wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
255,485 Commits 1 Branch 166 Tags 1.2 GiB
b8f6c15369
Commit Graph

289 Commits

Author SHA1 Message Date
Bob Owen
3f62750874 Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg 
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
 2014-06-11 15:32:37 +01:00
Carsten "Tomcat" Book
0b56bf9838 Backed out changeset 5adabc2818b2 (bug 1018966) for b2g bustage 2014-09-04 15:14:41 +02:00
Carsten "Tomcat" Book
d50d535713 Backed out changeset 5d21dd9ca51e (bug 1018966) for b2g Build bustage 2014-09-04 15:13:14 +02:00
Bob Owen
65f144b3ff Bug 1018966 - Part 2: Make warn only sandbox changes to the Chromium code. r=tabraldes 2014-09-03 10:31:53 +01:00
Bob Owen
cf06b12d8d Bug 1018966 - Part 1: Add the main warn only sandbox machinery - with no Chromium code changes. r=bsmedberg r=tabraldes 
This change also includes the content sandboxing code on Windows Nightly by defining MOZ_CONTENT_SANDBOX=1.
Whether the content sandbox is disabled, in warn only mode, or enabled is controlled by a new pref: browser.tabs.remote.sandbox=(off/warn/on)
 2014-06-11 15:32:37 +01:00
Mike Hommey
a653121671 Bug 1059113 - Use templates for shared libraries and frameworks. r=gps 
Also force to use the existing template for XPCOM components.
 2014-09-04 09:04:45 +09:00
Mike Hommey
fc99c53ae5 Bug 1041941 - Use templates for programs, simple programs, libraries and C++ unit tests. r=gps 2014-09-03 14:10:54 +09:00
Jed Davis
aaa558dd7c Bug 1061085 - Clean up misused export macros from bug 1041886. r=glandium 2014-08-31 23:23:00 +02:00
Tim Abraldes
6157602479 bug 1027906. Set delayed token level for GMP plugin processes to USER_RESTRICTED. Whitelist certain files and registry keys that are required for EME plugins to successfully load. r=bobowen. r=jesup. r=bent. 2014-08-29 17:34:26 -07:00
Jed Davis
75747ff40f Bug 1059602 - Make libxul -> libmozsandbox dependency not a weak symbol. r=glandium 
MFBT_API is not the right macro for this; it changes the affected
definition/usage to a weak symbol, for reasons explained in the comments
on its definition.

This was causing the linker to drop the dependency from libmozglue
to libmozsandbox, in some cases (--as-needed, with a linker that
doesn't consider weak symbols "needed"), and thus load libxul with
gSandboxCrashFunc relocated to address 0 (the expected behavior of an
unresolved weak symbol), which caused crashes when writing to it on
startup.

--HG--
extra : amend_source : b99fded391ae90b1311f4cabaf40f15e6414f245
 2014-08-28 23:23:13 -07:00
David Major
492c4f4f7d Bug 1023941 - Part 2: Static-link the CRT into plugin-container.exe. r=glandium,f=tabraldes 
--HG--
rename : security/sandbox/moz.build => security/sandbox/objs.mozbuild
extra : rebase_source : e0b1515a4729ecfe82a67b6439d9a38453f7556a
 2014-08-28 14:50:10 +12:00
Jed Davis
6315518788 Bug 1041886 - Fix no-opt-only build bustage caused by mozilla::unused. r=glandium 
See also bug 1059038.
 2014-08-26 19:23:44 -07:00
Jed Davis
6746bb3d35 Bug 1054616 - Clean up logging-related shims for Linux sandboxing. r=kang 2014-08-26 13:54:16 -07:00
Jed Davis
773d03d0d7 Bug 1041886 - Separate Linux sandbox code into its own shared library. r=kang r=glandium 
This creates libmozsandbox.so on builds that use sandboxing
(MOZ_CONTENT_SANDBOX or MOZ_GMP_SANDBOX).

The unavoidably libxul-dependent parts, for invoking the crash reporter
and printing the JS context, are separated into glue/SandboxCrash.cpp
and invoked via a callback.
 2014-08-26 13:54:09 -07:00
Jed Davis
dcfa9f6e79 Bug 1041886 - Break out Linux sandbox logging into its own header. r=kang 2014-08-26 13:54:03 -07:00
Steven Michaud
a17eb6d1fd Bug 1056936 - Specify full path to plugin-container in sandbox rules. r=rjesup 2014-08-25 15:01:04 -05:00
Masatoshi Kimura
1ee4b71e83 Bug 1055541 - Fix build failure on VS2013 with --enable-warnings-as-errors due to Warning C4996. r=ehsan 2014-08-20 04:09:03 +09:00
Chris Peterson
ed9323def1 Bug 1052033 - Fix warnings in security/sandbox and mark as FAIL_ON_WARNINGS. r=smichaud 2014-08-09 14:25:24 -07:00
Jed Davis
212cc5b860 No bug - Add trailing newlines for non-Android Linux sandbox logging. r=kang 
--HG--
extra : rebase_source : c0e936b62289c0e5eecad41fce9afac881fe4667
 2014-08-14 15:39:14 -07:00
Jed Davis
66d1734f54 Bug 1043733 - Require sandboxing to load Gecko Media Plugins on Linux. r=jesup r=kang 
Also refactors how sandbox support and disabling are handled, and allows
simulating a lack of sandbox support with an env var (for testing
without rebuilding a kernel).
 2014-08-12 21:28:27 -07:00
Steven Michaud
d67d41563b Bug 1012949 - Sandbox the OpenH264 plugin for Mac r=rjesup,areinald,ted a=PatchNeedsToLandToday 2014-08-08 11:55:22 -05:00
Mike Hommey
0f4c5d9244 Bug 1047267 - Move remaining OS_LIBS and EXTRA_LIBS to moz.build. r=gps 
* * *
Bug 1047267 - To fold with "Move remaining OS_LIBS and EXTRA_LIBS to moz.build"
 2014-08-07 14:21:03 +09:00
Mike Hommey
ec54bf6c1f Bug 1045783 - Move most OS_LIBS to moz.build and do some related cleanup. r=mshal 2014-08-06 07:25:33 +09:00
Jed Davis
b55b89b5b5 Bug 1047620 - Fix sandboxing for B2G --disable-jemalloc builds. r=kang 
--HG--
extra : rebase_source : 1b2ec6491277a9dc451ab767d8563076cf522c27
 2014-08-04 15:11:33 -07:00
Jed Davis
7bab545482 Bug 1012951 - Add Linux sandboxing for GeckoMediaPlugin processes. r=kang r=ted 
--HG--
extra : rebase_source : 1b890000d5b8d2a8954cdd1118a1023eba829c29
 2014-08-04 15:11:18 -07:00
Jed Davis
54f805e8b9 Bug 1046541 - Use stdio for non-Android Linux sandbox error messages. r=kang 
--HG--
extra : rebase_source : e93a4a76f8188d715886e263a366d694c28b4525
 2014-08-04 15:11:04 -07:00
Jed Davis
b31eafbe86 Bug 1046525 - Allow get{e,}gid and sched_{g,s}etparam in sandboxed content processes. r=kang 
Some of these were already in the desktop whitelist; those duplicates
are removed.

