Commit Graph

827 Commits

Author SHA1 Message Date
Gian-Carlo Pascutto
802f1b9395 Bug 1386404 - Enable content-process specific tmpdir on Linux. r=haik
MozReview-Commit-ID: 6Hijq0to9MG

--HG--
extra : rebase_source : c7a3559e4cbdfd1885d13a489c4eeb311ca973fa
2017-10-12 11:18:25 +02:00
Attila Craciun
21363323fd Backed out 2 changesets (bug 1409900) for failing browser chrome on Linux opt at browser/base/content/test/general/browser_bug590206.js r=backout a=backout.
Backed out changeset 83296a355dd4 (bug 1409900)
Backed out changeset 072007f83431 (bug 1409900)
2017-10-27 16:15:47 +03:00
Jed Davis
76b1bdf7de Bug 1408497 - Disallow inotify in sandboxed content processes. r=gcp
MozReview-Commit-ID: nKyIvMNQAt

--HG--
extra : rebase_source : 5347e8da745d6f4a0cd4e81e76fe6b94d94eac30
2017-10-25 13:35:47 -06:00
Jed Davis
5f10d1f416 Bug 1409900 - Handle sandboxed statfs() by replacing it with open+fstatfs. r=gcp
MozReview-Commit-ID: 4Q0XMWcxaAc

--HG--
extra : rebase_source : 6bd36df3155fc5cdda67720e313028a68e2f0901
2017-10-25 13:08:26 -06:00
Jed Davis
fce1017953 Bug 1409900 - Disallow quotactl in sandboxed content processes. r=gcp
MozReview-Commit-ID: 3svUgLLTZKL

--HG--
extra : rebase_source : 54623b48c65a1319905cab5aa520928681ec0023
2017-10-25 12:43:13 -06:00
Jed Davis
160e1dcfe0 Bug 1410191 - Correctly handle errors when using syscalls in sandbox trap handlers. r=gcp
MozReview-Commit-ID: JX81xpNBMIm

--HG--
extra : rebase_source : c7334f3e0b61b4fb4e0305cc6fc5d3173d08c032
2017-10-25 16:38:20 -06:00
Jed Davis
b8aa6b6de9 Bug 1410241 - Don't call destructors on objects we use in the SIGSYS handler. r=gcp
MozReview-Commit-ID: LAgORUSvDh9

--HG--
extra : rebase_source : b39836ebb7405202c60b075b30b48966ac644e71
2017-10-25 17:58:22 -06:00
Jed Davis
aa4363afaa Bug 1410280 - Re-allow PR_GET_NAME for sandboxed content processes. r=gcp
This prctl is used by PulseAudio; once bug 1394163 is resolved, allowing
it can be made conditional on the media.cubeb.sandbox pref.

MozReview-Commit-ID: 6jAM65V32vK

--HG--
extra : rebase_source : abb039aff7cefc0aa3b95f4574fdf1e3fb0d93a6
2017-10-25 11:04:34 -06:00
Phil Ringnalda
a173b09db6 Backed out changeset ccc0e72f2152 (bug 1403260) for hanging Mac browser-chrome in printing tests
MozReview-Commit-ID: IZNT5Jh8nzB
2017-10-25 23:00:17 -07:00
Haik Aftandilian
362316451f Bug 1403260 - [Mac] Remove access to print server from content process sandbox r=mconley
MozReview-Commit-ID: Ia21je8TTIg

--HG--
extra : rebase_source : 656e9e3ac8d1fb741d46881458bb0b7fb402d688
2017-10-22 23:02:58 -07:00
Jed Davis
9bac6e88bd Bug 1328896 - Restrict fcntl() in sandboxed content processes. r=gcp
MozReview-Commit-ID: BDBTwlT82mf

--HG--
extra : rebase_source : 9036abfb23768e7b17181fbc680692468d66ccd0
2017-07-24 17:33:07 -06:00
Haik Aftandilian
90adeb05d8 Bug 1404919 - Whitelist Extensis Suitcase Fusion fontvaults and /System/Library/Fonts. r=Alex_Gaynor
MozReview-Commit-ID: 5UaqiHBKd90

