wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
229,585 Commits 1 Branch 166 Tags 1.2 GiB
60d9ab60ad
Commit Graph

101 Commits

Author SHA1 Message Date
Bob Owen
cb041d2191 Bug 1102195 Part 1: Update Chromium sandbox code to commit df7cc6c04725630dd4460f29d858a77507343b24. r=aklotz, r=jld 2015-02-11 08:22:02 +00:00
Bob Owen
823c53bbd3 Bug 1102215: Move security/sandbox/chromium/base/shim/ to new directory security/sandbox/chromium-shim/ r=ted 
--HG--
rename : security/sandbox/chromium/base/shim/base/gtest_prod_util.h => security/sandbox/chromium-shim/base/gtest_prod_util.h
rename : security/sandbox/chromium/base/shim/base/logging.cpp => security/sandbox/chromium-shim/base/logging.cpp
rename : security/sandbox/chromium/base/shim/base/strings/string_piece.h => security/sandbox/chromium-shim/base/strings/string_piece.h
rename : security/sandbox/chromium/base/shim/base/third_party/nspr/prtime.h => security/sandbox/chromium-shim/base/third_party/nspr/prtime.h
rename : security/sandbox/chromium/base/shim/base/third_party/nspr/prtypes.h => security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h
rename : security/sandbox/chromium/base/shim/base/threading/thread_local_storage.h => security/sandbox/chromium-shim/base/threading/thread_local_storage.h
rename : security/sandbox/chromium/base/shim/base/tracked_objects.h => security/sandbox/chromium-shim/base/tracked_objects.h
rename : security/sandbox/chromium/base/shim/base/win/registry.h => security/sandbox/chromium-shim/base/win/registry.h
rename : security/sandbox/chromium/base/shim/sdkdecls.h => security/sandbox/chromium-shim/base/win/sdkdecls.h
rename : security/sandbox/win/src/logging/loggingCallbacks.h => security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h
rename : security/sandbox/win/src/logging/loggingTypes.h => security/sandbox/chromium-shim/sandbox/win/loggingTypes.h
rename : security/sandbox/win/src/logging/sandboxLogging.cpp => security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp
rename : security/sandbox/win/src/logging/sandboxLogging.h => security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h
 2015-01-22 08:37:30 +00:00
Bob Owen
62de1a9d78 Bug 1102211: Move security/sandbox/build/ into security/sandbox/chromium/ r=ted 
--HG--
rename : security/sandbox/build/build_config.h => security/sandbox/chromium/build/build_config.h
rename : security/sandbox/chromium-commit-status.txt => security/sandbox/moz-chromium-commit-status.txt
 2015-01-22 08:37:30 +00:00
Carsten "Tomcat" Book
5b8eed9b6e Backed out changeset 4ccaf5ae9ced (bug 1102211) for bustage on a CLOSED TREE 
--HG--
rename : security/sandbox/chromium/build/build_config.h => security/sandbox/build/build_config.h
rename : security/sandbox/moz-chromium-commit-status.txt => security/sandbox/chromium-commit-status.txt
 2015-01-22 10:25:39 +01:00
Carsten "Tomcat" Book
c3926fafe0 Backed out changeset 43f1f9eef449 (bug 1102215) 
--HG--
rename : security/sandbox/chromium-shim/base/gtest_prod_util.h => security/sandbox/chromium/base/shim/base/gtest_prod_util.h
rename : security/sandbox/chromium-shim/base/logging.cpp => security/sandbox/chromium/base/shim/base/logging.cpp
rename : security/sandbox/chromium-shim/base/strings/string_piece.h => security/sandbox/chromium/base/shim/base/strings/string_piece.h
rename : security/sandbox/chromium-shim/base/third_party/nspr/prtime.h => security/sandbox/chromium/base/shim/base/third_party/nspr/prtime.h
rename : security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h => security/sandbox/chromium/base/shim/base/third_party/nspr/prtypes.h
rename : security/sandbox/chromium-shim/base/threading/thread_local_storage.h => security/sandbox/chromium/base/shim/base/threading/thread_local_storage.h
rename : security/sandbox/chromium-shim/base/tracked_objects.h => security/sandbox/chromium/base/shim/base/tracked_objects.h
rename : security/sandbox/chromium-shim/base/win/registry.h => security/sandbox/chromium/base/shim/base/win/registry.h
rename : security/sandbox/chromium-shim/base/win/sdkdecls.h => security/sandbox/chromium/base/shim/sdkdecls.h