--HG--
extra : amend_source : 3ab4b50e3f1980b4d7b93cc17f34b926e2aa2396
 2014-08-01 15:05:44 -07:00
Ed Morley
433e593c8c Backed out changeset d50d7e88f35e (bug 1012951) for LSan failures 2014-07-30 16:49:43 +01:00
Jed Davis
ac97af274c Bug 1012951 - Sandbox GMP plugins on Linux using seccomp-bpf. r=kang r=ted 2014-07-29 15:31:12 -07:00
Jed Davis
4f62652919 Bug 1017393 - Record rejected syscall number in crash dump. r=kang 2014-07-24 11:36:00 +02:00
Mike Hommey
71623acdd6 Bug 1036894 part 9 - Replace all EXTRA_DSO_LDOPTS, SHARED_LIBRARY_LIBS and LIBS with EXTRA_LIBS, OS_LIBS or OS_LDFLAGS, appropriately. r=gps 
OS_LIBS for libraries that are not part of the gecko tree, EXTRA_LIBS for
libraries, such as NSPR, that are in the tree, but are not handled by
moz.build just yet. Those EXTRA_LIBS may also come from a system library.
However, in cases where the expanded variables are always empty for the
in-tree case, OS_LIBS is used (as for, e.g. MOZ_ZLIB_LIBS). OS_LDFLAGS is
used exclusively for non-library linker flags.

Always pass EXTRA_LIBS before OS_LIBS on linker command lines.

Forbid EXTRA_DSO_LDOPTS, SHARED_LIBRARY_LIBS and LIBS in Makefiles.
 2014-07-23 13:31:02 +09:00
Mike Hommey
e5c43ef995 Bug 1036894 part 8 - Move most in-tree library linkage information to moz.build, as USE_LIBS. r=gps 2014-07-23 13:30:52 +09:00
Ehsan Akhgari
c7a033be8e Bug 1041325 - Use intrin.h for _ReturnAddress in the chromium sandbox code; r=bbondy 
--HG--
extra : rebase_source : 06bb642636a9f3df2e75eb950816a7d48da85faf
 2014-07-20 19:05:44 -04:00
Jed Davis
1cdd0d8544 Bug 1037211 - Remove MOZ_CONTENT_SANDBOX_REPORTER by making it always true. r=kang r=ted 
--HG--
extra : amend_source : 450d51dab077794e194bf407044de95627de0cde
 2014-07-17 14:57:28 -07:00
Jed Davis
285d65221e Bug 1038900 - Dynamically allocate signal number for sandbox startup. r=kang 2014-07-16 13:37:00 +02:00
Tim Abraldes
2271b8aa31 bug 985252. Build sandbox code regardless of whether --enable-content-sandbox/MOZ_CONTENT_SANDBOX is provided. Enable sandboxing of GMP plugins. Enable SandboxBroker to set different security policies for different process types. r=bbondy, r=cpearce, r=bent 2014-07-16 16:01:34 -07:00
Bob Owen
4f4b3629bb Bug 1035275 - Remove unused base Chromium code. r=bbondy 2014-07-07 13:59:11 +01:00
Jed Davis
ad5a014572 Bug 1038490 - Fix misuse of MOZ_WIDGET_GONK in Linux content process sandbox policy. r=kang 
--HG--
extra : amend_source : 0a7fe8ca751b59102cbc23316b18982268306423
 2014-07-14 18:35:56 -07:00
Jed Davis
ada7d21572 Bug 1038486 - Fix Linux desktop seccomp sandbox build on 32-bit x86. r=kang 
--HG--
extra : amend_source : 130d2cbd485734997739ea96ac5d83c01899d8b0
 2014-07-09 16:52:56 -07:00
jvoisin
7c10650a8f Bug 1035786 - Fix namespace bug in Linux sandbox LOG_ERROR macro. r=jld 2014-07-08 05:53:00 +01:00
Jed Davis
d9856e93b1 Bug 1035786 - Avoid warning-as-error sandbox build failure with an explicit cast. r=gdestuynder 
getpid() is never negative, so this is safe.
 2014-07-10 17:37:45 -07:00
Bob Owen
218decde34 Bug 1035786 - Fix member variable initialisation order in LogMessage stub in Linux Sandbox.cpp. r=jld 2014-07-09 12:32:49 +01:00
Mike Hommey
07267c6f7f Bug 1036864 - Remove EXPORT_LIBRARY. r=mshal 2014-07-11 19:06:55 +09:00
Jed Davis
dd6575be07 Bug 956961 - Stop disabling sandboxing when DMD is enabled. r=kang 
--HG--
extra : rebase_source : 4737cfd613c1ddee8e1a4340e819eddc151e73f7
extra : histedit_source : 2d2610a775a3ae986157f61ef3797f4e88baa922
 2014-07-02 11:28:48 -07:00
Wes Kocher
f174cd042e Backed out 3 changesets (bug 956961) for non-unified build bustage 
Backed out changeset f1be89cb58b9 (bug 956961)
Backed out changeset 272b01e4f856 (bug 956961)
Backed out changeset 56907af18c66 (bug 956961)
 2014-07-02 15:03:29 -07:00
Jed Davis
49f614d6ca Bug 956961 - Stop disabling sandboxing when DMD is enabled. r=kang 
--HG--
extra : amend_source : 66f2453794e6a8a581e1564e786cfc8cac1f6bbd
 2014-07-02 11:28:48 -07:00
Jed Davis
d1a5790ae4 Bug 1014299 - Add times() to seccomp whitelist. r=kang 
This system call seems to be used by some versions of the Qualcomm Adreno
graphics drivers when we run WebGL apps.
