 14:11:00 -04:00
cc27f74877
Bug 1172388: Use a USER_RESTRICTED access level token on Windows 10. r=cpearce
2015-06-19 23:35:43 +01:00
1fb9a20a64
Bug 1176085 - Fix second/nanosecond confusion in Linux sandbox start error case. r=kang
...
--HG--
extra : amend_source : e546416d9c058305f4cb00d1c015daaec8ab1362
2015-06-19 14:26:44 -07:00
8d6a67f6d3
Bug 1172216 - Move nsStackwalk to mozglue. r=glandium
...
--HG--
rename : xpcom/base/nsStackWalk.cpp => mozglue/misc/StackWalk.cpp
rename : xpcom/base/nsStackWalk.h => mozglue/misc/StackWalk.h
extra : commitid : EMbWGfjKvdq
extra : rebase_source : b7308eb569cc1a019d3b7a92aaff0de7a49b5682
2015-06-10 16:32:45 -04:00
bef4807107
Bug 1165895: Add NPAPI sandbox rule for the crash server pipe and x64 Temp dir write access. r=bbondy
2015-06-18 12:01:38 +01:00
8ac1db457e
Bug 1168555 - Work around Nuwa not always being single-threaded when a normal content process is. r=kang
2015-06-10 13:38:00 -04:00
9db695d73b
Bug 1055310 - Step 3: Move syscall interceptions into SandboxFilter.cpp. r=kang
...
We can now keep the part of the policy implemented by upcalls to
userspace in the same place as the part of the policy that's handled
entirely in the kernel. This will become more useful in the future
(e.g., bug 930258).
2015-06-05 15:17:40 -07:00
5e4e0f9184
Bug 1055310 - Step 2: Move SIGSYS handling to Chromium TrapRegistry. r=kang
...
This is more complicated than I'd like it to be, because we don't have
a good way to combine a specific trap function's knowledge that we want
to get a crash dump with the SIGSYS handler's copy of the unprocessed
signal info (which breakpad wants). The bpf_dsl interface requires a
specific trap function type (via the TrapRegistry superclass), so even
if we implement our own registry we can't change what's passed to it.
Normally we could use thread-local storage to get around that, but it's
not async signal safe.
As a result there is an imperfect compromise: the trap function returns
a failure with ENOSYS, Chromium's SIGSYS handler writes it into the
context, our SIGSYS handler reads it back out and uses a copy of
the original signal context for the crash dump. Other error codes
(and returning ENOSYS via the seccomp-bpf policy itself) are handled
normally.
2015-06-05 15:17:35 -07:00
3bd337c32c
Bug 1055310 - Step 1: Convert seccomp-bpf policies to Chromium PolicyCompiler. r=kang
...
This completely rewrites SandboxFilter.cpp and removes SandboxAssembler.
System calls are now loosely grouped by what they do, now that order
doesn't matter, and most of the intersection the content and media
plugin whitelists is moved into a common superclass. Hopefully this
improves the readability and comprehensibility of the syscall policies.
Also, the macros that take the syscall name are gone, because a plain
case label usually suffices now (the CASES_FOR_thing macros are a little
unsightly, but they're relatively simple), and at one point we saw
strange macro expansion issues with system header files that #define'd
some syscall names.
The signal handling is not migrated yet, so Trap() actions can't be used
yet; the next patch will take care of that, and to keep the intermediate
state working there's a minimal shim.
Bonus fix: non-const global variables use the "g" prefix; "s" is for
static class members and static variables in a function (where the
default is to allocate a separate copy per instance/activation).
2015-06-05 15:17:32 -07:00
07490a1951
Bug 1166669: Enable process-level mitigations for the Windows content process sandbox. r=tabraldes
2015-06-03 09:13:00 +01:00
51a5fe52f3
Bug 1123759: Set low integrity on NPAPI processes for Windows sandboxing policy level >= 2. r=bbondy, r=bsmedberg
2015-05-22 17:05:45 +01:00
ea7750bcb1
Bug 991983 - Define SOURCES as SourcePath. r=gps
2015-05-28 07:34:15 +09:00
06998bb825
Bug 1162965 - Use /dev/shm instead of /tmp for sandbox chroot if possible. r=kang
2015-05-14 16:19:08 -07:00
8cac570831
Bug 1149718: Fix wow_helper lib path for VS2015. r=glandium
...
--HG--
extra : rebase_source : 91893548992b2c0929abaa4e81bce60e473247ff
2015-05-12 18:20:28 -04:00
94925de358
Bug 1146874 Part 1: Check that Windows sandboxed process starts correctly. r=tabraldes
2015-05-11 08:24:39 +01:00
d65b604e3b
Bug 1158773: Use the same initial and delayed integrity level for Windows content sandbox level 0. r=tabraldes
2015-05-06 10:11:56 +01:00
2343aee19b
Bug 1150515: Set the subsystem to WINDOWS,5.02 for wow_helper so that it runs on WinXP 64-bit. r=glandium
2015-04-30 09:48:03 +01:00
89c80effa2
Bug 1154184 - Don't use Linux sandbox gtest dir if not building tests. r=gps
2015-04-24 17:36:08 -07:00
acb448f5f9
Bug 1153809 - Loosen Mac content process sandbox rules for NVidia and Intel HD 3000 graphics hardware. r=areinald
2015-04-22 14:56:09 -05:00
399276d5fc
Bug 1153348 - Add an analysis to prohibit operator bools which aren't marked as either explicit or MOZ_IMPLICIT; r=jrmuizel
...
This is the counterpart to the existing analysis to catch
constructors which aren't marked as either explicit or
MOZ_IMPLICIT.
2015-04-21 21:40:49 -04:00
ec1aede15a
Bug 1150765 - Add sandbox rules to allow hardware rendering of OpenGL on Mac. r=smichaud
...
--HG--
extra : rebase_source : 1fa38a01840f24b63f27254d434c9e0bc3382309
2015-04-21 11:17:16 +02:00
ba1cc023b7
Bug 1151607 - Step 2: Apply net/ipc namespace separation and chroot to media plugins. r=kang
...
This needs more unit tests for the various pieces of what's going on
here (LinuxCapabilities, SandboxChroot, UnshareUserNamespace()) but
that's nontrivial due to needing a single-threaded process -- and
currently they can't be run on Mozilla's CI anyway due to needing user
namespaces, and local testing can just try using GMP and manually
inspecting the child process. So that will be a followup.
2015-04-10 18:05:19 -07:00
6bf3d102d8
Bug 1151607 - Step 1.5: Avoid unlikely false positives in Linux SandboxInfo feature detection. r=kang
...
Using the equivalent of release assertions in the patch after this one
is easier to justify if I can't come up with vaguely legitimate reasons
why they might fail; this detects the ones I thought of.
2015-04-10 18:05:19 -07:00
32cb9ee32d
Bug 1151607 - Step 1: Add Linux sandboxing hook for when child processes are still single-threaded. r=kang r=bent
...
This means that B2G plugin-container must (dynamically) link against
libmozsandbox in order to call into it before initializing Binder.
(Desktop Linux plugin-container already contains the sandbox code.)
2015-04-10 18:05:19 -07:00
cf24e12150
Bug 1151607 - Step 0: sort includes to make the following patches cleaner. r=kang
2015-04-10 18:05:19 -07:00
077c2e64f4
Bug 1149483: Change content sandbox level 1 to a working low integrity sandbox. r=tabraldes, r=billm
2015-04-05 14:01:38 +01:00
33228918ed
Bug 1110911 - Move Mac sandboxing code into plugin-container. r=cpearce,areinald,jld
2015-04-03 11:51:41 -05:00
e4f543bb58
Bug 1119878 Part 2: Change IPC code to hold ProcessID instead of ProcessHandle. r=billm, r=dvander, r=aklotz, r=cpearce
2015-04-01 09:40:35 +01:00
eef3ca5f6e
Bug 1119878 Part 1: Change SandboxTarget to hold sandbox target services to provide functions. r=aklotz, r=glandium, r=cpearce
2015-04-01 09:40:35 +01:00
e7768682a2
Bug 1147446: Chromium patch to fix memory leak in Windows sandbox sharedmem_ipc_server.cc. r=aklotz
2015-03-26 08:06:04 +00:00
8794504c9f
Merge m-c to inbound a=merge CLOSED TREE
2015-03-23 16:51:22 -07:00
fb38caf19c
Bug 1146192 - Whitelist sched_yield syscall in GMP sandbox on Linux DONTBUILD CLOSED TREE - r=jld
2015-03-24 10:56:49 +13:00
75fa281404
Bug 1146192 - Backed out changeset d2918bcf0d90 for missing bug number - r=me
2015-03-24 10:53:10 +13:00
1d7005b2a5
Bug 1144514 - Whitelist pread64 in content seccomp-bpf policy. r=kang
...
--HG--
extra : histedit_source : b16050ba3308df92df608cc6fc09069d21df6deb
2015-03-19 11:57:00 -04:00
883849ee32
Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj
...
This patch was automatically generated using the following script:
function convert() {
echo "Converting $1 to $2..."
find . \
! -wholename "*/.git*" \
! -wholename "obj-ff-dbg*" \
-type f \
\( -iname "*.cpp" \
-o -iname "*.h" \
-o -iname "*.c" \
-o -iname "*.cc" \
-o -iname "*.idl" \
-o -iname "*.ipdl" \
-o -iname "*.ipdlh" \
-o -iname "*.mm" \) | \
xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}
convert MOZ_OVERRIDE override
convert MOZ_FINAL final
2015-03-21 12:28:04 -04:00
3b412c43dd
Bug 1XXXXXX - Whitelist sched_yield syscall in GMP sandbox on Linux - r=jld
2015-03-24 09:55:36 +13:00
f2a63bbdff
Bug 1145432: Add the policy for the client side of the crash server pipe to the GMP Windows sandbox. r=aklotz
2015-03-20 07:53:37 +00:00
09d9f7bb4a
Bug 1144580 - Whitelist pselect6 in content seccomp-bpf policy. r=kang
2015-03-18 15:30:00 +01:00
f6d18ff6da
Bug 1141906 - Adjust some assertions in Linux sandbox feature detection. r=kang
...
See bug, and comment at top of SandboxInfo.cpp, for rationale.
Bonus fix: reword comment about nested namespace limit; the exact limit
is 33 (not counting the root) but doesn't particularly matter.
2015-03-17 22:50:00 +01:00
d56d610ecf
Bug 1141885 - Make readlink() fail instead of allowing it, for B2G content processes. r=kang
...
--HG--
extra : rebase_source : c9ceababcd741979058361e96161d575a70bd39f
2015-03-13 13:47:56 -07:00
66ca086aa3
Bug 1083344 - Tighten rules for Mac OS content process sandbox on 10.9 and 10.10. r=smichaud
...
Allow read to whole filesystem until chrome:// and file:// URLs are brokered through another process.
Except $HOME/Library in which we allow only access to profile add-ons subdir.
Add level 2, which allows read only from $HOME and /tmp (while still restricting $HOME/Library.
Change default back to 1.
2015-03-12 17:42:50 +01:00
99b4a73239
Bug 1142263 - Specify all syscall parameters when doing CLONE_NEWUSER detection; f=bwc r=kang
2015-03-13 13:01:28 +01:00
2d14f8d244
Bug 906996 - Remove unlink from B2G content process syscall whitelist. r=kang
2015-03-11 12:39:00 +01:00
4fecdb4ceb
Bug 1141169: Add moz.build BUG_COMPONENT metadata for security/sandbox/ r=jld
2015-03-10 08:03:12 +00:00
b08af57c17
Bug 1137166: Change the Content moreStrict sandbox pref to an integer to indicate the level of sandboxing. r=tabraldes
2015-03-10 08:03:12 +00:00
19355a43d5
Bug 1137007 - Detect namespace and SECCOMP_FILTER_FLAG_TSYNC support in SandboxInfo. r=kang, r=Unfocused
...
Currently, only user namespace support is detected. This is targeted at
desktop, where (1) user namespace creation is effectively a prerequisite
for unsharing any other namespace, and (2) any kernel with user
namespace support almost certainly has all the others.