rename : security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h => security/sandbox/win/src/logging/loggingCallbacks.h
rename : security/sandbox/chromium-shim/sandbox/win/loggingTypes.h => security/sandbox/win/src/logging/loggingTypes.h
rename : security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp => security/sandbox/win/src/logging/sandboxLogging.cpp
rename : security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h => security/sandbox/win/src/logging/sandboxLogging.h
 2015-01-22 10:25:03 +01:00
Bob Owen
68a42345ca Bug 1102215: Move security/sandbox/chromium/base/shim/ to new directory security/sandbox/chromium-shim/ r=ted 
--HG--
rename : security/sandbox/chromium/base/shim/base/gtest_prod_util.h => security/sandbox/chromium-shim/base/gtest_prod_util.h
rename : security/sandbox/chromium/base/shim/base/logging.cpp => security/sandbox/chromium-shim/base/logging.cpp
rename : security/sandbox/chromium/base/shim/base/strings/string_piece.h => security/sandbox/chromium-shim/base/strings/string_piece.h
rename : security/sandbox/chromium/base/shim/base/third_party/nspr/prtime.h => security/sandbox/chromium-shim/base/third_party/nspr/prtime.h
rename : security/sandbox/chromium/base/shim/base/third_party/nspr/prtypes.h => security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h
rename : security/sandbox/chromium/base/shim/base/threading/thread_local_storage.h => security/sandbox/chromium-shim/base/threading/thread_local_storage.h
rename : security/sandbox/chromium/base/shim/base/tracked_objects.h => security/sandbox/chromium-shim/base/tracked_objects.h
rename : security/sandbox/chromium/base/shim/base/win/registry.h => security/sandbox/chromium-shim/base/win/registry.h
rename : security/sandbox/chromium/base/shim/sdkdecls.h => security/sandbox/chromium-shim/base/win/sdkdecls.h
rename : security/sandbox/win/src/logging/loggingCallbacks.h => security/sandbox/chromium-shim/sandbox/win/loggingCallbacks.h
rename : security/sandbox/win/src/logging/loggingTypes.h => security/sandbox/chromium-shim/sandbox/win/loggingTypes.h
rename : security/sandbox/win/src/logging/sandboxLogging.cpp => security/sandbox/chromium-shim/sandbox/win/sandboxLogging.cpp
rename : security/sandbox/win/src/logging/sandboxLogging.h => security/sandbox/chromium-shim/sandbox/win/sandboxLogging.h
 2015-01-22 08:37:30 +00:00
Bob Owen
750675f76e Bug 1102211: Move security/sandbox/build/ into security/sandbox/chromium/ r=ted 
--HG--
rename : security/sandbox/build/build_config.h => security/sandbox/chromium/build/build_config.h
rename : security/sandbox/chromium-commit-status.txt => security/sandbox/moz-chromium-commit-status.txt
 2015-01-22 08:37:30 +00:00
Masatoshi Kimura
f70d08c5aa Bug 1120062 - Part 1: Remove most Nullptr.h includes. r=waldo 2015-01-11 11:34:52 +09:00
Kai-Zhen Li
5e505281df bug 1102277 - Update seccomp filter for newer bionic. r=jld 2014-11-21 01:07:15 +08:00
Jed Davis
11b93c27db Bug 1093334 - Delete unnecessary copies of Chromium headers in security/sandbox/linux. r=kang 2014-12-10 17:26:12 -08:00
Jed Davis
95e992685b Bug 1093334 - Adjust includes of Linux sandboxing headers from Chromium. r=kang 
Also re-sorts some of the includes into something closer to the style guide.
 2014-12-10 17:26:12 -08:00
Jed Davis
5748fc5814 Bug 1102209 - Remove use of CodeGen::JoinInstructions in the Linux sandboxing code. r=kang 
This reorganizes SandboxAssembler to stack up the policy rules and
traverse them in reverse order to build the filter DAG from tail to head
(i.e., starting with "deny all" and prepending allow and return-errno
rules).  Thus, this code will continue to work (perhaps with minor
changes, such as to the NodePtr typedef) with future versions of the
Chromium sandbox code that don't allow mutating the filter program with
the JoinInstructions method.
 2014-12-10 17:26:12 -08:00
Jed Davis
fa76014b99 Bug 1108759 - Fix B2G no-optimization builds. r=glandium 2014-12-10 16:17:47 -08:00
Jay Wang
32debb7f9a Bug 1105452 - Need to use new Audio system APIs for audio offload playback. r=roc, r=jld, r=ggrisco 
Resolve the build failure caused by API changes

