Commit Graph

277 Commits

Author SHA1 Message Date
Aaron Klotz
ea529fe28c Bug 1598703: Part 2 - Add IAT Patching capabilities to the Windows DLL Interceptor; r=mhowell
This is a pretty straightforward patch; we add `WindowsIATPatcher` to
implement the actual IAT patching, and use a partial specialization of
`FuncHook` to account for the underlying differences in implementation vs our
existing interceptor code.

Differential Revision: https://phabricator.services.mozilla.com/D57831

--HG--
extra : moz-landing-system : lando
2019-12-23 23:11:35 +00:00
Aaron Klotz
88b936e379 Bug 1598703: Part 1 - Rename PEHeaders::GetIATForModule to PEHeaders::GetImportDescriptor; r=mhowell
Strictly speaking, the import descriptor includes more than just the IAT,
so renaming this method to reflect that.

Differential Revision: https://phabricator.services.mozilla.com/D57830

--HG--
extra : moz-landing-system : lando
2019-12-23 23:11:07 +00:00
Gurzau Raul
e014bf8778 Backed out 2 changesets (bug 1598703) for bustage at WindowsDllBlocklist.obj on a CLOSED TREE.
Backed out changeset b9c2e8b94733 (bug 1598703)
Backed out changeset 6d7358a0e785 (bug 1598703)
2019-12-23 22:53:32 +02:00
Aaron Klotz
21fed2ab5e Bug 1603714: Follow-up: also add move constructor and move assignment operator to MemorySectionNameBuf; r=handyman
Differential Revision: https://phabricator.services.mozilla.com/D58142

--HG--
extra : moz-landing-system : lando
2019-12-23 20:27:38 +00:00
Aaron Klotz
1a8cc2849d Bug 1598703: Part 2 - Add IAT Patching capabilities to the Windows DLL Interceptor; r=mhowell
This is a pretty straightforward patch; we add `WindowsIATPatcher` to
implement the actual IAT patching, and use a partial specialization of
`FuncHook` to account for the underlying differences in implementation vs our
existing interceptor code.

Differential Revision: https://phabricator.services.mozilla.com/D57831

--HG--
extra : moz-landing-system : lando
2019-12-23 20:13:31 +00:00
Aaron Klotz
68eee2c6ab Bug 1598703: Part 1 - Rename PEHeaders::GetIATForModule to PEHeaders::GetImportDescriptor; r=mhowell
Strictly speaking, the import descriptor includes more than just the IAT,
so renaming this method to reflect that.

Differential Revision: https://phabricator.services.mozilla.com/D57830

--HG--
extra : moz-landing-system : lando
2019-12-23 20:11:26 +00:00
Chris Peterson
406763af7f Bug 1570499 - Part 1: Replace MOZ_FALLTHROUGH macro with C++17's [[fallthrough]] attribute. r=froydnj
This changeset is a simple find and replace of `MOZ_FALLTHROUGH` and `[[fallthrough]]`.

Unfortunately, the MOZ_FALLTHROUGH_ASSERT macro (to assert on case fallthrough in debug builds) is still necessary after switching from [[clang::fallthrough]] to [[fallthrough]] because:

* MOZ_ASSERT(false) followed by [[fallthrough]] triggers a -Wunreachable-code warning in DEBUG builds
* but MOZ_ASSERT(false) without [[fallthrough]] triggers a -Wimplicit-fallthrough warning in NDEBUG builds.

Differential Revision: https://phabricator.services.mozilla.com/D56440

--HG--
extra : moz-landing-system : lando
2019-12-20 07:16:43 +00:00
Aaron Klotz
72918a2e58 Bug 1603714: Add explicit copy constructor and copy assignment operators to nt::MemorySectionNameBuf; r=mhowell
Differential Revision: https://phabricator.services.mozilla.com/D57889

--HG--
extra : moz-landing-system : lando
2019-12-19 22:11:24 +00:00
David Parks
3100db960f Bug 1598650: Copy operand for mov byte ptr, imm8 in DLL interceptor r=aklotz
mov byte ptr support was added in bug 1382251 but did not properly count the instruction size.  It was missing the 1-byte operand, which causes the rest of the trampoline to be garbage.

Differential Revision: https://phabricator.services.mozilla.com/D55744

--HG--
extra : moz-landing-system : lando
2019-12-03 22:47:58 +00:00
David Parks
8310e7a2d9 Bug 1489391: Part 1 - Use 10-byte patch in DLL interceptor for CloseHandle on Win8/8.1 r=aklotz
CloseHandle has a jump followed by enough `nop`s to fit a 10-byte patch but not enough to fit the default 13-byte patch when running Windows 8 or 8.1.  This patch tells the interceptor to use a 10-byte patch on those OSs.

Differential Revision: https://phabricator.services.mozilla.com/D55535

--HG--
extra : moz-landing-system : lando
2019-12-05 00:41:23 +00:00
Mike Hommey
b1d0510804 Bug 1598196 - Support disabling the linker on Android in the code. r=froydnj
For now, there is no flag to actually allow it, but this is the
code-side changes to allow the linker being disabled.