Bonus fix: remove extra copy of sandbox flag key names in about:support;
if JS property iteration order ever ceases to follow creation order, the
table rows could be permuted, but this doesn't really matter.
2015-03-06 13:59:00 -05:00
01e2b0e158
Bug 1140111 - Whitelist readlinkat along with readlink. r=kang
2015-03-07 10:44:23 -05:00
fc8fe2bd7c
Bug 1083344 - Add "allow" sandbox rules to fix mochitests on OSX 10.9 and 10.10. r=smichaud
2015-02-27 16:55:35 +01:00
c5b6b444f2
Bug 1134942 - Whitelist fstatat and unlinkat for B2G content processes. r=gdestuynder
2015-02-20 12:16:00 +01:00
256a142a70
Bug 1083344 - Tighten rules for Mac OS content process sandbox - "rules part". r=smichaud
...
--HG--
extra : histedit_source : f703a6a8abbf500cb882263426776fdb138b73a3
2015-02-21 13:06:34 +01:00
70a296a23b
Bug 1083344 - Tighten rules for Mac OS content process sandbox - "core part". r=smichaud
...
--HG--
extra : histedit_source : 3c904474c57dbf086365cc6b26a55c34b2b449ae
2015-02-18 14:10:27 +01:00
78f86d5dec
Bug 1132021 - Add a new sandbox level for Windows NPAPI to use USER_LIMITED access token level. r=bsmedberg, r=bbondy
2015-02-11 16:25:43 +00:00
7755422e90
Bug 1102195 Part 4: Re-apply - Change a non-conforming usage of a const value type to a non-const value type, which VS2015 rightly rejects, r=bobowen
...
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/c827c112df81
2015-01-07 23:28:51 -08:00
931cf70b78
Bug 1102195 Part 3: Re-apply logging changes to the Chromium interception code. r=tabraldes
...
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/0f763c186855
2014-11-29 17:12:18 +00:00
09607f7c35
Bug 1102195 Part 2: Re-apply pre-vista stdout/err process inheritance change to Chromium code after merge. r=tabraldes
...
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/f94a07671389
2014-11-18 15:11:47 +00:00
a887f0edbd
Bug 1102195 Part 1: Update Chromium sandbox code to commit df7cc6c04725630dd4460f29d858a77507343b24. r=aklotz, r=jld
2015-02-11 08:22:02 +00:00
a6f34cc0d5
Bug 1129369 Part 3: Turn on MITIGATION_STRICT_HANDLE_CHECKS process-level mitigation for the GMP sandbox. r=tabraldes
2015-02-10 09:06:59 +00:00
70afa43d6f
Bug 1129369 Part 2: Turn on BOTTOM_UP_ASLR process-level mitigation for the GMP sandbox. r=tabraldes
2015-02-10 09:06:59 +00:00
1a190016de
Bug 1129369 Part 1: Turn on DEP_NO_ATL_THUNK process-level mitigation for the GMP sandbox. r=tabraldes
2015-02-10 09:06:59 +00:00
1a4af9dc4c
Bug 1127230: Change the NPAPI sandbox prefs to integers to indicate the level of sandboxing. r=bsmedberg
2015-01-30 17:48:15 +00:00
183a6391ad
Bug 1126402: Add a pref to enable a more strict version of the Windows NPAPI process sandbox. r=bsmedberg, r=bbondy
2015-01-29 08:13:07 +00:00
f82c430a64
Bug 1125865: Only log Windows sandbox violations to console when nsContentUtils is initialized. r=bbondy
2015-01-28 11:21:24 +00:00
9bff5f0ad0
Bug 1094370: Use the USER_LOCKDOWN access token for GMP processes. r=aklotz
2015-01-26 10:14:39 +00:00
2d09aed7ed
Bug 1123245 Part 2: Use the USER_NON_ADMIN access token level for Windows NPAPI processes. r=tabraldes
2015-01-23 08:32:21 +00:00
f6a727b6c9
Bug 1123245 Part 1: Enable an open sandbox on Windows NPAPI processes. r=josh, r=tabraldes
2015-01-23 08:32:20 +00:00
f051144a55
Bug 1102213: Move security/sandbox/win/ into security/sandbox/chromium/sandbox/ r=ted
...
--HG--
rename : security/sandbox/win/src/Wow64.cc => security/sandbox/chromium/sandbox/win/src/Wow64.cc
rename : security/sandbox/win/src/Wow64.h => security/sandbox/chromium/sandbox/win/src/Wow64.h
rename : security/sandbox/win/src/Wow64_64.cc => security/sandbox/chromium/sandbox/win/src/Wow64_64.cc
rename : security/sandbox/win/src/acl.cc => security/sandbox/chromium/sandbox/win/src/acl.cc
rename : security/sandbox/win/src/acl.h => security/sandbox/chromium/sandbox/win/src/acl.h
rename : security/sandbox/win/src/app_container.cc => security/sandbox/chromium/sandbox/win/src/app_container.cc
rename : security/sandbox/win/src/app_container.h => security/sandbox/chromium/sandbox/win/src/app_container.h
rename : security/sandbox/win/src/app_container_test.cc => security/sandbox/chromium/sandbox/win/src/app_container_test.cc
rename : security/sandbox/win/src/app_container_unittest.cc => security/sandbox/chromium/sandbox/win/src/app_container_unittest.cc
rename : security/sandbox/win/src/broker_services.cc => security/sandbox/chromium/sandbox/win/src/broker_services.cc
rename : security/sandbox/win/src/broker_services.h => security/sandbox/chromium/sandbox/win/src/broker_services.h
rename : security/sandbox/win/src/crosscall_client.h => security/sandbox/chromium/sandbox/win/src/crosscall_client.h
rename : security/sandbox/win/src/crosscall_params.h => security/sandbox/chromium/sandbox/win/src/crosscall_params.h
rename : security/sandbox/win/src/crosscall_server.cc => security/sandbox/chromium/sandbox/win/src/crosscall_server.cc
rename : security/sandbox/win/src/crosscall_server.h => security/sandbox/chromium/sandbox/win/src/crosscall_server.h
rename : security/sandbox/win/src/eat_resolver.cc => security/sandbox/chromium/sandbox/win/src/eat_resolver.cc
rename : security/sandbox/win/src/eat_resolver.h => security/sandbox/chromium/sandbox/win/src/eat_resolver.h
rename : security/sandbox/win/src/file_policy_test.cc => security/sandbox/chromium/sandbox/win/src/file_policy_test.cc
rename : security/sandbox/win/src/filesystem_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/filesystem_dispatcher.cc
rename : security/sandbox/win/src/filesystem_dispatcher.h => security/sandbox/chromium/sandbox/win/src/filesystem_dispatcher.h
rename : security/sandbox/win/src/filesystem_interception.cc => security/sandbox/chromium/sandbox/win/src/filesystem_interception.cc
rename : security/sandbox/win/src/filesystem_interception.h => security/sandbox/chromium/sandbox/win/src/filesystem_interception.h
rename : security/sandbox/win/src/filesystem_policy.cc => security/sandbox/chromium/sandbox/win/src/filesystem_policy.cc
rename : security/sandbox/win/src/filesystem_policy.h => security/sandbox/chromium/sandbox/win/src/filesystem_policy.h
rename : security/sandbox/win/src/handle_closer.cc => security/sandbox/chromium/sandbox/win/src/handle_closer.cc
rename : security/sandbox/win/src/handle_closer.h => security/sandbox/chromium/sandbox/win/src/handle_closer.h
rename : security/sandbox/win/src/handle_closer_agent.cc => security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc
rename : security/sandbox/win/src/handle_closer_agent.h => security/sandbox/chromium/sandbox/win/src/handle_closer_agent.h
rename : security/sandbox/win/src/handle_closer_test.cc => security/sandbox/chromium/sandbox/win/src/handle_closer_test.cc
rename : security/sandbox/win/src/handle_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/handle_dispatcher.cc
rename : security/sandbox/win/src/handle_dispatcher.h => security/sandbox/chromium/sandbox/win/src/handle_dispatcher.h
rename : security/sandbox/win/src/handle_inheritance_test.cc => security/sandbox/chromium/sandbox/win/src/handle_inheritance_test.cc
rename : security/sandbox/win/src/handle_interception.cc => security/sandbox/chromium/sandbox/win/src/handle_interception.cc
rename : security/sandbox/win/src/handle_interception.h => security/sandbox/chromium/sandbox/win/src/handle_interception.h
rename : security/sandbox/win/src/handle_policy.cc => security/sandbox/chromium/sandbox/win/src/handle_policy.cc
rename : security/sandbox/win/src/handle_policy.h => security/sandbox/chromium/sandbox/win/src/handle_policy.h
rename : security/sandbox/win/src/handle_policy_test.cc => security/sandbox/chromium/sandbox/win/src/handle_policy_test.cc
rename : security/sandbox/win/src/handle_table.cc => security/sandbox/chromium/sandbox/win/src/handle_table.cc
rename : security/sandbox/win/src/handle_table.h => security/sandbox/chromium/sandbox/win/src/handle_table.h
rename : security/sandbox/win/src/integrity_level_test.cc => security/sandbox/chromium/sandbox/win/src/integrity_level_test.cc
rename : security/sandbox/win/src/interception.cc => security/sandbox/chromium/sandbox/win/src/interception.cc
rename : security/sandbox/win/src/interception.h => security/sandbox/chromium/sandbox/win/src/interception.h
rename : security/sandbox/win/src/interception_agent.cc => security/sandbox/chromium/sandbox/win/src/interception_agent.cc
rename : security/sandbox/win/src/interception_agent.h => security/sandbox/chromium/sandbox/win/src/interception_agent.h
rename : security/sandbox/win/src/interception_internal.h => security/sandbox/chromium/sandbox/win/src/interception_internal.h
rename : security/sandbox/win/src/interception_unittest.cc => security/sandbox/chromium/sandbox/win/src/interception_unittest.cc
rename : security/sandbox/win/src/interceptors.h => security/sandbox/chromium/sandbox/win/src/interceptors.h
rename : security/sandbox/win/src/interceptors_64.cc => security/sandbox/chromium/sandbox/win/src/interceptors_64.cc
rename : security/sandbox/win/src/interceptors_64.h => security/sandbox/chromium/sandbox/win/src/interceptors_64.h
rename : security/sandbox/win/src/internal_types.h => security/sandbox/chromium/sandbox/win/src/internal_types.h
rename : security/sandbox/win/src/ipc_ping_test.cc => security/sandbox/chromium/sandbox/win/src/ipc_ping_test.cc
rename : security/sandbox/win/src/ipc_tags.h => security/sandbox/chromium/sandbox/win/src/ipc_tags.h
rename : security/sandbox/win/src/ipc_unittest.cc => security/sandbox/chromium/sandbox/win/src/ipc_unittest.cc
rename : security/sandbox/win/src/job.cc => security/sandbox/chromium/sandbox/win/src/job.cc
rename : security/sandbox/win/src/job.h => security/sandbox/chromium/sandbox/win/src/job.h
rename : security/sandbox/win/src/job_unittest.cc => security/sandbox/chromium/sandbox/win/src/job_unittest.cc
rename : security/sandbox/win/src/named_pipe_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/named_pipe_dispatcher.cc
rename : security/sandbox/win/src/named_pipe_dispatcher.h => security/sandbox/chromium/sandbox/win/src/named_pipe_dispatcher.h
rename : security/sandbox/win/src/named_pipe_interception.cc => security/sandbox/chromium/sandbox/win/src/named_pipe_interception.cc
rename : security/sandbox/win/src/named_pipe_interception.h => security/sandbox/chromium/sandbox/win/src/named_pipe_interception.h
rename : security/sandbox/win/src/named_pipe_policy.cc => security/sandbox/chromium/sandbox/win/src/named_pipe_policy.cc
rename : security/sandbox/win/src/named_pipe_policy.h => security/sandbox/chromium/sandbox/win/src/named_pipe_policy.h
rename : security/sandbox/win/src/named_pipe_policy_test.cc => security/sandbox/chromium/sandbox/win/src/named_pipe_policy_test.cc
rename : security/sandbox/win/src/nt_internals.h => security/sandbox/chromium/sandbox/win/src/nt_internals.h
rename : security/sandbox/win/src/policy_broker.cc => security/sandbox/chromium/sandbox/win/src/policy_broker.cc
rename : security/sandbox/win/src/policy_broker.h => security/sandbox/chromium/sandbox/win/src/policy_broker.h
rename : security/sandbox/win/src/policy_engine_opcodes.cc => security/sandbox/chromium/sandbox/win/src/policy_engine_opcodes.cc
rename : security/sandbox/win/src/policy_engine_opcodes.h => security/sandbox/chromium/sandbox/win/src/policy_engine_opcodes.h
rename : security/sandbox/win/src/policy_engine_params.h => security/sandbox/chromium/sandbox/win/src/policy_engine_params.h
rename : security/sandbox/win/src/policy_engine_processor.cc => security/sandbox/chromium/sandbox/win/src/policy_engine_processor.cc
rename : security/sandbox/win/src/policy_engine_processor.h => security/sandbox/chromium/sandbox/win/src/policy_engine_processor.h
rename : security/sandbox/win/src/policy_engine_unittest.cc => security/sandbox/chromium/sandbox/win/src/policy_engine_unittest.cc
rename : security/sandbox/win/src/policy_low_level.cc => security/sandbox/chromium/sandbox/win/src/policy_low_level.cc
rename : security/sandbox/win/src/policy_low_level.h => security/sandbox/chromium/sandbox/win/src/policy_low_level.h