--HG--
extra : rebase_source : 3497f97815d57e9e3fa0cc13482af5d0d81cfd87
2017-10-12 18:29:42 -07:00
Sebastian Hengst
32f7c8fec3 merge mozilla-inbound to mozilla-central. r=merge a=merge
MozReview-Commit-ID: 1h3kZyrtqSt
2017-10-17 11:45:16 +02:00
Matthew Gregan
28e8f43756 Bug 1408821 - Allow FIONBIO ioctl from the content sandbox. r=jld
--HG--
extra : rebase_source : c6a1b525bc7d9207583200fd5d5059a8155b889f
2017-10-16 14:54:46 +13:00
Sebastian Hengst
f7efb5fc2c Merge mozilla-central to mozilla-inbound. r=merge a=merge on a CLOSED TREE 2017-10-12 12:03:15 +02:00
Jim Mathies
17a6cb2cbf Bug 1407766 - Remove symantec dlls from the content process dll blocklist due to process startup issues associated with symantec av products. r=bobowen
MozReview-Commit-ID: JMOIptO2y7F
2017-10-11 18:00:18 -05:00
Jed Davis
a9b7865141 Bug 1316153 - Remove base::ChildPrivileges from IPC. r=billm,bobowen
ChildPrivileges is a leftover from the B2G process model; it's now
mostly unused, except for the Windows sandbox using it to carry whether
a content process has file:/// access.

In general, when sandboxing needs to interact with process launch, the
inputs are some subset of: the GeckoProcessType, the subtype if content,
various prefs and even GPU configuration; and the resulting launch
adjustments are platform-specific.  And on some platforms (e.g., OS X)
it's all done after launch.  So a simple enum used cross-platform isn't
a good fit.

MozReview-Commit-ID: K31OHOpJzla

--HG--
extra : rebase_source : 3928b44eb86cd076bcac7897536590555237b76b
2017-09-08 16:16:50 -06:00
Gian-Carlo Pascutto
433feb3f7e Bug 1387837 - Add library paths from /etc/ld.so.conf to broker read access policy. r=jld
MozReview-Commit-ID: S5vq6suTU4

--HG--
extra : rebase_source : b82f3ff902ca6e4929a8458aa952f409e30356b5
2017-10-06 12:35:35 +02:00
Jed Davis
55a0096f3c Bug 1320834 - Reduce prctl policy for desktop content processes. r=gcp
This removes the allow-all override in the content policy, which means it will
fall back to the more restrictive prctl policy in SandboxPolicyCommon.

MozReview-Commit-ID: CncoGi0HLxR

--HG--
extra : rebase_source : 6cb1834c56a1781f1512b7b078ba3469c3dd8537
2017-04-12 18:41:20 -06:00
Jed Davis
2a020d2e77 Bug 1408493 - Don't restrict ioctl() in sandboxed content if ALSA might be used. r=gcp
MozReview-Commit-ID: 61AmLLcPaWw

--HG--
extra : rebase_source : ba3ad2886b871a8753e9ac30c46fc3356f4fb1c4
2017-10-13 14:34:10 -06:00
Jed Davis
b61d9d2cbe Bug 1408498 - Allow FIONREAD in sandboxed content processes, for libgio. r=gcp
MozReview-Commit-ID: 23mO3vCb7Gu

--HG--
extra : rebase_source : b0183cb4d8d6a5e6ab03e9d4e1db1a3bb76a3569
2017-10-13 14:32:43 -06:00
Jed Davis
df2e63a6ff Bug 1408568 - Handle SandboxReport::ProcType::FILE correctly in XPCOM bindings. r=gcp
MozReview-Commit-ID: EwNTeG4cbZG