Differential Revision: https://phabricator.services.mozilla.com/D54074

--HG--
extra : moz-landing-system : lando
2019-11-21 14:57:24 +00:00
Toshihito Kikuchi
764bd4d432 Bug 1596930 - Add new patterns to detour. r=handyman
This patch adds the following pattern to our x64 detour so that we can hook APIs
even though a target is already detoured by another application.

```
mov   rax, imm64
push  rax
ret
```

We already have `PatchIfTargetIsRecognizedTrampoline` to detour the pattern
`mov; jmp`.  There is another variation using `push rax;ret` to jump.

Differential Revision: https://phabricator.services.mozilla.com/D53877

--HG--
extra : moz-landing-system : lando
2019-11-22 00:36:46 +00:00
David Major
4afd3b6941 Bug 1577236 - clang-10: Fix -Wimplicit-int-float-conversion warnings in TimeStamp r=froydnj
Differential Revision: https://phabricator.services.mozilla.com/D54031

--HG--
extra : moz-landing-system : lando
2019-11-20 21:06:33 +00:00
Toshihito Kikuchi
bd457a84a8 Bug 1587642 - Make the blocklist work when the process heap is not initialized. r=aklotz
`patched_NtMapViewOfSection` uses the process default heap to copy a string.
However, `patched_NtMapViewOfSection` can be invoked even before the process
heap is initialized. One example we found is Windows Defender's EAF, with
which "verifier.dll" is loaded before the process heap is initialized.

This patch adds a check whether the heap is initialized or not in
`patched_NtMapViewOfSection` and `NativeNtBlockSet::Add`. This also minimizes
the usage of the heap, i.e. not copying a string when we block a dll.

Differential Revision: https://phabricator.services.mozilla.com/D51028

--HG--
extra : moz-landing-system : lando
2019-11-15 22:53:49 +00:00
Toshihito Kikuchi
c277593b98 Bug 1587539 - Skip bounds check when getting IAT if Import Directory is tampered. r=aklotz
Some applications tamper Import Directory entry of a loaded executable image
to pretend static dependency on their module.  We have `RestoreImportDirectory`
to revert it in the browser process.  If tampering happened in the launcher
process, however, we failed to get an IAT thunk address via `GetIATThunksForModule`
because it could be located outside the mapped image.

With this patch, we skip bounds check in `GetIATThunksForModule` if we detect
tampering in the launcher process.  We can proceed safely because it's expected
that Import Directory is still valid though it's located outside.

Differential Revision: https://phabricator.services.mozilla.com/D49690

--HG--
extra : moz-landing-system : lando
2019-11-06 21:54:55 +00:00
Sylvestre Ledru
f12b9fa5c3 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D47737

--HG--
extra : moz-landing-system : lando
2019-10-06 18:29:55 +00:00
kriswright
ddd0133b2a Bug 1572238 - Dump assertion stacks using __android_log_print. r=Ehsan
Defines an android-only version of nsTraceRefcnt::WalkTheStack that takes a function callback, which outputs the stack frame buffer to `__android_log_print`. Also uses `__wrap_dladdr` in MozDescribeCodeAddress, which outputs slightly more informative data for the stack trace (instead of instances of '???/??? [???]').

Differential Revision: https://phabricator.services.mozilla.com/D46868

--HG--
extra : moz-landing-system : lando
2019-09-24 20:50:41 +00:00
Bogdan Tara
e4913f5aeb Backed out changeset 88334e3a605e (bug 1572238) for causing windows 2012 bustages CLOSED TREE 2019-09-24 21:57:56 +03:00
kriswright
9ac396cf78 Bug 1572238 - Dump assertion stacks using __android_log_print. r=Ehsan
Defines an android-only version of nsTraceRefcnt::WalkTheStack that takes a function callback, which outputs the stack frame buffer to `__android_log_print`. Also uses `__wrap_dladdr` in MozDescribeCodeAddress, which outputs slightly more informative data for the stack trace (instead of instances of '???/??? [???]').

Differential Revision: https://phabricator.services.mozilla.com/D46868

--HG--
extra : moz-landing-system : lando
2019-09-24 12:14:24 +00:00
Aaron Klotz
fccd6eb9ba Bug 1542830: Part 4 - Modify mozglue to use new untrusted modules interfaces; r=mhowell
* At this point our DLL blocking infra is complicated enough that I decided to
  bite the bullet and move all of this code out of `mozglue/build` and into its
  own subdirectory, `mozglue/dllservices`.
* We delete the original `UntrustedDllsHandler` code which is now obsolete.
* We implement mozglue's `LoaderObserver`:
** When this observer registers itself with the launcher process API, it
   receives a vector containing all saved records of loaded DLLs that happened
   until that moment.
** This code handles profiler labels and stackwalking suppression.
** Once a load has completed, we either pass the load on to XUL for further
   processing, or save it for later if XUL is not initialized yet.
* mozglue has its own `ModuleLoadFrame` implementation for the legacy blocklist.
* `DllServicesBase` is updated to support the new interfaces.
* We implement `FallbackLoaderAPI` for `plugin-container`, `xpcshell`, and
  any other non-`firefox` processes that do not have a launcher process
  providing a loader API.
* We add some wide to UTF8 conversion functions.