rename : security/sandbox/win/src/policy_low_level_unittest.cc => security/sandbox/chromium/sandbox/win/src/policy_low_level_unittest.cc
rename : security/sandbox/win/src/policy_opcodes_unittest.cc => security/sandbox/chromium/sandbox/win/src/policy_opcodes_unittest.cc
rename : security/sandbox/win/src/policy_params.h => security/sandbox/chromium/sandbox/win/src/policy_params.h
rename : security/sandbox/win/src/policy_target.cc => security/sandbox/chromium/sandbox/win/src/policy_target.cc
rename : security/sandbox/win/src/policy_target.h => security/sandbox/chromium/sandbox/win/src/policy_target.h
rename : security/sandbox/win/src/policy_target_test.cc => security/sandbox/chromium/sandbox/win/src/policy_target_test.cc
rename : security/sandbox/win/src/process_mitigations.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations.cc
rename : security/sandbox/win/src/process_mitigations.h => security/sandbox/chromium/sandbox/win/src/process_mitigations.h
rename : security/sandbox/win/src/process_mitigations_test.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations_test.cc
rename : security/sandbox/win/src/process_mitigations_win32k_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_dispatcher.cc
rename : security/sandbox/win/src/process_mitigations_win32k_dispatcher.h => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_dispatcher.h
rename : security/sandbox/win/src/process_mitigations_win32k_interception.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_interception.cc
rename : security/sandbox/win/src/process_mitigations_win32k_interception.h => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_interception.h
rename : security/sandbox/win/src/process_mitigations_win32k_policy.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_policy.cc
rename : security/sandbox/win/src/process_mitigations_win32k_policy.h => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_policy.h
rename : security/sandbox/win/src/process_policy_test.cc => security/sandbox/chromium/sandbox/win/src/process_policy_test.cc
rename : security/sandbox/win/src/process_thread_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/process_thread_dispatcher.cc
rename : security/sandbox/win/src/process_thread_dispatcher.h => security/sandbox/chromium/sandbox/win/src/process_thread_dispatcher.h
rename : security/sandbox/win/src/process_thread_interception.cc => security/sandbox/chromium/sandbox/win/src/process_thread_interception.cc
rename : security/sandbox/win/src/process_thread_interception.h => security/sandbox/chromium/sandbox/win/src/process_thread_interception.h
rename : security/sandbox/win/src/process_thread_policy.cc => security/sandbox/chromium/sandbox/win/src/process_thread_policy.cc
rename : security/sandbox/win/src/process_thread_policy.h => security/sandbox/chromium/sandbox/win/src/process_thread_policy.h
rename : security/sandbox/win/src/registry_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/registry_dispatcher.cc
rename : security/sandbox/win/src/registry_dispatcher.h => security/sandbox/chromium/sandbox/win/src/registry_dispatcher.h
rename : security/sandbox/win/src/registry_interception.cc => security/sandbox/chromium/sandbox/win/src/registry_interception.cc
rename : security/sandbox/win/src/registry_interception.h => security/sandbox/chromium/sandbox/win/src/registry_interception.h
rename : security/sandbox/win/src/registry_policy.cc => security/sandbox/chromium/sandbox/win/src/registry_policy.cc
rename : security/sandbox/win/src/registry_policy.h => security/sandbox/chromium/sandbox/win/src/registry_policy.h
rename : security/sandbox/win/src/registry_policy_test.cc => security/sandbox/chromium/sandbox/win/src/registry_policy_test.cc
rename : security/sandbox/win/src/resolver.cc => security/sandbox/chromium/sandbox/win/src/resolver.cc
rename : security/sandbox/win/src/resolver.h => security/sandbox/chromium/sandbox/win/src/resolver.h
rename : security/sandbox/win/src/resolver_32.cc => security/sandbox/chromium/sandbox/win/src/resolver_32.cc
rename : security/sandbox/win/src/resolver_64.cc => security/sandbox/chromium/sandbox/win/src/resolver_64.cc
rename : security/sandbox/win/src/restricted_token.cc => security/sandbox/chromium/sandbox/win/src/restricted_token.cc
rename : security/sandbox/win/src/restricted_token.h => security/sandbox/chromium/sandbox/win/src/restricted_token.h
rename : security/sandbox/win/src/restricted_token_unittest.cc => security/sandbox/chromium/sandbox/win/src/restricted_token_unittest.cc
rename : security/sandbox/win/src/restricted_token_utils.cc => security/sandbox/chromium/sandbox/win/src/restricted_token_utils.cc
rename : security/sandbox/win/src/restricted_token_utils.h => security/sandbox/chromium/sandbox/win/src/restricted_token_utils.h
rename : security/sandbox/win/src/sandbox.cc => security/sandbox/chromium/sandbox/win/src/sandbox.cc
rename : security/sandbox/win/src/sandbox.h => security/sandbox/chromium/sandbox/win/src/sandbox.h
rename : security/sandbox/win/src/sandbox.vcproj => security/sandbox/chromium/sandbox/win/src/sandbox.vcproj
rename : security/sandbox/win/src/sandbox_factory.h => security/sandbox/chromium/sandbox/win/src/sandbox_factory.h
rename : security/sandbox/win/src/sandbox_globals.cc => security/sandbox/chromium/sandbox/win/src/sandbox_globals.cc
rename : security/sandbox/win/src/sandbox_nt_types.h => security/sandbox/chromium/sandbox/win/src/sandbox_nt_types.h
rename : security/sandbox/win/src/sandbox_nt_util.cc => security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc
rename : security/sandbox/win/src/sandbox_nt_util.h => security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h
rename : security/sandbox/win/src/sandbox_policy.h => security/sandbox/chromium/sandbox/win/src/sandbox_policy.h
rename : security/sandbox/win/src/sandbox_policy_base.cc => security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc
rename : security/sandbox/win/src/sandbox_policy_base.h => security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.h
rename : security/sandbox/win/src/sandbox_types.h => security/sandbox/chromium/sandbox/win/src/sandbox_types.h
rename : security/sandbox/win/src/sandbox_utils.cc => security/sandbox/chromium/sandbox/win/src/sandbox_utils.cc
rename : security/sandbox/win/src/sandbox_utils.h => security/sandbox/chromium/sandbox/win/src/sandbox_utils.h
rename : security/sandbox/win/src/security_level.h => security/sandbox/chromium/sandbox/win/src/security_level.h
rename : security/sandbox/win/src/service_resolver.cc => security/sandbox/chromium/sandbox/win/src/service_resolver.cc
rename : security/sandbox/win/src/service_resolver.h => security/sandbox/chromium/sandbox/win/src/service_resolver.h
rename : security/sandbox/win/src/service_resolver_32.cc => security/sandbox/chromium/sandbox/win/src/service_resolver_32.cc
rename : security/sandbox/win/src/service_resolver_64.cc => security/sandbox/chromium/sandbox/win/src/service_resolver_64.cc
rename : security/sandbox/win/src/service_resolver_unittest.cc => security/sandbox/chromium/sandbox/win/src/service_resolver_unittest.cc
rename : security/sandbox/win/src/shared_handles.cc => security/sandbox/chromium/sandbox/win/src/shared_handles.cc
rename : security/sandbox/win/src/shared_handles.h => security/sandbox/chromium/sandbox/win/src/shared_handles.h
rename : security/sandbox/win/src/sharedmem_ipc_client.cc => security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_client.cc
rename : security/sandbox/win/src/sharedmem_ipc_client.h => security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_client.h
rename : security/sandbox/win/src/sharedmem_ipc_server.cc => security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_server.cc
rename : security/sandbox/win/src/sharedmem_ipc_server.h => security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_server.h
rename : security/sandbox/win/src/sid.cc => security/sandbox/chromium/sandbox/win/src/sid.cc
rename : security/sandbox/win/src/sid.h => security/sandbox/chromium/sandbox/win/src/sid.h
rename : security/sandbox/win/src/sid_unittest.cc => security/sandbox/chromium/sandbox/win/src/sid_unittest.cc
rename : security/sandbox/win/src/sidestep/ia32_modrm_map.cpp => security/sandbox/chromium/sandbox/win/src/sidestep/ia32_modrm_map.cpp
rename : security/sandbox/win/src/sidestep/ia32_opcode_map.cpp => security/sandbox/chromium/sandbox/win/src/sidestep/ia32_opcode_map.cpp
rename : security/sandbox/win/src/sidestep/mini_disassembler.cpp => security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler.cpp
rename : security/sandbox/win/src/sidestep/mini_disassembler.h => security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler.h
rename : security/sandbox/win/src/sidestep/mini_disassembler_types.h => security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h
rename : security/sandbox/win/src/sidestep/preamble_patcher.h => security/sandbox/chromium/sandbox/win/src/sidestep/preamble_patcher.h
rename : security/sandbox/win/src/sidestep/preamble_patcher_with_stub.cpp => security/sandbox/chromium/sandbox/win/src/sidestep/preamble_patcher_with_stub.cpp
rename : security/sandbox/win/src/sidestep_resolver.cc => security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc
rename : security/sandbox/win/src/sidestep_resolver.h => security/sandbox/chromium/sandbox/win/src/sidestep_resolver.h
rename : security/sandbox/win/src/sync_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/sync_dispatcher.cc
rename : security/sandbox/win/src/sync_dispatcher.h => security/sandbox/chromium/sandbox/win/src/sync_dispatcher.h
rename : security/sandbox/win/src/sync_interception.cc => security/sandbox/chromium/sandbox/win/src/sync_interception.cc
rename : security/sandbox/win/src/sync_interception.h => security/sandbox/chromium/sandbox/win/src/sync_interception.h
rename : security/sandbox/win/src/sync_policy.cc => security/sandbox/chromium/sandbox/win/src/sync_policy.cc
rename : security/sandbox/win/src/sync_policy.h => security/sandbox/chromium/sandbox/win/src/sync_policy.h
rename : security/sandbox/win/src/sync_policy_test.cc => security/sandbox/chromium/sandbox/win/src/sync_policy_test.cc
rename : security/sandbox/win/src/sync_policy_test.h => security/sandbox/chromium/sandbox/win/src/sync_policy_test.h
rename : security/sandbox/win/src/target_interceptions.cc => security/sandbox/chromium/sandbox/win/src/target_interceptions.cc
rename : security/sandbox/win/src/target_interceptions.h => security/sandbox/chromium/sandbox/win/src/target_interceptions.h
rename : security/sandbox/win/src/target_process.cc => security/sandbox/chromium/sandbox/win/src/target_process.cc
rename : security/sandbox/win/src/target_process.h => security/sandbox/chromium/sandbox/win/src/target_process.h
rename : security/sandbox/win/src/target_services.cc => security/sandbox/chromium/sandbox/win/src/target_services.cc
rename : security/sandbox/win/src/target_services.h => security/sandbox/chromium/sandbox/win/src/target_services.h
rename : security/sandbox/win/src/threadpool_unittest.cc => security/sandbox/chromium/sandbox/win/src/threadpool_unittest.cc
rename : security/sandbox/win/src/unload_dll_test.cc => security/sandbox/chromium/sandbox/win/src/unload_dll_test.cc
rename : security/sandbox/win/src/win2k_threadpool.cc => security/sandbox/chromium/sandbox/win/src/win2k_threadpool.cc
rename : security/sandbox/win/src/win2k_threadpool.h => security/sandbox/chromium/sandbox/win/src/win2k_threadpool.h
rename : security/sandbox/win/src/win_utils.cc => security/sandbox/chromium/sandbox/win/src/win_utils.cc
rename : security/sandbox/win/src/win_utils.h => security/sandbox/chromium/sandbox/win/src/win_utils.h
rename : security/sandbox/win/src/win_utils_unittest.cc => security/sandbox/chromium/sandbox/win/src/win_utils_unittest.cc
rename : security/sandbox/win/src/window.cc => security/sandbox/chromium/sandbox/win/src/window.cc
rename : security/sandbox/win/src/window.h => security/sandbox/chromium/sandbox/win/src/window.h
2015-01-22 08:37:31 +00:00
d1e58e9137
Bug 1102215: Move security/sandbox/chromium/base/shim/ to new directory security/sandbox/chromium-shim/ r=ted
...
