Re: e10s-multi update and tests

On Thursday, 23 March 2017 01:01:16 UTC, Nicholas Nethercote wrote: > Do we have a clear definition of "content process"? I.e. does/will it > include: > > - GMP processes (no?) > - GPU process (probably not?) > - file:// URL processes (probably should?) > - Web Extensions processes (probably shou

Re: Enabling filesystem read-restrictions for content process sandbox

As a follow-up to this, tomorrow's (2017-07-22) Nightly will have this enabled for the Windows content process sandbox as well. On Windows this removes access that the User gains via their own SID. So generally things under their home directory (C:\Users\\). With exceptions for the Firefox instal

PSA: Making Windows 10 SDK version 10.0.10586 the minimum for building Firefox

Hi, I'm just about to land a patch that makes Windows 10 SDK version 10.0.10586 the minimum required for building Firefox. We require this to be able to compile certain features for the Chromium Windows process sandbox. If you are using Visual Studio 2015 and you don't have this, it (or a late

PSA: Making Windows 10 SDK version 10.0.14393 the minimum for building Firefox

Hi, Early in the 59 cycle, I intend to make Windows 10 SDK version 10.0.14393 the minimum required for building Firefox. Like before, this is because of new Windows security features used in an update to the Chromium Windows process sandbox. If you are using Visual Studio 2015 and you don't ha

Re: PSA: Making Windows 10 SDK version 10.0.14393 the minimum for building Firefox

This change is now on mozilla-inbound. On Thursday, 9 November 2017 10:31:41 UTC, bo...@mozilla.com wrote: > Hi, > > Early in the 59 cycle, I intend to make Windows 10 SDK version 10.0.14393 the > minimum required for building Firefox. > > Like before, this is because of new Windows security f

Re: Hiding 'new' statements - Good or Evil?

I'm not sure what the benefits are (the MakeUnique comments only really seem to give aesthetic ones), but they do make it a bit harder when searching through code to see where things are constructed. I suppose if we always stick to using Make* then (with regex) it wouldn't add too much burden f

Re: How to pass data from to a content process when it starts up?

Hi Nick, SandboxBroker::AddHandleToShare was added to add the handles to the sandbox policy, before it was realised that we'd need to do this for the non-sandboxed process launch as well, hence LaunchOptions::handles_to_inherit. I think we should change [1] to pass the LaunchOptions and then us

Re: How to pass data from to a content process when it starts up?

Perhaps we should also change the various GeckoChildProcessHost Launch methods to accept LaunchOptions or a similar structure instead of aExtraOpts. On Wednesday, 14 February 2018 09:23:05 UTC, bo...@mozilla.com wrote: > Hi Nick, > > SandboxBroker::AddHandleToShare was added to add the handles

Windows content process sandbox strengthening.

The next Nightly should include two small improvements to the Windows content process sandbox policy. The new default pref is: security.sandbox.content.level=2 I have just found a new regression (bug 1211873) since landing this. This is that file:// URLs for files on network shares are blocked.

Re: Updating 32-bit Windows users to 64-bit Windows builds?

On Thursday, 12 May 2016 21:36:53 UTC+1, Chris Peterson wrote: > Yes. Flash and Silverlight both have 64-bit plugins that work in 64-bit > Firefox. Streaming video services will likely move their Firefox users > from Silverlight to Widevine this year, so Silverlight usage will > decline by EOY.

Separate Content Process for loading file:// URI pages

In bug 1147911, I've just landed patches to enable using a separate content process for loading file:// URI content pages. This is controlled by the pref browser.tabs.remote.separateFileUriProcess and this is set to true for Nightly only at the moment. Please file any issues you find to block b

Intent to not fix: Building with gcc-4.6 for Fx38+

Hi, In summary: Officially make gcc-4.7 our minimum supported version. Fx38 and 39 don't compile with 4.6 and none of the GNU/Linux package maintainers I have contacted have any major concerns over dropping it. There are three outstanding bugs open over Fx38+ not compiling with gcc-4.6. One of

Re: Intent to not fix: Building with gcc-4.6 for Fx38+

On Tuesday, March 10, 2015 at 5:06:31 PM UTC, Ehsan Akhgari wrote: > >> Here's a push in case the bugs don't exist in certain builds: > >> https://treeherder.mozilla.org/#/jobs?repo=try&revision=044e896fc6fa > > > > I was looking at the log for a B2G Device Image build (I think it > > was the one

Re: Intent to not fix: Building with gcc-4.6 for Fx38+

On Wednesday, March 11, 2015 at 8:40:46 AM UTC, Mike Hommey wrote: > On Tue, Mar 10, 2015 at 07:23:36PM -0700, Brian Smith wrote: > > wrote: > > > In summary: Officially make gcc-4.7 our minimum supported version. Fx38 > > > and 39 don't compile with 4.6 and none of the GNU/Linux package > > > m