 2014-06-02 14:52:00 +02:00
Bob Owen
2c9a59f64a Bug 1009452 - inherit stdout and stderr into the content process to allow logging. r=aklotz 2014-05-14 16:09:31 +01:00
Jed Davis
c7dae997a6 Bug 920372 - Fix socketcall whitelisting on i386. r=kang 2014-05-20 18:38:14 -07:00
Jed Davis
1523066770 Bug 920372 - Allow tgkill only for threads of the calling process itself. r=kang 2014-05-20 18:38:06 -07:00
Jed Davis
3a308504da Bug 920372 - Use Chromium seccomp-bpf compiler to dynamically build sandbox program. r=kang 2014-05-20 18:37:53 -07:00
Jed Davis
3b103d307f Bug 920372 - Import Chromium seccomp-bpf compiler, rev 4c08f442d2588a2c7cfaa117a55bd87d2ac32f9a. r=kang 
Newly imported:
* sandbox/linux/seccomp-bpf/
* sandbox/linux/sandbox_export.h
* base/posix/eintr_wrapper.h

Updated:
* base/basictypes.h
* base/macros.h

At the time of this writing (see future patches for this bug) the only
things we're using from sandbox/linux/seccomp-bpf/ are codegen.cc and
basicblock.cc, and the header files they require.  However, we may use
more of this code in the future, and it seems cleaner in general to
import the entire subtree.
 2014-05-20 18:37:45 -07:00
Jed Davis
52cd05523d Bug 1004832 - Add tgkill to seccomp-bpf whitelist. r=kang 2014-05-02 16:57:00 +02:00
Jed Davis
a52d5f0783 Bug 997409 - Add set_thread_area to seccomp whitelist if available. r=kang 2014-04-17 16:23:23 -04:00
Jed Davis
738f39b679 Bug 981949 - Whitelist ftruncate for seccomp-bpf sandboxing. r=kang 2014-04-11 13:09:00 +02:00
Boris Zbarsky
46967823f5 Bug 995047 followup. Fix a caller that I missed because it's only compiled on some platforms, so we can reopen the CLOSED TREE 2014-04-12 00:38:06 -04:00
Jed Davis
f8ce2f4279 Bug 993145 - Skip attempting seccomp sandboxing if seccomp unavailable. r=kang 2014-04-09 15:23:00 +02:00
Bob Owen
f5a4bd97f2 Bug 928062 - Set Windows sandbox delayed integrity level to INTEGRITY_LEVEL_LOW. r=aklotz 2014-04-08 16:25:18 +01:00
Jed Davis
ddc591c878 Bug 989172 - Re-add sigaltstack to seccomp whitelist. r=kang 
This reinstates the patch from bug 983518, which was unintentionally
dropped while merging with the reorganization in bug 985227.
 2014-03-28 17:58:26 -07:00
Makoto Kato
c0da567b5b Bug 987888 - --enable-content-sandbox breaks 64-bit builds. r=dkeeler,r=mshal 2014-03-28 13:59:16 +09:00
Jed Davis
b939b580cf Bug 985227 - Part 3: Replace the seccomp filter arch ifdefs with syscall existence tests. r=kang 2014-03-20 10:19:42 -04:00
Jed Davis
d06bc434b1 Bug 985227 - Part 2: Flatten out the #define maze in the seccomp filter. r=kang 2014-03-20 10:19:42 -04:00
Jed Davis
893f056ba5 Bug 985227 - Part 1: Move the seccomp filter into its own translation unit. r=kang 
--HG--
rename : security/sandbox/linux/seccomp_filter.h => security/sandbox/linux/SandboxFilter.cpp
 2014-03-20 10:19:42 -04:00
Jed Davis
a8a37995ce Bug 975273 - Add missing include to unbreak desktop seccomp build. r=kang 2014-03-20 09:27:28 -04:00
Phil Ringnalda
8c19bde08b Merge m-c to m-i 2014-03-15 12:32:04 -07:00
Kyle Huey
510a49016d Bug 967364: Rename already_AddRefed::get to take. r=bsmedberg 2014-03-15 12:00:15 -07:00
Guillaume Destuynder
fc8cf73ff1 Bug 983518: Fix running B2G-1.4 on KitKat by whitelisting sigalstack in the sandbox. r=kang r=jld 2014-03-14 18:54:20 -07:00
Vicamo Yang
3bcd1c9eb8 Bug 944625 - B2G Emulator-x86: fix undeclared __NR_sendto, __NR_recvfrom. r=jld,kang 2014-03-13 13:44:43 +09:00
Jed Davis
f8d175ce14 Bug 977859 - Drop uid 0 in all content processes immediately after fork. r=bent r=kang 
Now all regular child processes, including preallocated, are deprivileged.
Only Nuwa needs uid 0, because each of its children has a different uid/gid.
 2014-03-12 15:48:15 -07:00
Jed Davis
685530a9a5 Bug 979686 - Fix the non-(ARM|x86|x86_64) desktop build. r=kang 2014-03-06 12:23:06 -08:00
Brian R. Bondy
6be742312e Bug 941110 - Make the Windows sandbox code compile without the Win8 SDK. r=jimm 2014-03-06 12:53:24 -05:00
Jed Davis
cfaafc654d Bug 946407 - Disable sandbox when DMDing. r=njn r=kang 
See also bug 956961.
 2014-03-04 18:27:14 -08:00
Ehsan Akhgari
bf09c6f469 Bug 976896 - Port STL_FLAGS to moz.build; r=mshal 2014-03-04 19:39:06 -05:00
Ryan VanderMeulen
b00f0ba8d9 Merge m-c to inbound. 2014-02-28 10:15:57 -05:00
Jed Davis
b8c81fc6e2 Bug 970676 - Turn on sandboxing on all relevant threads. r=dhylands r=bent f=kang 2014-02-27 13:18:01 -08:00
Ehsan Akhgari
87db9c0f0f Bug 976898 - Move the sdkdecls.h force-include out of the build system; r=bbondy,glandium 2014-02-28 08:17:22 -05:00
Jed Davis
1467d9b632 Bug 971128 - Add sched_yield to seccomp whitelist. r=kang 2014-02-22 18:58:59 -08:00
Jed Davis
3027739852 Bug 970562 - Add sched_getscheduler to seccomp whitelist. r=kang 2014-02-22 18:58:59 -08:00
Brian R. Bondy
7563d524e8 Bug 974979 - Browser crashes after trying to restart a crashed e10s process. r=aklotz 2014-02-20 12:58:04 -05:00
Brian R. Bondy
842125950f Bug 928061 - Enable separate Desktop in Windows sandbox policy. r=aklotz 2014-02-20 12:37:22 -05:00
Jed Davis
6549f56f18 Bug 974230 - Adjust sandbox so that socket() simply fails. r=kang 
This is a workaround for issues with the SCTP code (bug 969715) and
NSPR's IPv6 support (bug 936320).