--HG--
rename : security/sandbox/chromium/base/shim/base/gtest_prod_util.h => security/sandbox/chromium-shim/base/gtest_prod_util.h
rename : security/sandbox/chromium/base/shim/base/logging.cpp => security/sandbox/chromium-shim/base/logging.cpp
rename : security/sandbox/chromium/base/shim/base/strings/string_piece.h => security/sandbox/chromium-shim/base/strings/string_piece.h
rename : security/sandbox/chromium/base/shim/base/third_party/nspr/prtime.h => security/sandbox/chromium-shim/base/third_party/nspr/prtime.h
rename : security/sandbox/chromium/base/shim/base/third_party/nspr/prtypes.h => security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h
rename : security/sandbox/chromium/base/shim/base/threading/thread_local_storage.h => security/sandbox/chromium-shim/base/threading/thread_local_storage.h
rename : security/sandbox/chromium/base/shim/base/tracked_objects.h => security/sandbox/chromium-shim/base/tracked_objects.h
rename : security/sandbox/chromium/base/shim/base/win/registry.h => security/sandbox/chromium-shim/base/win/registry.h
rename : security/sandbox/chromium/base/shim/sdkdecls.h => security/sandbox/chromium-shim/base/win/sdkdecls.h
rename : security/sandbox/win/src/logging/loggingCallbacks.h => security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h
rename : security/sandbox/win/src/logging/loggingTypes.h => security/sandbox/chromium-shim/sandbox/win/loggingTypes.h
rename : security/sandbox/win/src/logging/sandboxLogging.cpp => security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp
rename : security/sandbox/win/src/logging/sandboxLogging.h => security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h
2015-01-22 08:37:30 +00:00
a7e3f06626
Bug 1102211: Move security/sandbox/build/ into security/sandbox/chromium/ r=ted
...
--HG--
rename : security/sandbox/build/build_config.h => security/sandbox/chromium/build/build_config.h
rename : security/sandbox/chromium-commit-status.txt => security/sandbox/moz-chromium-commit-status.txt
2015-01-22 08:37:30 +00:00
0db90d7550
Backed out changeset 4ccaf5ae9ced (bug 1102211) for bustage on a CLOSED TREE
...
--HG--
rename : security/sandbox/chromium/build/build_config.h => security/sandbox/build/build_config.h
rename : security/sandbox/moz-chromium-commit-status.txt => security/sandbox/chromium-commit-status.txt
2015-01-22 10:25:39 +01:00
8347439402
Backed out changeset 43f1f9eef449 (bug 1102215)
...
--HG--
rename : security/sandbox/chromium-shim/base/gtest_prod_util.h => security/sandbox/chromium/base/shim/base/gtest_prod_util.h
rename : security/sandbox/chromium-shim/base/logging.cpp => security/sandbox/chromium/base/shim/base/logging.cpp
rename : security/sandbox/chromium-shim/base/strings/string_piece.h => security/sandbox/chromium/base/shim/base/strings/string_piece.h
rename : security/sandbox/chromium-shim/base/third_party/nspr/prtime.h => security/sandbox/chromium/base/shim/base/third_party/nspr/prtime.h
rename : security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h => security/sandbox/chromium/base/shim/base/third_party/nspr/prtypes.h
rename : security/sandbox/chromium-shim/base/threading/thread_local_storage.h => security/sandbox/chromium/base/shim/base/threading/thread_local_storage.h
rename : security/sandbox/chromium-shim/base/tracked_objects.h => security/sandbox/chromium/base/shim/base/tracked_objects.h
rename : security/sandbox/chromium-shim/base/win/registry.h => security/sandbox/chromium/base/shim/base/win/registry.h
rename : security/sandbox/chromium-shim/base/win/sdkdecls.h => security/sandbox/chromium/base/shim/sdkdecls.h
rename : security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h => security/sandbox/win/src/logging/loggingCallbacks.h
rename : security/sandbox/chromium-shim/sandbox/win/loggingTypes.h => security/sandbox/win/src/logging/loggingTypes.h
rename : security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp => security/sandbox/win/src/logging/sandboxLogging.cpp
rename : security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h => security/sandbox/win/src/logging/sandboxLogging.h
2015-01-22 10:25:03 +01:00
3a65cb4567
Backed out changeset c607c8d4dacf (bug 1102213)
...
--HG--
rename : security/sandbox/chromium/sandbox/win/src/Wow64.cc => security/sandbox/win/src/Wow64.cc
rename : security/sandbox/chromium/sandbox/win/src/Wow64.h => security/sandbox/win/src/Wow64.h
rename : security/sandbox/chromium/sandbox/win/src/Wow64_64.cc => security/sandbox/win/src/Wow64_64.cc
rename : security/sandbox/chromium/sandbox/win/src/acl.cc => security/sandbox/win/src/acl.cc
rename : security/sandbox/chromium/sandbox/win/src/acl.h => security/sandbox/win/src/acl.h
rename : security/sandbox/chromium/sandbox/win/src/app_container.cc => security/sandbox/win/src/app_container.cc
rename : security/sandbox/chromium/sandbox/win/src/app_container.h => security/sandbox/win/src/app_container.h
rename : security/sandbox/chromium/sandbox/win/src/app_container_test.cc => security/sandbox/win/src/app_container_test.cc
rename : security/sandbox/chromium/sandbox/win/src/app_container_unittest.cc => security/sandbox/win/src/app_container_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/broker_services.cc => security/sandbox/win/src/broker_services.cc
rename : security/sandbox/chromium/sandbox/win/src/broker_services.h => security/sandbox/win/src/broker_services.h
rename : security/sandbox/chromium/sandbox/win/src/crosscall_client.h => security/sandbox/win/src/crosscall_client.h
rename : security/sandbox/chromium/sandbox/win/src/crosscall_params.h => security/sandbox/win/src/crosscall_params.h
rename : security/sandbox/chromium/sandbox/win/src/crosscall_server.cc => security/sandbox/win/src/crosscall_server.cc
rename : security/sandbox/chromium/sandbox/win/src/crosscall_server.h => security/sandbox/win/src/crosscall_server.h
rename : security/sandbox/chromium/sandbox/win/src/eat_resolver.cc => security/sandbox/win/src/eat_resolver.cc
rename : security/sandbox/chromium/sandbox/win/src/eat_resolver.h => security/sandbox/win/src/eat_resolver.h
rename : security/sandbox/chromium/sandbox/win/src/file_policy_test.cc => security/sandbox/win/src/file_policy_test.cc
rename : security/sandbox/chromium/sandbox/win/src/filesystem_dispatcher.cc => security/sandbox/win/src/filesystem_dispatcher.cc
rename : security/sandbox/chromium/sandbox/win/src/filesystem_dispatcher.h => security/sandbox/win/src/filesystem_dispatcher.h
rename : security/sandbox/chromium/sandbox/win/src/filesystem_interception.cc => security/sandbox/win/src/filesystem_interception.cc
rename : security/sandbox/chromium/sandbox/win/src/filesystem_interception.h => security/sandbox/win/src/filesystem_interception.h
rename : security/sandbox/chromium/sandbox/win/src/filesystem_policy.cc => security/sandbox/win/src/filesystem_policy.cc
rename : security/sandbox/chromium/sandbox/win/src/filesystem_policy.h => security/sandbox/win/src/filesystem_policy.h
rename : security/sandbox/chromium/sandbox/win/src/handle_closer.cc => security/sandbox/win/src/handle_closer.cc
rename : security/sandbox/chromium/sandbox/win/src/handle_closer.h => security/sandbox/win/src/handle_closer.h
rename : security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc => security/sandbox/win/src/handle_closer_agent.cc
rename : security/sandbox/chromium/sandbox/win/src/handle_closer_agent.h => security/sandbox/win/src/handle_closer_agent.h
rename : security/sandbox/chromium/sandbox/win/src/handle_closer_test.cc => security/sandbox/win/src/handle_closer_test.cc
rename : security/sandbox/chromium/sandbox/win/src/handle_dispatcher.cc => security/sandbox/win/src/handle_dispatcher.cc
rename : security/sandbox/chromium/sandbox/win/src/handle_dispatcher.h => security/sandbox/win/src/handle_dispatcher.h
rename : security/sandbox/chromium/sandbox/win/src/handle_inheritance_test.cc => security/sandbox/win/src/handle_inheritance_test.cc
rename : security/sandbox/chromium/sandbox/win/src/handle_interception.cc => security/sandbox/win/src/handle_interception.cc
rename : security/sandbox/chromium/sandbox/win/src/handle_interception.h => security/sandbox/win/src/handle_interception.h
rename : security/sandbox/chromium/sandbox/win/src/handle_policy.cc => security/sandbox/win/src/handle_policy.cc
rename : security/sandbox/chromium/sandbox/win/src/handle_policy.h => security/sandbox/win/src/handle_policy.h
rename : security/sandbox/chromium/sandbox/win/src/handle_policy_test.cc => security/sandbox/win/src/handle_policy_test.cc
rename : security/sandbox/chromium/sandbox/win/src/handle_table.cc => security/sandbox/win/src/handle_table.cc
rename : security/sandbox/chromium/sandbox/win/src/handle_table.h => security/sandbox/win/src/handle_table.h
rename : security/sandbox/chromium/sandbox/win/src/integrity_level_test.cc => security/sandbox/win/src/integrity_level_test.cc
rename : security/sandbox/chromium/sandbox/win/src/interception.cc => security/sandbox/win/src/interception.cc
rename : security/sandbox/chromium/sandbox/win/src/interception.h => security/sandbox/win/src/interception.h
rename : security/sandbox/chromium/sandbox/win/src/interception_agent.cc => security/sandbox/win/src/interception_agent.cc
rename : security/sandbox/chromium/sandbox/win/src/interception_agent.h => security/sandbox/win/src/interception_agent.h
rename : security/sandbox/chromium/sandbox/win/src/interception_internal.h => security/sandbox/win/src/interception_internal.h
rename : security/sandbox/chromium/sandbox/win/src/interception_unittest.cc => security/sandbox/win/src/interception_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/interceptors.h => security/sandbox/win/src/interceptors.h
rename : security/sandbox/chromium/sandbox/win/src/interceptors_64.cc => security/sandbox/win/src/interceptors_64.cc
rename : security/sandbox/chromium/sandbox/win/src/interceptors_64.h => security/sandbox/win/src/interceptors_64.h
rename : security/sandbox/chromium/sandbox/win/src/internal_types.h => security/sandbox/win/src/internal_types.h
rename : security/sandbox/chromium/sandbox/win/src/ipc_ping_test.cc => security/sandbox/win/src/ipc_ping_test.cc
rename : security/sandbox/chromium/sandbox/win/src/ipc_tags.h => security/sandbox/win/src/ipc_tags.h
rename : security/sandbox/chromium/sandbox/win/src/ipc_unittest.cc => security/sandbox/win/src/ipc_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/job.cc => security/sandbox/win/src/job.cc
rename : security/sandbox/chromium/sandbox/win/src/job.h => security/sandbox/win/src/job.h
rename : security/sandbox/chromium/sandbox/win/src/job_unittest.cc => security/sandbox/win/src/job_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/named_pipe_dispatcher.cc => security/sandbox/win/src/named_pipe_dispatcher.cc
rename : security/sandbox/chromium/sandbox/win/src/named_pipe_dispatcher.h => security/sandbox/win/src/named_pipe_dispatcher.h
rename : security/sandbox/chromium/sandbox/win/src/named_pipe_interception.cc => security/sandbox/win/src/named_pipe_interception.cc
rename : security/sandbox/chromium/sandbox/win/src/named_pipe_interception.h => security/sandbox/win/src/named_pipe_interception.h
rename : security/sandbox/chromium/sandbox/win/src/named_pipe_policy.cc => security/sandbox/win/src/named_pipe_policy.cc
rename : security/sandbox/chromium/sandbox/win/src/named_pipe_policy.h => security/sandbox/win/src/named_pipe_policy.h
rename : security/sandbox/chromium/sandbox/win/src/named_pipe_policy_test.cc => security/sandbox/win/src/named_pipe_policy_test.cc
rename : security/sandbox/chromium/sandbox/win/src/nt_internals.h => security/sandbox/win/src/nt_internals.h
rename : security/sandbox/chromium/sandbox/win/src/policy_broker.cc => security/sandbox/win/src/policy_broker.cc
rename : security/sandbox/chromium/sandbox/win/src/policy_broker.h => security/sandbox/win/src/policy_broker.h
rename : security/sandbox/chromium/sandbox/win/src/policy_engine_opcodes.cc => security/sandbox/win/src/policy_engine_opcodes.cc
rename : security/sandbox/chromium/sandbox/win/src/policy_engine_opcodes.h => security/sandbox/win/src/policy_engine_opcodes.h
rename : security/sandbox/chromium/sandbox/win/src/policy_engine_params.h => security/sandbox/win/src/policy_engine_params.h
rename : security/sandbox/chromium/sandbox/win/src/policy_engine_processor.cc => security/sandbox/win/src/policy_engine_processor.cc
rename : security/sandbox/chromium/sandbox/win/src/policy_engine_processor.h => security/sandbox/win/src/policy_engine_processor.h