There are some changes in Audio APIs in Android version
21. Modifying the code to use the new APIs.

Change-Id: I24fdeb20f8f957d05fb6c0c317de0a6f0769c347

Resolve seccomp violation caused by syscall 256

Modify the filter to allow syscall 256 (set_tid_address).

Change-Id: I49461770c4c5e70bf68462d34321381b0b7ead0a
 2014-12-02 17:10:00 -05:00
Jed Davis
eb5a7b8072 Bug 1101170 - Move Linux sandbox code into plugin-container on desktop. r=kang r=glandium 
Specifically:
* SandboxCrash() uses internal Gecko interfaces, so stays in libxul.
* SandboxInfo moves to libxul from libmozsandbox, which no longer exists.
* Where libxul calls Set*Sandbox(), it uses weak symbols.
* Everything remains as it was on mobile.
 2014-11-24 15:22:13 -08:00
Jed Davis
279ab5b3c8 Bug 1101170 - Move sandbox status info into a separate module. r=kang r=glandium 
This changes the interface so that the code which determines the flags
can live in one place, but checking the flags doesn't need to call into
another library.

Also removes the no-op wrappers for Set*Sandbox when disabled at build
time; nothing used them, one of them was unusable due to having the wrong
type, and all they really accomplish is allowing sloppiness with ifdefs
(which could hide actual mistakes).
 2014-11-24 15:22:13 -08:00
Jed Davis
c0003b43bf Bug 1077057 - Expose Linux sandboxing information to JS via nsSystemInfo. r=kang r=froydnj 
This adds "hasSeccompBPF" for seccomp-bpf support; other "has" keys
will be added in the future (e.g., user namespaces).

This also adds "canSandboxContent" and "canSandboxMedia", which are
absent if the corresponding type of sandboxing isn't enabled at build
type (or is disabled with environment variables), and otherwise present
as a boolean indicating whether that type of sandboxing is supported.
Currently this is always the same as hasSeccompBPF, but that could change
in the future.

Some changes have been made to the "mozilla/Sandbox.h" interface to
support this; the idea is that the MOZ_DISABLE_*_SANDBOX environment
variables should be equivalent to disabling MOZ_*_SANDBOX at build time.
 2014-11-06 13:11:00 +01:00
Jed Davis
eb420073d5 Bug 1093893 - Fix B2G sandbox for ICS Bionic pthread_kill(). r=kang 2014-11-06 11:04:14 -08:00
Jed Davis
e6256d996f Bug 1081242 - Make ASAN's error reporting work while sandboxed on Linux. r=kang 2014-10-21 11:18:00 +02:00
Jed Davis
34c7984879 Bug 1078838 - Restrict clone(2) flags for sandboxed content processes. r=kang 
--HG--
extra : amend_source : f80a3a672f5496f76d8649f0c8ab905044ea81ac
 2014-10-20 12:29:25 -07:00
Jed Davis
80fd7676d7 Bug 1080165 - Allow setpriority() to fail without crashing in media plugins on Linux. r=kang 2014-10-16 12:42:00 +02:00
Jed Davis
1f08c3f878 Bug 1080077 - For sandbox failures with no crash reporter, log the C stack. r=kang 
This is mostly for ASAN builds, which --disable-crash-reporter, but also
fixes a related papercut: debug builds don't use the crash reporter
unless overridden with an environment variable.

