Bug 1395187: Use STARTF_FORCEOFFFEEDBACK flag when starting Windows child processes to prevent app starting cursor. r=jimm
authorBob Owen <bobowencode@gmail.com>
Thu, 07 Dec 2017 10:24:38 +0000
changeset 395480 74c0d505722a90c48cb1a1c21f04d1eb643e6851
parent 395479 06aa4a657f52030fe892c681a6788762f310a54a
child 395481 56b0acc6e0afb54a14a1d74f67eecf48d1cd9f59
push id33045
push usershindli@mozilla.com
push dateThu, 07 Dec 2017 22:12:36 +0000
treeherdermozilla-central@91cecf141b8b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjimm
bugs1395187
milestone59.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1395187: Use STARTF_FORCEOFFFEEDBACK flag when starting Windows child processes to prevent app starting cursor. r=jimm
security/sandbox/chromium-shim/patches/after_update/patch_order.txt
security/sandbox/chromium-shim/patches/after_update/use_STARTF_FORCEOFFFEEDBACK_flag.patch
security/sandbox/chromium/sandbox/win/src/broker_services.cc
--- a/security/sandbox/chromium-shim/patches/after_update/patch_order.txt
+++ b/security/sandbox/chromium-shim/patches/after_update/patch_order.txt
@@ -1,6 +1,7 @@
 add_interception_logging.patch
 allow_rules_for_network_drive_and_non_file_devices.patch
 add_WOW64_flags_to_allowed_registry_read_flags.patch
 change_USER_NON_ADMIN_to_blacklist.patch
 consult_PermissionsService_for_file_access.patch
 allow_flash_temporary_files.patch
+use_STARTF_FORCEOFFFEEDBACK_flag.patch
new file mode 100644
--- /dev/null
+++ b/security/sandbox/chromium-shim/patches/after_update/use_STARTF_FORCEOFFFEEDBACK_flag.patch
@@ -0,0 +1,32 @@
+# HG changeset patch
+# User Bob Owen <bobowencode@gmail.com>
+# Date 1512580728 0
+#      Wed Dec 06 17:18:48 2017 +0000
+# Node ID e56684aa96bd963d4b94ed69b99a0359fa0479ae
+# Parent  785572419acc82b2cbdcd2e24ca59fdbf5d7255f
+Use STARTF_FORCEOFFFEEDBACK flag when starting Windows child processes to prevent app starting cursor. r=jimm
+
+diff --git a/security/sandbox/chromium/sandbox/win/src/broker_services.cc b/security/sandbox/chromium/sandbox/win/src/broker_services.cc
+--- a/security/sandbox/chromium/sandbox/win/src/broker_services.cc
++++ b/security/sandbox/chromium/sandbox/win/src/broker_services.cc
+@@ -346,16 +346,20 @@ ResultCode BrokerServicesBase::SpawnTarg
+ 
+   base::win::ScopedHandle job;
+   result = policy_base->MakeJobObject(&job);
+   if (SBOX_ALL_OK != result)
+     return result;
+ 
+   // Initialize the startup information from the policy.
+   base::win::StartupInformation startup_info;
++
++  // We don't want any child processes causing the IDC_APPSTARTING cursor.
++  startup_info.startup_info()->dwFlags |= STARTF_FORCEOFFFEEDBACK;
++
+   // The liftime of |mitigations|, |inherit_handle_list| and
+   // |child_process_creation| have to be at least as long as
+   // |startup_info| because |UpdateProcThreadAttribute| requires that
+   // its |lpValue| parameter persist until |DeleteProcThreadAttributeList| is
+   // called; StartupInformation's destructor makes such a call.
+   DWORD64 mitigations;
+   std::vector<HANDLE> inherited_handle_list;
+   DWORD child_process_creation = PROCESS_CREATION_CHILD_PROCESS_RESTRICTED;
--- a/security/sandbox/chromium/sandbox/win/src/broker_services.cc
+++ b/security/sandbox/chromium/sandbox/win/src/broker_services.cc
@@ -346,16 +346,20 @@ ResultCode BrokerServicesBase::SpawnTarg
 
   base::win::ScopedHandle job;
   result = policy_base->MakeJobObject(&job);
   if (SBOX_ALL_OK != result)
     return result;
 
   // Initialize the startup information from the policy.
   base::win::StartupInformation startup_info;
+
+  // We don't want any child processes causing the IDC_APPSTARTING cursor.
+  startup_info.startup_info()->dwFlags |= STARTF_FORCEOFFFEEDBACK;
+
   // The liftime of |mitigations|, |inherit_handle_list| and
   // |child_process_creation| have to be at least as long as
   // |startup_info| because |UpdateProcThreadAttribute| requires that
   // its |lpValue| parameter persist until |DeleteProcThreadAttributeList| is
   // called; StartupInformation's destructor makes such a call.
   DWORD64 mitigations;
   std::vector<HANDLE> inherited_handle_list;
   DWORD child_process_creation = PROCESS_CREATION_CHILD_PROCESS_RESTRICTED;