Depends on D43157

Differential Revision: https://phabricator.services.mozilla.com/D43158

--HG--
rename : mozglue/build/Authenticode.cpp => mozglue/dllservices/Authenticode.cpp
rename : mozglue/build/Authenticode.h => mozglue/dllservices/Authenticode.h
rename : browser/app/winlauncher/freestanding/LoaderAPIInterfaces.h => mozglue/dllservices/LoaderAPIInterfaces.h
rename : browser/app/winlauncher/freestanding/ModuleLoadInfo.h => mozglue/dllservices/ModuleLoadInfo.h
rename : browser/app/winlauncher/NtLoaderAPI.h => mozglue/dllservices/NtLoaderAPI.h
rename : mozglue/build/WindowsDllBlocklist.cpp => mozglue/dllservices/WindowsDllBlocklist.cpp
rename : mozglue/build/WindowsDllBlocklist.h => mozglue/dllservices/WindowsDllBlocklist.h
rename : mozglue/build/WindowsDllBlocklistCommon.h => mozglue/dllservices/WindowsDllBlocklistCommon.h
rename : mozglue/build/WindowsDllBlocklistDefs.in => mozglue/dllservices/WindowsDllBlocklistDefs.in
rename : mozglue/build/WindowsDllServices.h => mozglue/dllservices/WindowsDllServices.h
rename : mozglue/build/gen_dll_blocklist_defs.py => mozglue/dllservices/gen_dll_blocklist_defs.py
rename : mozglue/build/moz.build => mozglue/dllservices/moz.build
rename : mozglue/build/MozglueUtils.h => mozglue/misc/WinUtils.h
extra : moz-landing-system : lando
2019-09-23 20:18:41 +00:00
Aaron Klotz
c27d5345fc Bug 1542830: Part 1 - Updates to NativeNt.h; r=mhowell
This patch adds the following:

* The `AllocatedUnicodeString` class which encapsulates a `UNICODE_STRING` and
  owns its buffer. The buffers are null-terminated so that they may be used as
  C-style strings without modification.
** We do not allow either creation or copying within XUL
* `RtlGetCurrentThreadId` and a test to validate it, so that we may obtain the
  current thread ID directly from the `TEB` when we do not yet have access to
  kernel32.
* An implementation of `SRWLock` that uses Rtl instead of Win32 so that we may
  use them before we have access to Win32 DLLs.
* A memory allocation policy that uses Rtl heap functions so that we may use
  MFBT `Vector` in code that might not yet have access to Win32 heap functions.

Differential Revision: https://phabricator.services.mozilla.com/D43155

--HG--
extra : moz-landing-system : lando
2019-09-23 20:16:51 +00:00
Brindusan Cristian
125c934a04 Backed out 8 changesets (bug 1542830) for causing Nightly bustages. a=backout
Backed out changeset 6fcb417f7ff4 (bug 1542830)
Backed out changeset 1aa253e6604a (bug 1542830)
Backed out changeset 73ec288886cd (bug 1542830)
Backed out changeset 84b903e60dc9 (bug 1542830)
Backed out changeset 8e2da9ff5f5a (bug 1542830)
Backed out changeset c4e547a6a039 (bug 1542830)
Backed out changeset 919f1af7c135 (bug 1542830)
Backed out changeset da7e775c4051 (bug 1542830)

--HG--
rename : browser/app/winlauncher/freestanding/DllBlocklist.cpp => browser/app/winlauncher/DllBlocklistWin.cpp
rename : browser/app/winlauncher/freestanding/DllBlocklist.h => browser/app/winlauncher/DllBlocklistWin.h
rename : mozglue/dllservices/Authenticode.cpp => mozglue/build/Authenticode.cpp
rename : mozglue/dllservices/Authenticode.h => mozglue/build/Authenticode.h
rename : mozglue/misc/WinUtils.h => mozglue/build/MozglueUtils.h
rename : mozglue/dllservices/WindowsDllBlocklist.cpp => mozglue/build/WindowsDllBlocklist.cpp
rename : mozglue/dllservices/WindowsDllBlocklist.h => mozglue/build/WindowsDllBlocklist.h
rename : mozglue/dllservices/WindowsDllBlocklistCommon.h => mozglue/build/WindowsDllBlocklistCommon.h
rename : mozglue/dllservices/WindowsDllBlocklistDefs.in => mozglue/build/WindowsDllBlocklistDefs.in
rename : mozglue/dllservices/WindowsDllServices.h => mozglue/build/WindowsDllServices.h
rename : mozglue/dllservices/gen_dll_blocklist_defs.py => mozglue/build/gen_dll_blocklist_defs.py
rename : toolkit/components/telemetry/docs/data/third-party-modules-ping.rst => toolkit/components/telemetry/docs/data/untrusted-modules-ping.rst
rename : toolkit/components/telemetry/tests/unit/test_ThirdPartyModulesPing.js => toolkit/components/telemetry/tests/unit/test_UntrustedModulesPing.js
rename : toolkit/xre/UntrustedModulesProcessor.cpp => toolkit/xre/ModuleEvaluator_windows.cpp
rename : toolkit/xre/UntrustedModulesProcessor.h => toolkit/xre/ModuleEvaluator_windows.h
rename : toolkit/xre/ModuleVersionInfo.cpp => toolkit/xre/ModuleVersionInfo_windows.cpp
rename : toolkit/xre/ModuleVersionInfo.h => toolkit/xre/ModuleVersionInfo_windows.h
2019-09-22 00:01:01 +03:00
Aaron Klotz
8d1be668f6 Bug 1542830: Part 4 - Modify mozglue to use new untrusted modules interfaces; r=mhowell
* At this point our DLL blocking infra is complicated enough that I decided to
  bite the bullet and move all of this code out of `mozglue/build` and into its
  own subdirectory, `mozglue/dllservices`.
* We delete the original `UntrustedDllsHandler` code which is now obsolete.
* We implement mozglue's `LoaderObserver`:
** When this observer registers itself with the launcher process API, it
   receives a vector containing all saved records of loaded DLLs that happened
   until that moment.
** This code handles profiler labels and stackwalking suppression.
** Once a load has completed, we either pass the load on to XUL for further
   processing, or save it for later if XUL is not initialized yet.
* mozglue has its own `ModuleLoadFrame` implementation for the legacy blocklist.
* `DllServicesBase` is updated to support the new interfaces.
* We implement `FallbackLoaderAPI` for `plugin-container`, `xpcshell`, and
  any other non-`firefox` processes that do not have a launcher process
  providing a loader API.
* We add some wide to UTF8 conversion functions.

