Граф коммитов

158 Коммитов

Автор SHA1 Сообщение Дата
Bob Owen caa7e3c377 Bug 1368600: Add telemetry with the error code for when a Windows sandboxed child process fails to start. r=jimm, data-review=francois 2017-06-13 08:54:41 +01:00
Bob Owen a3df44ccee Bug 1323188: Don't use restricting SIDs in the sandbox access tokens when running from a network drive. r=jimm 2017-06-07 20:20:02 +01:00
Bob Owen e6bdfd5594 Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.

MozReview-Commit-ID: Jn6pCkLoGNM

--HG--
extra : source : 431267ab28deabef6ed7c791d8dff79e3fe590c1
2017-05-22 20:41:28 +01:00
Bob Owen 035cf9bdc2 Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm
MozReview-Commit-ID: L8wcVhdLvFe

--HG--
extra : source : c3fb60fbc32660719c1b8b06dc785abd4559d6c0
2017-05-22 20:41:27 +01:00
Wes Kocher 848c9aa744 Backed out 3 changesets (bug 1339105) for plugin process leaks a=backout
Backed out changeset 431267ab28de (bug 1339105)
Backed out changeset 445875fbf13b (bug 1339105)
Backed out changeset c3fb60fbc326 (bug 1339105)

MozReview-Commit-ID: 4HYUQbHHnox
2017-05-22 15:14:23 -07:00
Bob Owen 16a4871cdf Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
2017-05-22 20:41:28 +01:00
Bob Owen edf3a239b1 Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm
MozReview-Commit-ID: L8wcVhdLvFe
2017-05-22 20:41:27 +01:00
Sebastian Hengst 89e33081c6 Backed out changeset 50bf4c923818 (bug 1339105) for Windows bustage: calling protected constructor of class 'nsAString' at sandboxBroker.cpp(208,11). r=backout on a CLOSED TREE 2017-05-22 16:16:16 +02:00
Sebastian Hengst 2a69fd246c Backed out changeset 367734cc9370 (bug 1339105) 2017-05-22 16:14:27 +02:00
Bob Owen 62c455086d Bug 1339105 Part 3: Move NPAPI windows process sandbox file rules into SandboxBroker. r=jimm
This also removes a rule that was added for sandboxing the Java plugin,
which we never did and we now only allow Flash anyway.
2017-05-22 14:29:06 +01:00
Bob Owen f24abd4ac3 Bug 1339105 Part 1: Implement Windows Level 3 content process sandbox policy. r=jimm
MozReview-Commit-ID: L8wcVhdLvFe
2017-05-22 14:29:06 +01:00
David Parks 532fe74f04 Bug 1347710 - Enable sandbox protections for the Windows GPU process. r=bobowen
The sandbox works with levels.  The GPU sandbox level defaults to 1 in all builds.  It is controlled by security.sandbox.gpu.level.
2017-04-24 09:46:09 -07:00
Alex Gaynor 49d40030b6 Bug 1348269 - When SpawnTarget fails during Windows sandboxed process creation, log more information r=bobowen
r=bobowen

MozReview-Commit-ID: HTLPYg870rt

--HG--
extra : rebase_source : 5c7fc4045324d442ff372ec700b57c12c4d10080
2017-04-04 10:54:14 -04:00
Bob Owen 94bf554716 Bug 1337331 Part 1: Update security/sandbox/chromium/ to commit b169b9a1cc402573843e8c952af14c4e43487e91. r=jld, r=aklotz, r=jimm
Also inclues follow-up to remove mitigations that require Windows 10 SDK.

MozReview-Commit-ID: HwqM4noIHmy
2017-03-29 14:23:17 +01:00
Bob Owen 2a12392590 Bug 1344453 Part 2: Add FILES_ALLOW_READONLY rule to all paths when Windows child process should have full read access. r=jimm 2017-03-28 08:36:16 +01:00
Carsten "Tomcat" Book 0a1fc914ce Backed out changeset d9872fdd25f8 (bug 1337331) for causing build problems for others + on request on bob 2017-03-24 11:24:13 +01:00
Bob Owen 8995d28500 Bug 1337331 Part 1: Update security/sandbox/chromium/ to commit b169b9a1cc402573843e8c952af14c4e43487e91. r=jld, r=aklotz 2017-03-23 10:29:05 +00:00
Honza Bambas 654b5c9af9 Bug 1320458 - Make logging by sandboxed child processes to a file work on Windows, r=aklotz
MozReview-Commit-ID: 7eiW3Lo6q8Z
2017-03-06 17:42:31 +01:00
Bob Owen d30aee57bf Bug 1339729: Remove wow_helper from Windows process sandboxing. r=glandium 2017-03-01 10:41:07 +00:00
David Parks 26437f4ecd Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.