--HG--
extra : rebase_source : feed835fd56053644c5fa390d95884fc9b17439b
2017-10-13 17:33:01 -06:00
Bob Owen
ff9470afb1 Bug 1406068: Expand the list of DLLs that are suspected of causing a crash in ImageBridgeChild::InitForContent. r=jimm
I think that trying to slice this up by feature is just going to lead to complications down the line,
so to keep it simple I've moved this to the launch code for all sandboxed children, not just when the
Alternate Desktop is enabled.
This also, similar to chromium, only adds them to the blocklist if they are loaded in the parent.
2017-10-10 10:42:22 +01:00
Sebastian Hengst
c2d6023454 merge mozilla-inbound to mozilla-central. r=merge a=merge
MozReview-Commit-ID: 36L7JL73CzG
2017-10-09 23:52:04 +02:00
David Keeler
2a15781174 Bug 1369561 - Address misc. SnprintfLiteral correctness nits. r=jld, r=froydnj 2017-09-15 14:47:54 -07:00
Jed Davis
3709f8d1e4 Bug 1406233 - Include sys/sysmacros.h for major()/minor() macros in Linux sandbox broker. r=gcp
MozReview-Commit-ID: G1D4yxLAAqg

--HG--
extra : rebase_source : 2b13a20e324a3160ce393f7eb7913d78cc274419
2017-10-05 18:10:49 -06:00
Jed Davis
860bc842e2 Bug 1405891 - Block tty-related ioctl()s in sandboxed content processes. r=gcp
MozReview-Commit-ID: KiBfibjLSfK

--HG--
extra : rebase_source : e0cdbb5026c03d2b5a12fb49161aee392efb4189
2017-10-05 19:53:31 -06:00
Haik Aftandilian
9d77bd9d20 Bug 1393805 - Part 5 - Test that the system extensions dev dir is readable from content. r=bobowen
MozReview-Commit-ID: 7YN7S7R39CU

--HG--
extra : rebase_source : 092f1046a3f6b44c807f7632275615a6bdd674dd
2017-09-27 16:01:57 -07:00
Haik Aftandilian
1e86039b0d Bug 1393805 - Part 4 - Add Linux whitelisted directory for system extensions development. r=gcp
MozReview-Commit-ID: 2eTx1eM1fCM

--HG--
extra : rebase_source : c9c40b552b65a36b1ddb94e31ab04d84571e8d87
2017-10-04 10:50:48 -07:00
Haik Aftandilian
35249752a0 Bug 1393805 - Part 3 - Add Windows whitelisted directory for system extensions development. r=bobowen
MozReview-Commit-ID: 8K5c3mUlqna

--HG--
extra : rebase_source : 0f5a47e8504a38939a1c34a4bc4073bcdc1545d3
2017-10-02 15:17:15 -07:00
Haik Aftandilian
c0bfbc91e0 Bug 1393805 - Part 2 - Add Mac whitelisted directory for system extensions development. r=Alex_Gaynor
MozReview-Commit-ID: ADkcqFAsKaY

--HG--
extra : rebase_source : 02db543e05109e764228862ef5c760a0132eb4c2
2017-10-05 16:06:36 -07:00
Sylvestre Ledru
e0ca72f574 Bug 1406845 - AddMesaSysfsPaths: Resource leak on dir r=gcp
MozReview-Commit-ID: 3ul84cttRAF

--HG--
extra : rebase_source : 6d5306ef859f2db6101c08fb6aad405ffce30696
2017-10-09 09:29:29 +02:00
Sebastian Hengst
6c211079d0 Backed out changeset 8198bc4c7e3c (bug 1393805) 2017-10-05 00:20:11 +02:00
Sebastian Hengst
d60d5571f3 Backed out changeset 45695eda1c1c (bug 1393805) 2017-10-05 00:20:06 +02:00
Sebastian Hengst
072e34c960 Backed out changeset 1ba3220d84fa (bug 1393805) 2017-10-05 00:20:00 +02:00
Sebastian Hengst
e8b4c9dc97 Backed out changeset 4fe99f70e199 (bug 1393805) 2017-10-05 00:19:55 +02:00
Haik Aftandilian
9a88df4221 Bug 1393805 - Part 5 - Test that the system extensions dev dir is readable from content. r=bobowen
MozReview-Commit-ID: 7YN7S7R39CU

--HG--
extra : rebase_source : 01e3fe0acb051723219d9d5de5b1fd19d9751c34
2017-09-27 16:01:57 -07:00
Haik Aftandilian
e1dd4bac03 Bug 1393805 - Part 4 - Add Linux whitelisted directory for system extensions development. r=gcp
MozReview-Commit-ID: 2eTx1eM1fCM

