Bug 1325227 - Part 3: Allow child process to share mutex handles with the parent/gpu processes. r=bobowen
☠☠ backed out by 46d3af166fce ☠ ☠
authorMatt Woodrow <mwoodrow@mozilla.com>
Thu, 12 Jan 2017 15:23:27 +1300
changeset 376333 f6c6ef5ac42ca39ff172f21a0f26697fbc3cde71
parent 376332 1a604f87a342a4e24f73c9f43d10f8027f94b46a
child 376334 a5d83d2b16326e2d10745bd43648e31198ac8e8d
push id1419
push userjlund@mozilla.com
push dateMon, 10 Apr 2017 20:44:07 +0000
treeherdermozilla-release@5e6801b73ef6 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbobowen
bugs1325227
milestone53.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1325227 - Part 3: Allow child process to share mutex handles with the parent/gpu processes. r=bobowen
security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
--- a/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
+++ b/security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp
@@ -217,16 +217,29 @@ SandboxBroker::SetSecurityLevelForConten
                             L"Section");
   MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
                      "With these static arguments AddRule should never fail, what happened?");
   result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
                             sandbox::TargetPolicy::HANDLES_DUP_ANY,
                             L"Section");
   MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
                      "With these static arguments AddRule should never fail, what happened?");
+
+  // The content process needs to be able to duplicate mutex handles,
+  // which are Mutant handles, to the broker process and other child processes.
+  result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
+                            sandbox::TargetPolicy::HANDLES_DUP_BROKER,
+                            L"Mutant");
+  MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
+                     "With these static arguments AddRule should never fail, what happened?");
+  result = mPolicy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES,
+                            sandbox::TargetPolicy::HANDLES_DUP_ANY,
+                            L"Mutant");
+  MOZ_RELEASE_ASSERT(sandbox::SBOX_ALL_OK == result,
+                     "With these static arguments AddRule should never fail, what happened?");
 }
 #endif
 
 #define SANDBOX_ENSURE_SUCCESS(result, message) \
   do { \
     MOZ_ASSERT(sandbox::SBOX_ALL_OK == result, message); \
     if (sandbox::SBOX_ALL_OK != result) \
       return false; \