rename : security/sandbox/chromium/sandbox/win/src/policy_engine_unittest.cc => security/sandbox/win/src/policy_engine_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/policy_low_level.cc => security/sandbox/win/src/policy_low_level.cc
rename : security/sandbox/chromium/sandbox/win/src/policy_low_level.h => security/sandbox/win/src/policy_low_level.h
rename : security/sandbox/chromium/sandbox/win/src/policy_low_level_unittest.cc => security/sandbox/win/src/policy_low_level_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/policy_opcodes_unittest.cc => security/sandbox/win/src/policy_opcodes_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/policy_params.h => security/sandbox/win/src/policy_params.h
rename : security/sandbox/chromium/sandbox/win/src/policy_target.cc => security/sandbox/win/src/policy_target.cc
rename : security/sandbox/chromium/sandbox/win/src/policy_target.h => security/sandbox/win/src/policy_target.h
rename : security/sandbox/chromium/sandbox/win/src/policy_target_test.cc => security/sandbox/win/src/policy_target_test.cc
rename : security/sandbox/chromium/sandbox/win/src/process_mitigations.cc => security/sandbox/win/src/process_mitigations.cc
rename : security/sandbox/chromium/sandbox/win/src/process_mitigations.h => security/sandbox/win/src/process_mitigations.h
rename : security/sandbox/chromium/sandbox/win/src/process_mitigations_test.cc => security/sandbox/win/src/process_mitigations_test.cc
rename : security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_dispatcher.cc => security/sandbox/win/src/process_mitigations_win32k_dispatcher.cc
rename : security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_dispatcher.h => security/sandbox/win/src/process_mitigations_win32k_dispatcher.h
rename : security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_interception.cc => security/sandbox/win/src/process_mitigations_win32k_interception.cc
rename : security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_interception.h => security/sandbox/win/src/process_mitigations_win32k_interception.h
rename : security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_policy.cc => security/sandbox/win/src/process_mitigations_win32k_policy.cc
rename : security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_policy.h => security/sandbox/win/src/process_mitigations_win32k_policy.h
rename : security/sandbox/chromium/sandbox/win/src/process_policy_test.cc => security/sandbox/win/src/process_policy_test.cc
rename : security/sandbox/chromium/sandbox/win/src/process_thread_dispatcher.cc => security/sandbox/win/src/process_thread_dispatcher.cc
rename : security/sandbox/chromium/sandbox/win/src/process_thread_dispatcher.h => security/sandbox/win/src/process_thread_dispatcher.h
rename : security/sandbox/chromium/sandbox/win/src/process_thread_interception.cc => security/sandbox/win/src/process_thread_interception.cc
rename : security/sandbox/chromium/sandbox/win/src/process_thread_interception.h => security/sandbox/win/src/process_thread_interception.h
rename : security/sandbox/chromium/sandbox/win/src/process_thread_policy.cc => security/sandbox/win/src/process_thread_policy.cc
rename : security/sandbox/chromium/sandbox/win/src/process_thread_policy.h => security/sandbox/win/src/process_thread_policy.h
rename : security/sandbox/chromium/sandbox/win/src/registry_dispatcher.cc => security/sandbox/win/src/registry_dispatcher.cc
rename : security/sandbox/chromium/sandbox/win/src/registry_dispatcher.h => security/sandbox/win/src/registry_dispatcher.h
rename : security/sandbox/chromium/sandbox/win/src/registry_interception.cc => security/sandbox/win/src/registry_interception.cc
rename : security/sandbox/chromium/sandbox/win/src/registry_interception.h => security/sandbox/win/src/registry_interception.h
rename : security/sandbox/chromium/sandbox/win/src/registry_policy.cc => security/sandbox/win/src/registry_policy.cc
rename : security/sandbox/chromium/sandbox/win/src/registry_policy.h => security/sandbox/win/src/registry_policy.h
rename : security/sandbox/chromium/sandbox/win/src/registry_policy_test.cc => security/sandbox/win/src/registry_policy_test.cc
rename : security/sandbox/chromium/sandbox/win/src/resolver.cc => security/sandbox/win/src/resolver.cc
rename : security/sandbox/chromium/sandbox/win/src/resolver.h => security/sandbox/win/src/resolver.h
rename : security/sandbox/chromium/sandbox/win/src/resolver_32.cc => security/sandbox/win/src/resolver_32.cc
rename : security/sandbox/chromium/sandbox/win/src/resolver_64.cc => security/sandbox/win/src/resolver_64.cc
rename : security/sandbox/chromium/sandbox/win/src/restricted_token.cc => security/sandbox/win/src/restricted_token.cc
rename : security/sandbox/chromium/sandbox/win/src/restricted_token.h => security/sandbox/win/src/restricted_token.h
rename : security/sandbox/chromium/sandbox/win/src/restricted_token_unittest.cc => security/sandbox/win/src/restricted_token_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/restricted_token_utils.cc => security/sandbox/win/src/restricted_token_utils.cc
rename : security/sandbox/chromium/sandbox/win/src/restricted_token_utils.h => security/sandbox/win/src/restricted_token_utils.h
rename : security/sandbox/chromium/sandbox/win/src/sandbox.cc => security/sandbox/win/src/sandbox.cc
rename : security/sandbox/chromium/sandbox/win/src/sandbox.h => security/sandbox/win/src/sandbox.h
rename : security/sandbox/chromium/sandbox/win/src/sandbox.vcproj => security/sandbox/win/src/sandbox.vcproj
rename : security/sandbox/chromium/sandbox/win/src/sandbox_factory.h => security/sandbox/win/src/sandbox_factory.h
rename : security/sandbox/chromium/sandbox/win/src/sandbox_globals.cc => security/sandbox/win/src/sandbox_globals.cc
rename : security/sandbox/chromium/sandbox/win/src/sandbox_nt_types.h => security/sandbox/win/src/sandbox_nt_types.h
rename : security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc => security/sandbox/win/src/sandbox_nt_util.cc
rename : security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h => security/sandbox/win/src/sandbox_nt_util.h
rename : security/sandbox/chromium/sandbox/win/src/sandbox_policy.h => security/sandbox/win/src/sandbox_policy.h
rename : security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc => security/sandbox/win/src/sandbox_policy_base.cc
rename : security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.h => security/sandbox/win/src/sandbox_policy_base.h
rename : security/sandbox/chromium/sandbox/win/src/sandbox_types.h => security/sandbox/win/src/sandbox_types.h
rename : security/sandbox/chromium/sandbox/win/src/sandbox_utils.cc => security/sandbox/win/src/sandbox_utils.cc
rename : security/sandbox/chromium/sandbox/win/src/sandbox_utils.h => security/sandbox/win/src/sandbox_utils.h
rename : security/sandbox/chromium/sandbox/win/src/security_level.h => security/sandbox/win/src/security_level.h
rename : security/sandbox/chromium/sandbox/win/src/service_resolver.cc => security/sandbox/win/src/service_resolver.cc
rename : security/sandbox/chromium/sandbox/win/src/service_resolver.h => security/sandbox/win/src/service_resolver.h
rename : security/sandbox/chromium/sandbox/win/src/service_resolver_32.cc => security/sandbox/win/src/service_resolver_32.cc
rename : security/sandbox/chromium/sandbox/win/src/service_resolver_64.cc => security/sandbox/win/src/service_resolver_64.cc
rename : security/sandbox/chromium/sandbox/win/src/service_resolver_unittest.cc => security/sandbox/win/src/service_resolver_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/shared_handles.cc => security/sandbox/win/src/shared_handles.cc
rename : security/sandbox/chromium/sandbox/win/src/shared_handles.h => security/sandbox/win/src/shared_handles.h
rename : security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_client.cc => security/sandbox/win/src/sharedmem_ipc_client.cc
rename : security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_client.h => security/sandbox/win/src/sharedmem_ipc_client.h
rename : security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_server.cc => security/sandbox/win/src/sharedmem_ipc_server.cc
rename : security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_server.h => security/sandbox/win/src/sharedmem_ipc_server.h
rename : security/sandbox/chromium/sandbox/win/src/sid.cc => security/sandbox/win/src/sid.cc
rename : security/sandbox/chromium/sandbox/win/src/sid.h => security/sandbox/win/src/sid.h
rename : security/sandbox/chromium/sandbox/win/src/sid_unittest.cc => security/sandbox/win/src/sid_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/sidestep/ia32_modrm_map.cpp => security/sandbox/win/src/sidestep/ia32_modrm_map.cpp
rename : security/sandbox/chromium/sandbox/win/src/sidestep/ia32_opcode_map.cpp => security/sandbox/win/src/sidestep/ia32_opcode_map.cpp
rename : security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler.cpp => security/sandbox/win/src/sidestep/mini_disassembler.cpp
rename : security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler.h => security/sandbox/win/src/sidestep/mini_disassembler.h
rename : security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h => security/sandbox/win/src/sidestep/mini_disassembler_types.h
rename : security/sandbox/chromium/sandbox/win/src/sidestep/preamble_patcher.h => security/sandbox/win/src/sidestep/preamble_patcher.h
rename : security/sandbox/chromium/sandbox/win/src/sidestep/preamble_patcher_with_stub.cpp => security/sandbox/win/src/sidestep/preamble_patcher_with_stub.cpp
rename : security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc => security/sandbox/win/src/sidestep_resolver.cc
rename : security/sandbox/chromium/sandbox/win/src/sidestep_resolver.h => security/sandbox/win/src/sidestep_resolver.h
rename : security/sandbox/chromium/sandbox/win/src/sync_dispatcher.cc => security/sandbox/win/src/sync_dispatcher.cc
rename : security/sandbox/chromium/sandbox/win/src/sync_dispatcher.h => security/sandbox/win/src/sync_dispatcher.h
rename : security/sandbox/chromium/sandbox/win/src/sync_interception.cc => security/sandbox/win/src/sync_interception.cc
rename : security/sandbox/chromium/sandbox/win/src/sync_interception.h => security/sandbox/win/src/sync_interception.h
rename : security/sandbox/chromium/sandbox/win/src/sync_policy.cc => security/sandbox/win/src/sync_policy.cc
rename : security/sandbox/chromium/sandbox/win/src/sync_policy.h => security/sandbox/win/src/sync_policy.h
rename : security/sandbox/chromium/sandbox/win/src/sync_policy_test.cc => security/sandbox/win/src/sync_policy_test.cc
rename : security/sandbox/chromium/sandbox/win/src/sync_policy_test.h => security/sandbox/win/src/sync_policy_test.h
rename : security/sandbox/chromium/sandbox/win/src/target_interceptions.cc => security/sandbox/win/src/target_interceptions.cc
rename : security/sandbox/chromium/sandbox/win/src/target_interceptions.h => security/sandbox/win/src/target_interceptions.h
rename : security/sandbox/chromium/sandbox/win/src/target_process.cc => security/sandbox/win/src/target_process.cc
rename : security/sandbox/chromium/sandbox/win/src/target_process.h => security/sandbox/win/src/target_process.h
rename : security/sandbox/chromium/sandbox/win/src/target_services.cc => security/sandbox/win/src/target_services.cc
rename : security/sandbox/chromium/sandbox/win/src/target_services.h => security/sandbox/win/src/target_services.h
rename : security/sandbox/chromium/sandbox/win/src/threadpool_unittest.cc => security/sandbox/win/src/threadpool_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/unload_dll_test.cc => security/sandbox/win/src/unload_dll_test.cc
rename : security/sandbox/chromium/sandbox/win/src/win2k_threadpool.cc => security/sandbox/win/src/win2k_threadpool.cc
rename : security/sandbox/chromium/sandbox/win/src/win2k_threadpool.h => security/sandbox/win/src/win2k_threadpool.h
rename : security/sandbox/chromium/sandbox/win/src/win_utils.cc => security/sandbox/win/src/win_utils.cc
rename : security/sandbox/chromium/sandbox/win/src/win_utils.h => security/sandbox/win/src/win_utils.h
rename : security/sandbox/chromium/sandbox/win/src/win_utils_unittest.cc => security/sandbox/win/src/win_utils_unittest.cc
rename : security/sandbox/chromium/sandbox/win/src/window.cc => security/sandbox/win/src/window.cc
rename : security/sandbox/chromium/sandbox/win/src/window.h => security/sandbox/win/src/window.h
2015-01-22 10:24:57 +01:00
0399343229
Bug 1102213: Move security/sandbox/win/ into security/sandbox/chromium/sandbox/ r=ted
...
