roytam1/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-05-26 14:18:48 +00:00
Code Issues Projects Releases Wiki Activity
Files
fe0509a62ee652a1261ba31f19ff198102c49b2f
palemoon27/ipc/contentproc/plugin-container.cpp
T
roytam1 be191f3772 import changes from `dev' branch of rmottola/Arctic-Fox: 
- Bug 1153939 - Avoid a race condition with setting nsBaseWidgets WidgetShutdownObserver widget pointer to null. Fixes a crash in nsBaseWidget::DestroyCompositor(). r=roc (342dfa066)
- Bug 1153570 - Remove AutoUseBasicLayerManager, which has been unused since 78b90e6c491b (bug 676241 part 3). r=mstange (0e9184271)
- Bug 1158284 - Utility in gfxPlatform to check for safe mode, lazier computation if we should accelerate and random cleanup of prefs usage. r=botond (3ca893900)
- Bug 1154739 - Rename flag to be more general. r=billm (c17156078)
- Bug 1154739 - On desktop platforms, only enable APZ in e10s windows. r=dvander,mstange (339d0fa64)
- remove auxclick event (54cbbdad2)
- more AUXCLICK remove (8a76b76ed)
- on drag exist is not idl (6c6a3d6c6)
- fix typo (a62de38d6)
- reinstantiate mouse events in PostHandle (387c3dd5b)
- Bug 1158425 - Rename _SYNTH event names. r=smaug (913a0f0d2)
- Bug 1136478 - Fire pagehide / pageshow events in content after swapping remote frame loaders. r=smaug. (f60d5955e)
- Bug 1083361 - Exposing a PromiseDebugging API to monitor uncaught DOM Promise. r=bz (a4d9a44e8)
- Bug 1058695 - Add member to nsIGlobalObject to detect it is going away. Make promises use it. r=bholley (8f77dbc4e)
- Bug 1156875 - patch 1 - URL.createObjectURL leaks in JS sandbox, r=bholley (f3a68da2c)
- Bug 1156875 - patch 2 - Unify the registration of blob URIs in WorkerPrivate and nsIGlobalObject, r=bent (66218f13a)
- Bug 1156875 - patch 3 - nsIGlobalObject members correctly ordered in the header file, r=bz (4936f05a6)
- Bug 1148033 - BroadcastChannel API should rispect the B2G app sandboxes, r=ehsan (d856835b9)
- Bug 1151480 - Correct check of the BroadcastChannel origin in b2g, r=ehsan (375f85fda)
- Bug 1161507 - BroadcastChannel should use origin+appId+IsInBrowserElement as key in b2g, r=sicking (5da9b5d1d)
- Bug 1144298 - Eliminate gratuitous gotos from Directory::RemoveInternal(). r=baku (055a8e240)
- Bug 1134309 - Fix slice handling when the first access is from a remote input stream, r=khuey. (62ceb80a7)
- Bug 1151597 - Step 0: Move IPC memory report generation number to parent-side actor. r=erahm (c1a49e2e1)
- Bug 1151597 - Step 1: Change memory reporting IPC to send one report per message. r=erahm (4797c3914)
- Bug 1151597 - Step 2: Don't start child process memory reports until parent is finished. r=erahm (d6df516b3)
- Bug 1088070 - Rename nsPrintingPromptServiceProxy to nsPrintingProxy. r=smaug. (7925069ae)
- Bug 1088070 - Move saving nsIPrintSettings after a print job to browser-content.js. r=Mossop. (9e7926158)
- Bug 1088070 - Instantiate print settings from the content process ins…tead of the parent. r=Mossop. (9152d5cef)
- Bug 1088070 - If saving print settings in the content process, proxy to the parent. r=smaug. (bc9e928ef)
- Bug 1129315 - require app processes update permissions after forked from nuwa. r=jdm (5333979c8)
- Bug 1069643 - Remove always failing call to GetCPOWManager from ContentChild::Init. r=billm a=ryanvm (1e9c9b72f)
- Bug 1110911 - Move Mac sandboxing code into plugin-container. r=cpearce,areinald,jld (f1830d72f)
- Bug 1149483: Change content sandbox level 1 to a working low integrity sandbox. r=tabraldes, r=billm (52e60db87)
2020-07-18 10:11:02 +08:00

241 lines
6.9 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
* vim: sw=4 ts=4 et :
