Bug 1287984: Add rule to allow content process to duplicate handles to other non-broker processes. r=jimm
authorBob Owen <bobowencode@gmail.com>
Wed, 20 Jul 2016 14:41:18 +0100
changeset 346721 4ed590c96a36c34c0118788000f1a4a37763c5a9
parent 346720 edf44ee4f4ad3a5b444bed2fc74d4c13ca5d68dc
child 346722 3ccb3bbe75fa1bbc248285900284646bfdaf56b4
push id6389
push userraliiev@mozilla.com
push dateMon, 19 Sep 2016 13:38:22 +0000
treeherdermozilla-beta@01d67bfe6c81 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjimm
bugs1287984
milestone50.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1287984: Add rule to allow content process to duplicate handles to other non-broker processes. r=jimm MozReview-Commit-ID: A79P9G9t7Ax
ipc/glue/GeckoChildProcessHost.cpp
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
--- a/ipc/glue/GeckoChildProcessHost.cpp
+++ b/ipc/glue/GeckoChildProcessHost.cpp
@@ -1112,19 +1112,20 @@ GeckoChildProcessHost::PerformAsyncLaunc
         cmdLine.command_line_string().c_str());
     }
   } else
 #endif
   {
     base::LaunchApp(cmdLine, false, false, &process);
 
 #ifdef MOZ_SANDBOX
-    // We need to be able to duplicate handles to non-sandboxed content
+    // We need to be able to duplicate handles to non-sandboxed content and GMP
     // processes, so add it as a target peer.
-    if (mProcessType == GeckoProcessType_Content) {
+    if (mProcessType == GeckoProcessType_Content ||
+        mProcessType == GeckoProcessType_GMPlugin) {
       if (!mSandboxBroker.AddTargetPeer(process)) {
         NS_WARNING("Failed to add content process as target peer.");
       }
     }
 #endif
   }
 
 #else
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
+++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
@@ -183,23 +183,28 @@ SandboxBroker::SetSecurityLevelForConten
   // The content process needs to be able to duplicate named pipes back to the
   // broker process, which are File type handles.
   result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
                             sandbox::TargetPolicy::HANDLES_DUP_BROKER,
                             L"File");
   MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
                      "With these static arguments AddRule should never fail, what happened?");
 
-  // The content process needs to be able to duplicate shared memory to the
-  // broker process, which are Section type handles.
+  // The content process needs to be able to duplicate shared memory handles,
+  // which are Section handles, to the broker process and other child processes.
   result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
                             sandbox::TargetPolicy::HANDLES_DUP_BROKER,
                             L"Section");
   MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
                      "With these static arguments AddRule should never fail, what happened?");
+  result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
+                            sandbox::TargetPolicy::HANDLES_DUP_ANY,
+                            L"Section");
+  MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
+                     "With these static arguments AddRule should never fail, what happened?");
 }
 #endif
 
 #define SANDBOX_ENSURE_SUCCESS(result, message) \
   do { \
     MOZ_ASSERT(sandbox::SBOX_ALL_OK == result, message); \
     if (sandbox::SBOX_ALL_OK != result) \
       return false; \