--HG--
rename : security/sandbox/win/src/Wow64.cc => security/sandbox/chromium/sandbox/win/src/Wow64.cc
rename : security/sandbox/win/src/Wow64.h => security/sandbox/chromium/sandbox/win/src/Wow64.h
rename : security/sandbox/win/src/Wow64_64.cc => security/sandbox/chromium/sandbox/win/src/Wow64_64.cc
rename : security/sandbox/win/src/acl.cc => security/sandbox/chromium/sandbox/win/src/acl.cc
rename : security/sandbox/win/src/acl.h => security/sandbox/chromium/sandbox/win/src/acl.h
rename : security/sandbox/win/src/app_container.cc => security/sandbox/chromium/sandbox/win/src/app_container.cc
rename : security/sandbox/win/src/app_container.h => security/sandbox/chromium/sandbox/win/src/app_container.h
rename : security/sandbox/win/src/app_container_test.cc => security/sandbox/chromium/sandbox/win/src/app_container_test.cc
rename : security/sandbox/win/src/app_container_unittest.cc => security/sandbox/chromium/sandbox/win/src/app_container_unittest.cc
rename : security/sandbox/win/src/broker_services.cc => security/sandbox/chromium/sandbox/win/src/broker_services.cc
rename : security/sandbox/win/src/broker_services.h => security/sandbox/chromium/sandbox/win/src/broker_services.h
rename : security/sandbox/win/src/crosscall_client.h => security/sandbox/chromium/sandbox/win/src/crosscall_client.h
rename : security/sandbox/win/src/crosscall_params.h => security/sandbox/chromium/sandbox/win/src/crosscall_params.h
rename : security/sandbox/win/src/crosscall_server.cc => security/sandbox/chromium/sandbox/win/src/crosscall_server.cc
rename : security/sandbox/win/src/crosscall_server.h => security/sandbox/chromium/sandbox/win/src/crosscall_server.h
rename : security/sandbox/win/src/eat_resolver.cc => security/sandbox/chromium/sandbox/win/src/eat_resolver.cc
rename : security/sandbox/win/src/eat_resolver.h => security/sandbox/chromium/sandbox/win/src/eat_resolver.h
rename : security/sandbox/win/src/file_policy_test.cc => security/sandbox/chromium/sandbox/win/src/file_policy_test.cc
rename : security/sandbox/win/src/filesystem_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/filesystem_dispatcher.cc
rename : security/sandbox/win/src/filesystem_dispatcher.h => security/sandbox/chromium/sandbox/win/src/filesystem_dispatcher.h
rename : security/sandbox/win/src/filesystem_interception.cc => security/sandbox/chromium/sandbox/win/src/filesystem_interception.cc
rename : security/sandbox/win/src/filesystem_interception.h => security/sandbox/chromium/sandbox/win/src/filesystem_interception.h
rename : security/sandbox/win/src/filesystem_policy.cc => security/sandbox/chromium/sandbox/win/src/filesystem_policy.cc
rename : security/sandbox/win/src/filesystem_policy.h => security/sandbox/chromium/sandbox/win/src/filesystem_policy.h
rename : security/sandbox/win/src/handle_closer.cc => security/sandbox/chromium/sandbox/win/src/handle_closer.cc
rename : security/sandbox/win/src/handle_closer.h => security/sandbox/chromium/sandbox/win/src/handle_closer.h
rename : security/sandbox/win/src/handle_closer_agent.cc => security/sandbox/chromium/sandbox/win/src/handle_closer_agent.cc
rename : security/sandbox/win/src/handle_closer_agent.h => security/sandbox/chromium/sandbox/win/src/handle_closer_agent.h
rename : security/sandbox/win/src/handle_closer_test.cc => security/sandbox/chromium/sandbox/win/src/handle_closer_test.cc
rename : security/sandbox/win/src/handle_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/handle_dispatcher.cc
rename : security/sandbox/win/src/handle_dispatcher.h => security/sandbox/chromium/sandbox/win/src/handle_dispatcher.h
rename : security/sandbox/win/src/handle_inheritance_test.cc => security/sandbox/chromium/sandbox/win/src/handle_inheritance_test.cc
rename : security/sandbox/win/src/handle_interception.cc => security/sandbox/chromium/sandbox/win/src/handle_interception.cc
rename : security/sandbox/win/src/handle_interception.h => security/sandbox/chromium/sandbox/win/src/handle_interception.h
rename : security/sandbox/win/src/handle_policy.cc => security/sandbox/chromium/sandbox/win/src/handle_policy.cc
rename : security/sandbox/win/src/handle_policy.h => security/sandbox/chromium/sandbox/win/src/handle_policy.h
rename : security/sandbox/win/src/handle_policy_test.cc => security/sandbox/chromium/sandbox/win/src/handle_policy_test.cc
rename : security/sandbox/win/src/handle_table.cc => security/sandbox/chromium/sandbox/win/src/handle_table.cc
rename : security/sandbox/win/src/handle_table.h => security/sandbox/chromium/sandbox/win/src/handle_table.h
rename : security/sandbox/win/src/integrity_level_test.cc => security/sandbox/chromium/sandbox/win/src/integrity_level_test.cc
rename : security/sandbox/win/src/interception.cc => security/sandbox/chromium/sandbox/win/src/interception.cc
rename : security/sandbox/win/src/interception.h => security/sandbox/chromium/sandbox/win/src/interception.h
rename : security/sandbox/win/src/interception_agent.cc => security/sandbox/chromium/sandbox/win/src/interception_agent.cc
rename : security/sandbox/win/src/interception_agent.h => security/sandbox/chromium/sandbox/win/src/interception_agent.h
rename : security/sandbox/win/src/interception_internal.h => security/sandbox/chromium/sandbox/win/src/interception_internal.h
rename : security/sandbox/win/src/interception_unittest.cc => security/sandbox/chromium/sandbox/win/src/interception_unittest.cc
rename : security/sandbox/win/src/interceptors.h => security/sandbox/chromium/sandbox/win/src/interceptors.h
rename : security/sandbox/win/src/interceptors_64.cc => security/sandbox/chromium/sandbox/win/src/interceptors_64.cc
rename : security/sandbox/win/src/interceptors_64.h => security/sandbox/chromium/sandbox/win/src/interceptors_64.h
rename : security/sandbox/win/src/internal_types.h => security/sandbox/chromium/sandbox/win/src/internal_types.h
rename : security/sandbox/win/src/ipc_ping_test.cc => security/sandbox/chromium/sandbox/win/src/ipc_ping_test.cc
rename : security/sandbox/win/src/ipc_tags.h => security/sandbox/chromium/sandbox/win/src/ipc_tags.h
rename : security/sandbox/win/src/ipc_unittest.cc => security/sandbox/chromium/sandbox/win/src/ipc_unittest.cc
rename : security/sandbox/win/src/job.cc => security/sandbox/chromium/sandbox/win/src/job.cc
rename : security/sandbox/win/src/job.h => security/sandbox/chromium/sandbox/win/src/job.h
rename : security/sandbox/win/src/job_unittest.cc => security/sandbox/chromium/sandbox/win/src/job_unittest.cc
rename : security/sandbox/win/src/named_pipe_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/named_pipe_dispatcher.cc
rename : security/sandbox/win/src/named_pipe_dispatcher.h => security/sandbox/chromium/sandbox/win/src/named_pipe_dispatcher.h
rename : security/sandbox/win/src/named_pipe_interception.cc => security/sandbox/chromium/sandbox/win/src/named_pipe_interception.cc
rename : security/sandbox/win/src/named_pipe_interception.h => security/sandbox/chromium/sandbox/win/src/named_pipe_interception.h
rename : security/sandbox/win/src/named_pipe_policy.cc => security/sandbox/chromium/sandbox/win/src/named_pipe_policy.cc
rename : security/sandbox/win/src/named_pipe_policy.h => security/sandbox/chromium/sandbox/win/src/named_pipe_policy.h
rename : security/sandbox/win/src/named_pipe_policy_test.cc => security/sandbox/chromium/sandbox/win/src/named_pipe_policy_test.cc
rename : security/sandbox/win/src/nt_internals.h => security/sandbox/chromium/sandbox/win/src/nt_internals.h
rename : security/sandbox/win/src/policy_broker.cc => security/sandbox/chromium/sandbox/win/src/policy_broker.cc
rename : security/sandbox/win/src/policy_broker.h => security/sandbox/chromium/sandbox/win/src/policy_broker.h
rename : security/sandbox/win/src/policy_engine_opcodes.cc => security/sandbox/chromium/sandbox/win/src/policy_engine_opcodes.cc
rename : security/sandbox/win/src/policy_engine_opcodes.h => security/sandbox/chromium/sandbox/win/src/policy_engine_opcodes.h
rename : security/sandbox/win/src/policy_engine_params.h => security/sandbox/chromium/sandbox/win/src/policy_engine_params.h
rename : security/sandbox/win/src/policy_engine_processor.cc => security/sandbox/chromium/sandbox/win/src/policy_engine_processor.cc
rename : security/sandbox/win/src/policy_engine_processor.h => security/sandbox/chromium/sandbox/win/src/policy_engine_processor.h
rename : security/sandbox/win/src/policy_engine_unittest.cc => security/sandbox/chromium/sandbox/win/src/policy_engine_unittest.cc
rename : security/sandbox/win/src/policy_low_level.cc => security/sandbox/chromium/sandbox/win/src/policy_low_level.cc
rename : security/sandbox/win/src/policy_low_level.h => security/sandbox/chromium/sandbox/win/src/policy_low_level.h
rename : security/sandbox/win/src/policy_low_level_unittest.cc => security/sandbox/chromium/sandbox/win/src/policy_low_level_unittest.cc
rename : security/sandbox/win/src/policy_opcodes_unittest.cc => security/sandbox/chromium/sandbox/win/src/policy_opcodes_unittest.cc
rename : security/sandbox/win/src/policy_params.h => security/sandbox/chromium/sandbox/win/src/policy_params.h
rename : security/sandbox/win/src/policy_target.cc => security/sandbox/chromium/sandbox/win/src/policy_target.cc
rename : security/sandbox/win/src/policy_target.h => security/sandbox/chromium/sandbox/win/src/policy_target.h
rename : security/sandbox/win/src/policy_target_test.cc => security/sandbox/chromium/sandbox/win/src/policy_target_test.cc
rename : security/sandbox/win/src/process_mitigations.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations.cc
rename : security/sandbox/win/src/process_mitigations.h => security/sandbox/chromium/sandbox/win/src/process_mitigations.h
rename : security/sandbox/win/src/process_mitigations_test.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations_test.cc
rename : security/sandbox/win/src/process_mitigations_win32k_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_dispatcher.cc
rename : security/sandbox/win/src/process_mitigations_win32k_dispatcher.h => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_dispatcher.h
rename : security/sandbox/win/src/process_mitigations_win32k_interception.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_interception.cc
rename : security/sandbox/win/src/process_mitigations_win32k_interception.h => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_interception.h
rename : security/sandbox/win/src/process_mitigations_win32k_policy.cc => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_policy.cc