 2014-02-20 09:35:44 -05:00
Jed Davis
bd5a8731fc Bug 966547 - Switch sipcc from named to anonymous sockets on Unix. r=jesup, r=kang 2014-02-20 09:35:26 -05:00
Jed Davis
cbefd9bed0 Bug 974227 - Allow readlink while sandboxed to work around bug 964455. r=kang 2014-02-19 15:55:42 -05:00
Ehsan Akhgari
c79e8f4c6e Bug 973405 - Move some misc LOCAL_INCLUDES to moz.build; r=glandium 2014-02-18 08:49:12 -05:00
Ms2ger
6e066deaea Bug 968856 - Move unconditional LOCAL_INCLUDES into moz.build; r=mshal 2014-02-15 21:24:59 +01:00
Brian R. Bondy
c4e16b9b50 Bug 969559 - Set delayed restricted integrity in child process to block off pipe and file access after LowerToken call. r=aklotz 2014-02-14 11:07:16 -05:00
Wes Kocher
ee5da0ab00 Merge m-c to inbound on a CLOSED TREE 2014-02-13 18:50:08 -08:00
Jed Davis
5ea5299c58 Bug 971370 - Fix seccomp whitelist errors caused by strace bug. r=kang 2014-02-13 09:47:16 -05:00
Guillaume Destuynder
cb244dcc84 bug 948620 - Add env variable MOZ_DISABLE_CONTENT_SANDBOX to disable sandbox at runtime. r=jld 2014-02-13 16:26:28 -08:00
Jed Davis
ebe6274bbf Bug 945504 - Include JS stack in sandbox reporter logs. r=kang 2014-02-07 10:46:38 -05:00
Eric Rahm
c1dd0bb669 Bug 969126 - Fix sandbox build for b2g on OS X. r=kang 2014-02-06 16:11:53 -08:00
Jed Davis
230a08b7ab Bug 945498 - Use breakpad to report seccomp violations as crashes. r=ted, r=kang 
Upstream issue for breakpad patch: https://breakpad.appspot.com/1114003/
 2014-02-05 13:29:51 -05:00
Brian R. Bondy
17c805b60e Bug 961757 - Add the ability to include shim first for a buildable sandbox on Windows. r=glandium 
--HG--
rename : security/sandbox/base/at_exit.cc => security/sandbox/chromium/base/at_exit.cc
rename : security/sandbox/base/at_exit.h => security/sandbox/chromium/base/at_exit.h
rename : security/sandbox/base/atomic_ref_count.h => security/sandbox/chromium/base/atomic_ref_count.h
rename : security/sandbox/base/atomic_sequence_num.h => security/sandbox/chromium/base/atomic_sequence_num.h
rename : security/sandbox/base/atomicops.h => security/sandbox/chromium/base/atomicops.h
rename : security/sandbox/base/atomicops_internals_tsan.h => security/sandbox/chromium/base/atomicops_internals_tsan.h
rename : security/sandbox/base/atomicops_internals_x86_gcc.h => security/sandbox/chromium/base/atomicops_internals_x86_gcc.h
rename : security/sandbox/base/atomicops_internals_x86_msvc.h => security/sandbox/chromium/base/atomicops_internals_x86_msvc.h
rename : security/sandbox/base/base_export.h => security/sandbox/chromium/base/base_export.h
rename : security/sandbox/base/base_paths.cc => security/sandbox/chromium/base/base_paths.cc
rename : security/sandbox/base/base_paths.h => security/sandbox/chromium/base/base_paths.h
rename : security/sandbox/base/base_paths_win.cc => security/sandbox/chromium/base/base_paths_win.cc
rename : security/sandbox/base/base_paths_win.h => security/sandbox/chromium/base/base_paths_win.h
rename : security/sandbox/base/base_switches.cc => security/sandbox/chromium/base/base_switches.cc
rename : security/sandbox/base/base_switches.h => security/sandbox/chromium/base/base_switches.h
rename : security/sandbox/base/basictypes.h => security/sandbox/chromium/base/basictypes.h
rename : security/sandbox/base/bind.h => security/sandbox/chromium/base/bind.h
rename : security/sandbox/base/bind_helpers.h => security/sandbox/chromium/base/bind_helpers.h
rename : security/sandbox/base/bind_internal.h => security/sandbox/chromium/base/bind_internal.h
rename : security/sandbox/base/bind_internal_win.h => security/sandbox/chromium/base/bind_internal_win.h
rename : security/sandbox/base/callback.h => security/sandbox/chromium/base/callback.h
rename : security/sandbox/base/callback_forward.h => security/sandbox/chromium/base/callback_forward.h
rename : security/sandbox/base/callback_internal.cc => security/sandbox/chromium/base/callback_internal.cc
rename : security/sandbox/base/callback_internal.h => security/sandbox/chromium/base/callback_internal.h
rename : security/sandbox/base/command_line.cc => security/sandbox/chromium/base/command_line.cc
rename : security/sandbox/base/command_line.h => security/sandbox/chromium/base/command_line.h
rename : security/sandbox/base/compiler_specific.h => security/sandbox/chromium/base/compiler_specific.h
rename : security/sandbox/base/containers/hash_tables.h => security/sandbox/chromium/base/containers/hash_tables.h
rename : security/sandbox/base/cpu.cc => security/sandbox/chromium/base/cpu.cc
rename : security/sandbox/base/cpu.h => security/sandbox/chromium/base/cpu.h
rename : security/sandbox/base/critical_closure.h => security/sandbox/chromium/base/critical_closure.h
rename : security/sandbox/base/debug/alias.cc => security/sandbox/chromium/base/debug/alias.cc
rename : security/sandbox/base/debug/alias.h => security/sandbox/chromium/base/debug/alias.h
rename : security/sandbox/base/debug/debugger.h => security/sandbox/chromium/base/debug/debugger.h
rename : security/sandbox/base/debug/leak_annotations.h => security/sandbox/chromium/base/debug/leak_annotations.h
rename : security/sandbox/base/debug/profiler.cc => security/sandbox/chromium/base/debug/profiler.cc
rename : security/sandbox/base/debug/profiler.h => security/sandbox/chromium/base/debug/profiler.h
rename : security/sandbox/base/environment.h => security/sandbox/chromium/base/environment.h
rename : security/sandbox/base/file_descriptor_posix.h => security/sandbox/chromium/base/file_descriptor_posix.h
