Skip to content
This repository was archived by the owner on Jul 9, 2025. It is now read-only.

Commit a2990eb

Browse files
committed
Backed out 7 changesets (bug 1431441) as per haik`s request.
Backed out changeset 1dfdc7ba998d (bug 1431441) Backed out changeset fb1a4ddbf9bf (bug 1431441) Backed out changeset b59b1651fc15 (bug 1431441) Backed out changeset 1e2bb579b824 (bug 1431441) Backed out changeset 2a635530dfa3 (bug 1431441) Backed out changeset 262da0be2fed (bug 1431441) Backed out changeset b9cfda58fed3 (bug 1431441) --HG-- extra : rebase_source : 7baf60c49683b419c0603979b0dff3befb2fbaf0
1 parent aaf946d commit a2990eb

15 files changed

Lines changed: 123 additions & 528 deletions

File tree

browser/app/moz.build

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -84,11 +84,6 @@ if CONFIG['OS_ARCH'] == 'WINNT':
8484
'ole32.dll',
8585
]
8686

87-
if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'Darwin':
88-
USE_LIBS += [
89-
'mozsandbox',
90-
]
91-
9287
if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT':
9388
# For sandbox includes and the include dependencies those have
9489
LOCAL_INCLUDES += [

browser/app/nsBrowserApp.cpp

Lines changed: 0 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -43,10 +43,6 @@
4343
#include "FuzzerDefs.h"
4444
#endif
4545

46-
#ifdef XP_MACOSX
47-
#include "mozilla/Sandbox.h"
48-
#endif
49-
5046
#ifdef MOZ_LINUX_32_SSE2_STARTUP_ERROR
5147
#include <cpuid.h>
5248
#include "mozilla/Unused.h"
@@ -267,16 +263,6 @@ int main(int argc, char* argv[], char* envp[])
267263
{
268264
mozilla::TimeStamp start = mozilla::TimeStamp::Now();
269265

270-
#ifdef XP_MACOSX
271-
if (argc > 1 && IsArg(argv[1], "contentproc")) {
272-
std::string err;
273-
if (!mozilla::EarlyStartMacSandboxIfEnabled(argc, argv, err)) {
274-
Output("Sandbox error: %s\n", err.c_str());
275-
MOZ_CRASH("Sandbox initialization failed");
276-
}
277-
}
278-
#endif
279-
280266
#ifdef MOZ_BROWSER_CAN_BE_CONTENTPROC
281267
// We are launching as a content process, delegate to the appropriate
282268
// main

browser/app/profile/firefox.js

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1026,12 +1026,6 @@ pref("security.sandbox.gpu.level", 0);
10261026
pref("security.sandbox.gmp.win32k-disable", false);
10271027
#endif
10281028

1029-
#if defined(NIGHTLY_BUILD) && defined(XP_MACOSX) && defined(MOZ_SANDBOX)
1030-
// Start the Mac sandbox immediately during child process startup instead
1031-
// of when messaged by the parent after the message loop is running.
1032-
pref("security.sandbox.content.mac.earlyinit", true);
1033-
#endif
1034-
10351029
#if defined(XP_MACOSX) && defined(MOZ_SANDBOX) && defined(MOZ_CONTENT_SANDBOX)
10361030
// This pref is discussed in bug 1083344, the naming is inspired from its
10371031
// Windows counterpart, but on Mac it's an integer which means:

dom/ipc/ContentChild.cpp

Lines changed: 110 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -194,7 +194,6 @@
194194
#endif
195195

196196
#if defined(XP_MACOSX)
197-
#include "nsMacUtilsImpl.h"
198197
#include <CoreServices/CoreServices.h>
199198
// Info.plist key associated with the developer repo path
200199
#define MAC_DEV_REPO_KEY "MozillaDeveloperRepoPath"
@@ -1524,6 +1523,110 @@ ContentChild::RecvReinitRenderingForDeviceReset()
15241523
}
15251524