rename : security/sandbox/win/src/process_mitigations_win32k_policy.h => security/sandbox/chromium/sandbox/win/src/process_mitigations_win32k_policy.h
rename : security/sandbox/win/src/process_policy_test.cc => security/sandbox/chromium/sandbox/win/src/process_policy_test.cc
rename : security/sandbox/win/src/process_thread_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/process_thread_dispatcher.cc
rename : security/sandbox/win/src/process_thread_dispatcher.h => security/sandbox/chromium/sandbox/win/src/process_thread_dispatcher.h
rename : security/sandbox/win/src/process_thread_interception.cc => security/sandbox/chromium/sandbox/win/src/process_thread_interception.cc
rename : security/sandbox/win/src/process_thread_interception.h => security/sandbox/chromium/sandbox/win/src/process_thread_interception.h
rename : security/sandbox/win/src/process_thread_policy.cc => security/sandbox/chromium/sandbox/win/src/process_thread_policy.cc
rename : security/sandbox/win/src/process_thread_policy.h => security/sandbox/chromium/sandbox/win/src/process_thread_policy.h
rename : security/sandbox/win/src/registry_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/registry_dispatcher.cc
rename : security/sandbox/win/src/registry_dispatcher.h => security/sandbox/chromium/sandbox/win/src/registry_dispatcher.h
rename : security/sandbox/win/src/registry_interception.cc => security/sandbox/chromium/sandbox/win/src/registry_interception.cc
rename : security/sandbox/win/src/registry_interception.h => security/sandbox/chromium/sandbox/win/src/registry_interception.h
rename : security/sandbox/win/src/registry_policy.cc => security/sandbox/chromium/sandbox/win/src/registry_policy.cc
rename : security/sandbox/win/src/registry_policy.h => security/sandbox/chromium/sandbox/win/src/registry_policy.h
rename : security/sandbox/win/src/registry_policy_test.cc => security/sandbox/chromium/sandbox/win/src/registry_policy_test.cc
rename : security/sandbox/win/src/resolver.cc => security/sandbox/chromium/sandbox/win/src/resolver.cc
rename : security/sandbox/win/src/resolver.h => security/sandbox/chromium/sandbox/win/src/resolver.h
rename : security/sandbox/win/src/resolver_32.cc => security/sandbox/chromium/sandbox/win/src/resolver_32.cc
rename : security/sandbox/win/src/resolver_64.cc => security/sandbox/chromium/sandbox/win/src/resolver_64.cc
rename : security/sandbox/win/src/restricted_token.cc => security/sandbox/chromium/sandbox/win/src/restricted_token.cc
rename : security/sandbox/win/src/restricted_token.h => security/sandbox/chromium/sandbox/win/src/restricted_token.h
rename : security/sandbox/win/src/restricted_token_unittest.cc => security/sandbox/chromium/sandbox/win/src/restricted_token_unittest.cc
rename : security/sandbox/win/src/restricted_token_utils.cc => security/sandbox/chromium/sandbox/win/src/restricted_token_utils.cc
rename : security/sandbox/win/src/restricted_token_utils.h => security/sandbox/chromium/sandbox/win/src/restricted_token_utils.h
rename : security/sandbox/win/src/sandbox.cc => security/sandbox/chromium/sandbox/win/src/sandbox.cc
rename : security/sandbox/win/src/sandbox.h => security/sandbox/chromium/sandbox/win/src/sandbox.h
rename : security/sandbox/win/src/sandbox.vcproj => security/sandbox/chromium/sandbox/win/src/sandbox.vcproj
rename : security/sandbox/win/src/sandbox_factory.h => security/sandbox/chromium/sandbox/win/src/sandbox_factory.h
rename : security/sandbox/win/src/sandbox_globals.cc => security/sandbox/chromium/sandbox/win/src/sandbox_globals.cc
rename : security/sandbox/win/src/sandbox_nt_types.h => security/sandbox/chromium/sandbox/win/src/sandbox_nt_types.h
rename : security/sandbox/win/src/sandbox_nt_util.cc => security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.cc
rename : security/sandbox/win/src/sandbox_nt_util.h => security/sandbox/chromium/sandbox/win/src/sandbox_nt_util.h
rename : security/sandbox/win/src/sandbox_policy.h => security/sandbox/chromium/sandbox/win/src/sandbox_policy.h
rename : security/sandbox/win/src/sandbox_policy_base.cc => security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.cc
rename : security/sandbox/win/src/sandbox_policy_base.h => security/sandbox/chromium/sandbox/win/src/sandbox_policy_base.h
rename : security/sandbox/win/src/sandbox_types.h => security/sandbox/chromium/sandbox/win/src/sandbox_types.h
rename : security/sandbox/win/src/sandbox_utils.cc => security/sandbox/chromium/sandbox/win/src/sandbox_utils.cc
rename : security/sandbox/win/src/sandbox_utils.h => security/sandbox/chromium/sandbox/win/src/sandbox_utils.h
rename : security/sandbox/win/src/security_level.h => security/sandbox/chromium/sandbox/win/src/security_level.h
rename : security/sandbox/win/src/service_resolver.cc => security/sandbox/chromium/sandbox/win/src/service_resolver.cc
rename : security/sandbox/win/src/service_resolver.h => security/sandbox/chromium/sandbox/win/src/service_resolver.h
rename : security/sandbox/win/src/service_resolver_32.cc => security/sandbox/chromium/sandbox/win/src/service_resolver_32.cc
rename : security/sandbox/win/src/service_resolver_64.cc => security/sandbox/chromium/sandbox/win/src/service_resolver_64.cc
rename : security/sandbox/win/src/service_resolver_unittest.cc => security/sandbox/chromium/sandbox/win/src/service_resolver_unittest.cc
rename : security/sandbox/win/src/shared_handles.cc => security/sandbox/chromium/sandbox/win/src/shared_handles.cc
rename : security/sandbox/win/src/shared_handles.h => security/sandbox/chromium/sandbox/win/src/shared_handles.h
rename : security/sandbox/win/src/sharedmem_ipc_client.cc => security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_client.cc
rename : security/sandbox/win/src/sharedmem_ipc_client.h => security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_client.h
rename : security/sandbox/win/src/sharedmem_ipc_server.cc => security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_server.cc
rename : security/sandbox/win/src/sharedmem_ipc_server.h => security/sandbox/chromium/sandbox/win/src/sharedmem_ipc_server.h
rename : security/sandbox/win/src/sid.cc => security/sandbox/chromium/sandbox/win/src/sid.cc
rename : security/sandbox/win/src/sid.h => security/sandbox/chromium/sandbox/win/src/sid.h
rename : security/sandbox/win/src/sid_unittest.cc => security/sandbox/chromium/sandbox/win/src/sid_unittest.cc
rename : security/sandbox/win/src/sidestep/ia32_modrm_map.cpp => security/sandbox/chromium/sandbox/win/src/sidestep/ia32_modrm_map.cpp
rename : security/sandbox/win/src/sidestep/ia32_opcode_map.cpp => security/sandbox/chromium/sandbox/win/src/sidestep/ia32_opcode_map.cpp
rename : security/sandbox/win/src/sidestep/mini_disassembler.cpp => security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler.cpp
rename : security/sandbox/win/src/sidestep/mini_disassembler.h => security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler.h
rename : security/sandbox/win/src/sidestep/mini_disassembler_types.h => security/sandbox/chromium/sandbox/win/src/sidestep/mini_disassembler_types.h
rename : security/sandbox/win/src/sidestep/preamble_patcher.h => security/sandbox/chromium/sandbox/win/src/sidestep/preamble_patcher.h
rename : security/sandbox/win/src/sidestep/preamble_patcher_with_stub.cpp => security/sandbox/chromium/sandbox/win/src/sidestep/preamble_patcher_with_stub.cpp
rename : security/sandbox/win/src/sidestep_resolver.cc => security/sandbox/chromium/sandbox/win/src/sidestep_resolver.cc
rename : security/sandbox/win/src/sidestep_resolver.h => security/sandbox/chromium/sandbox/win/src/sidestep_resolver.h
rename : security/sandbox/win/src/sync_dispatcher.cc => security/sandbox/chromium/sandbox/win/src/sync_dispatcher.cc
rename : security/sandbox/win/src/sync_dispatcher.h => security/sandbox/chromium/sandbox/win/src/sync_dispatcher.h
rename : security/sandbox/win/src/sync_interception.cc => security/sandbox/chromium/sandbox/win/src/sync_interception.cc
rename : security/sandbox/win/src/sync_interception.h => security/sandbox/chromium/sandbox/win/src/sync_interception.h
rename : security/sandbox/win/src/sync_policy.cc => security/sandbox/chromium/sandbox/win/src/sync_policy.cc
rename : security/sandbox/win/src/sync_policy.h => security/sandbox/chromium/sandbox/win/src/sync_policy.h
rename : security/sandbox/win/src/sync_policy_test.cc => security/sandbox/chromium/sandbox/win/src/sync_policy_test.cc
rename : security/sandbox/win/src/sync_policy_test.h => security/sandbox/chromium/sandbox/win/src/sync_policy_test.h
rename : security/sandbox/win/src/target_interceptions.cc => security/sandbox/chromium/sandbox/win/src/target_interceptions.cc
rename : security/sandbox/win/src/target_interceptions.h => security/sandbox/chromium/sandbox/win/src/target_interceptions.h
rename : security/sandbox/win/src/target_process.cc => security/sandbox/chromium/sandbox/win/src/target_process.cc
rename : security/sandbox/win/src/target_process.h => security/sandbox/chromium/sandbox/win/src/target_process.h
rename : security/sandbox/win/src/target_services.cc => security/sandbox/chromium/sandbox/win/src/target_services.cc
rename : security/sandbox/win/src/target_services.h => security/sandbox/chromium/sandbox/win/src/target_services.h
rename : security/sandbox/win/src/threadpool_unittest.cc => security/sandbox/chromium/sandbox/win/src/threadpool_unittest.cc
rename : security/sandbox/win/src/unload_dll_test.cc => security/sandbox/chromium/sandbox/win/src/unload_dll_test.cc
rename : security/sandbox/win/src/win2k_threadpool.cc => security/sandbox/chromium/sandbox/win/src/win2k_threadpool.cc
rename : security/sandbox/win/src/win2k_threadpool.h => security/sandbox/chromium/sandbox/win/src/win2k_threadpool.h
rename : security/sandbox/win/src/win_utils.cc => security/sandbox/chromium/sandbox/win/src/win_utils.cc
rename : security/sandbox/win/src/win_utils.h => security/sandbox/chromium/sandbox/win/src/win_utils.h
rename : security/sandbox/win/src/win_utils_unittest.cc => security/sandbox/chromium/sandbox/win/src/win_utils_unittest.cc
rename : security/sandbox/win/src/window.cc => security/sandbox/chromium/sandbox/win/src/window.cc
rename : security/sandbox/win/src/window.h => security/sandbox/chromium/sandbox/win/src/window.h
2015-01-22 08:37:31 +00:00
ec569fff70
Bug 1102215: Move security/sandbox/chromium/base/shim/ to new directory security/sandbox/chromium-shim/ r=ted
...