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsXPCOM.h"
#include "nsXULAppAPI.h"
#include "nsAutoPtr.h"
// FIXME/cjones testing
#if !defined(OS_WIN)
#include <unistd.h>
#endif
#ifdef XP_WIN
#include <windows.h>
// we want a wmain entry point
// but we don't want its DLL load protection, because we'll handle it here
#define XRE_DONT_PROTECT_DLL_LOAD
#include "nsWindowsWMain.cpp"
#include "nsSetDllDirectory.h"
#endif
#include "GMPLoader.h"
#if defined(XP_WIN) && defined(MOZ_SANDBOX)
#include "mozilla/sandboxTarget.h"
#include "mozilla/sandboxing/loggingCallbacks.h"
#include "sandbox/win/src/sandbox_factory.h"
#endif
#if defined(XP_LINUX) && defined(MOZ_GMP_SANDBOX)
#include "mozilla/Sandbox.h"
#include "mozilla/SandboxInfo.h"
#endif
#ifdef MOZ_WIDGET_GONK
# include <sys/time.h>
# include <sys/resource.h>
# include <binder/ProcessState.h>
# ifdef LOGE_IF
# undef LOGE_IF
# endif
# include <android/log.h>
# define LOGE_IF(cond, ...) \
( (CONDITION(cond)) \
? ((void)__android_log_print(ANDROID_LOG_ERROR, \
"Gecko:MozillaRntimeMain", __VA_ARGS__)) \
: (void)0 )
# ifdef MOZ_CONTENT_SANDBOX
# include "mozilla/Sandbox.h"
# endif
#endif // MOZ_WIDGET_GONK
#ifdef MOZ_NUWA_PROCESS
#include <binder/ProcessState.h>
#include "ipc/Nuwa.h"
#endif
#ifdef MOZ_WIDGET_GONK
static void
InitializeBinder(void *aDummy) {
// Change thread priority to 0 only during calling ProcessState::self().
// The priority is registered to binder driver and used for default Binder
// Thread's priority.
// To change the process's priority to small value need's root permission.
int curPrio = getpriority(PRIO_PROCESS, 0);
int err = setpriority(PRIO_PROCESS, 0, 0);
MOZ_ASSERT(!err);
LOGE_IF(err, "setpriority failed. Current process needs root permission.");
android::ProcessState::self()->startThreadPool();
setpriority(PRIO_PROCESS, 0, curPrio);
}
#endif
#if defined(XP_WIN) && defined(MOZ_SANDBOX)
static bool gIsSandboxEnabled = false;
class WinSandboxStarter : public mozilla::gmp::SandboxStarter {
public:
virtual bool Start(const char *aLibPath) override {
if (gIsSandboxEnabled) {
sandbox::SandboxFactory::GetTargetServices()->LowerToken();
}
return true;
}
};
#endif
#if defined(XP_LINUX) && defined(MOZ_GMP_SANDBOX)
class LinuxSandboxStarter : public mozilla::gmp::SandboxStarter {
LinuxSandboxStarter() { }
public:
static SandboxStarter* Make() {
if (mozilla::SandboxInfo::Get().CanSandboxMedia()) {
return new LinuxSandboxStarter();
} else {
// Sandboxing isn't possible, but the parent has already
// checked that this plugin doesn't require it. (Bug 1074561)
return nullptr;
}
}
virtual bool Start(const char *aLibPath) override {
mozilla::SetMediaPluginSandbox(aLibPath);
return true;
}
};
#endif
#if defined(XP_MACOSX) && defined(MOZ_GMP_SANDBOX)
class MacSandboxStarter : public mozilla::gmp::SandboxStarter {
public:
virtual bool Start(const char *aLibPath) override {
std::string err;
bool rv = mozilla::StartMacSandbox(mInfo, err);
if (!rv) {
fprintf(stderr, "sandbox_init() failed! Error \"%s\"\n", err.c_str());
}
return rv;
}
virtual void SetSandboxInfo(MacSandboxInfo* aSandboxInfo) override {
mInfo = *aSandboxInfo;
}
private:
MacSandboxInfo mInfo;
};
#endif
mozilla::gmp::SandboxStarter*
MakeSandboxStarter()
{
#if defined(XP_WIN) && defined(MOZ_SANDBOX)
return new WinSandboxStarter();
#elif defined(XP_LINUX) && defined(MOZ_GMP_SANDBOX)
return LinuxSandboxStarter::Make();
#elif defined(XP_MACOSX) && defined(MOZ_GMP_SANDBOX)
return new MacSandboxStarter();
#else
return nullptr;
#endif
}
int
content_process_main(int argc, char* argv[])
{
// Check for the absolute minimum number of args we need to move
// forward here. We expect the last arg to be the child process type.