rename : security/sandbox/base/file_util.cc => security/sandbox/chromium/base/file_util.cc
rename : security/sandbox/base/file_util.h => security/sandbox/chromium/base/file_util.h
rename : security/sandbox/base/file_util_win.cc => security/sandbox/chromium/base/file_util_win.cc
rename : security/sandbox/base/file_version_info.h => security/sandbox/chromium/base/file_version_info.h
rename : security/sandbox/base/file_version_info_win.h => security/sandbox/chromium/base/file_version_info_win.h
rename : security/sandbox/base/files/file_path.h => security/sandbox/chromium/base/files/file_path.h
rename : security/sandbox/base/float_util.h => security/sandbox/chromium/base/float_util.h
rename : security/sandbox/base/format_macros.h => security/sandbox/chromium/base/format_macros.h
rename : security/sandbox/base/guid.h => security/sandbox/chromium/base/guid.h
rename : security/sandbox/base/lazy_instance.cc => security/sandbox/chromium/base/lazy_instance.cc
rename : security/sandbox/base/lazy_instance.h => security/sandbox/chromium/base/lazy_instance.h
rename : security/sandbox/base/location.cc => security/sandbox/chromium/base/location.cc
rename : security/sandbox/base/location.h => security/sandbox/chromium/base/location.h
rename : security/sandbox/base/logging.cc => security/sandbox/chromium/base/logging.cc
rename : security/sandbox/base/logging.h => security/sandbox/chromium/base/logging.h
rename : security/sandbox/base/logging_win.cc => security/sandbox/chromium/base/logging_win.cc
rename : security/sandbox/base/logging_win.h => security/sandbox/chromium/base/logging_win.h
rename : security/sandbox/base/memory/aligned_memory.h => security/sandbox/chromium/base/memory/aligned_memory.h
rename : security/sandbox/base/memory/raw_scoped_refptr_mismatch_checker.h => security/sandbox/chromium/base/memory/raw_scoped_refptr_mismatch_checker.h
rename : security/sandbox/base/memory/ref_counted.cc => security/sandbox/chromium/base/memory/ref_counted.cc
rename : security/sandbox/base/memory/ref_counted.h => security/sandbox/chromium/base/memory/ref_counted.h
rename : security/sandbox/base/memory/scoped_ptr.h => security/sandbox/chromium/base/memory/scoped_ptr.h
rename : security/sandbox/base/memory/singleton.cc => security/sandbox/chromium/base/memory/singleton.cc
rename : security/sandbox/base/memory/singleton.h => security/sandbox/chromium/base/memory/singleton.h
rename : security/sandbox/base/memory/weak_ptr.h => security/sandbox/chromium/base/memory/weak_ptr.h
rename : security/sandbox/base/move.h => security/sandbox/chromium/base/move.h
rename : security/sandbox/base/observer_list.h => security/sandbox/chromium/base/observer_list.h
rename : security/sandbox/base/observer_list_threadsafe.h => security/sandbox/chromium/base/observer_list_threadsafe.h
rename : security/sandbox/base/os_compat_nacl.h => security/sandbox/chromium/base/os_compat_nacl.h
rename : security/sandbox/base/path_service.cc => security/sandbox/chromium/base/path_service.cc
rename : security/sandbox/base/path_service.h => security/sandbox/chromium/base/path_service.h
rename : security/sandbox/base/pending_task.h => security/sandbox/chromium/base/pending_task.h
rename : security/sandbox/base/platform_file.cc => security/sandbox/chromium/base/platform_file.cc
rename : security/sandbox/base/platform_file.h => security/sandbox/chromium/base/platform_file.h
rename : security/sandbox/base/port.h => security/sandbox/chromium/base/port.h
rename : security/sandbox/base/process/process_handle.h => security/sandbox/chromium/base/process/process_handle.h
rename : security/sandbox/base/profiler/alternate_timer.h => security/sandbox/chromium/base/profiler/alternate_timer.h
rename : security/sandbox/base/profiler/tracked_time.h => security/sandbox/chromium/base/profiler/tracked_time.h
rename : security/sandbox/base/rand_util.h => security/sandbox/chromium/base/rand_util.h
rename : security/sandbox/base/run_loop.h => security/sandbox/chromium/base/run_loop.h
rename : security/sandbox/base/scoped_clear_errno.h => security/sandbox/chromium/base/scoped_clear_errno.h
rename : security/sandbox/base/sequence_checker.h => security/sandbox/chromium/base/sequence_checker.h
rename : security/sandbox/base/sequence_checker_impl.h => security/sandbox/chromium/base/sequence_checker_impl.h
rename : security/sandbox/base/sequenced_task_runner.h => security/sandbox/chromium/base/sequenced_task_runner.h
rename : security/sandbox/base/sequenced_task_runner_helpers.h => security/sandbox/chromium/base/sequenced_task_runner_helpers.h
rename : security/sandbox/base/shim/base/gtest_prod_util.h => security/sandbox/chromium/base/shim/base/gtest_prod_util.h
rename : security/sandbox/base/shim/base/logging.cpp => security/sandbox/chromium/base/shim/base/logging.cpp
rename : security/sandbox/base/shim/base/strings/string_piece.h => security/sandbox/chromium/base/shim/base/strings/string_piece.h
rename : security/sandbox/base/shim/base/third_party/nspr/prtime.h => security/sandbox/chromium/base/shim/base/third_party/nspr/prtime.h
rename : security/sandbox/base/shim/base/third_party/nspr/prtypes.h => security/sandbox/chromium/base/shim/base/third_party/nspr/prtypes.h
rename : security/sandbox/base/shim/base/tracked_objects.h => security/sandbox/chromium/base/shim/base/tracked_objects.h
rename : security/sandbox/base/shim/sdkdecls.h => security/sandbox/chromium/base/shim/sdkdecls.h
rename : security/sandbox/base/single_thread_task_runner.h => security/sandbox/chromium/base/single_thread_task_runner.h
