5b6073d494
Bug 1385715 - Add support for WebGL on NVIDIA PRIME. r=jld
...
MozReview-Commit-ID: 6hXLXgNdVti
--HG--
extra : rebase_source : 14917cd11f97f41f46c6d6b42cea2ecb4162293a
2017-08-02 12:02:16 +02:00
5bfd2b1cc1
Bug 1385253 - Whitelist main NixOS data store directory. r=jld
...
MozReview-Commit-ID: 2aDBSAOrbv6
--HG--
extra : rebase_source : fa8e7fee91b2688fcaa94851e1820deca1c21277
2017-08-02 11:51:12 +02:00
baf6cddc4c
Merge inbound to central, a=merge
...
MozReview-Commit-ID: 9NFjSEt96iT
2017-08-02 17:11:51 -07:00
8f357724e0
Bug 1385891 - Whitelist extensions dir in the profile. r=jld
...
MozReview-Commit-ID: 7wpVmqs6Y1X
--HG--
extra : rebase_source : 8b168e291469efb3afb90754a2833c07dd815e9f
extra : histedit_source : 7c259145efbf7cb21688d3580f74b216bb972e63
2017-07-31 18:19:26 +02:00
0d8bd27705
Bug 1384483 - Allow reading userContent.css in the sandbox. r=jld
...
MozReview-Commit-ID: A43RY1J95VF
--HG--
extra : rebase_source : 0c8355b34e79d8b0f4ec744a6f2b8b4414e0ab5c
extra : histedit_source : 6ddf29193d5a8b26e50a6a5b8e885caeff366033
2017-07-31 17:58:19 +02:00
08e54b7c13
Bug 1384819 (part 1) - Split MozStackWalk(). r=glandium.
...
MozStackWalk() is different on Windows to the other platforms. It has two extra
arguments, which can be used to walk the stack of a different thread.
This patch makes those differences clearer. Instead of having a single function
and forbidding those two arguments on non-Windows, it removes those arguments
from MozStackWalk, and splits off MozStackWalkThread() which retains them. This
also allows those arguments to have more appropriate types (HANDLE instead of
uintptr_t; CONTEXT* instead of than void*) and names (aContext instead of
aPlatformData).
The patch also removes unnecessary reinterpret_casts for the aClosure argument
at a couple of MozStackWalk() callsites.
--HG--
extra : rebase_source : 111ab7d6426d7be921facc2264f6db86c501d127
2017-07-27 12:46:47 +10:00
094c496d8d
Backed out 2 changesets (bug 1384986) for failures in browser_content_sandbox_fs.js a=backout
...
Backed out changeset 23dae62b5ece (bug 1384986)
Backed out changeset 60408af056d9 (bug 1384986)
MozReview-Commit-ID: gru7nyixFG
2017-08-01 18:17:48 -07:00
26e4446a5b
Bug 1384986 - Fix PulseAudio breakage caused by read restrictions. r=gcp
...
MozReview-Commit-ID: 518mslh9xy
--HG--
extra : rebase_source : fe5c8abda549f62f1dc20f6942ad877b0d1ecd75
2017-07-27 12:41:22 -06:00
34c347eb14
Bug 1384986 - Fix DConf breakage caused by read restrictions. r=gcp
...
MozReview-Commit-ID: GKTBPtAea5J
--HG--
extra : rebase_source : 9f0a85bddfcfe9a31364ee2e63f768eaddc52ce0
2017-07-27 11:32:09 -06:00
347f03dad0
Bug 1384306 - Allow SOCK_CLOEXEC in socketpair(). r=gcp
...
MozReview-Commit-ID: 45LJiUxZeg6
--HG--
extra : rebase_source : 234d542fea3e85ca521f23256dceee7fab6108a3
2017-07-27 15:27:06 -06:00
72c884bf74
Bug 1384835 (part 3, attempt 2) - Remove the Preferences::Get*CString() variants that return nsAdoptingCString. r=froydnj.
...
