| author | Haik Aftandilian <haftandilian@mozilla.com> |
| Thu, 18 Oct 2018 20:51:54 +0000 | |
| changeset 498863 | c70d57adec824c605e77196e651191c784c84bc3 |
| parent 498862 | cd9c1a610dd7edf256945bccea8671cb2bd18f70 |
| child 498864 | 178100c1204ca777a4d263f6d92dfca94333570a |
| push id | 10290 |
| push user | ffxbld-merge |
| push date | Mon, 03 Dec 2018 16:23:23 +0000 |
| treeherder | mozilla-beta@700bed2445e6 [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | Alex_Gaynor |
| bugs | 1431441 |
| milestone | 64.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| dom/ipc/ContentParent.cpp | file | annotate | diff | comparison | revisions | |
| dom/ipc/ContentProcess.cpp | file | annotate | diff | comparison | revisions |
--- a/dom/ipc/ContentParent.cpp +++ b/dom/ipc/ContentParent.cpp @@ -2325,17 +2325,20 @@ ContentParent::LaunchSubprocess(ProcessP extraArgs.push_back("-schedulerPrefs"); extraArgs.push_back(schedulerPrefs.get()); if (gSafeMode) { extraArgs.push_back("-safeMode"); } #if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX) - if (sEarlySandboxInit && IsContentSandboxEnabled()) { + // If we're launching a middleman process for a + // recording or replay, start the sandbox later. + if (sEarlySandboxInit && IsContentSandboxEnabled() && + !IsRecordingOrReplaying()) { AppendSandboxParams(extraArgs); } #endif nsCString parentBuildID(mozilla::PlatformBuildID()); extraArgs.push_back("-parentBuildID"); extraArgs.push_back(parentBuildID.get()); @@ -2737,17 +2740,20 @@ ContentParent::InitInternal(ProcessPrior // purpose. If the decision is made to permanently rely on the pref, this // should be changed so that it is required to restart firefox for the change // of value to take effect. shouldSandbox = IsContentSandboxEnabled(); #ifdef XP_MACOSX // If the sandbox was initialized during content process // startup, we must not send the SetProcessSandbox message. - shouldSandbox = shouldSandbox && !sEarlySandboxInit; + // If early startup was pref'd off or the process is a + // middleman process, send SetProcessSandbox now. + shouldSandbox = shouldSandbox && + (!sEarlySandboxInit || IsRecordingOrReplaying()); #endif #ifdef XP_LINUX if (shouldSandbox) { MOZ_ASSERT(!mSandboxBroker); bool isFileProcess = mRemoteType.EqualsLiteral(FILE_REMOTE_TYPE); UniquePtr<SandboxBroker::Policy> policy = sSandboxBrokerPolicyFactory->GetContentPolicy(Pid(), isFileProcess);
--- a/dom/ipc/ContentProcess.cpp +++ b/dom/ipc/ContentProcess.cpp @@ -293,18 +293,21 @@ ContentProcess::Init(int aArgc, char* aA IOThreadChild::channel(), *childID, *isForBrowser); mXREEmbed.Start(); #if (defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX) mContent.SetProfileDir(profileDir); #if defined(DEBUG) + // For WebReplay middleman processes, the sandbox is + // started after receiving the SetProcessSandbox message. if (IsContentSandboxEnabled() && - Preferences::GetBool("security.sandbox.content.mac.earlyinit")) { + Preferences::GetBool("security.sandbox.content.mac.earlyinit") && + !recordreplay::IsMiddleman()) { AssertMacSandboxEnabled(); } #endif /* DEBUG */ #endif /* XP_MACOSX && MOZ_CONTENT_SANDBOX */ #if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX) SetUpSandboxEnvironment(); #endif