rename : security/sandbox/base/stl_util.h => security/sandbox/chromium/base/stl_util.h
rename : security/sandbox/base/strings/nullable_string16.cc => security/sandbox/chromium/base/strings/nullable_string16.cc
rename : security/sandbox/base/strings/nullable_string16.h => security/sandbox/chromium/base/strings/nullable_string16.h
rename : security/sandbox/base/strings/string16.h => security/sandbox/chromium/base/strings/string16.h
rename : security/sandbox/base/strings/string_number_conversions.cc => security/sandbox/chromium/base/strings/string_number_conversions.cc
rename : security/sandbox/base/strings/string_number_conversions.h => security/sandbox/chromium/base/strings/string_number_conversions.h
rename : security/sandbox/base/strings/string_piece.cc => security/sandbox/chromium/base/strings/string_piece.cc
rename : security/sandbox/base/strings/string_piece.h => security/sandbox/chromium/base/strings/string_piece.h
rename : security/sandbox/base/strings/string_util.h => security/sandbox/chromium/base/strings/string_util.h
rename : security/sandbox/base/strings/string_util_constants.cc => security/sandbox/chromium/base/strings/string_util_constants.cc
rename : security/sandbox/base/strings/string_util_stripped.cc => security/sandbox/chromium/base/strings/string_util_stripped.cc
rename : security/sandbox/base/strings/string_util_win.h => security/sandbox/chromium/base/strings/string_util_win.h
rename : security/sandbox/base/strings/stringprintf.cc => security/sandbox/chromium/base/strings/stringprintf.cc
rename : security/sandbox/base/strings/stringprintf.h => security/sandbox/chromium/base/strings/stringprintf.h
rename : security/sandbox/base/strings/utf_string_conversion_utils.cc => security/sandbox/chromium/base/strings/utf_string_conversion_utils.cc
rename : security/sandbox/base/strings/utf_string_conversion_utils.h => security/sandbox/chromium/base/strings/utf_string_conversion_utils.h
rename : security/sandbox/base/strings/utf_string_conversions.cc => security/sandbox/chromium/base/strings/utf_string_conversions.cc
rename : security/sandbox/base/strings/utf_string_conversions.h => security/sandbox/chromium/base/strings/utf_string_conversions.h
rename : security/sandbox/base/synchronization/lock.cc => security/sandbox/chromium/base/synchronization/lock.cc
rename : security/sandbox/base/synchronization/lock.h => security/sandbox/chromium/base/synchronization/lock.h
rename : security/sandbox/base/synchronization/lock_impl.h => security/sandbox/chromium/base/synchronization/lock_impl.h
rename : security/sandbox/base/synchronization/lock_impl_win.cc => security/sandbox/chromium/base/synchronization/lock_impl_win.cc
rename : security/sandbox/base/sys_info.h => security/sandbox/chromium/base/sys_info.h
rename : security/sandbox/base/task_runner.h => security/sandbox/chromium/base/task_runner.h
rename : security/sandbox/base/template_util.h => security/sandbox/chromium/base/template_util.h
rename : security/sandbox/base/third_party/dmg_fp/LICENSE => security/sandbox/chromium/base/third_party/dmg_fp/LICENSE
rename : security/sandbox/base/third_party/dmg_fp/dmg_fp.h => security/sandbox/chromium/base/third_party/dmg_fp/dmg_fp.h
rename : security/sandbox/base/third_party/dmg_fp/dtoa.cc => security/sandbox/chromium/base/third_party/dmg_fp/dtoa.cc
rename : security/sandbox/base/third_party/dmg_fp/g_fmt.cc => security/sandbox/chromium/base/third_party/dmg_fp/g_fmt.cc
rename : security/sandbox/base/third_party/dynamic_annotations/LICENSE => security/sandbox/chromium/base/third_party/dynamic_annotations/LICENSE
rename : security/sandbox/base/third_party/dynamic_annotations/dynamic_annotations.h => security/sandbox/chromium/base/third_party/dynamic_annotations/dynamic_annotations.h
rename : security/sandbox/base/third_party/icu/LICENSE => security/sandbox/chromium/base/third_party/icu/LICENSE
rename : security/sandbox/base/third_party/icu/icu_utf.cc => security/sandbox/chromium/base/third_party/icu/icu_utf.cc
rename : security/sandbox/base/third_party/icu/icu_utf.h => security/sandbox/chromium/base/third_party/icu/icu_utf.h
rename : security/sandbox/base/thread_task_runner_handle.h => security/sandbox/chromium/base/thread_task_runner_handle.h
rename : security/sandbox/base/threading/platform_thread.h => security/sandbox/chromium/base/threading/platform_thread.h
rename : security/sandbox/base/threading/platform_thread_win.cc => security/sandbox/chromium/base/threading/platform_thread_win.cc
rename : security/sandbox/base/threading/sequenced_worker_pool.h => security/sandbox/chromium/base/threading/sequenced_worker_pool.h
rename : security/sandbox/base/threading/thread_checker_impl.h => security/sandbox/chromium/base/threading/thread_checker_impl.h
rename : security/sandbox/base/threading/thread_collision_warner.cc => security/sandbox/chromium/base/threading/thread_collision_warner.cc
rename : security/sandbox/base/threading/thread_collision_warner.h => security/sandbox/chromium/base/threading/thread_collision_warner.h
rename : security/sandbox/base/threading/thread_id_name_manager.cc => security/sandbox/chromium/base/threading/thread_id_name_manager.cc
rename : security/sandbox/base/threading/thread_id_name_manager.h => security/sandbox/chromium/base/threading/thread_id_name_manager.h
rename : security/sandbox/base/threading/thread_local.h => security/sandbox/chromium/base/threading/thread_local.h
rename : security/sandbox/base/threading/thread_local_storage.h => security/sandbox/chromium/base/threading/thread_local_storage.h
