Bob Owen (:bobowen) Assignee
	Description • 9 years ago

I'm going to turn these on in separate patches to aid with bisection.

This still leaves some 64-bit only mitigations, but I don't want to turn those on until I've had time to investigate the occasional 64-bit sandbox start-up issues we've had with the content process.

	Bob Owen (:bobowen) Assignee
	Comment 1 • 9 years ago

https://treeherder.mozilla.org/#/jobs?repo=try&revision=02a129484e8f

	Bob Owen (:bobowen) Assignee
	Comment 2 • 9 years ago

Tim - I hope you're OK for these reviews, just straight forward policy changes.

	Tim Abraldes [:TimAbraldes] [:tabraldes]
	Comment 5 • 9 years ago

Sorry for the delay!

	Bob Owen (:bobowen) Assignee
	Comment 6 • 9 years ago

remote:   https://hg.mozilla.org/integration/mozilla-inbound/rev/bd213a576671
remote:   https://hg.mozilla.org/integration/mozilla-inbound/rev/6cb61619e34f
remote:   https://hg.mozilla.org/integration/mozilla-inbound/rev/f83176aaffe9

(In reply to Tim Abraldes [:TimAbraldes] [:tabraldes] from comment #5)
> Sorry for the delay!

No need for an apology, I only uploaded them on Friday. :)

	Ryan VanderMeulen [:RyanVM]
	Comment 7 • 9 years ago

https://hg.mozilla.org/mozilla-central/rev/bd213a576671
https://hg.mozilla.org/mozilla-central/rev/6cb61619e34f
https://hg.mozilla.org/mozilla-central/rev/f83176aaffe9

	Bob Owen (:bobowen) Assignee
	Comment 8 • 9 years ago

Comment on attachment 8560631 [details] [diff] [review]
Part 1: Turn on DEP_NO_ATL_THUNK process-level mitigation for the GMP sandbox.

Approval Request Comment
[Feature/regressing bug #]:
This brings the x86 process-level mitigations (and the overall sandbox rules in general) in line with Chromium's renderer.

[User impact if declined]:
The general rationale for uplifting this is that we are uplifting EME to beta (bug 1137045), so it makes sense to have the latest sandbox policy as well.

[Describe test coverage new/current, TreeHerder]:
EME itself has test coverage and the only other thing these changes could affect is the OpenH264 GMP process, which should also have mochitest coverage.
The changes have been on m-c for a couple of weeks now.

[Risks and why]:
Low to medium - it is probably unlikely, but possible that these changes cause problems for OpenH264, although as I say above, I've not heard of any issues on Nightly.

[String/UUID change made/needed]:
None.

	Bob Owen (:bobowen) Assignee
	Comment 9 • 9 years ago

Comment on attachment 8560632 [details] [diff] [review]
Part 2: Turn on BOTTOM_UP_ASLR process-level mitigation for the GMP sandbox.

See comment 8.

	Bob Owen (:bobowen) Assignee
	Comment 10 • 9 years ago

Comment on attachment 8560633 [details] [diff] [review]
Part 3: Turn on MITIGATION_STRICT_HANDLE_CHECKS process-level mitigation for the GMP sandbox.

See comment 8.

	Lawrence Mandel [:lmandel] (use needinfo)
	Comment 11 • 9 years ago

Comment on attachment 8560631 [details] [diff] [review]
Part 1: Turn on DEP_NO_ATL_THUNK process-level mitigation for the GMP sandbox.

OK. Let's get this change into Beta 2. Beta+

	Ryan VanderMeulen [:RyanVM]
	Comment 12 • 9 years ago

https://hg.mozilla.org/releases/mozilla-beta/rev/56d34ca3b983
https://hg.mozilla.org/releases/mozilla-beta/rev/fa0645acfc44
https://hg.mozilla.org/releases/mozilla-beta/rev/8fd533be98aa