--HG--
extra : rebase_source : 4d5637bcdbeae605b0b99e9192598d48f371b698
2017-02-14 15:08:40 -08:00
Sebastian Hengst 68e7240c0c Backed out changeset 71b9ac06a60a (bug 1284897) 2017-02-21 23:13:29 +01:00
David Parks 82eb0f3fdd Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.

--HG--
extra : rebase_source : e34e8b50101cc40ded26e80791052123b24c8243
extra : histedit_source : 69c9b2dc91546adbfdad03b5d43842809191ffb9
2017-02-14 15:08:40 -08:00
Phil Ringnalda 87ae1a50e4 Backed out 5 changesets (bug 1284897) for mozilla::SandboxPermissions::RemovePermissionsForProcess crashes
Backed out changeset 19b2fcee13a9 (bug 1284897)
Backed out changeset a5171791437f (bug 1284897)
Backed out changeset 3ea8b8a18515 (bug 1284897)
Backed out changeset 21497a4e3bde (bug 1284897)
Backed out changeset 12e17d5f0fa9 (bug 1284897)
2017-02-16 22:14:15 -08:00
David Parks e9bcaf4cbe Bug 1284897 - Add mechanism to libsandbox_s to track names of files that have been given special sandbox access permissions (PermissionsService). r=bobowen, r=glandium
Hook this into the browser via the XREAppData. This patch does not include the changes to Chromium source code.
2017-02-14 15:08:40 -08:00
Bob Owen 209be0e8ce Bug 1339389: Remove legacy build config from Windows SandboxBroker moz.build. r=glandium
MozReview-Commit-ID: KA3dCxrCZRo
2017-02-15 08:31:14 +00:00
Matt Woodrow 0686551eab Bug 1325227 - Part 3: Allow child process to share semaphore handles with the parent/gpu processes. r=bobowen 2017-02-04 23:19:03 +13:00
Bob Owen badd6bf1b0 Bug 1273372 Part 4: Add AppLocker rules to GMP sandbox policy. r=aklotz 2016-12-22 11:11:07 +00:00
Bob Owen c7db6e3961 Bug 1321256: Use a USER_UNPROTECTED initial token when the delayed token is not restricted. r=jimm 2016-12-14 14:43:06 +00:00
Bob Owen 8865218aa3 Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld 2016-11-24 15:08:32 +00:00
Sebastian Hengst c7964131c3 Backed out changeset 11a036eafea2 (bug 1147911) 2016-11-23 18:32:42 +01:00
Bob Owen ca93c43645 Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld 2016-11-23 13:36:59 +00:00
Sebastian Hengst a0103a13ec Backed out changeset a5c68edf3788 (bug 1147911) 2016-11-18 00:58:51 +01:00
Bob Owen 87b58c6a19 Bug 1147911 Part 9: Ensure file read permissions for file content process on Windows. r=jimm, r=jld 2016-11-17 15:48:53 +00:00
David Parks 1748bfae57 Bug 1269114 - [x86_64] Last picked directory not saved when using Flash Player uploader. r=jimm
Adds a couple of registry paths to the broker's ALLOW policy.
2016-09-24 02:54:12 -07:00
Bob Owen 182a56ac2a Bug 1301034: Log when non-static file policy AddRule calls fail in Windows SandboxBroker. r=jimm
MozReview-Commit-ID: DA5NizLfFfA

--HG--
extra : rebase_source : 23ea76054c98ab071b0d03e5fc0d7e57d1668244
2016-09-12 11:11:22 +01:00
Bob Owen 22830b7f8f Bug 1287984: Add rule to allow content process to duplicate handles to other non-broker processes. r=jimm
MozReview-Commit-ID: A79P9G9t7Ax

--HG--
extra : transplant_source : %C2%0A-%FB%7E%AF%99%95%C7%AF%A6%21%BC%18%D4a%9C%24z%8C
2016-07-20 14:41:18 +01:00
Tom Tromey 5538d692d3 Bug 1286877 - do not set c-basic-offset for python-mode; r=gps
This removes the unnecessary setting of c-basic-offset from all
python-mode files.