Note: this is Linux-only, so NS_StackWalk is always part of the build;
see also bug 1063455.
 2014-10-13 18:48:17 -07:00
Jed Davis
d6940c7f12 Bug 1068410 - Convert remote crash dump to use pipe instead of socketpair in the child. r=kang r=ted 2014-10-03 14:55:03 -07:00
Jed Davis
0dface3757 Bug 1069700 - Fix recursive crash when non-content children violate sandbox policy. r=kang 2014-09-18 18:17:00 -04:00
Trevor Saunders
9ec2828d9e bug 1062567 - prevent gcc lto builds from dropping SyscallAsm on the floor r=froydnj 2014-09-15 19:46:14 -04:00
Jed Davis
1a73e0b7a9 Bug 1059038 - Move mozilla::unused from xpcom/glue to mfbt. r=Waldo 
--HG--
rename : xpcom/glue/unused.cpp => mfbt/unused.cpp
rename : xpcom/glue/unused.h => mfbt/unused.h
 2014-08-29 10:11:00 +02:00
Mike Hommey
a653121671 Bug 1059113 - Use templates for shared libraries and frameworks. r=gps 
Also force to use the existing template for XPCOM components.
 2014-09-04 09:04:45 +09:00
Mike Hommey
fc99c53ae5 Bug 1041941 - Use templates for programs, simple programs, libraries and C++ unit tests. r=gps 2014-09-03 14:10:54 +09:00
Jed Davis
aaa558dd7c Bug 1061085 - Clean up misused export macros from bug 1041886. r=glandium 2014-08-31 23:23:00 +02:00
Jed Davis
75747ff40f Bug 1059602 - Make libxul -> libmozsandbox dependency not a weak symbol. r=glandium 
MFBT_API is not the right macro for this; it changes the affected
definition/usage to a weak symbol, for reasons explained in the comments
on its definition.

This was causing the linker to drop the dependency from libmozglue
to libmozsandbox, in some cases (--as-needed, with a linker that
doesn't consider weak symbols "needed"), and thus load libxul with
gSandboxCrashFunc relocated to address 0 (the expected behavior of an
unresolved weak symbol), which caused crashes when writing to it on
startup.

--HG--
extra : amend_source : b99fded391ae90b1311f4cabaf40f15e6414f245
 2014-08-28 23:23:13 -07:00
Jed Davis
6315518788 Bug 1041886 - Fix no-opt-only build bustage caused by mozilla::unused. r=glandium 
See also bug 1059038.
 2014-08-26 19:23:44 -07:00
Jed Davis
6746bb3d35 Bug 1054616 - Clean up logging-related shims for Linux sandboxing. r=kang 2014-08-26 13:54:16 -07:00
Jed Davis
773d03d0d7 Bug 1041886 - Separate Linux sandbox code into its own shared library. r=kang r=glandium 
This creates libmozsandbox.so on builds that use sandboxing
(MOZ_CONTENT_SANDBOX or MOZ_GMP_SANDBOX).