--HG--
extra : rebase_source : d317b25be2ec21d1a60d25da3689e46cdce0b649
2017-07-31 14:28:48 +10:00
4d4fefbd12
Bug 1384718 - Add sandbox rules for Mesa 17.1 driver loader. r=gcp
2017-07-29 13:05:55 -04:00
744a0a216b
Backed out changeset ef5feef07bed (bug 1384835)
2017-07-28 10:29:24 +02:00
200d8ec18b
Bug 1384835 (part 3) - Remove the Preferences::Get*CString() variants that return nsAdoptingCString. r=froydnj.
...
This is similar like the previous patch, but for the 8-bit string variants.
Also, it changes assignment to Adopt() in GetCString() and GetDefaultCString()
to avoid an extra copy.
--HG--
extra : rebase_source : eba805c3a7b809d5ccd6e853b1c9010db9477667
2017-07-27 16:45:10 +10:00
709a96c2ee
Backed out 3 changesets (bug 1383007, bug 1376910)
...
Backed out changeset 394b3d22db19 (bug 1383007)
Backed out changeset 17e2e2aa8f56 (bug 1376910)
Backed out changeset d11cd5c3fc6f (bug 1376910)
2017-07-26 12:50:28 -06:00
7ee246522d
Bug 1308400 - Report failures in file processes too. r=jld
...
MozReview-Commit-ID: 549WuWKaJeM
--HG--
extra : rebase_source : 22d6348e602f2ceae546502fa0050ab0960ec075
2017-07-10 20:20:49 +02:00
d791c78487
Bug 1308400 - Symlink handling for read brokering. r=jld
...
MozReview-Commit-ID: BP1gFdDbqXD
--HG--
extra : rebase_source : 5db26ad21e40ab19228ac8a978215b97cf8b3b28
2017-07-06 15:31:13 +02:00
8bc55108f2
Bug 1308400 - Support file process, whitelist path prefs. r=jld
...
MozReview-Commit-ID: 3eX06AioPZL
--HG--
extra : rebase_source : 56bcfaad3360fe92ce605a0413bb3a9cacb4446d
2017-07-24 16:32:22 +02:00
6202d4908b
Bug 1383007 - Move the declaration in the #ifdef declaration to silent a warning r=jld
...
Otherwise, a warning is triggered because the statement will never be executed [-
Found with -Wswitch-unreachable with gcc 7
MozReview-Commit-ID: FVStzyFlhJp
--HG--
extra : rebase_source : 1db87153c3e7dcde8d5a9e0f1f0ff607307c9ca2
2017-07-21 23:28:47 +02:00
ff8375cf2e
Bug 1382099 - Remove MOZ_WIDGET_GONK from security/. r=jld.
...
--HG--
extra : rebase_source : 8027baf7a24e5e0d91a175ab38614594c143767b
2017-07-21 10:45:42 +10:00
4634e2a332
Bug 1376910 - Unshare the SysV IPC namespace in content processes. r=gcp
...
MozReview-Commit-ID: 1Uajj68rEuC
--HG--
extra : rebase_source : 5a6c86a104911146cfb56243dec8016fca536dc3
2017-06-28 07:11:55 -07:00
99611dd25e
Bug 1376910 - Block syscalls for SysV IPC in content processes. r=gcp
...
MozReview-Commit-ID: 9XCYBU07T29
--HG--
extra : rebase_source : 2390164a217a71f1ac0a9102e8a023c07b15eee7
2017-06-28 06:33:53 -07:00
0de50c4f7c
Bug 1376653 - Fix handling of architecture differences for getdents. r=gcp
...
MozReview-Commit-ID: ArGStWwkJAg
--HG--
extra : rebase_source : 27f97df93bff744607e60bf61c8b71431861b025
2017-07-11 17:03:06 -06:00
bbcc5a0f24
Bug 1376653 - Unconditionalize the tkill() polyfill. r=gcp
...
MozReview-Commit-ID: JzLWCRQ9Keg
--HG--
extra : rebase_source : ff038fd9e1a4ec8047c3a00619a97464778d7c2a
2017-07-11 16:59:48 -06:00
89b65b175e
Bug 1376653 - Loosen restrictions on clone flags for musl. r=gcp
...