rename : security/sandbox/base/threading/thread_local_win.cc => security/sandbox/chromium/base/threading/thread_local_win.cc
rename : security/sandbox/base/threading/thread_restrictions.cc => security/sandbox/chromium/base/threading/thread_restrictions.cc
rename : security/sandbox/base/threading/thread_restrictions.h => security/sandbox/chromium/base/threading/thread_restrictions.h
rename : security/sandbox/base/time/time.cc => security/sandbox/chromium/base/time/time.cc
rename : security/sandbox/base/time/time.h => security/sandbox/chromium/base/time/time.h
rename : security/sandbox/base/time/time_win.cc => security/sandbox/chromium/base/time/time_win.cc
rename : security/sandbox/base/tracking_info.h => security/sandbox/chromium/base/tracking_info.h
rename : security/sandbox/base/tuple.h => security/sandbox/chromium/base/tuple.h
rename : security/sandbox/base/values.h => security/sandbox/chromium/base/values.h
rename : security/sandbox/base/version.h => security/sandbox/chromium/base/version.h
rename : security/sandbox/base/win/event_trace_provider.cc => security/sandbox/chromium/base/win/event_trace_provider.cc
rename : security/sandbox/base/win/event_trace_provider.h => security/sandbox/chromium/base/win/event_trace_provider.h
rename : security/sandbox/base/win/pe_image.cc => security/sandbox/chromium/base/win/pe_image.cc
rename : security/sandbox/base/win/pe_image.h => security/sandbox/chromium/base/win/pe_image.h
rename : security/sandbox/base/win/registry.cc => security/sandbox/chromium/base/win/registry.cc
rename : security/sandbox/base/win/registry.h => security/sandbox/chromium/base/win/registry.h
rename : security/sandbox/base/win/scoped_handle.cc => security/sandbox/chromium/base/win/scoped_handle.cc
rename : security/sandbox/base/win/scoped_handle.h => security/sandbox/chromium/base/win/scoped_handle.h
rename : security/sandbox/base/win/scoped_process_information.cc => security/sandbox/chromium/base/win/scoped_process_information.cc
rename : security/sandbox/base/win/scoped_process_information.h => security/sandbox/chromium/base/win/scoped_process_information.h
rename : security/sandbox/base/win/startup_information.cc => security/sandbox/chromium/base/win/startup_information.cc
rename : security/sandbox/base/win/startup_information.h => security/sandbox/chromium/base/win/startup_information.h
rename : security/sandbox/base/win/windows_version.cc => security/sandbox/chromium/base/win/windows_version.cc
rename : security/sandbox/base/win/windows_version.h => security/sandbox/chromium/base/win/windows_version.h
 2014-01-28 15:19:22 -05:00
Jed Davis
bbc239ca00 Bug 964427 - Whitelist msync (asm.js cache) and sched_get_priority_m{in,ax} (webrtc). r=kang 2014-01-28 09:04:39 -05:00
Jed Davis
e233c87fdd Bug 960365 - Whitelist uname for nsSystemInfo. r=kang 2014-01-21 15:48:00 -05:00
Jed Davis
81f5ace514 Bug 945330 - Reword and slightly improve sandbox violation log message. r=kang 
The main goal is to have a message that unambiguously indicates a crash,
so mozharness can grep for it even if some of the details change later.

Also now includes the entire argument list; most syscalls don't use all
six, so the last few will be meaningless, but it can't hurt to log them.
 2014-01-10 08:22:58 -05:00
Ryan VanderMeulen
ca386608b9 Merge b2g-inbound to m-c. 2013-12-09 17:26:11 -05:00
Birunthan Mohanathas
759ab69b0a Bug 713082 - Part 2: Rename Util.h to ArrayUtils.h. r=Waldo 
--HG--
rename : mfbt/Util.h => mfbt/ArrayUtils.h
 2013-12-08 21:52:54 -05:00
Vicamo Yang
02b63a0803 Bug 944625 - B2G Emulator-x86: fix undeclared __NR_socketpair, __NR_sendmsg. r=kang,jld 2013-12-09 21:02:54 +08:00
Jed Davis
d1ffa9058b Bug 943774 - Allow sigaction when sandboxed, for the crash reporter. r=kang 2013-12-03 18:45:17 -05:00
Ms2ger
f56294acdb Bug 937258 - Part a: Remove empty makefiles; r=gps 2013-11-28 15:25:40 +01:00
Mike Hommey
9245936f8b Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal 2013-11-27 22:55:07 +09:00
Mike Hommey
2b828323f2 Backout changeset 3fd4b546eed4 (bug 874266) and changeset a35d2e3a872f (bug 942043) for ASAN build bustage and Windows test bustage 
--HG--
extra : amend_source : f20d09aeff1c8b5cbd0f1d24c7ce04e86f3aed1d
 2013-11-28 14:24:05 +09:00
Mike Hommey
d210f8ff00 Bug 874266 - Move all DEFINES that can be moved to moz.build. r=mshal 2013-11-28 13:08:16 +09:00
Christoph Kerschbaumer
ad08ffe884 Bug 935111 - Enable seccomp-bpf for Linux. r=jld 2013-11-19 16:09:18 -08:00
Mike Hommey
a65383e1e9 Bug 939632 - Remove LIBRARY_NAME for leaf libraries. r=gps 
Landing on a CLOSED TREE.
 2013-11-19 11:50:54 +09:00
Mike Hommey
8ceb917350 Bug 939074 - Remove most LIBXUL_LIBRARY. rs=gps 2013-11-19 11:48:10 +09:00
Mike Hommey
b95448fc0b Bug 914245 - Move FORCE_SHARED_LIB to moz.build. r=mshal 2013-11-19 11:47:45 +09:00
Mike Hommey
bb6779efe3 Bug 939044 - Remove most definitions of MODULE. r=mshal 2013-11-19 11:47:39 +09:00
Mike Hommey
d7b6f95761 Bug 935881 - Use FINAL_LIBRARY for all (fake) libraries that end up linked in a single other library. r=gps 2013-11-19 11:47:14 +09:00
Jed Davis
bdf5094b93 Bug 936163 - Fix profiling-specific sandbox whitelist for x86_64. r=kang 
There is no sigaction, only rt_sigaction.
 2013-11-08 13:30:05 -08:00
Jed Davis
7a807d7a56 Bug 936252 - Augment seccomp whitelist for b2g mochitests. r=kang 
FormHistory invokes sqlite3, which calls fsync and geteuid.
A form test calls nsIFile's remove method, which uses lstat.
The crash reporter uses socketpair/sendmsg, to send a pipe back to the parent.