if (argc < 1) {
return 3;
}
XRE_SetProcessType(argv[--argc]);
bool isNuwa = false;
for (int i = 1; i < argc; i++) {
isNuwa |= strcmp(argv[i], "-nuwa") == 0;
#if defined(XP_WIN) && defined(MOZ_SANDBOX)
gIsSandboxEnabled |= strcmp(argv[i], "-sandbox") == 0;
#endif
}
#ifdef MOZ_NUWA_PROCESS
if (isNuwa) {
PrepareNuwaProcess();
}
#endif
#if defined(XP_LINUX) && defined(MOZ_SANDBOX)
// This has to happen while we're still single-threaded, and on
// B2G that means before the Android Binder library is
// initialized. Additional special handling is needed for Nuwa:
// the Nuwa process itself needs to be unsandboxed, and the same
// single-threadedness condition applies to its children; see also
// AfterNuwaFork().
mozilla::SandboxEarlyInit(XRE_GetProcessType(), isNuwa);
#endif
#ifdef MOZ_WIDGET_GONK
// This creates a ThreadPool for binder ipc. A ThreadPool is necessary to
// receive binder calls, though not necessary to send binder calls.
// ProcessState::Self() also needs to be called once on the main thread to
// register the main thread with the binder driver.
#ifdef MOZ_NUWA_PROCESS
if (!isNuwa) {
InitializeBinder(nullptr);
} else {
NuwaAddFinalConstructor(&InitializeBinder, nullptr);
}
#else
InitializeBinder(nullptr);
#endif
#endif
#ifdef XP_WIN
// For plugins, this is done in PluginProcessChild::Init, as we need to
// avoid it for unsupported plugins. See PluginProcessChild::Init for
// the details.
if (XRE_GetProcessType() != GeckoProcessType_Plugin) {
mozilla::SanitizeEnvironmentVariables();
SetDllDirectory(L"");
}
#ifdef MOZ_SANDBOX
if (gIsSandboxEnabled) {
sandbox::TargetServices* target_service =
sandbox::SandboxFactory::GetTargetServices();
if (!target_service) {
return 1;
}
sandbox::ResultCode result =
mozilla::SandboxTarget::Instance()->InitTargetServices(target_service);
if (result != sandbox::SBOX_ALL_OK) {
return 2;
}
mozilla::sandboxing::PrepareForLogging();
}
#endif
#endif
nsAutoPtr<mozilla::gmp::GMPLoader> loader;
#if !defined(MOZ_WIDGET_ANDROID) && !defined(MOZ_WIDGET_GONK)
// On desktop, the GMPLoader lives in plugin-container, so that its
// code can be covered by an EME/GMP vendor's voucher.
nsAutoPtr<mozilla::gmp::SandboxStarter> starter(MakeSandboxStarter());
if (XRE_GetProcessType() == GeckoProcessType_GMPlugin) {
loader = mozilla::gmp::CreateGMPLoader(starter);
}
#endif
nsresult rv = XRE_InitChildProcess(argc, argv, loader);
NS_ENSURE_SUCCESS(rv, 1);
return 0;
}
Reference in New Issue View Git Blame Copy Permalink