--HG--
rename : security/sandbox/chromium/base/shim/base/gtest_prod_util.h => security/sandbox/chromium-shim/base/gtest_prod_util.h
rename : security/sandbox/chromium/base/shim/base/logging.cpp => security/sandbox/chromium-shim/base/logging.cpp
rename : security/sandbox/chromium/base/shim/base/strings/string_piece.h => security/sandbox/chromium-shim/base/strings/string_piece.h
rename : security/sandbox/chromium/base/shim/base/third_party/nspr/prtime.h => security/sandbox/chromium-shim/base/third_party/nspr/prtime.h
rename : security/sandbox/chromium/base/shim/base/third_party/nspr/prtypes.h => security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h
rename : security/sandbox/chromium/base/shim/base/threading/thread_local_storage.h => security/sandbox/chromium-shim/base/threading/thread_local_storage.h
rename : security/sandbox/chromium/base/shim/base/tracked_objects.h => security/sandbox/chromium-shim/base/tracked_objects.h
rename : security/sandbox/chromium/base/shim/base/win/registry.h => security/sandbox/chromium-shim/base/win/registry.h
rename : security/sandbox/chromium/base/shim/sdkdecls.h => security/sandbox/chromium-shim/base/win/sdkdecls.h
rename : security/sandbox/win/src/logging/loggingCallbacks.h => security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h
rename : security/sandbox/win/src/logging/loggingTypes.h => security/sandbox/chromium-shim/sandbox/win/loggingTypes.h
rename : security/sandbox/win/src/logging/sandboxLogging.cpp => security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp
rename : security/sandbox/win/src/logging/sandboxLogging.h => security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h
2015-01-22 08:37:30 +00:00
2b11d85b9b
Bug 1102211: Move security/sandbox/build/ into security/sandbox/chromium/ r=ted
...
--HG--
rename : security/sandbox/build/build_config.h => security/sandbox/chromium/build/build_config.h
rename : security/sandbox/chromium-commit-status.txt => security/sandbox/moz-chromium-commit-status.txt
2015-01-22 08:37:30 +00:00
8c9dd30f1f
Bug 1121479 Part 4: Turn on DLL_SEARCH_ORDER process-level mitigation for the GMP sandbox. r=tabraldes
2015-01-21 07:59:56 +00:00
86b8e2d513
Bug 1121479 Part 3: Turn on HEAP_TERMINATE process-level mitigation for the GMP sandbox. r=tabraldes
2015-01-21 07:59:56 +00:00
b7d1421bfb
Bug 1121479 Part 2: Turn on SEHOP process-level mitigation for the GMP sandbox. r=tabraldes
2015-01-21 07:59:56 +00:00
ac6485a47e
Bug 1121479 Part 1: Turn on DEP process-level mitigation for the GMP sandbox. r=tabraldes
2015-01-21 07:59:56 +00:00
7f02c207f4
Bug 1119072, Part 6: Change a non-conforming usage of a const value type to a non-const value type, which VS2015 rightly rejects, r=bobowencode
...
--HG--
extra : rebase_source : 6c8c669d061eb3a107821b23829cd5d029e3eb2b
2015-01-07 23:28:51 -08:00
83bbd634d6
Bug 1119072, Part 3(b): Silence warning about deprecated use of hash_set and hash_map in security/sandbox, r=jld
...
--HG--
extra : rebase_source : f3e4acd7c2a63566c526a52b339a8d1c325a14d7
2015-01-12 19:58:43 -08:00
bf312ad056
Bug 1120062 - Part 1: Remove most Nullptr.h includes. r=waldo
2015-01-11 11:34:52 +09:00
08e140cb0d
Bug 1110760 - Build and Package Chromium Sandbox wow_helper. r=gps
2015-01-08 10:44:41 +09:00
d4e8fd3af2
Bug 1110760 - Increase the chances of the wow_helper target code symbols being in the assumed order. r=aklotz
2015-01-08 10:44:41 +09:00
cc298a9892
Bug 1110760 - Import Chromium Sandbox wow_helper code. r=aklotz
2015-01-08 10:44:40 +09:00
f8c3848cd7
Bug 1117611 - Fix shadowed variable in SandboxBroker::SetSecurityLevelForContentProcess(). r=bobowen.
...
--HG--
extra : rebase_source : 29f25cc34bd5f66bac2454c30613344fb63a92b5
2015-01-05 15:54:22 -08:00
b2ba6d9ceb
bug 1102277 - Update seccomp filter for newer bionic. r=jld
2014-11-21 01:07:15 +08:00
344f6abf7b
Bug 1093334 - Delete unnecessary copies of Chromium headers in security/sandbox/linux. r=kang
2014-12-10 17:26:12 -08:00
c2384cf7c7
Bug 1093334 - Adjust includes of Linux sandboxing headers from Chromium. r=kang
...
Also re-sorts some of the includes into something closer to the style guide.
2014-12-10 17:26:12 -08:00
30e88baa98
Bug 1093334 - Import more headers from Chromium rev 9522fad406dd161400daa518075828e47bd47f60. r=kang
2014-12-10 17:26:12 -08:00
30ba635db0
Bug 1102209 - Remove use of CodeGen::JoinInstructions in the Linux sandboxing code. r=kang
...
This reorganizes SandboxAssembler to stack up the policy rules and
traverse them in reverse order to build the filter DAG from tail to head
(i.e., starting with "deny all" and prepending allow and return-errno
rules). Thus, this code will continue to work (perhaps with minor
changes, such as to the NodePtr typedef) with future versions of the
Chromium sandbox code that don't allow mutating the filter program with
the JoinInstructions method.
2014-12-10 17:26:12 -08:00
114cf4fb41
Bug 1108759 - Fix B2G no-optimization builds. r=glandium
2014-12-10 16:17:47 -08:00
529edd40b5
Merge inbound to m-c. a=merge
2014-12-08 15:46:14 -05:00
56bf9455a1
Bug 1105452 - Need to use new Audio system APIs for audio offload playback. r=roc, r=jld, r=ggrisco
...
Resolve the build failure caused by API changes
There are some changes in Audio APIs in Android version
21. Modifying the code to use the new APIs.
Change-Id: I24fdeb20f8f957d05fb6c0c317de0a6f0769c347
Resolve seccomp violation caused by syscall 256
Modify the filter to allow syscall 256 (set_tid_address).
Change-Id: I49461770c4c5e70bf68462d34321381b0b7ead0a
2014-12-02 17:10:00 -05:00
08c8931f01
Bug 1083284 - New sandbox rules for Adobe's code fragment. r=areinald
2014-12-08 12:10:14 -06:00
e4d5592832
Bug 1105729: Pre VS2010 SP1 define our own verion of _xgetbv. r=tabraldes
2014-11-28 18:58:33 +00:00
986cd576ef
Bug 1094667: Use the USER_NON_ADMIN access token by default for the Windows content sandbox. r=tabraldes
2014-11-29 17:12:18 +00:00
ba7a2fa911
Bug 928044 Part 3: Add logging changes back into the Chromium interception code. r=tabraldes
2014-11-29 17:12:18 +00:00
b539721eb8
Bug 928044 Part 2: Enable the content sandbox by default on Windows with an open policy. r=tabraldes,glandium,jimm
...
--HG--
rename : security/sandbox/win/src/warnonlysandbox/wosCallbacks.h => security/sandbox/win/src/logging/loggingCallbacks.h
rename : security/sandbox/win/src/warnonlysandbox/wosTypes.h => security/sandbox/win/src/logging/loggingTypes.h
rename : security/sandbox/win/src/warnonlysandbox/warnOnlySandbox.cpp => security/sandbox/win/src/logging/sandboxLogging.cpp
rename : security/sandbox/win/src/warnonlysandbox/warnOnlySandbox.h => security/sandbox/win/src/logging/sandboxLogging.h
2014-11-29 17:12:18 +00:00
888a5871f3
Bug 928044 Part 1: Remove Chromium interception logging changes. r=tabraldes
2014-11-29 17:12:17 +00:00
c0ebc7a31b
Bug 1027902: Use an intial integrity level of low for the GMP sandbox on Windows. r=tabraldes
2014-11-27 08:44:45 +00:00
2a1adf9b3e
Bug 1041775 Part 3: Re-apply pre-vista stdout/err process inheritance change to Chromium code after merge. r=tabraldes
...
Originally landed as changsets:
https://hg.mozilla.org/mozilla-central/rev/f94a07671389
2014-11-18 15:11:47 +00:00
44cdc5f024
Bug 1041775 Part 2: Re-apply warn only sandbox changes to Chromium code after merge. r=tabraldes
...
Originally landed as changsets:
https://hg.mozilla.org/mozilla-central/rev/e7eef85c1b0a
https://hg.mozilla.org/mozilla-central/rev/8d0aca89e1b2
2014-11-18 15:09:55 +00:00
ba0931eb1d
Bug 1041775 Part 1: Update Chromium sandbox code to commit 9522fad406dd161400daa518075828e47bd47f60. r=jld,aklotz,glandium
...
--HG--
rename : security/sandbox/chromium/sandbox/linux/sandbox_export.h => security/sandbox/chromium/sandbox/sandbox_export.h
2014-11-18 13:48:21 +00:00
1b16fc180f
Bug 1101170 - Move Linux sandbox code into plugin-container on desktop. r=kang r=glandium
...
Specifically:
* SandboxCrash() uses internal Gecko interfaces, so stays in libxul.
* SandboxInfo moves to libxul from libmozsandbox, which no longer exists.
* Where libxul calls Set*Sandbox(), it uses weak symbols.
* Everything remains as it was on mobile.
2014-11-24 15:22:13 -08:00
Julian Hector
Jed Davis
Carsten "Tomcat" Book
Gian-Carlo Pascutto
Thomas Zimmermann
Sebastian Hengst
Bob Owen
Haik Aftandilian
Gabor Krizsanits
Ryan VanderMeulen
Alexandre Lissy
Ralph Giles
Chris Peterson
Nicholas Nethercote
Chris Pearce
Gregory Szorc
Boris Zbarsky
Daniel Holbert
Ehsan Akhgari
Sylvestre Ledru
Birunthan Mohanathas
Steven Michaud
Makoto Kato
Felix Janda
Wes Kocher
Juan Gomez
Benoit Girard
Mike Hommey
David Major
André Reinald
Edwin Flores
Brian Smith
Masatoshi Kimura
Kai-Zhen Li
Jay Wang