Differential Revision: https://phabricator.services.mozilla.com/D43158

--HG--
rename : mozglue/build/Authenticode.cpp => mozglue/dllservices/Authenticode.cpp
rename : mozglue/build/Authenticode.h => mozglue/dllservices/Authenticode.h
rename : mozglue/build/WindowsDllBlocklist.cpp => mozglue/dllservices/WindowsDllBlocklist.cpp
rename : mozglue/build/WindowsDllBlocklist.h => mozglue/dllservices/WindowsDllBlocklist.h
rename : mozglue/build/WindowsDllBlocklistCommon.h => mozglue/dllservices/WindowsDllBlocklistCommon.h
rename : mozglue/build/WindowsDllBlocklistDefs.in => mozglue/dllservices/WindowsDllBlocklistDefs.in
rename : mozglue/build/WindowsDllServices.h => mozglue/dllservices/WindowsDllServices.h
rename : mozglue/build/gen_dll_blocklist_defs.py => mozglue/dllservices/gen_dll_blocklist_defs.py
rename : mozglue/build/moz.build => mozglue/dllservices/moz.build
rename : mozglue/build/MozglueUtils.h => mozglue/misc/WinUtils.h
extra : moz-landing-system : lando
2019-09-20 19:43:33 +00:00
Aaron Klotz
f5081e7b43 Bug 1542830: Part 1 - Updates to NativeNt.h; r=mhowell
This patch adds the following:

* The `AllocatedUnicodeString` class which encapsulates a `UNICODE_STRING` and
  owns its buffer. The buffers are null-terminated so that they may be used as
  C-style strings without modification.
** We do not allow either creation or copying within XUL
* `RtlGetCurrentThreadId` and a test to validate it, so that we may obtain the
  current thread ID directly from the `TEB` when we do not yet have access to
  kernel32.
* An implementation of `SRWLock` that uses Rtl instead of Win32 so that we may
  use them before we have access to Win32 DLLs.
* A memory allocation policy that uses Rtl heap functions so that we may use
  MFBT `Vector` in code that might not yet have access to Win32 heap functions.

Differential Revision: https://phabricator.services.mozilla.com/D43155

--HG--
extra : moz-landing-system : lando
2019-09-20 19:42:40 +00:00
Ciure Andrei
7db4ad5d80 Backed out 8 changesets (bug 1542830) for causing spidermonkey bustages CLOSED TREE
Backed out changeset b9f7fc8d0172 (bug 1542830)
Backed out changeset b85f58fd5bbd (bug 1542830)
Backed out changeset 0a9169ab2623 (bug 1542830)
Backed out changeset 39a7c05d54ef (bug 1542830)
Backed out changeset 7a3cbd2f59f0 (bug 1542830)
Backed out changeset 268530552281 (bug 1542830)
Backed out changeset df658ffb8599 (bug 1542830)
Backed out changeset e7bef6486a38 (bug 1542830)

