Bug 1347710 - Add GPU sandbox to crash reporter annotations r=handyman,gsvelto

Differential Revision: https://phabricator.services.mozilla.com/D160278
2022-10-26 19:23:13 +00:00 · 2022-10-26 19:23:13 +00:00 · 36e8371ccf
commit 36e8371ccf
parent 557d18c8a7
5 changed files with 32 additions and 6 deletions
--- a/security/sandbox/common/SandboxSettings.cpp
+++ b/security/sandbox/common/SandboxSettings.cpp
@ -157,6 +157,10 @@ int GetEffectiveSocketProcessSandboxLevel() {
  return level;
 }

+int GetEffectiveGpuSandboxLevel() {
+  return StaticPrefs::security_sandbox_gpu_level();
+}
+
 #if defined(XP_MACOSX)
 int ClampFlashSandboxLevel(const int aLevel) {
  const int minLevel = 0;
--- a/security/sandbox/common/SandboxSettings.h
+++ b/security/sandbox/common/SandboxSettings.h
@ -22,6 +22,7 @@ namespace mozilla {
 // MOZ_DISABLE_CONTENT_SANDBOX is set.
 int GetEffectiveContentSandboxLevel();
 int GetEffectiveSocketProcessSandboxLevel();
+int GetEffectiveGpuSandboxLevel();

 // Checks whether the effective content sandbox level is > 0.
 bool IsContentSandboxEnabled();
--- a/toolkit/crashreporter/CrashAnnotations.yaml
+++ b/toolkit/crashreporter/CrashAnnotations.yaml
@ -219,6 +219,11 @@ ContentSandboxWin32kState:
    Content sandbox Win32k state
  type: string

+GpuSandboxLevel:
+  description: >
+    GPU sandbox level.
+  type: integer
+
 CoUnmarshalInterfaceResult:
  description: >
    Annotation describing the error returned by trying to unmarshal an object
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@ -5212,14 +5212,26 @@ int XREMain::XRE_mainStartup(bool* aExitFlag) {

 #if defined(MOZ_SANDBOX)
 void AddSandboxAnnotations() {
-  // Include the sandbox content level, regardless of platform
-  int level = GetEffectiveContentSandboxLevel();
+  {
+    // Include the sandbox content level, regardless of platform
+    int level = GetEffectiveContentSandboxLevel();

-  nsAutoCString levelString;
-  levelString.AppendInt(level);
+    nsAutoCString levelString;
+    levelString.AppendInt(level);

-  CrashReporter::AnnotateCrashReport(
-      CrashReporter::Annotation::ContentSandboxLevel, levelString);
+    CrashReporter::AnnotateCrashReport(
+        CrashReporter::Annotation::ContentSandboxLevel, levelString);
+  }
+
+  {
+    int level = GetEffectiveGpuSandboxLevel();
+
+    nsAutoCString levelString;
+    levelString.AppendInt(level);
+
+    CrashReporter::AnnotateCrashReport(
+        CrashReporter::Annotation::GpuSandboxLevel, levelString);
+  }

  // Include whether or not this instance is capable of content sandboxing
  bool sandboxCapable = false;
--- a/toolkit/xre/nsEmbedFunctions.cpp
+++ b/toolkit/xre/nsEmbedFunctions.cpp
@ -282,6 +282,10 @@ void AddContentSandboxLevelAnnotation() {
    int level = GetEffectiveContentSandboxLevel();
    CrashReporter::AnnotateCrashReport(
        CrashReporter::Annotation::ContentSandboxLevel, level);
+  } else if (XRE_GetProcessType() == GeckoProcessType_GPU) {
+    int level = GetEffectiveGpuSandboxLevel();
+    CrashReporter::AnnotateCrashReport(
+        CrashReporter::Annotation::GpuSandboxLevel, level);
  }
 }
 #endif /* MOZ_SANDBOX */