--HG--
extra : rebase_source : 25cff10f2887795ce954b5fbca74df41fefa5c3e
2017-10-04 10:50:48 -07:00
Haik Aftandilian
213bec3e84 Bug 1393805 - Part 3 - Add Windows whitelisted directory for system extensions development. r=bobowen
MozReview-Commit-ID: 8K5c3mUlqna

--HG--
extra : rebase_source : 33b71d3ab20c0fdf24bcee39d4395757031213be
2017-10-02 15:17:15 -07:00
Haik Aftandilian
165980edfa Bug 1393805 - Part 2 - Add Mac whitelisted directory for system extensions development. r=Alex_Gaynor
MozReview-Commit-ID: ADkcqFAsKaY

--HG--
extra : rebase_source : 492194ea7914d6f09b349f95b3eeea0bd003256a
2017-09-27 13:27:39 -07:00
Jed Davis
ae5c1fb5c6 Bug 1401666 - Adjust sandbox policy to allow Mesa 12 to use libudev for device identification. r=gcp
MozReview-Commit-ID: JRRI9nd83TP

--HG--
extra : rebase_source : 3c5e3edd6606f33468120100f2a63533f1757935
2017-10-03 20:35:28 -06:00
Alex Gaynor
535c9e8dc3 Bug 1380674 - remove the ability to create directories in the content temp directory on macOS; r=haik
MozReview-Commit-ID: 8SDcDTqp2F5

--HG--
extra : rebase_source : e8094606e5a302db41f7d7fd22656b7e8697d549
2017-10-03 09:49:44 -04:00
Wes Kocher
83fd890d27 Merge m-c to autoland, a=merge CLOSED TREE
MozReview-Commit-ID: HeJwJwwTzhQ
2017-10-02 16:26:42 -07:00
Wes Kocher
382a7d90d6 Merge inbound to central, a=merge
MozReview-Commit-ID: CvJ9hmTQBcR
2017-10-02 16:22:37 -07:00
Gian-Carlo Pascutto
4ebb238032 Bug 1384804 - Allow reading /proc/self/status for libnuma. r=jld
MozReview-Commit-ID: LLwmPVtj0PE

--HG--
extra : rebase_source : 13d3a0cfce2ffc05280ce80d5d84e37b48f242e9
extra : histedit_source : e4e63c8a90c7b7ef16078d6ad9228b685e681c7e
2017-09-28 16:19:02 +02:00
Alex Gaynor
d755224ded Bug 1403567 - Remove unused access to AppleGraphicsPolicyClient iokit from content process; r=haik
MozReview-Commit-ID: 9yTMgo2FNKm

--HG--
extra : rebase_source : 72cc3a295d8823460aae21ebe149ece2df69d087
2017-09-26 13:05:18 -04:00
Haik Aftandilian
414270b14a Bug 1403669 - [Mac] Per-user and system extensions dir regexes only work for 1-character subdirectory names. r=Alex_Gaynor
MozReview-Commit-ID: L9vNruzMEez

--HG--
extra : rebase_source : 8530cbf1baef919a5a379564d190fb08674aa28d
2017-09-27 11:48:39 -07:00
Alex Gaynor
d1aef777b6 Bug 1404426 - Simplify the macOS content sandbox policy; r=haik
This does two things:

1) Move the level 3 rules to always be applicable, and simplifies level 2 accordingly
2) Consistently uses the raw string literal syntax for regexes

MozReview-Commit-ID: 6iwjOvRVMM7

--HG--
extra : rebase_source : 3ac59219ad0793a98bdb203fb3d247561216a560
2017-09-29 13:13:49 -04:00
Sebastian Hengst
5a95ac34b4 merge mozilla-central to autoland. r=merge a=merge 2017-09-29 11:49:46 +02:00
Haik Aftandilian
f39cc5cc25 Bug 1401756 - [Mac] Remove unneeded mach-lookups from plugin sandbox rules. r=Alex_Gaynor
MozReview-Commit-ID: JsgBzNJC4zF

--HG--
extra : rebase_source : deffeff5e6d39318c55bf3d487071139abaf3c92
2017-09-20 14:05:27 -07:00