--HG--
rename : browser/app/winlauncher/freestanding/DllBlocklist.cpp => browser/app/winlauncher/DllBlocklistWin.cpp
rename : browser/app/winlauncher/freestanding/DllBlocklist.h => browser/app/winlauncher/DllBlocklistWin.h
rename : mozglue/dllservices/Authenticode.cpp => mozglue/build/Authenticode.cpp
rename : mozglue/dllservices/Authenticode.h => mozglue/build/Authenticode.h
rename : mozglue/misc/WinUtils.h => mozglue/build/MozglueUtils.h
rename : mozglue/dllservices/WindowsDllBlocklist.cpp => mozglue/build/WindowsDllBlocklist.cpp
rename : mozglue/dllservices/WindowsDllBlocklist.h => mozglue/build/WindowsDllBlocklist.h
rename : mozglue/dllservices/WindowsDllBlocklistCommon.h => mozglue/build/WindowsDllBlocklistCommon.h
rename : mozglue/dllservices/WindowsDllBlocklistDefs.in => mozglue/build/WindowsDllBlocklistDefs.in
rename : mozglue/dllservices/WindowsDllServices.h => mozglue/build/WindowsDllServices.h
rename : mozglue/dllservices/gen_dll_blocklist_defs.py => mozglue/build/gen_dll_blocklist_defs.py
rename : toolkit/components/telemetry/docs/data/third-party-modules-ping.rst => toolkit/components/telemetry/docs/data/untrusted-modules-ping.rst
rename : toolkit/components/telemetry/tests/unit/test_ThirdPartyModulesPing.js => toolkit/components/telemetry/tests/unit/test_UntrustedModulesPing.js
rename : toolkit/xre/UntrustedModulesProcessor.cpp => toolkit/xre/ModuleEvaluator_windows.cpp
rename : toolkit/xre/UntrustedModulesProcessor.h => toolkit/xre/ModuleEvaluator_windows.h
rename : toolkit/xre/ModuleVersionInfo.cpp => toolkit/xre/ModuleVersionInfo_windows.cpp
rename : toolkit/xre/ModuleVersionInfo.h => toolkit/xre/ModuleVersionInfo_windows.h
2019-09-20 21:21:39 +03:00
Aaron Klotz
12843d81e9 Bug 1542830: Part 4 - Modify mozglue to use new untrusted modules interfaces; r=mhowell
* At this point our DLL blocking infra is complicated enough that I decided to
  bite the bullet and move all of this code out of `mozglue/build` and into its
  own subdirectory, `mozglue/dllservices`.
* We delete the original `UntrustedDllsHandler` code which is now obsolete.
* We implement mozglue's `LoaderObserver`:
** When this observer registers itself with the launcher process API, it
   receives a vector containing all saved records of loaded DLLs that happened
   until that moment.
** This code handles profiler labels and stackwalking suppression.
** Once a load has completed, we either pass the load on to XUL for further
   processing, or save it for later if XUL is not initialized yet.
* mozglue has its own `ModuleLoadFrame` implementation for the legacy blocklist.
* `DllServicesBase` is updated to support the new interfaces.
* We implement `FallbackLoaderAPI` for `plugin-container`, `xpcshell`, and
  any other non-`firefox` processes that do not have a launcher process
  providing a loader API.
* We add some wide to UTF8 conversion functions.

Differential Revision: https://phabricator.services.mozilla.com/D43158

--HG--
rename : mozglue/build/Authenticode.cpp => mozglue/dllservices/Authenticode.cpp
rename : mozglue/build/Authenticode.h => mozglue/dllservices/Authenticode.h
rename : mozglue/build/WindowsDllBlocklist.cpp => mozglue/dllservices/WindowsDllBlocklist.cpp
rename : mozglue/build/WindowsDllBlocklist.h => mozglue/dllservices/WindowsDllBlocklist.h
rename : mozglue/build/WindowsDllBlocklistCommon.h => mozglue/dllservices/WindowsDllBlocklistCommon.h
rename : mozglue/build/WindowsDllBlocklistDefs.in => mozglue/dllservices/WindowsDllBlocklistDefs.in
rename : mozglue/build/WindowsDllServices.h => mozglue/dllservices/WindowsDllServices.h
rename : mozglue/build/gen_dll_blocklist_defs.py => mozglue/dllservices/gen_dll_blocklist_defs.py
rename : mozglue/build/moz.build => mozglue/dllservices/moz.build
rename : mozglue/build/MozglueUtils.h => mozglue/misc/WinUtils.h
extra : moz-landing-system : lando
2019-09-20 17:00:14 +00:00
Aaron Klotz
57df2b6a01 Bug 1542830: Part 1 - Updates to NativeNt.h; r=mhowell
This patch adds the following:

* The `AllocatedUnicodeString` class which encapsulates a `UNICODE_STRING` and
  owns its buffer. The buffers are null-terminated so that they may be used as
  C-style strings without modification.
** We do not allow either creation or copying within XUL
* `RtlGetCurrentThreadId` and a test to validate it, so that we may obtain the
  current thread ID directly from the `TEB` when we do not yet have access to
  kernel32.
* An implementation of `SRWLock` that uses Rtl instead of Win32 so that we may
  use them before we have access to Win32 DLLs.
* A memory allocation policy that uses Rtl heap functions so that we may use
  MFBT `Vector` in code that might not yet have access to Win32 heap functions.

Differential Revision: https://phabricator.services.mozilla.com/D43155

--HG--
extra : moz-landing-system : lando
2019-09-20 16:59:28 +00:00
Aaron Klotz
38e11b4896 Bug 1582776: Change cross-process stub to not store remote stub pointer in local mOrigFunc; r=handyman
This is showing up with hooks that are set both by the launcher process and by
the browser process when starting early DLL blocklist init on content processes:

* The browser's copy of mOrigFunc was set by the launcher process.
* The browser is setting a hook in the new child process, which writes to the
  child's mOrigFunc.
* But FuncHookCrossProcess also writes that pointer to the browser's mOrigFunc,
  thus corrupting the browser process's copy of the pointer.

For in-process hooks, we want to immediately write the stub pointer to its final
location; this is not an issue for cross-process hooks since the child process
is suspended when we do this and the parent process can't call the stub; there
is no possibility of a race.