The unavoidably libxul-dependent parts, for invoking the crash reporter
and printing the JS context, are separated into glue/SandboxCrash.cpp
and invoked via a callback.
 2014-08-26 13:54:09 -07:00
Jed Davis
dcfa9f6e79 Bug 1041886 - Break out Linux sandbox logging into its own header. r=kang 2014-08-26 13:54:03 -07:00
Jed Davis
212cc5b860 No bug - Add trailing newlines for non-Android Linux sandbox logging. r=kang 
--HG--
extra : rebase_source : c0e936b62289c0e5eecad41fce9afac881fe4667
 2014-08-14 15:39:14 -07:00
Jed Davis
66d1734f54 Bug 1043733 - Require sandboxing to load Gecko Media Plugins on Linux. r=jesup r=kang 
Also refactors how sandbox support and disabling are handled, and allows
simulating a lack of sandbox support with an env var (for testing
without rebuilding a kernel).
 2014-08-12 21:28:27 -07:00
Jed Davis
b55b89b5b5 Bug 1047620 - Fix sandboxing for B2G --disable-jemalloc builds. r=kang 
--HG--
extra : rebase_source : 1b2ec6491277a9dc451ab767d8563076cf522c27
 2014-08-04 15:11:33 -07:00
Jed Davis
7bab545482 Bug 1012951 - Add Linux sandboxing for GeckoMediaPlugin processes. r=kang r=ted 
--HG--
extra : rebase_source : 1b890000d5b8d2a8954cdd1118a1023eba829c29
 2014-08-04 15:11:18 -07:00
Jed Davis
54f805e8b9 Bug 1046541 - Use stdio for non-Android Linux sandbox error messages. r=kang 
--HG--
extra : rebase_source : e93a4a76f8188d715886e263a366d694c28b4525
 2014-08-04 15:11:04 -07:00
Jed Davis
b31eafbe86 Bug 1046525 - Allow get{e,}gid and sched_{g,s}etparam in sandboxed content processes. r=kang 
Some of these were already in the desktop whitelist; those duplicates
are removed.

--HG--
extra : amend_source : 3ab4b50e3f1980b4d7b93cc17f34b926e2aa2396
 2014-08-01 15:05:44 -07:00
Ed Morley
433e593c8c Backed out changeset d50d7e88f35e (bug 1012951) for LSan failures 2014-07-30 16:49:43 +01:00
Jed Davis
ac97af274c Bug 1012951 - Sandbox GMP plugins on Linux using seccomp-bpf. r=kang r=ted 2014-07-29 15:31:12 -07:00
Jed Davis
4f62652919 Bug 1017393 - Record rejected syscall number in crash dump. r=kang 2014-07-24 11:36:00 +02:00
Jed Davis
1cdd0d8544 Bug 1037211 - Remove MOZ_CONTENT_SANDBOX_REPORTER by making it always true. r=kang r=ted 
--HG--
extra : amend_source : 450d51dab077794e194bf407044de95627de0cde
 2014-07-17 14:57:28 -07:00
Jed Davis
285d65221e Bug 1038900 - Dynamically allocate signal number for sandbox startup. r=kang 2014-07-16 13:37:00 +02:00
Jed Davis
ad5a014572 Bug 1038490 - Fix misuse of MOZ_WIDGET_GONK in Linux content process sandbox policy. r=kang 
--HG--
extra : amend_source : 0a7fe8ca751b59102cbc23316b18982268306423
 2014-07-14 18:35:56 -07:00
Jed Davis
ada7d21572 Bug 1038486 - Fix Linux desktop seccomp sandbox build on 32-bit x86. r=kang 
--HG--
extra : amend_source : 130d2cbd485734997739ea96ac5d83c01899d8b0
 2014-07-09 16:52:56 -07:00
jvoisin
7c10650a8f Bug 1035786 - Fix namespace bug in Linux sandbox LOG_ERROR macro. r=jld 2014-07-08 05:53:00 +01:00
Jed Davis
d9856e93b1 Bug 1035786 - Avoid warning-as-error sandbox build failure with an explicit cast. r=gdestuynder 
getpid() is never negative, so this is safe.
 2014-07-10 17:37:45 -07:00
Bob Owen
218decde34 Bug 1035786 - Fix member variable initialisation order in LogMessage stub in Linux Sandbox.cpp. r=jld 2014-07-09 12:32:49 +01:00