 2013-11-11 09:11:43 -05:00
Jed Davis
5b0c9a29cf Bug 936145 - Clean up architecture-specific parts of seccomp whitelist. r=kang 2013-11-08 15:31:20 -05:00
Brian R. Bondy
e6fe7374c3 Bug 935042 - Allow more than one process to be sandboxed from a single sandboxbroker. r=aklotz 2013-11-05 13:07:40 -05:00
Brian R. Bondy
2edaa77988 Bug 934445 - Fix Windows linking error in Release mode only when MOZ_CONTENT_SANDBOX is defined. r=aklotz 2013-11-04 15:35:03 -05:00
Brian R. Bondy
9b594b1851 Bug 925571 - Packaging for Sandboxing dll. r=bsmedberg 2013-10-30 16:58:56 -07:00
Brian R. Bondy
038d21bf1d Bug 925571 - Initial Windows content process sandbox broker code. r=aklotz 2013-10-30 16:58:52 -07:00
Brian R. Bondy
b77c4127db Bug 925571 - Build config for plugin_container windows sandboxing. r=bsmedberg 2013-10-30 16:58:45 -07:00
Brian R. Bondy
4d159c0649 Bug 922756 - Changes to import of Chromium sandbox so that it's buildable. r=aklotz 2013-10-28 14:54:46 -07:00
Brian R. Bondy
5763932590 Bug 922756 - Initial import of subset of Chromium sandbox. r=aklotz 2013-10-28 14:54:42 -07:00
Brian R. Bondy
f0bbd6b4f3 Bug 922756 - Build config for Chromium sandbox. r=bsmedberg 
--HG--
rename : security/sandbox/LICENSE => security/sandbox/linux/LICENSE
rename : security/sandbox/Makefile.in => security/sandbox/linux/Makefile.in
rename : security/sandbox/Sandbox.cpp => security/sandbox/linux/Sandbox.cpp
rename : security/sandbox/Sandbox.h => security/sandbox/linux/Sandbox.h
rename : security/sandbox/android_arm_ucontext.h => security/sandbox/linux/android_arm_ucontext.h
rename : security/sandbox/android_i386_ucontext.h => security/sandbox/linux/android_i386_ucontext.h
rename : security/sandbox/android_ucontext.h => security/sandbox/linux/android_ucontext.h
rename : security/sandbox/arm_linux_syscalls.h => security/sandbox/linux/arm_linux_syscalls.h
rename : security/sandbox/linux_seccomp.h => security/sandbox/linux/linux_seccomp.h
rename : security/sandbox/linux_syscalls.h => security/sandbox/linux/linux_syscalls.h
rename : security/sandbox/moz.build => security/sandbox/linux/moz.build
rename : security/sandbox/seccomp_filter.h => security/sandbox/linux/seccomp_filter.h
rename : security/sandbox/x86_32_linux_syscalls.h => security/sandbox/linux/x86_32_linux_syscalls.h
rename : security/sandbox/x86_64_linux_syscalls.h => security/sandbox/linux/x86_64_linux_syscalls.h
 2013-10-28 14:54:36 -07:00
Brian R. Bondy
66dccd9d5b Bug 931429 - Fix PR_LOG compiling error for sandbox code on Linux. r=kang 2013-10-28 14:42:26 -07:00
Birunthan Mohanathas
5d748e0ca5 Bug 784739 - Switch from NULL to nullptr in security/; r=ehsan 2013-10-28 10:05:19 -04:00
Mike Hommey
1d566f7586 Bug 929905 - Consolidate sources in moz.build. r=gps 2013-10-25 08:23:05 +09:00
Brian O'Keefe
4c98f61956 Bug 928709 - Convert chromium-config.mk to mozbuild, r=mshal 2013-10-02 13:17:55 -04:00
Ms2ger
bfd2d90f89 Bug 908142 - Part b: Move FAIL_ON_WARNINGS to moz.build in security/sandbox/; r=gps 2013-10-20 09:25:19 +02:00
Jed Davis
fee032cd43 Bug 912822 - Enable sandbox logging on Android without setting NSPR_LOG_MODULES. r=kang 2013-10-06 15:15:50 -04:00
Jed Davis
f6ace5f553 Bug 919090 - Let content processes use sigaction and tgkill if profiling enabled. r=kang 2013-10-04 13:29:48 -04:00
Ms2ger
7ffcd856c2 Bug 900980 - Part a: Move unconditional assignments to EXPORT_LIBRARY to moz.build; rs=gps 2013-10-03 09:11:13 +02:00
David Keeler
10b7700647 bug 914716 - get seccomp-bpf sandboxing to compile on x86_64 r=kang 2013-09-25 11:14:34 -07:00
Vicamo Yang
e413395a3d Bug 909658: B2G emulator-x86 has no __NR_{recv,msgget,semget}. r=kang 2013-09-11 00:23:35 +08:00
Jed Davis
d7d8d94afd Bug 908907 - Fill in gaps in seccomp-bpf whitelist for b2g. r=kang, r=bsmith 
Relatively harmless syscalls:
* dup, used by mozilla::ipc::Shmem
* getuid, for android::IPCThreadState, used in audio decode
* nanosleep, used by android::AudioTrack

Of potential concern:
* sched_setscheduler, used by audio threads in e.g. CubeVid
  This might be restrictable somewhat by inspecting its arguments.

Of serious concern:
* unlink, as a workaround for bug 906996 (q.v.).

Note that we already allow open(), including for writing (temporary
files, /dev/genlock on qcom devices, probably more), so allowing unlink
won't make the situation much worse.
 2013-09-06 09:13:59 -04:00
Mike Hommey
f1cf3b4238 Bug 912293 - Remove now redundant boilerplate from Makefile.in. r=gps 2013-09-05 09:01:46 +09:00
Brian O'Keefe
4f68eb9b02 Bug 875934 - Move LIBRARY_NAME to moz.build, batch 3; r=mshal 2013-08-15 09:02:09 -04:00
Jed Davis
845479d565 Bug 907002 - Add restart_syscall to seccomp whitelist. r=kang 2013-08-26 11:27:49 -04:00
Ms2ger
c3e345584c Bug 883284 - Part f: Move LIBXUL_LIBRARY into moz.build (p-z); r=glandium 2013-08-22 08:56:01 +02:00
Guillaume Destuynder
100ce2c5f3 Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=khuey, r=gerv, r=agal, r=dhylands, r=keeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00
Ms2ger
f9ca076cae Backout changeset 9a57f0f347e3 for insufficient review. 2013-08-13 13:30:00 +02:00
Guillaume Destuynder
65326fc6cb Bug 790923: Adds seccomp-bfp sandboxing support for B2G. r=agal, r=dhylands, r=dkeeler, r=imelven, a=kang. 2013-08-12 12:58:35 -07:00