Differential Revision: https://phabricator.services.mozilla.com/D46615

--HG--
extra : moz-landing-system : lando
2019-09-20 16:55:27 +00:00
Andreea Pavel
31d9596a28 Backed out 8 changesets (bug 1542830) for gecko decision failure on a CLOSED TREE
DONTBUILD

Backed out changeset 4f72161be496 (bug 1542830)
Backed out changeset 7ee12138946d (bug 1542830)
Backed out changeset 9e90ee4981c6 (bug 1542830)
Backed out changeset 363039c98534 (bug 1542830)
Backed out changeset 70ffff30551a (bug 1542830)
Backed out changeset c25b7bf354d9 (bug 1542830)
Backed out changeset d156dc595b69 (bug 1542830)
Backed out changeset 9f5dbd1b2959 (bug 1542830)

--HG--
rename : browser/app/winlauncher/freestanding/DllBlocklist.cpp => browser/app/winlauncher/DllBlocklistWin.cpp
rename : browser/app/winlauncher/freestanding/DllBlocklist.h => browser/app/winlauncher/DllBlocklistWin.h
rename : mozglue/dllservices/Authenticode.cpp => mozglue/build/Authenticode.cpp
rename : mozglue/dllservices/Authenticode.h => mozglue/build/Authenticode.h
rename : mozglue/misc/WinUtils.h => mozglue/build/MozglueUtils.h
rename : mozglue/dllservices/WindowsDllBlocklist.cpp => mozglue/build/WindowsDllBlocklist.cpp
rename : mozglue/dllservices/WindowsDllBlocklist.h => mozglue/build/WindowsDllBlocklist.h
rename : mozglue/dllservices/WindowsDllBlocklistCommon.h => mozglue/build/WindowsDllBlocklistCommon.h
rename : mozglue/dllservices/WindowsDllBlocklistDefs.in => mozglue/build/WindowsDllBlocklistDefs.in
rename : mozglue/dllservices/WindowsDllServices.h => mozglue/build/WindowsDllServices.h
rename : mozglue/dllservices/gen_dll_blocklist_defs.py => mozglue/build/gen_dll_blocklist_defs.py
rename : toolkit/components/telemetry/docs/data/third-party-modules-ping.rst => toolkit/components/telemetry/docs/data/untrusted-modules-ping.rst
rename : toolkit/components/telemetry/tests/unit/test_ThirdPartyModulesPing.js => toolkit/components/telemetry/tests/unit/test_UntrustedModulesPing.js
rename : toolkit/xre/UntrustedModulesProcessor.cpp => toolkit/xre/ModuleEvaluator_windows.cpp
rename : toolkit/xre/UntrustedModulesProcessor.h => toolkit/xre/ModuleEvaluator_windows.h
rename : toolkit/xre/ModuleVersionInfo.cpp => toolkit/xre/ModuleVersionInfo_windows.cpp
rename : toolkit/xre/ModuleVersionInfo.h => toolkit/xre/ModuleVersionInfo_windows.h
2019-09-20 19:49:27 +03:00
Aaron Klotz
6c7b43b9c8 Bug 1542830: Part 4 - Modify mozglue to use new untrusted modules interfaces; r=mhowell
* At this point our DLL blocking infra is complicated enough that I decided to
  bite the bullet and move all of this code out of `mozglue/build` and into its
  own subdirectory, `mozglue/dllservices`.
* We delete the original `UntrustedDllsHandler` code which is now obsolete.
* We implement mozglue's `LoaderObserver`:
** When this observer registers itself with the launcher process API, it
   receives a vector containing all saved records of loaded DLLs that happened
   until that moment.
** This code handles profiler labels and stackwalking suppression.
** Once a load has completed, we either pass the load on to XUL for further
   processing, or save it for later if XUL is not initialized yet.
* mozglue has its own `ModuleLoadFrame` implementation for the legacy blocklist.
* `DllServicesBase` is updated to support the new interfaces.
* We implement `FallbackLoaderAPI` for `plugin-container`, `xpcshell`, and
  any other non-`firefox` processes that do not have a launcher process
  providing a loader API.
* We add some wide to UTF8 conversion functions.

Differential Revision: https://phabricator.services.mozilla.com/D43158

--HG--
rename : mozglue/build/Authenticode.cpp => mozglue/dllservices/Authenticode.cpp
rename : mozglue/build/Authenticode.h => mozglue/dllservices/Authenticode.h
rename : mozglue/build/WindowsDllBlocklist.cpp => mozglue/dllservices/WindowsDllBlocklist.cpp
rename : mozglue/build/WindowsDllBlocklist.h => mozglue/dllservices/WindowsDllBlocklist.h
rename : mozglue/build/WindowsDllBlocklistCommon.h => mozglue/dllservices/WindowsDllBlocklistCommon.h
rename : mozglue/build/WindowsDllBlocklistDefs.in => mozglue/dllservices/WindowsDllBlocklistDefs.in
rename : mozglue/build/WindowsDllServices.h => mozglue/dllservices/WindowsDllServices.h
rename : mozglue/build/gen_dll_blocklist_defs.py => mozglue/dllservices/gen_dll_blocklist_defs.py
rename : mozglue/build/moz.build => mozglue/dllservices/moz.build
rename : mozglue/build/MozglueUtils.h => mozglue/misc/WinUtils.h
extra : moz-landing-system : lando
2019-09-20 00:09:41 +00:00
Aaron Klotz
f3b16f06a4 Bug 1542830: Part 1 - Updates to NativeNt.h; r=mhowell
This patch adds the following:

* The `AllocatedUnicodeString` class which encapsulates a `UNICODE_STRING` and
  owns its buffer. The buffers are null-terminated so that they may be used as
  C-style strings without modification.
** We do not allow either creation or copying within XUL
* `RtlGetCurrentThreadId` and a test to validate it, so that we may obtain the
  current thread ID directly from the `TEB` when we do not yet have access to
  kernel32.
* An implementation of `SRWLock` that uses Rtl instead of Win32 so that we may
  use them before we have access to Win32 DLLs.
* A memory allocation policy that uses Rtl heap functions so that we may use
  MFBT `Vector` in code that might not yet have access to Win32 heap functions.

