Bug 1644917 - Part 1: Construct content sandbox "common" policy lazily. r=gcp

When the SandboxBrokerPolicyFactory is constructed, prefs aren't
available, which constrains the cached subset of the content process
policy to entries that don't depend on prefs.  Delaying the computation
until a content process is started removes that restriction.

Differential Revision: https://phabricator.services.mozilla.com/D81423

security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp

@@ -290,7 +290,7 @@ static void AddDynamicPathList(SandboxBroker::Policy* policy,
   }
 }
 
-SandboxBrokerPolicyFactory::SandboxBrokerPolicyFactory() {
+void SandboxBrokerPolicyFactory::InitContentPolicy() {
   // Policy entries that are the same in every process go here, and
   // are cached over the lifetime of the factory.
   SandboxBroker::Policy* policy = new SandboxBroker::Policy;
@@ -523,6 +523,7 @@ UniquePtr<SandboxBroker::Policy> SandboxBrokerPolicyFactory::GetContentPolicy(
     return nullptr;
   }
 
+  std::call_once(mContentInited, [this] { InitContentPolicy(); });
   MOZ_ASSERT(mCommonContentPolicy);
   UniquePtr<SandboxBroker::Policy> policy(
       new SandboxBroker::Policy(*mCommonContentPolicy));

security/sandbox/linux/broker/SandboxBrokerPolicyFactory.h

@@ -9,11 +9,13 @@
 
 #include "mozilla/SandboxBroker.h"
 
+#include <mutex>
+
 namespace mozilla {
 
 class SandboxBrokerPolicyFactory {
  public:
-  SandboxBrokerPolicyFactory();
+  SandboxBrokerPolicyFactory() = default;
 
   UniquePtr<SandboxBroker::Policy> GetContentPolicy(int aPid,
                                                     bool aFileProcess);
@@ -23,6 +25,9 @@ class SandboxBrokerPolicyFactory {
 
  private:
   UniquePtr<const SandboxBroker::Policy> mCommonContentPolicy;
+  std::once_flag mContentInited;
+
+  void InitContentPolicy();
 };
 
 }  // namespace mozilla