Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-10 03:45:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
dc8ac83ba6
gecko-dev/xpcom/base/nsMacUtilsImpl.h
Haik Aftandilian d302444d67 Bug 1498742 - Part 2 - Start the GMP sandbox earlier during process startup r=jya,cpearce 
Change the Mac GMP process launch to include sandboxing params on the command line to allow the sandbox to be started earlier during GMP process launch. Content, extension, and RDD processes have already been changed to start the sandbox earlier.

Update GMPProcessParent to override GeckoChildProcessHost methods used to construct sandboxing parameters. Pass the plugin path as a sandbox parameter so that the sandbox rules can whitelist the plugin directory which is now read after the sandbox is enabled in the plugin process. On development builds, pass "testingReadPath" params so directories needed during automated tests can be whitelisted.

Update Mac sandboxing code to detect GMP sandbox params on the command line and enable the sandbox with additional arguments needed for early sandbox start.

Allow reverting to the old implementation by setting security.sandbox.gmp.mac.earlyinit to false.

Differential Revision: https://phabricator.services.mozilla.com/D34085

--HG--
extra : moz-landing-system : lando
2019-06-14 22:55:27 +00:00

85 lines
2.7 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nsMacUtilsImpl_h___
#define nsMacUtilsImpl_h___
#include "nsIMacUtils.h"
#include "nsString.h"
#include "mozilla/Atomics.h"
#include "mozilla/Attributes.h"
#include "mozilla/StaticMutex.h"
#include "mozilla/StaticPtr.h"
using mozilla::Atomic;
using mozilla::StaticAutoPtr;
using mozilla::StaticMutex;
class nsMacUtilsImpl final : public nsIMacUtils {
public:
NS_DECL_ISUPPORTS
NS_DECL_NSIMACUTILS
nsMacUtilsImpl() {}
// Return the repo directory and the repo object directory respectively.
// These should only be used on Mac developer builds to determine the path
// to the repo or object directory.
static nsresult GetRepoDir(nsIFile** aRepoDir);
static nsresult GetObjDir(nsIFile** aObjDir);
#if defined(MOZ_SANDBOX)
static bool GetAppPath(nsCString& aAppPath);
# ifdef DEBUG
static nsresult GetBloatLogDir(nsCString& aDirectoryPath);
static nsresult GetDirectoryPath(const char* aPath,
nsCString& aDirectoryPath);
# endif /* DEBUG */
#endif /* MOZ_SANDBOX */
static void EnableTCSMIfAvailable();
static bool IsTCSMAvailable();
static uint32_t GetPhysicalCPUCount();
private:
~nsMacUtilsImpl() {}
nsresult GetArchString(nsAString& aArchString);
// A string containing a "-" delimited list of architectures
// in our binary.
nsString mBinaryArchs;
#if defined(MOZ_SANDBOX)
// Cache the appDir returned from GetAppPath to avoid doing I/O
static StaticAutoPtr<nsCString> sCachedAppPath;
// For thread safe setting/checking of sCachedAppPath
static StaticMutex sCachedAppPathMutex;
// Utility method to call ClearOnShutdown() on the main thread
static nsresult ClearCachedAppPathOnShutdown();
#endif
enum TCSMStatus { TCSM_Unknown = 0, TCSM_Available, TCSM_Unavailable };
static mozilla::Atomic<nsMacUtilsImpl::TCSMStatus> sTCSMStatus;
static nsresult EnableTCSM();
#if defined(DEBUG)
static bool IsTCSMEnabled();
#endif
};
// Global singleton service
// 697BD3FD-43E5-41CE-AD5E-C339175C0818
#define NS_MACUTILSIMPL_CID \
{ \
0x697BD3FD, 0x43E5, 0x41CE, { \
0xAD, 0x5E, 0xC3, 0x39, 0x17, 0x5C, 0x08, 0x18 \
} \
}
#define NS_MACUTILSIMPL_CONTRACTID "@mozilla.org/xpcom/mac-utils;1"
#endif /* nsMacUtilsImpl_h___ */
Reference in New Issue View Git Blame Copy Permalink