Bug 1101170 - Move Linux sandbox code into plugin-container on desktop. r=kang r=glandium

Specifically:
* SandboxCrash() uses internal Gecko interfaces, so stays in libxul.
* SandboxInfo moves to libxul from libmozsandbox, which no longer exists.
* Where libxul calls Set*Sandbox(), it uses weak symbols.
* Everything remains as it was on mobile.
This commit is contained in:
Jed Davis 2014-11-24 15:22:13 -08:00
parent 2fdd7150c1
commit 1b16fc180f
10 changed files with 40 additions and 13 deletions

View File

@ -22,4 +22,4 @@
# changes to stick? As of bug 928195, this shouldn't be necessary! Please
# don't change CLOBBER for WebIDL changes any more.
Bug 1084498 - Android build tools dependency.
Bug 1101170 - Linux desktop build changes libmozsandbox from shared to static.

View File

@ -780,8 +780,6 @@
#if defined(MOZ_SANDBOX)
#if defined(XP_WIN)
@BINPATH@/@DLL_PREFIX@sandboxbroker@DLL_SUFFIX@
#elif defined(XP_LINUX)
@BINPATH@/@DLL_PREFIX@mozsandbox@DLL_SUFFIX@
#endif
#endif

View File

@ -61,6 +61,11 @@ if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT':
'sha256.c',
]
if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_TARGET'] == 'Linux':
USE_LIBS += [
'mozsandbox',
]
if CONFIG['_MSC_VER']:
# Always enter a Windows program through wmain, whether or not we're
# a console application.

View File

@ -60,7 +60,9 @@ __sanitizer_sandbox_on_notify(__sanitizer_sandbox_arguments *args);
namespace mozilla {
#ifdef ANDROID
SandboxCrashFunc gSandboxCrashFunc;
#endif
#ifdef MOZ_GMP_SANDBOX
// For media plugins, we can start the sandbox before we dlopen the

View File

@ -13,18 +13,26 @@
// sandboxing itself. See also common/SandboxInfo.h for what parts of
// sandboxing are enabled/supported.
#ifdef ANDROID
// Defined in libmozsandbox and referenced by linking against it.
#define MOZ_SANDBOX_EXPORT MOZ_EXPORT
#else
// Defined in plugin-container and referenced by libraries it loads.
#define MOZ_SANDBOX_EXPORT MOZ_EXPORT __attribute__((weak))
#endif
namespace mozilla {
#ifdef MOZ_CONTENT_SANDBOX
// Call only if SandboxInfo::CanSandboxContent() returns true.
// (No-op if MOZ_DISABLE_CONTENT_SANDBOX is set.)
MOZ_EXPORT void SetContentProcessSandbox();
MOZ_SANDBOX_EXPORT void SetContentProcessSandbox();
#endif
#ifdef MOZ_GMP_SANDBOX
// Call only if SandboxInfo::CanSandboxMedia() returns true.
// (No-op if MOZ_DISABLE_GMP_SANDBOX is set.)
MOZ_EXPORT void SetMediaPluginSandbox(const char *aFilePath);
MOZ_SANDBOX_EXPORT void SetMediaPluginSandbox(const char *aFilePath);
#endif
} // namespace mozilla

View File

@ -7,15 +7,18 @@
#ifndef mozilla_SandboxInternal_h
#define mozilla_SandboxInternal_h
// The code in Sandbox.cpp can't link against libxul, where
// SandboxCrash.cpp lives, so it has to use a callback, defined here.
#include <signal.h>
#include "mozilla/Types.h"
namespace mozilla {
// SandboxCrash() has to be in libxul to use internal interfaces, but
// its caller in the sandbox code is elsewhere:
// * Desktop: defined in libxul; referenced in plugin-container.
// * Mobile: defined in libmozsandbox; referenced in libxul.
// See also bug 1101170.
typedef void (*SandboxCrashFunc)(int, siginfo_t*, void*);
extern MOZ_EXPORT SandboxCrashFunc gSandboxCrashFunc;

View File

@ -18,4 +18,7 @@ LOCAL_INCLUDES += [
'/security/sandbox/chromium'
]
FINAL_LIBRARY = 'mozsandbox'
if CONFIG['OS_TARGET'] == 'Android':
FINAL_LIBRARY = 'mozsandbox'
else:
FINAL_LIBRARY = 'xul'

View File

@ -131,4 +131,8 @@ SandboxSetCrashFunc()
gSandboxCrashFunc = SandboxCrash;
}
#ifndef ANDROID
SandboxCrashFunc gSandboxCrashFunc;
#endif
} // namespace mozilla

View File

@ -14,8 +14,9 @@ LOCAL_INCLUDES += [
'/security/sandbox/linux',
]
USE_LIBS += [
'mozsandbox',
]
if CONFIG['OS_TARGET'] == 'Android':
USE_LIBS += [
'mozsandbox',
]
FINAL_LIBRARY = 'xul'

View File

@ -6,7 +6,10 @@
FAIL_ON_WARNINGS = True
SharedLibrary('mozsandbox')
if CONFIG['OS_TARGET'] == 'Android':
SharedLibrary('mozsandbox')
else:
Library('mozsandbox')
EXPORTS.mozilla += [
'Sandbox.h',