I've made this non-ifdef'ed, and removed currently unused ifdef'ed cases
for old Android versions, because I'd rather have less code that we're
not even compile-testing than save a few cycles on a non-critical path.
MozReview-Commit-ID: B4Wn1elyK4f
--HG--
extra : rebase_source : f12ef40b325432a6aafe961095e5af64fc5a1a9a
2017-07-11 14:23:27 -06:00
1a4ac1cd36
Bug 1372428 - Extend file pre-opening for sandboxed media plugins. r=gcp
...
MozReview-Commit-ID: JoyYocxnk94
2017-07-07 08:58:50 -06:00
1bc1050e9e
Bug 1372428 - Deal with fcntl() in media plugins. r=gcp
...
MozReview-Commit-ID: 9kBowGtSPYO
2017-07-07 08:58:45 -06:00
b2df5f5afd
Bug 1372428 - Deal with uname() in media plugins. r=gcp
...
MozReview-Commit-ID: JVzjs80Yuex
2017-07-07 08:58:33 -06:00
09971ac7d3
Bug 1376643 - Use 'override' and '= default' on applicable methods in security/sandbox/. r=gcp
2017-06-27 17:57:00 +02:00
df076300b1
Bug 1376643 - Use 'nullptr' where applicable in security/sandbox/. r=gcp
2017-06-27 17:56:00 +02:00
7918eeee02
merge mozilla-inbound to mozilla-central a=merge
2017-06-28 13:23:29 +02:00
8e5d5bda0f
Bug 1362537 - Re-disallow accept4 in Linux content processes. r=gcp
...
MozReview-Commit-ID: Gml8lR1Heu1
--HG--
extra : rebase_source : 6b466f887bd1802277a506295a9c6cc575196385
2017-06-27 14:52:25 -07:00
f2e7c8b77a
Bug 1374281. r=jld
...
MozReview-Commit-ID: Ko5m5i4Wkd6
--HG--
extra : rebase_source : 3076315ef3639a89f752addbb01d5d08a9c2db75
2017-06-19 20:07:38 +02:00
f115503a0b
Bug 1372405 - Provide names for all runnables in the tree (r=froydnj)
...
MozReview-Commit-ID: DKR6ROiHRS7
2017-06-26 14:19:58 -07:00
f1364a75ea
Bug 1374580 (part 3) - Remove ns{,C}Substring typedefs. r=froydnj.
...
All the instances are converted as follows.
- nsSubstring --> nsAString
- nsCSubstring --> nsACString
--HG--
extra : rebase_source : cfd2238c52e3cb4d13e3bd5ddb80ba6584ab6d91
2017-06-20 19:19:52 +10:00
8a1350b5a6
Backed out changeset 4f6302a98ae4 (bug 1372405)
...
--HG--
extra : rebase_source : 41632f3158e88e692809731394a683d065a73dfb
2017-06-21 13:59:26 +02:00
6b3e84ed5f
Bug 1372405 - Provide names for all runnables in the tree (r=froydnj)
...
MozReview-Commit-ID: DKR6ROiHRS7
2017-06-20 21:44:11 -07:00
ea1b86680c
Backed out changeset 9846de3bd954 (bug 1372405)
...
--HG--
extra : rebase_source : 5d4a48e8ec394c329994689d938d2a6e9b2752b0
2017-06-20 08:27:02 +02:00
4592152411
Bug 1372405 - Provide names for all runnables in the tree (r=froydnj)
...
MozReview-Commit-ID: DKR6ROiHRS7
2017-06-19 22:25:47 -07:00
b0a3a49ce8
Bug 1361703: enable NR_epoll_create/create1 in linux sandbox r=jld
...
Enables creating new libevent epoll queues on Linux
2017-06-13 01:54:20 -04:00
da2db41a9c
Bug 1362601 - Don't crash on sandbox violation if known-problem injected libs are present. r=gcp
...
