wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1256992 Part 2: Move SandboxBroker Initialization earlier and add telemetry and extra null checks. r=aklotz, a=ritu

Browse Source 
MozReview-Commit-ID: Fu05wLn27UG
This commit is contained in:
Bob Owen 2016-04-07 08:28:14 +01:00
parent 38ac893967
commit f222b069b5
3 changed files with 61 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
View File

@ -434,6 +434,10 @@ SandboxBroker::SetSecurityLevelForGMPlugin()
bool bool
SandboxBroker::AllowReadFile(wchar_t const *file) SandboxBroker::AllowReadFile(wchar_t const *file)
{ {
if (!mPolicy) {
return false;
}
auto result = auto result =
mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES,
sandbox::TargetPolicy::FILES_ALLOW_READONLY, sandbox::TargetPolicy::FILES_ALLOW_READONLY,
@ -444,6 +448,10 @@ SandboxBroker::AllowReadFile(wchar_t const *file)
bool bool
SandboxBroker::AllowReadWriteFile(wchar_t const *file) SandboxBroker::AllowReadWriteFile(wchar_t const *file)
{ {
if (!mPolicy) {
return false;
}
auto result = auto result =
mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES,
sandbox::TargetPolicy::FILES_ALLOW_ANY, sandbox::TargetPolicy::FILES_ALLOW_ANY,
@ -454,6 +462,10 @@ SandboxBroker::AllowReadWriteFile(wchar_t const *file)
bool bool
SandboxBroker::AllowDirectory(wchar_t const *dir) SandboxBroker::AllowDirectory(wchar_t const *dir)
{ {
if (!mPolicy) {
return false;
}
auto result = auto result =
mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES, mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_FILES,
sandbox::TargetPolicy::FILES_ALLOW_DIR_ANY, sandbox::TargetPolicy::FILES_ALLOW_DIR_ANY,
@ -464,6 +476,10 @@ SandboxBroker::AllowDirectory(wchar_t const *dir)
bool bool
SandboxBroker::AddTargetPeer(HANDLE aPeerProcess) SandboxBroker::AddTargetPeer(HANDLE aPeerProcess)
{ {
if (!sBrokerService) {
return false;
}
sandbox::ResultCode result = sBrokerService->AddTargetPeer(aPeerProcess); sandbox::ResultCode result = sBrokerService->AddTargetPeer(aPeerProcess);
return (sandbox::SBOX_ALL_OK == result); return (sandbox::SBOX_ALL_OK == result);
} }

27
toolkit/components/telemetry/Histograms.json
View File

@ -10408,5 +10408,32 @@
"kind": "count", "kind": "count",
"bug_numbers": [1237198], "bug_numbers": [1237198],
"description": "Count tiny plugin content" "description": "Count tiny plugin content"
},
"IPC_MESSAGE_SIZE": {
"alert_emails": ["wmccloskey@mozilla.com"],
"bug_numbers": [1260908],
"expires_in_version": "55",
"kind": "exponential",
"high": 8000000,
"n_buckets": 50,
"keyed": true,
"description": "Measures the size of IPC messages by message name"
},
"MESSAGE_MANAGER_MESSAGE_SIZE": {
"alert_emails": ["wmccloskey@mozilla.com"],
"bug_numbers": [1260908],
"expires_in_version": "55",
"kind": "exponential",
"high": 8000000,
"n_buckets": 50,
"keyed": true,
"description": "Measures the size of message manager messages by message name"
},
"SANDBOX_BROKER_INITIALIZED": {
"alert_emails": ["bowen@mozilla.com"],
"bug_numbers": [1256992],
"expires_in_version": "55",
"kind": "boolean",
"description": "Result of call to SandboxBroker::Initialize"
} }
} }

38
toolkit/xre/nsAppRunner.cpp
View File

@ -3363,6 +3363,24 @@ XREMain::XRE_mainInit(bool* aExitFlag)
} }
#endif #endif
#if defined(MOZ_SANDBOX) && defined(XP_WIN)
bool brokerInitialized = SandboxBroker::Initialize();
Telemetry::Accumulate(Telemetry::SANDBOX_BROKER_INITIALIZED,
brokerInitialized);
if (!brokerInitialized) {
#if defined(MOZ_CONTENT_SANDBOX)
// If we're sandboxing content and we fail to initialize, then crashing here
// seems like the sensible option.
if (BrowserTabsRemoteAutostart()) {
MOZ_CRASH("Failed to initialize broker services, can't continue.");
}
#endif
// Otherwise just warn for the moment, as most things will work.
NS_WARNING("Failed to initialize broker services, sandboxed processes will "
"fail to start.");
}
#endif
#ifdef XP_MACOSX #ifdef XP_MACOSX
if (EnvHasValue("MOZ_LAUNCHED_CHILD")) { if (EnvHasValue("MOZ_LAUNCHED_CHILD")) {
// This is needed, on relaunch, to force the OS to use the "Cocoa Dock // This is needed, on relaunch, to force the OS to use the "Cocoa Dock
@ -3726,12 +3744,6 @@ XREMain::XRE_mainStartup(bool* aExitFlag)
int result; int result;
#ifdef XP_WIN #ifdef XP_WIN
UseParentConsole(); UseParentConsole();
#if defined(MOZ_SANDBOX)
if (!SandboxBroker::Initialize()) {
NS_WARNING("Failed to initialize broker services, sandboxed processes "
"will fail to start.");
}
#endif
#endif #endif
// RunGTest will only be set if we're in xul-unit // RunGTest will only be set if we're in xul-unit
if (mozilla::RunGTest) { if (mozilla::RunGTest) {
@ -4317,20 +4329,6 @@ XREMain::XRE_mainRun()
} }
#endif /* MOZ_INSTRUMENT_EVENT_LOOP */ #endif /* MOZ_INSTRUMENT_EVENT_LOOP */
#if defined(MOZ_SANDBOX) && defined(XP_WIN)
if (!SandboxBroker::Initialize()) {
#if defined(MOZ_CONTENT_SANDBOX)
// If we're sandboxing content and we fail to initialize, then crashing here
// seems like the sensible option.
if (BrowserTabsRemoteAutostart()) {
MOZ_CRASH("Failed to initialize broker services, can't continue.");
}
#endif
// Otherwise just warn for the moment, as most things will work.
NS_WARNING("Failed to initialize broker services, sandboxed processes will "
"fail to start.");
}
#endif
#if (defined(XP_WIN) || defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX) #if (defined(XP_WIN) || defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX)
SetUpSandboxEnvironment(); SetUpSandboxEnvironment();
#endif #endif