Re: Intent to not fix: Building with gcc-4.6 for Fx38+

On Wednesday, March 11, 2015 at 11:53:11 AM UTC, Brian Smith wrote: > wrote: > > Also, from what I can tell of the C++ features that gcc-4.8 enables (from > > [1]), none of them are available until MSVC 2015. > > It seems likely that we'll be supporting MSVC 2013 until the next ESR, so I > > don

Re: Intent to not fix: Building with gcc-4.6 for Fx38+

On Wednesday, March 11, 2015 at 5:14:39 PM UTC, Ehsan Akhgari wrote: > On 2015-03-11 8:34 AM, bo...@mozilla.com wrote: > > Given that we (and probably Chromium) would be unlikely to drop MSVC 2013 > > before our next ESR anyway > > That is not true. The compiler that we use to build ESR has noth

Re: Intent to not fix: Building with gcc-4.6 for Fx38+

On Tuesday, March 10, 2015 at 2:38:43 PM UTC, Ehsan Akhgari wrote: > Have you tested bumping the gcc min version here > > > to see if there are any builders that still use gcc 4.6? I haven't, no. I assume you mean b

Re: Intent to not fix: Building with gcc-4.6 for Fx38+

I have now updated the two MDN pages (that I know of) to reflect that gcc-4.7 or later is now required. This has made the

PSA: New C++11 features made available by dropping support for gcc-4.6 in Gecko 38

I was asked to repost this in a new thread in case it got lost ... I have now updated the two MDN pages (that I know of) to reflect that gcc-4.7 or later is now required.

Please help with testing a low integrity level for the content process sandbox on Windows.

I have just landed a patch which changes the "level 1" Windows content process sandbox policy to one which runs the process at a low integrity level from the start. This will hopefully make it into tomorrow's Nightly. (pref: security.sandbox.content.level=1) Running at low integrity for the whol

Windows content process sandbox now low integrity by default

Following on from my previous post [1], I have now landed a patch that makes the Windows content process sandbox low integrity by default. (pref: security.sandbox.content.level=1) I know of only one regression that this causes at the moment. This is that printing using the "Microsoft XPS Documen

Re: Is there an e10s plan for multiple content processes?

On Wednesday, 6 May 2015 02:26:17 UTC+1, Mike Hommey wrote: > Nuwa, aiui, can somewhat help here, but the possibly best option is > actually to just not have a separate executable and fork() the main > process (I didn't say this was going to be easy) Not having a separate executable has some ot

Process-level mitiagtions are being turned on for the Windows content process sandbox

Hi all, The next Nightly should have certain process-level mitigations turned on for the Windows content process sandbox. These are Chromium sandbox features that ensure that things like DEP, ASLR and SEHOP are turned on for the content process when available. If you are running Nightly on Win

Please help test the low integrity NPAPI plugin sandbox for Flash on Windows

Hi all, At the end of last week I landed patches that allow us to add running at low integrity to our potential sandbox policy for NPAPI processes on Windows. I would be grateful if anyone who uses Nightly on Windows would test the Flash plugin running with our sandbox. You can do this by sett

Re: PSA: searchfox now indexing Windows Rust/C++ code

On Friday, 2 November 2018 15:32:37 UTC, Kartikaya Gupta wrote: > Hello searchfox fans, > > Those of you working in Windows-only Rust and C++ code will probably > be happy to hear that as of today searchfox is indexing the > Windows-only bits of our codebase as well. This will make such a differ

Please help to test remote Canvas 2D on Nightly

Hi all, On Windows, as part of our work to move GPU access and win32k system calls out of the content process, we are moving accelerated Canvas 2D to the GPU process. I am nearly ready to enable this by default on Nightly and would really appreciate it if people running Nightly on Windows would

PSA: Remote Canvas 2D is being enabled on Nightly

Hi all, I have just landed the patch to enable moving accelerated Canvas 2D to the GPU process on Windows. This is only enabled on Nightly at the moment and is part of our work to move GPU access and win32k system calls out of the content process. Please file any problems you find as bugs bloc

Re: PSA: Remote Canvas 2D is being enabled on Nightly

Well that was short lived ... although not totally unexpectedly. This has been disabled again for the moment, while I investigate regressions. Two of these I think are too frequent for us to carry in Nightly. Both of these frequent ones look like they are things that are normally non-fatal issue

Remote Canvas 2D has been re-enabled on Nightly

Hi all, The latest Nightly has the pref re-enabled to move accelerated Canvas 2D to the GPU process on Windows. This is only enabled on Nightly at the moment and is part of our work to move GPU access and win32k system calls out of the content process. Please file any problems you find as bugs