This was automatically generated using

    perl -pi -e 's/; *c-basic-offset: *[0-9]+//'

... on the affected files.

The bulk of these files are moz.build files but there a few others as
well.

MozReview-Commit-ID: 2pPf3DEiZqx

--HG--
extra : rebase_source : 0a7dcac80b924174a2c429b093791148ea6ac204
2016-07-14 10:16:42 -06:00
Bob Owen 5714578c95 Bug 1278528: Don't try to initialize the sandbox TargetServices when we are not sandboxed. r=jimm
MozReview-Commit-ID: EpXy9LYXwQL
2016-06-07 14:03:51 +01:00
Gabor Krizsanits 6c0e1dc69f Bug 1146873 - Handling sandbox policy setup failures. r=bobowen 2016-06-06 15:13:33 +02:00
Bob Owen ecee115838 Bug 1250125: Make a 0 security.sandbox.content.level turn off the content process sandbox. r=TimAbraldes
This also fixes a bug where we weren't setting parts of the policy correctly for levels 3 to 9.

MozReview-Commit-ID: IXsg2nGOqoa

--HG--
extra : rebase_source : 65c76a581dcd498c7d7d5b01e4f4e140acdb244f
2016-05-25 09:06:23 +01:00
Ralph Giles 0946db2658 Bug 1271794 - Use SSE2 instructions on win32. r=glandium
We've decided supporting the small number of x86 machines
without SSE2 instructions is no longer worth the cost in
developer time nor the performance impact for other users.

https://groups.google.com/d/msg/mozilla.dev.platform/dZC39mj5V-s/Xt_UqZXkAAAJ

Set -arch:SSE2 by default on x86 if an arch hasn't already
been supplied. This ensures we'll continue to build with
the right instruction set if the compiler changes its default
in the future, while still allowing custom builds to set
a lower minimum.

Also updates the filter to strip all arch switches on win64
when building the sandbox. The 64-bit compiler doesn't
support -arch:SSE2 either.

MozReview-Commit-ID: JzTRGPn9vzI
2016-05-18 11:06:30 -07:00
Bob Owen e809e9f918 Bug 1035125 Part 9: Link Chromium sandbox into firefox.exe instead of having a separate DLL. r=aklotz,glandium
MozReview-Commit-ID: 1vgDPjpcwz3

--HG--
extra : rebase_source : 40966d98ca6c37f30884639d648907b4760ae240
2016-05-15 16:41:40 +01:00
Bob Owen c43bf02cda Bug 1035125 Part 8: Pass sandboxing pointers through XRE_InitChildProcess instead of linking to more functions in xul. r=aklotz,glandium
MozReview-Commit-ID: 5AiktOArpfU

--HG--
extra : rebase_source : 1ba3be949e2bfeb3b67687ab05d43342852ab764
2016-05-15 16:35:22 +01:00
Chris Pearce 114ad957d2 Bug 1245789 - Load Widevine CDM with sandbox level USER_RESTRICTED instead of USER_LOCKDOWN. r=bobowen
Otherwise Widevine CDM won't load on Windows. Other GMPs are still loaded at USER_LOCKDOWN.

MozReview-Commit-ID: aCTG1tQuwt
2016-04-12 16:12:20 +12:00
Bob Owen 907939a278 Bug 1256992 Part 2: Move SandboxBroker Initialization earlier and add telemetry and extra null checks. r=aklotz
MozReview-Commit-ID: Fu05wLn27UG
2016-04-07 08:28:14 +01:00
Bob Owen db4259c176 Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley 2016-03-23 08:10:43 +00:00
Carsten "Tomcat" Book 417d5d9533 Backed out changeset 0fedfd441a06 (bug 1256992) for gtest failures 2016-03-22 09:54:55 +01:00
Bob Owen 72e4566fa4 Bug 1256992: Initialize Windows sandbox BrokerServices before any child processes are created. r=aklotz, r=bholley 2016-03-22 07:40:03 +00:00
Ehsan Akhgari f9727da7b1 Bug 1188045 - Part 1: Move the definition of sandboxTarget::Instance() out-of-line; r=bobowen,glandium
This is required so that delay-loading xul.dll works with clang-cl.
2016-02-22 09:55:09 -05:00
Bob Owen ed46787107 Bug 1219369: In Windows debug builds allow write access to TEMP for logging purposes. r=tabraldes 2016-02-09 08:31:18 +00:00