Differential Revision: https://phabricator.services.mozilla.com/D43155

--HG--
extra : moz-landing-system : lando
2019-09-20 00:09:33 +00:00
Aaron Klotz
deaaaa9bbb Bug 1580293: Ensure that parameter packs in mozglue/misc are expanded as rvalue references; r=mhowell
Differential Revision: https://phabricator.services.mozilla.com/D45429

--HG--
extra : moz-landing-system : lando
2019-09-10 19:55:44 +00:00
Toshihito Kikuchi
18aab300b5 Bug 1576697 - Use LauncherResult in WinHeaderOnlyUtils.h instead of WindowsErrorResult. r=aklotz
`WindowsErrorResult` is a class to hold either a value or a Windows error
code based on the `Result` template.  We also have `LauncherResult` for the
same purpose, which was introduced as a part of the launcher process feature
afterward.  The difference is `LauncherResult` holds a filename and line
number along with an error code.

This patch integrates LauncherResult.h into WinHeaderOnlyUtils.h so that we
can use `LauncherResult` more broadly.

Differential Revision: https://phabricator.services.mozilla.com/D44512

--HG--
extra : moz-landing-system : lando
2019-09-07 18:17:45 +00:00
Sylvestre Ledru
36129ce948 Bug 1577236 - clang-10: Fix -Wimplicit-int-float-conversion warnings in various dirs r=glandium
Depends on D43784

Differential Revision: https://phabricator.services.mozilla.com/D43785

--HG--
extra : moz-landing-system : lando
2019-08-30 09:11:19 +00:00
Cameron McCormack
a1e18da1b1 Bug 1573090 - Part 2: Look up ELF symbol tables directly when pre-symbolicating Gecko profiles on Linux. r=gerald
Whereas previously MozDescribeCodeAddress would have handled demangling,
we need to explicitly do that from our new GetFunction method.  The string we
generate is now more useful for the profiler to merge -- having dropped the
address in the previous patch, and the file & line number and library in this
patch.

While we're at it, try to demangle Rust symbols too.

Ideally we'd add Rust symbol handling to DemangleSymbol in
StackWalk.cpp, but that lives in mozglue, which currently cannot have
any Rust crate dependencies.

Differential Revision: https://phabricator.services.mozilla.com/D43142

--HG--
extra : moz-landing-system : lando
2019-08-23 05:45:16 +00:00
Aaron Klotz
a69086ea54 Bug 1573273: Add ProfilerLabelBegin and ProfilerLabelEnd to mozglue; r=gerald
While mozglue continues to be the correct location for calling the affected
code in this patch, the calls requiring profiler labels will soon be
originating from firefox.exe via the launcher process.

mozglue will be supplying the launcher process with an interface that consists
of what are effectively "OnBeginDllLoad" and "OnEndDllLoad" callback
notifications; obviously an RAII class is not going to be useful for that case.

We still want to keep the RAII stuff around, however, since we still need it
for cases where we need to fall back to using the legacy DLL blocklist.

Differential Revision: https://phabricator.services.mozilla.com/D41807

--HG--
extra : moz-landing-system : lando
2019-08-14 03:46:41 +00:00
Aaron Klotz
6e2191877a Bug 1573274: Add mozglue-only SuppressStackWalking and DesuppressStackWalking functions to StackWalk on Windows; r=glandium
While mozglue continues to be the correct location for calling the affected
code in this patch, the calls requiring stackwalk suppression will soon be
originating from firefox.exe via the launcher process.

mozglue will be supplying the launcher process with an interface that consists
of what are effectively "OnBeginDllLoad" and "OnEndDllLoad" callback
notifications; obviously an RAII class is not going to be useful for that case.

We still want to keep the RAII stuff around, however, since we still need it
for cases where we need to fall back to using the legacy DLL blocklist.

Differential Revision: https://phabricator.services.mozilla.com/D41808

--HG--
extra : moz-landing-system : lando
2019-08-14 03:34:52 +00:00
Emilio Cobos Álvarez
c3ee3ac3a8 Bug 1418624 - Allow mozilla::Result to be moved, make unwrap{,Err}() move, and add inspect() APIs that return references. r=froydnj
Also adjust some of the callers that were either calling unwrap() repeatedly on
the same result, or were doing silly copies, to use inspect().

We could try to use stuff like:

https://clang.llvm.org/docs/AttributeReference.html#consumed-annotation-checking

Differential Revision: https://phabricator.services.mozilla.com/D41425

--HG--
extra : moz-landing-system : lando
2019-08-13 08:26:18 +00:00
Aaron Klotz
fb977a3526 Bug 1571875: Part 2 - Change over all existing static local uses of DynamicallyLinkedFunctionPtr to use StaticDynamicallyLinkedFunctionPtr instead; r=mhowell
Depends on D40885

Differential Revision: https://phabricator.services.mozilla.com/D40886

--HG--
extra : moz-landing-system : lando
2019-08-07 15:58:09 +00:00
Aaron Klotz
d46e27a5ed Bug 1571875: Part 1 - Refactor DynamicallyLinkedFunctionPtr into static local and normal variants; r=mhowell
This patch does two things:

1. We refactor the resolution of function pointer and return type so that we
may support additional calling conventions besides just __stdcall;

2. We refactor DynamicallyLinkedFunctionPtr into a base class, and create
StaticDynamicallyLinkedFunctionPtr to specifically handle the static local
use case.