MozReview-Commit-ID: HCbavpMUxYm
--HG--
extra : rebase_source : ec0cc9dcbf07831209b438504311b45f5b8990a8
2017-06-07 16:33:11 -06:00
039a1c2b5c
Bug 1321134 - Allow access to dconf shared-memory flags. r=gcp,glandium
...
DConf uses small memory-mapped files for the writer to signal readers
to invalidate cached data; the file is created by the first reader and
readers will write to it to force storage allocation.
If we don't allow opening the file, DConf will still work, but it will
reread the database on every pref access, and it prints messages on
stderr claiming it won't work. So we should avoid that.
MozReview-Commit-ID: 9xoBIhtu5cu
--HG--
extra : rebase_source : 582b3bc30f2181b6564eefa34082a561f9cc0c28
2017-05-30 07:10:15 -06:00
b129f08d7f
Bug 1322784 - Gently fail utime(), to deal with GConf/ORBit. r=gcp
...
MozReview-Commit-ID: B4LmSGR6OEz
--HG--
extra : rebase_source : 613409994c0ba50c34c57537343484f1dc85b7aa
2017-05-30 23:13:37 -06:00
d27dc0ba0b
Bug 1358223 - Part 1 - On Windows and macOS hardcode the minimum content sandbox level at 1. r=bobowen,haik,jimm
...
If the "security.sandbox.content.level" preference is set to a value less than
1, all consumers will automatically treat it as if it were level 1. On Linux and
Nightly builds, setting the sandbox level to 0 is still allowed, for now.
MozReview-Commit-ID: 9QNTCkdbTfm
--HG--
extra : rebase_source : cd5a853c46a5cd334504b339bef8df30a3cabe51
2017-05-12 17:04:42 -04:00
fd03aa5bc8
Backed out changeset 4e283b54baa6 (bug 1358223) for build bustage on Android at dom/ipc/ContentChild.cpp:21. r=backout
2017-05-31 21:34:13 +02:00
39f34ea898
Bug 1358223 - Part 1 - On Windows and macOS hardcode the minimum content sandbox level at 1. r=bobowen,haik,jimm
...
If the "security.sandbox.content.level" preference is set to a value less than
1, all consumers will automatically treat it as if it were level 1. On Linux and
Nightly builds, setting the sandbox level to 0 is still allowed, for now.
MozReview-Commit-ID: 9QNTCkdbTfm
--HG--
extra : rebase_source : 1a26ffc5b9f80e6df4c37c23f506e907ba44053a
2017-05-12 17:04:42 -04:00
f6b03fa260
Bug 1355274 - Polyfill SOCK_DGRAM socketpairs with SOCK_SEQPACKET, for libasyncns. r=gcp
...
MozReview-Commit-ID: 2DeklSGsjUV
--HG--
extra : rebase_source : 8a202c23dc9a3ddede49b08ce1e0792dfb40bdbf
2017-04-11 20:55:34 -06:00
675bae8c8d
Bug 1364533 - Allow madvise huge page hints. r=gcp
...
MozReview-Commit-ID: 7sNWS2sFJCx
--HG--
extra : rebase_source : c1730d2ac5d352dcaec1889d4f20dd9bc0a838a8
2017-05-12 20:04:07 -06:00
3c4e538953
Bug 1361238 - Re-allow accept4, used by accessibility. r=gcp
...
MozReview-Commit-ID: 3M3T3bkx4nP
--HG--
extra : rebase_source : b67332889615ae34cc67737da361f21ae545aeb4
2017-05-01 21:51:11 -06:00
7d9acbdace
Bug 1358647 - Disallow bind/listen/accept for Linux content processes. r=gcp
...
MozReview-Commit-ID: Cz9MKxOJnsS
--HG--
extra : rebase_source : d3ab7ff9020066d5fe9ac3121c88c85b9fde6224
2017-04-25 19:29:32 -06:00
Gian-Carlo Pascutto
Wes Kocher
Nicholas Nethercote
Jed Davis
Thomas Daede
Sebastian Hengst
Sylvestre Ledru
Jan Keromnes
Carsten "Tomcat" Book
Bill McCloskey
Randell Jesup
Alex Gaynor