Bug 1101170 - Move Linux sandbox code into plugin-container on desktop. r=kang r=glandium
authorJed Davis <jld@mozilla.com>
Mon, 24 Nov 2014 15:22:13 -0800
changeset 241596 d06d1a469bb1962807e29e036666e06c4f5670e5
parent 241595 0b3bfc3c27913e0be76dda67798865cf3c270f58
child 241597 059b2c8bffa8d4b3092bfe68032d624abe28f631
push id4311
push userraliiev@mozilla.com
push dateMon, 12 Jan 2015 19:37:41 +0000
treeherdermozilla-beta@150c9fed433b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerskang, glandium
bugs1101170
milestone36.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1101170 - Move Linux sandbox code into plugin-container on desktop. r=kang r=glandium Specifically: * SandboxCrash() uses internal Gecko interfaces, so stays in libxul. * SandboxInfo moves to libxul from libmozsandbox, which no longer exists. * Where libxul calls Set*Sandbox(), it uses weak symbols. * Everything remains as it was on mobile.
CLOBBER
browser/installer/package-manifest.in
ipc/app/moz.build
security/sandbox/linux/Sandbox.cpp
security/sandbox/linux/Sandbox.h
security/sandbox/linux/SandboxInternal.h
security/sandbox/linux/common/moz.build
security/sandbox/linux/glue/SandboxCrash.cpp
security/sandbox/linux/glue/moz.build
security/sandbox/linux/moz.build
--- a/CLOBBER
+++ b/CLOBBER
@@ -17,9 +17,9 @@
 #
 # Modifying this file will now automatically clobber the buildbot machines \o/
 #
 
 # Are you updating CLOBBER because you think it's needed for your WebIDL
 # changes to stick? As of bug 928195, this shouldn't be necessary! Please
 # don't change CLOBBER for WebIDL changes any more.
 
-Bug 1084498 - Android build tools dependency.
+Bug 1101170 - Linux desktop build changes libmozsandbox from shared to static.
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -775,18 +775,16 @@
 @RESPATH@/components/pipboot.xpt
 @RESPATH@/components/pipnss.xpt
 @RESPATH@/components/pippki.xpt
 
 ; For process sandboxing
 #if defined(MOZ_SANDBOX)
 #if defined(XP_WIN)
 @BINPATH@/@DLL_PREFIX@sandboxbroker@DLL_SUFFIX@
-#elif defined(XP_LINUX)
-@BINPATH@/@DLL_PREFIX@mozsandbox@DLL_SUFFIX@
 #endif
 #endif
 
 ; for Solaris SPARC
 #ifdef SOLARIS
 bin/libfreebl_32fpu_3.so
 bin/libfreebl_32int_3.so
 bin/libfreebl_32int64_3.so
--- a/ipc/app/moz.build
+++ b/ipc/app/moz.build
@@ -56,16 +56,21 @@ if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_
         'nss3.dll',
         'xul.dll'
     ]
     DEFINES['HASH_NODE_ID_WITH_DEVICE_ID'] = 1;
     SOURCES += [
         'sha256.c',
     ]
 
+if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_TARGET'] == 'Linux':
+    USE_LIBS += [
+        'mozsandbox',
+    ]
+
 if CONFIG['_MSC_VER']:
     # Always enter a Windows program through wmain, whether or not we're
     # a console application.
     WIN32_EXE_LDFLAGS += ['-ENTRY:wmainCRTStartup']
 
 LDFLAGS += [CONFIG['MOZ_ALLOW_HEAP_EXECUTE_FLAGS']]
 
 # Control the default heap size.
--- a/security/sandbox/linux/Sandbox.cpp
+++ b/security/sandbox/linux/Sandbox.cpp
@@ -55,17 +55,19 @@ typedef struct {
 
 MOZ_IMPORT_API void
 __sanitizer_sandbox_on_notify(__sanitizer_sandbox_arguments *args);
 } // extern "C"
 #endif // MOZ_ASAN
 
 namespace mozilla {
 
+#ifdef ANDROID
 SandboxCrashFunc gSandboxCrashFunc;
+#endif
 
 #ifdef MOZ_GMP_SANDBOX
 // For media plugins, we can start the sandbox before we dlopen the
 // module, so we have to pre-open the file and simulate the sandboxed
 // open().
 static int gMediaPluginFileDesc = -1;
 static const char *gMediaPluginFilePath;
 #endif
--- a/security/sandbox/linux/Sandbox.h
+++ b/security/sandbox/linux/Sandbox.h
@@ -8,25 +8,33 @@
 #define mozilla_Sandbox_h
 
 #include "mozilla/Types.h"
 
 // This defines the entry points for a content process to start
 // sandboxing itself.  See also common/SandboxInfo.h for what parts of
 // sandboxing are enabled/supported.
 