Differential Revision: https://phabricator.services.mozilla.com/D40885

--HG--
extra : moz-landing-system : lando
2019-08-07 15:57:23 +00:00
Toshihito Kikuchi
82aae30d17 Bug 1568610 - Delete the definition of IATThunks structure. r=aklotz
Differential Revision: https://phabricator.services.mozilla.com/D40703

--HG--
extra : moz-landing-system : lando
2019-08-06 22:58:20 +00:00
Sylvestre Ledru
fc2eb5393c Bug 1562642 - Part 2 - Add missing MPL2 headers r=Gijs
Differential Revision: https://phabricator.services.mozilla.com/D37146

--HG--
extra : moz-landing-system : lando
2019-07-08 09:27:47 +00:00
Sylvestre Ledru
131d0c6a02 Bug 1519636 - Reformat recent changes to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D35622

--HG--
extra : moz-landing-system : lando
2019-07-06 08:18:28 +00:00
Gerald Squelart
5fcb437d2b Bug 1559000 - Make AutoProfilerLabel thread-safe - r=mstange
Profilers will soon be able to set/reset entry&exit functions at different
times, but simultaneously other code may want to use AutoProfilerLabel, so we
need to make this all thread-safe.

All shared static information is now encapsulated in an RAII class that enforces
proper locking before giving access to this information.

Also added a "generation" count, so that if an AutoProfilerLabel is in-flight
when entry&exit functions are changed, the context given by the old entry
function will not be passed to a mismatched new exit function.

Differential Revision: https://phabricator.services.mozilla.com/D34807

--HG--
extra : moz-landing-system : lando
2019-07-04 04:43:41 +00:00
Gerald Squelart
4d91208989 Bug 1559000 - mozglue's AutoProfilerLabel doesn't need to know about ProfilingStack - r=mstange
`ProfilingStack*` happens to be the information that the current Gecko Profiler
entry function wants to forward to the exit function, but AutoProfilerLabel does
not really need to know about that.
Changing it to `void*`, so that we can later use different entry/exit functions
that use different context types.

Differential Revision: https://phabricator.services.mozilla.com/D34806

--HG--
extra : moz-landing-system : lando
2019-07-04 04:38:16 +00:00
Aaron Klotz
e311b07d92 Bug 1532470: Part 4 - Add 4-byte patching to ARM64 interceptor; r=handyman
This patch modifies arm64 so that detours are peformed via two passes:
1. The first pass uses a null trampoline to count how many bytes are available
   for patching the original function.
2. If we have >= 16 bytes to patch, we reuse existing trampoline space. If we
   have less than 16 bytes to patch, we reserve trampoline space within 128MB
   of the function, allowing for a 4 byte patch.
3. Then we recurse, this time using a real trampoline.

Note that we still do a single-pass on x86(-64).

Differential Revision: https://phabricator.services.mozilla.com/D32193

--HG--
extra : moz-landing-system : lando
2019-06-12 01:11:36 +00:00
Aaron Klotz
4460a190f9 Bug 1532470: Part 3 - Modify trampolines to support trampoline pools and null trampolines; r=handyman
A null trampoline is just a trampoline that is not backed by a VM reservation.
These are used for tracking the number of bytes that are needed to make a patch.

This patch also contains the changes needed to work with TrampolinePool.

Differential Revision: https://phabricator.services.mozilla.com/D32192

--HG--
extra : moz-landing-system : lando
2019-06-12 01:11:36 +00:00
Aaron Klotz
74b57fa236 Bug 1532470: Part 2 - Modify VM sharing policies to use trampoline pools and support the ability to specify a desired memory range when reserving address space; r=handyman
VMSharingPolicyShared needs to become much smarter. This patch modifies that
policy to track different VM reservations and reuse them whenever possible.

We add TrampolinePools to abstract away the differences between VM policies
with respect to the caller who is making the reservation.

Differential Revision: https://phabricator.services.mozilla.com/D32191

--HG--
extra : moz-landing-system : lando
2019-06-12 01:11:36 +00:00
Aaron Klotz
2c8e5e76b3 Bug 1532470: Part 1 - Add ability to specify desired memory range when reserving memory; r=handyman
In order to support 4-byte patches on ARM64, we need to be able to reserve
trampoline space within +/- 128 MB of the beginning of a function.

These changes allow us to make such reservations using OS APIs when
available.

Differential Revision: https://phabricator.services.mozilla.com/D32190

--HG--
extra : moz-landing-system : lando
2019-06-12 17:27:16 +00:00
Bogdan Tara
b072357603 Backed out 2 changesets (bug 1532470) on aklotz's request
Backed out changeset 3693ec4875d8 (bug 1532470)
Backed out changeset 54a7bf8f3092 (bug 1532470)
2019-06-12 04:08:39 +03:00