ipc/glue/UtilityProcessImpl.cpp

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6 #include "UtilityProcessImpl.h"
   7
   8 #include "mozilla/ipc/IOThreadChild.h"
   9 #include "mozilla/GeckoArgs.h"
  10 #include "mozilla/ProcInfo.h"
  11
  12 #if defined(XP_WIN)
  13 #  include "nsExceptionHandler.h"
  14 #endif
  15
  16 #if defined(XP_WIN) && defined(MOZ_SANDBOX)
  17 #  include "mozilla/sandboxTarget.h"
  18 #  include "WMF.h"
  19 #  include "WMFDecoderModule.h"
  20 #endif
  21
  22 #if defined(XP_OPENBSD) && defined(MOZ_SANDBOX)
  23 #  include "mozilla/SandboxSettings.h"
  24 #endif
  25
  26 #if defined(MOZ_WMF_CDM) && defined(MOZ_SANDBOX)
  27 #  include "mozilla/MFCDMParent.h"
  28 #endif
  29
  30 namespace mozilla::ipc {
  31
  32 UtilityProcessImpl::~UtilityProcessImpl() = default;
  33
  34 #if defined(XP_WIN)
  35 /* static */
  36 void UtilityProcessImpl::LoadLibraryOrCrash(LPCWSTR aLib) {
  37   // re-try a few times depending on the error we get ; inspired by both our
  38   // results on content process allocations as well as msys2:
  39   // https://github.com/git-for-windows/msys2-runtime/blob/b4fed42af089ab955286343835a97e287496b3f8/winsup/cygwin/autoload.cc#L323-L339
  40
  41   const int kMaxRetries = 10;
  42   DWORD err;
  43
  44   for (int i = 0; i < kMaxRetries; i++) {
  45     HMODULE module = ::LoadLibraryW(aLib);
  46     if (module) {
  47       return;
  48     }
  49
  50     err = ::GetLastError();
  51
  52     if (err != ERROR_NOACCESS && err != ERROR_DLL_INIT_FAILED) {
  53       break;
  54     }
  55
  56     PR_Sleep(0);
  57   }
  58
  59   switch (err) {
  60     /* case ERROR_ACCESS_DENIED: */
  61     /* case ERROR_BAD_EXE_FORMAT: */
  62     /* case ERROR_SHARING_VIOLATION: */
  63     case ERROR_MOD_NOT_FOUND:
  64     case ERROR_COMMITMENT_LIMIT:
  65       // We want to make it explicit in telemetry that this was in fact an
  66       // OOM condition, even though we could not detect it on our own
  67       CrashReporter::AnnotateOOMAllocationSize(1);
  68       break;
  69
  70     default:
  71       break;
  72   }
  73
  74   MOZ_CRASH_UNSAFE_PRINTF("Unable to preload module: 0x%lx", err);
  75 }
  76 #endif  // defined(XP_WIN)
  77
  78 bool UtilityProcessImpl::Init(int aArgc, char* aArgv[]) {
  79   Maybe<uint64_t> sandboxingKind = geckoargs::sSandboxingKind.Get(aArgc, aArgv);
  80   if (sandboxingKind.isNothing()) {
  81     return false;
  82   }
  83
  84   if (*sandboxingKind >= SandboxingKind::COUNT) {
  85     return false;
  86   }
  87
  88 #if defined(MOZ_SANDBOX) && defined(XP_WIN)
  89   // We delay load winmm.dll so that its dependencies don't interfere with COM
  90   // initialization when win32k is locked down. We need to load it before we
  91   // lower the sandbox in processes where the policy will prevent loading.
  92   LoadLibraryOrCrash(L"winmm.dll");
  93
  94   // Call this once before enabling the sandbox, it will cache its result
  95   // in a static variable.
  96   GetCpuFrequencyMHz();
  97
  98   if (*sandboxingKind == SandboxingKind::GENERIC_UTILITY) {
  99     // Preload audio generic libraries required for ffmpeg only
 100     UtilityAudioDecoderParent::GenericPreloadForSandbox();
 101   }
 102
 103   if (*sandboxingKind == SandboxingKind::UTILITY_AUDIO_DECODING_WMF
 104 #  ifdef MOZ_WMF_MEDIA_ENGINE
 105       || *sandboxingKind == SandboxingKind::MF_MEDIA_ENGINE_CDM
 106 #  endif
 107   ) {
 108     UtilityAudioDecoderParent::WMFPreloadForSandbox();
 109   }
 110
 111   // Go for it
 112   mozilla::SandboxTarget::Instance()->StartSandbox();
 113 #elif defined(__OpenBSD__) && defined(MOZ_SANDBOX)
 114   if (*sandboxingKind != SandboxingKind::GENERIC_UTILITY) {
 115     StartOpenBSDSandbox(GeckoProcessType_Utility,
 116                         (SandboxingKind)*sandboxingKind);
 117   }
 118 #endif
 119
 120 #if defined(MOZ_WMF_CDM) && defined(MOZ_SANDBOX)
 121   if (*sandboxingKind == MF_MEDIA_ENGINE_CDM) {
 122     Maybe<const char*> pluginPath = geckoargs::sPluginPath.Get(aArgc, aArgv);
 123     if (pluginPath) {
 124       MFCDMParent::SetWidevineL1Path(*pluginPath);
 125     } else {
 126       NS_WARNING("No Widevine L1 plugin for the utility process!");
 127     }
 128   }
 129 #endif
 130
 131   Maybe<const char*> parentBuildID =
 132       geckoargs::sParentBuildID.Get(aArgc, aArgv);
 133   if (parentBuildID.isNothing()) {
 134     return false;
 135   }
 136
 137   if (!ProcessChild::InitPrefs(aArgc, aArgv)) {
 138     return false;
 139   }
 140
 141   return mUtility->Init(TakeInitialEndpoint(), nsCString(*parentBuildID),
 142                         *sandboxingKind);
 143 }
 144
 145 void UtilityProcessImpl::CleanUp() { NS_ShutdownXPCOM(nullptr); }
 146
 147 }  // namespace mozilla::ipc