Bug 1644917 - Part 1: Construct content sandbox "common" policy lazily. r=gcp,Gijs

When the SandboxBrokerPolicyFactory is constructed, prefs aren't available, which constrains the cached subset of the content process policy to entries that don't depend on prefs. Delaying the computation until a content process is started removes that restriction. (This also delays the reading of dynamic linker configuration to discover library directories, so a test needs to be adjusted.) Differential Revision: https://phabricator.services.mozilla.com/D81423
2025-03-02 22:37:50 +00:00 · 2020-07-02 11:27:21 +00:00 · 2020-07-02 11:27:21 +00:00 · c3572e2dda
commit c3572e2dda
parent c9ea5d4842
3 changed files with 17 additions and 10 deletions
--- a/browser/base/content/test/performance/browser_startup_mainthreadio.js
+++ b/browser/base/content/test/performance/browser_startup_mainthreadio.js
@ -212,13 +212,6 @@ const startupPhases = {
      read: 1,
      close: 1,
    },
-    {
-      path: "*ld.so.conf*",
-      condition: LINUX,
-      ignoreIfUnused: true,
-      read: 22,
-      close: 11,
-    },
    {
      // bug 1546838
      path: "ProfD:xulstore/data.mdb",
@ -265,9 +258,10 @@ const startupPhases = {
      write: 1,
    },
    {
+      // Side-effect of bug 1412090, via sandboxing (but the real
+      // problem there is main-thread CPU use; see bug 1439412)
      path: "*ld.so.conf*",
      condition: LINUX,
-      ignoreIfUnused: true,
      read: 22,
      close: 11,
    },
@ -339,6 +333,13 @@ const startupPhases = {
      condition: WIN,
      read: 1,
    },
+    {
+      // Sandbox policy construction
+      path: "*ld.so.conf*",
+      condition: LINUX,
+      read: 22,
+      close: 11,
+    },
    {
      // bug 1541246
      path: "UAppData:",
--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
@ -290,7 +290,7 @@ static void AddDynamicPathList(SandboxBroker::Policy* policy,
  }
 }

-SandboxBrokerPolicyFactory::SandboxBrokerPolicyFactory() {
+void SandboxBrokerPolicyFactory::InitContentPolicy() {
  // Policy entries that are the same in every process go here, and
  // are cached over the lifetime of the factory.
  SandboxBroker::Policy* policy = new SandboxBroker::Policy;
@ -523,6 +523,7 @@ UniquePtr<SandboxBroker::Policy> SandboxBrokerPolicyFactory::GetContentPolicy(
    return nullptr;
  }

+  std::call_once(mContentInited, [this] { InitContentPolicy(); });
  MOZ_ASSERT(mCommonContentPolicy);
  UniquePtr<SandboxBroker::Policy> policy(
      new SandboxBroker::Policy(*mCommonContentPolicy));
--- a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.h
+++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.h
@ -9,11 +9,13 @@

 #include "mozilla/SandboxBroker.h"

+#include <mutex>
+
 namespace mozilla {

 class SandboxBrokerPolicyFactory {
 public:
-  SandboxBrokerPolicyFactory();
+  SandboxBrokerPolicyFactory() = default;

  UniquePtr<SandboxBroker::Policy> GetContentPolicy(int aPid,
                                                    bool aFileProcess);
@ -23,6 +25,9 @@ class SandboxBrokerPolicyFactory {

 private:
  UniquePtr<const SandboxBroker::Policy> mCommonContentPolicy;
+  std::once_flag mContentInited;
+
+  void InitContentPolicy();
 };

 }  // namespace mozilla