15261525
#if defined(XP_MACOSX) && defined(MOZ_CONTENT_SANDBOX)
1526+
1527+
#include <stdlib.h>
1528+
1529+
static bool
1530+
GetAppPaths(nsCString &aAppPath, nsCString &aAppBinaryPath, nsCString &aAppDir)
1531+
{
1532+
nsAutoCString appPath;
1533+
nsAutoCString appBinaryPath(
1534+
(CommandLine::ForCurrentProcess()->argv()[0]).c_str());
1535+
1536+
nsAutoCString::const_iterator start, end;
1537+
appBinaryPath.BeginReading(start);
1538+
appBinaryPath.EndReading(end);
1539+
if (RFindInReadable(NS_LITERAL_CSTRING(".app/Contents/MacOS/"), start, end)) {
1540+
end = start;
1541+
++end; ++end; ++end; ++end;
1542+
appBinaryPath.BeginReading(start);
1543+
appPath.Assign(Substring(start, end));
1544+
} else {
1545+
return false;
1546+
}
1547+
1548+
nsCOMPtr<nsIFile> app, appBinary;
1549+
nsresult rv = NS_NewLocalFile(NS_ConvertUTF8toUTF16(appPath),
1550+
true, getter_AddRefs(app));
1551+
if (NS_FAILED(rv)) {
1552+
return false;
1553+
}
1554+
rv = NS_NewLocalFile(NS_ConvertUTF8toUTF16(appBinaryPath),
1555+
true, getter_AddRefs(appBinary));
1556+
if (NS_FAILED(rv)) {
1557+
return false;
1558+
}
1559+
1560+
nsCOMPtr<nsIFile> appDir;
1561+
nsCOMPtr<nsIProperties> dirSvc =
1562+
do_GetService(NS_DIRECTORY_SERVICE_CONTRACTID);
1563+
if (!dirSvc) {
1564+
return false;
1565+
}
1566+
rv = dirSvc->Get(NS_GRE_DIR,
1567+
NS_GET_IID(nsIFile), getter_AddRefs(appDir));
1568+
if (NS_FAILED(rv)) {
1569+
return false;
1570+
}
1571+
bool exists;
1572+
rv = appDir->Exists(&exists);
1573+
if (NS_FAILED(rv) || !exists) {
1574+
return false;
1575+
}
1576+
1577+
// appDir points to .app/Contents/Resources, for our purposes we want
1578+
// .app/Contents.
1579+
nsCOMPtr<nsIFile> appDirParent;
1580+
rv = appDir->GetParent(getter_AddRefs(appDirParent));
1581+
if (NS_FAILED(rv)) {
1582+
return false;
1583+
}
1584+
1585+
rv = app->Normalize();
1586+
if (NS_FAILED(rv)) {
1587+
return false;
1588+
}
1589+
app->GetNativePath(aAppPath);
1590+
1591+
rv = appBinary->Normalize();
1592+
if (NS_FAILED(rv)) {
1593+
return false;
1594+
}
1595+
appBinary->GetNativePath(aAppBinaryPath);
1596+
1597+
rv = appDirParent->Normalize();
1598+
if (NS_FAILED(rv)) {
1599+
return false;
1600+
}
1601+
appDirParent->GetNativePath(aAppDir);
1602+
1603+
return true;
1604+
}
1605+
1606+
// This function is only used in an |#ifdef DEBUG| path.
1607+
#ifdef DEBUG
1608+
// Given a path to a file, return the directory which contains it.
1609+
static nsAutoCString
1610+
GetDirectoryPath(const char *aPath) {
1611+
nsCOMPtr<nsIFile> file = do_CreateInstance(NS_LOCAL_FILE_CONTRACTID);
1612+
if (!file ||
1613+
NS_FAILED(file->InitWithNativePath(nsDependentCString(aPath)))) {
1614+
MOZ_CRASH("Failed to create or init an nsIFile");
1615+
}
1616+
nsCOMPtr<nsIFile> directoryFile;
1617+
if (NS_FAILED(file->GetParent(getter_AddRefs(directoryFile))) ||
1618+
!directoryFile) {
1619+
MOZ_CRASH("Failed to get parent for an nsIFile");
1620+
}
1621+
directoryFile->Normalize();
1622+
nsAutoCString directoryPath;
1623+
if (NS_FAILED(directoryFile->GetNativePath(directoryPath))) {
1624+
MOZ_CRASH("Failed to get path for an nsIFile");
1625+
}
1626+
return directoryPath;
1627+
}
1628+
#endif // DEBUG
1629+
15271630
extern "C" {
15281631
CGError
15291632
CGSSetDenyWindowServerConnections(bool);
@@ -1555,9 +1658,9 @@ StartMacOSContentSandbox()
15551658
#endif
15561659
}
15571660

1558-
nsAutoCString appPath;
1559-
if (!nsMacUtilsImpl::GetAppPath(appPath)) {
1560-
MOZ_CRASH("Error resolving child process app path");
1661+
nsAutoCString appPath, appBinaryPath, appDir;
1662+
if (!GetAppPaths(appPath, appBinaryPath, appDir)) {
1663+
MOZ_CRASH("Error resolving child process path");
15611664
}
15621665

15631666
ContentChild* cc = ContentChild::GetSingleton();
@@ -1583,9 +1686,9 @@ StartMacOSContentSandbox()
15831686
info.shouldLog = Preferences::GetBool("security.sandbox.logging.enabled") ||
15841687
PR_GetEnv("MOZ_SANDBOX_LOGGING");
15851688
info.appPath.assign(appPath.get());
1689+
info.appBinaryPath.assign(appBinaryPath.get());
1690+
info.appDir.assign(appDir.get());
15861691
info.hasAudio = !Preferences::GetBool("media.cubeb.sandbox");
1587-
info.hasWindowServer = !Preferences::GetBool(
1588-
"security.sandbox.content.mac.disconnect-windowserver");
15891692

15901693
// These paths are used to whitelist certain directories used by the testing
15911694
// system. They should not be considered a public API, and are only intended
@@ -1639,8 +1742,7 @@ StartMacOSContentSandbox()
16391742
if (bloatLog != nullptr) {
16401743
// |bloatLog| points to a specific file, but we actually write to a sibling
16411744
// of that path.
1642-
nsAutoCString bloatDirectoryPath =
1643-
nsMacUtilsImpl::GetDirectoryPath(bloatLog);
1745+
nsAutoCString bloatDirectoryPath = GetDirectoryPath(bloatLog);
16441746
info.debugWriteDir.assign(bloatDirectoryPath.get());
16451747
}
16461748
#endif // DEBUG

0 commit comments

Comments
 (0)