Bug 1643200 - Rename BLOCK_WIN8_ONLY into BLOCK_WIN8_AND_OLDER. r=mhowell

`BLOCK_WIN8_ONLY` was introduced by bug 1268470 to block klsihk64.dll only on
Win8.  However, a new blocklist (bug 1445025) does wrong comparison on the OS
version, thus `BLOCK_WIN8_ONLY` has blocked modules on all platforms older than
Win10 including Win7 and Win8.1.

This patch corrects OS comparison and changes the flag to `BLOCK_WIN8_AND_OLDER`
to make it more handy.  We also remove `BLOCK_WIN8PLUS_ONLY` which is never used.

Differential Revision: https://phabricator.services.mozilla.com/D78411

browser/app/winlauncher/freestanding/DllBlocklist.cpp

@@ -163,21 +163,16 @@ static BlockAction CheckBlockInfo(const DllBlockInfo* aInfo,
                                   uint64_t& aVersion) {
   aVersion = DllBlockInfo::ALL_VERSIONS;
 
-  if (aInfo->mFlags &
-      (DllBlockInfo::BLOCK_WIN8PLUS_ONLY | DllBlockInfo::BLOCK_WIN8_ONLY)) {
+  if (aInfo->mFlags & DllBlockInfo::BLOCK_WIN8_AND_OLDER) {
     RTL_OSVERSIONINFOW osv = {sizeof(osv)};
     NTSTATUS ntStatus = ::RtlGetVersion(&osv);
     if (!NT_SUCCESS(ntStatus)) {
       return BlockAction::Error;
     }
 
-    if (osv.dwMajorVersion < 8) {
-      return BlockAction::Allow;
-    }
-
-    if ((aInfo->mFlags & DllBlockInfo::BLOCK_WIN8_ONLY) &&
-        (osv.dwMajorVersion > 8 ||
-         (osv.dwMajorVersion == 8 && osv.dwMinorVersion > 0))) {
+    if ((aInfo->mFlags & DllBlockInfo::BLOCK_WIN8_AND_OLDER) &&
+        (osv.dwMajorVersion > 6 ||
+         (osv.dwMajorVersion == 6 && osv.dwMinorVersion > 2))) {
       return BlockAction::Allow;
     }
   }

mozglue/dllservices/WindowsDllBlocklist.cpp

@@ -463,13 +463,8 @@ static NTSTATUS NTAPI patched_LdrLoadDll(PWCHAR filePath, PULONG flags,
             "Ignoring the REDIRECT_TO_NOOP_ENTRYPOINT flag\n");
       }
 
-      if ((info->mFlags & DllBlockInfo::BLOCK_WIN8PLUS_ONLY) &&
-          !IsWin8OrLater()) {
-        goto continue_loading;
-      }
-
-      if ((info->mFlags & DllBlockInfo::BLOCK_WIN8_ONLY) &&
-          (!IsWin8OrLater() || IsWin8Point1OrLater())) {
+      if ((info->mFlags & DllBlockInfo::BLOCK_WIN8_AND_OLDER) &&
+          IsWin8Point1OrLater()) {
         goto continue_loading;
       }
 

mozglue/dllservices/WindowsDllBlocklistCommon.h

@@ -36,12 +36,11 @@ struct DllBlockInfoT {
   // only when we are a child process.
   enum Flags {
     FLAGS_DEFAULT = 0,
-    BLOCK_WIN8PLUS_ONLY = 1 << 0,
-    BLOCK_WIN8_ONLY = 1 << 1,
-    USE_TIMESTAMP = 1 << 2,
-    CHILD_PROCESSES_ONLY = 1 << 3,
-    BROWSER_PROCESS_ONLY = 1 << 4,
-    REDIRECT_TO_NOOP_ENTRYPOINT = 1 << 5,
+    BLOCK_WIN8_AND_OLDER = 1 << 0,
+    USE_TIMESTAMP = 1 << 1,
+    CHILD_PROCESSES_ONLY = 1 << 2,
+    BROWSER_PROCESS_ONLY = 1 << 3,
+    REDIRECT_TO_NOOP_ENTRYPOINT = 1 << 4,
   } mFlags;
 
   bool IsVersionBlocked(const uint64_t aOther) const {

mozglue/dllservices/WindowsDllBlocklistDefs.in

@@ -193,7 +193,8 @@ ALL_PROCESSES += [
     DllBlocklistEntry("nahimicmsidevprops.dll", UNVERSIONED),
 
     # Bug 1268470 - crashes with Kaspersky Lab on Windows 8
-    DllBlocklistEntry("klsihk64.dll", (14, 0, 456, 0xffff), BLOCK_WIN8_ONLY),
+    DllBlocklistEntry("klsihk64.dll", (14, 0, 456, 0xffff),
+                      BLOCK_WIN8_AND_OLDER),
 
     # Bug 1579758, crashes with OpenSC nightly version 0.19.0.448 and lower
     DllBlocklistEntry("onepin-opensc-pkcs11.dll", (0, 19, 0, 448)),

mozglue/dllservices/gen_dll_blocklist_defs.py

@@ -55,8 +55,7 @@ DLL_BLOCKLIST_DEFINITIONS_BEGIN_NAMED(gBlockedInprocDlls)
 
 # These flag names should match the ones defined in WindowsDllBlocklistCommon.h
 FLAGS_DEFAULT = 'FLAGS_DEFAULT'
-BLOCK_WIN8PLUS_ONLY = 'BLOCK_WIN8PLUS_ONLY'
-BLOCK_WIN8_ONLY = 'BLOCK_WIN8_ONLY'
+BLOCK_WIN8_AND_OLDER = 'BLOCK_WIN8_AND_OLDER'
 USE_TIMESTAMP = 'USE_TIMESTAMP'
 CHILD_PROCESSES_ONLY = 'CHILD_PROCESSES_ONLY'
 BROWSER_PROCESS_ONLY = 'BROWSER_PROCESS_ONLY'
@@ -65,8 +64,7 @@ REDIRECT_TO_NOOP_ENTRYPOINT = 'REDIRECT_TO_NOOP_ENTRYPOINT'
 
 # Only these flags are available in the input script
 INPUT_ONLY_FLAGS = {
-    BLOCK_WIN8PLUS_ONLY,
-    BLOCK_WIN8_ONLY,
+    BLOCK_WIN8_AND_OLDER,
 }