+#ifdef ANDROID
+// Defined in libmozsandbox and referenced by linking against it.
+#define MOZ_SANDBOX_EXPORT MOZ_EXPORT
+#else
+// Defined in plugin-container and referenced by libraries it loads.
+#define MOZ_SANDBOX_EXPORT MOZ_EXPORT __attribute__((weak))
+#endif
+
 namespace mozilla {
 
 #ifdef MOZ_CONTENT_SANDBOX
 // Call only if SandboxInfo::CanSandboxContent() returns true.
 // (No-op if MOZ_DISABLE_CONTENT_SANDBOX is set.)
-MOZ_EXPORT void SetContentProcessSandbox();
+MOZ_SANDBOX_EXPORT void SetContentProcessSandbox();
 #endif
 
 #ifdef MOZ_GMP_SANDBOX
 // Call only if SandboxInfo::CanSandboxMedia() returns true.
 // (No-op if MOZ_DISABLE_GMP_SANDBOX is set.)
-MOZ_EXPORT void SetMediaPluginSandbox(const char *aFilePath);
+MOZ_SANDBOX_EXPORT void SetMediaPluginSandbox(const char *aFilePath);
 #endif
 
 } // namespace mozilla
 
 #endif // mozilla_Sandbox_h
--- a/security/sandbox/linux/SandboxInternal.h
+++ b/security/sandbox/linux/SandboxInternal.h
@@ -2,23 +2,26 @@
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #ifndef mozilla_SandboxInternal_h
 #define mozilla_SandboxInternal_h
 
-// The code in Sandbox.cpp can't link against libxul, where
-// SandboxCrash.cpp lives, so it has to use a callback, defined here.
-
 #include <signal.h>
 
 #include "mozilla/Types.h"
 
 namespace mozilla {
 
+// SandboxCrash() has to be in libxul to use internal interfaces, but
+// its caller in the sandbox code is elsewhere:
+// * Desktop: defined in libxul; referenced in plugin-container.
+// * Mobile: defined in libmozsandbox; referenced in libxul.
+// See also bug 1101170.
+
 typedef void (*SandboxCrashFunc)(int, siginfo_t*, void*);
 extern MOZ_EXPORT SandboxCrashFunc gSandboxCrashFunc;
 
 } // namespace mozilla
 
 #endif // mozilla_SandboxInternal_h
--- a/security/sandbox/linux/common/moz.build
+++ b/security/sandbox/linux/common/moz.build
@@ -13,9 +13,12 @@ EXPORTS.mozilla += [
 SOURCES += [
     'SandboxInfo.cpp',
 ]
 
 LOCAL_INCLUDES += [
     '/security/sandbox/chromium'
 ]
 
-FINAL_LIBRARY = 'mozsandbox'
+if CONFIG['OS_TARGET'] == 'Android':
+    FINAL_LIBRARY = 'mozsandbox'
+else:
+    FINAL_LIBRARY = 'xul'
--- a/security/sandbox/linux/glue/SandboxCrash.cpp
+++ b/security/sandbox/linux/glue/SandboxCrash.cpp
@@ -126,9 +126,13 @@ SandboxCrash(int nr, siginfo_t *info, vo
 }
 
 static void __attribute__((constructor))
 SandboxSetCrashFunc()
 {
   gSandboxCrashFunc = SandboxCrash;
 }
 
+#ifndef ANDROID
+SandboxCrashFunc gSandboxCrashFunc;
+#endif
+
 } // namespace mozilla
--- a/security/sandbox/linux/glue/moz.build
+++ b/security/sandbox/linux/glue/moz.build
@@ -9,13 +9,14 @@ FAIL_ON_WARNINGS = True
 SOURCES += [
     'SandboxCrash.cpp',
 ]
 
 LOCAL_INCLUDES += [
     '/security/sandbox/linux',
 ]
 
-USE_LIBS += [
-    'mozsandbox',
-]
+if CONFIG['OS_TARGET'] == 'Android':
+    USE_LIBS += [
+        'mozsandbox',
+    ]
 
 FINAL_LIBRARY = 'xul'
--- a/security/sandbox/linux/moz.build
+++ b/security/sandbox/linux/moz.build
@@ -1,17 +1,20 @@
 # -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*-
 # vim: set filetype=python:
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 FAIL_ON_WARNINGS = True
 
-SharedLibrary('mozsandbox')
+if CONFIG['OS_TARGET'] == 'Android':
+    SharedLibrary('mozsandbox')
+else:
+    Library('mozsandbox')
 
 EXPORTS.mozilla += [
     'Sandbox.h',
 ]
 
 SOURCES += [
     '../chromium/base/shim/base/logging.cpp',
     '../chromium/sandbox/linux/seccomp-bpf/basicblock.cc',