/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* vim: set ts=2 et sw=2 tw=80: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifdef MOZ_WIDGET_ANDROID # include "AndroidDecoderModule.h" #endif #include "BrowserChild.h" #include "nsNSSComponent.h" #include "ContentChild.h" #include "GeckoProfiler.h" #include "HandlerServiceChild.h" #include "nsXPLookAndFeel.h" #include "mozilla/AppShutdown.h" #include "mozilla/Attributes.h" #include "mozilla/BackgroundHangMonitor.h" #include "mozilla/BenchmarkStorageChild.h" #include "mozilla/FOGIPC.h" #include "GMPServiceChild.h" #include "Geolocation.h" #include "imgLoader.h" #include "ScrollingMetrics.h" #include "mozilla/BasePrincipal.h" #include "mozilla/Components.h" #include "mozilla/HangDetails.h" #include "mozilla/LoadInfo.h" #include "mozilla/Logging.h" #include "mozilla/LookAndFeel.h" #include "mozilla/MemoryTelemetry.h" #include "mozilla/NullPrincipal.h" #include "mozilla/PerfStats.h" #include "mozilla/PerformanceMetricsCollector.h" #include "mozilla/PerformanceUtils.h" #include "mozilla/Preferences.h" #include "mozilla/ProcessHangMonitorIPC.h" #include "mozilla/RemoteDecoderManagerChild.h" #include "mozilla/RemoteLazyInputStreamChild.h" #include "mozilla/SchedulerGroup.h" #include "mozilla/ScopeExit.h" #include "mozilla/SharedStyleSheetCache.h" #include "mozilla/SimpleEnumerator.h" #include "mozilla/SpinEventLoopUntil.h" #include "mozilla/StaticPrefs_browser.h" #include "mozilla/StaticPrefs_dom.h" #include "mozilla/StaticPrefs_fission.h" #include "mozilla/StaticPrefs_javascript.h" #include "mozilla/StaticPrefs_media.h" #include "mozilla/StaticPrefs_threads.h" #include "mozilla/StorageAccessAPIHelper.h" #include "mozilla/TelemetryIPC.h" #include "mozilla/Unused.h" #include "mozilla/WebBrowserPersistDocumentChild.h" #include "mozilla/devtools/HeapSnapshotTempFileHelperChild.h" #include "mozilla/dom/AutoSuppressEventHandlingAndSuspend.h" #include "mozilla/dom/BlobImpl.h" #include "mozilla/dom/BrowserBridgeHost.h" #include "mozilla/dom/BrowsingContext.h" #include "mozilla/dom/BrowsingContextGroup.h" #include "mozilla/dom/ChildProcessChannelListener.h" #include "mozilla/dom/ChildProcessMessageManager.h" #include "mozilla/dom/ClientManager.h" #include "mozilla/dom/ContentParent.h" #include "mozilla/dom/ContentProcessManager.h" #include "mozilla/dom/ContentPlaybackController.h" #include "mozilla/dom/ContentProcessMessageManager.h" #include "mozilla/dom/DataTransfer.h" #include "mozilla/dom/DocGroup.h" #include "mozilla/dom/ExternalHelperAppChild.h" #include "mozilla/dom/GetFilesHelper.h" #include "mozilla/dom/IPCBlobUtils.h" #include "mozilla/dom/InProcessChild.h" #include "mozilla/dom/JSActorService.h" #include "mozilla/dom/JSProcessActorBinding.h" #include "mozilla/dom/JSProcessActorChild.h" #include "mozilla/dom/LSObject.h" #include "mozilla/dom/MemoryReportRequest.h" #include "mozilla/dom/PLoginReputationChild.h" #include "mozilla/dom/PSessionStorageObserverChild.h" #include "mozilla/dom/PostMessageEvent.h" #include "mozilla/dom/PushNotifier.h" #include "mozilla/dom/RemoteWorkerService.h" #include "mozilla/dom/ScreenOrientation.h" #include "mozilla/dom/ServiceWorkerManager.h" #include "mozilla/dom/SessionStorageManager.h" #include "mozilla/dom/URLClassifierChild.h" #include "mozilla/dom/WindowGlobalChild.h" #include "mozilla/dom/WorkerDebugger.h" #include "mozilla/dom/WorkerDebuggerManager.h" #include "mozilla/dom/ipc/SharedMap.h" #include "mozilla/extensions/ExtensionsChild.h" #include "mozilla/extensions/StreamFilterParent.h" #include "mozilla/gfx/Logging.h" #include "mozilla/gfx/gfxVars.h" #include "mozilla/hal_sandbox/PHalChild.h" #include "mozilla/intl/L10nRegistry.h" #include "mozilla/intl/LocaleService.h" #include "mozilla/ipc/BackgroundChild.h" #include "mozilla/ipc/Endpoint.h" #include "mozilla/ipc/FileDescriptorUtils.h" #include "mozilla/ipc/GeckoChildProcessHost.h" #include "mozilla/ipc/ProcessChild.h" #include "mozilla/ipc/TestShellChild.h" #include "mozilla/layers/APZChild.h" #include "mozilla/layers/CompositorManagerChild.h" #include "mozilla/layers/ContentProcessController.h" #include "mozilla/layers/ImageBridgeChild.h" #ifdef NS_PRINTING # include "mozilla/layout/RemotePrintJobChild.h" #endif #include "mozilla/loader/ScriptCacheActors.h" #include "mozilla/media/MediaChild.h" #include "mozilla/net/CaptivePortalService.h" #include "mozilla/net/ChildDNSService.h" #include "mozilla/net/CookieServiceChild.h" #include "mozilla/net/DocumentChannelChild.h" #include "mozilla/net/HttpChannelChild.h" #include "mozilla/widget/RemoteLookAndFeel.h" #include "mozilla/widget/ScreenManager.h" #include "mozilla/widget/WidgetMessageUtils.h" #include "nsBaseDragService.h" #include "nsDocShellLoadTypes.h" #include "nsFocusManager.h" #include "nsHttpHandler.h" #include "nsIConsoleService.h" #include "nsIInputStreamChannel.h" #include "nsILayoutHistoryState.h" #include "nsILoadGroup.h" #include "nsIOpenWindowInfo.h" #include "nsISimpleEnumerator.h" #include "nsIStringBundle.h" #include "nsIURIMutator.h" #include "nsQueryObject.h" #include "nsSandboxFlags.h" #include "mozmemory.h" #include "ChildProfilerController.h" #if defined(MOZ_SANDBOX) # include "mozilla/SandboxSettings.h" # if defined(XP_WIN) # include "mozilla/sandboxTarget.h" # elif defined(XP_LINUX) # include "CubebUtils.h" # include "mozilla/Sandbox.h" # include "mozilla/SandboxInfo.h" # elif defined(XP_MACOSX) # include "mozilla/Sandbox.h" # include "mozilla/gfx/QuartzSupport.h" # elif defined(__OpenBSD__) # include # include # include # include # include "BinaryPath.h" # include "SpecialSystemDirectory.h" # include "nsILineInputStream.h" # include "mozilla/ipc/UtilityProcessSandboxing.h" # endif # if defined(MOZ_DEBUG) && defined(ENABLE_TESTS) # include "mozilla/SandboxTestingChild.h" # endif #endif #include "SandboxHal.h" #include "mozInlineSpellChecker.h" #include "mozilla/GlobalStyleSheetCache.h" #include "nsAnonymousTemporaryFile.h" #include "nsCategoryManagerUtils.h" #include "nsClipboardProxy.h" #include "nsContentPermissionHelper.h" #include "nsDebugImpl.h" #include "nsDirectoryService.h" #include "nsDirectoryServiceDefs.h" #include "nsDirectoryServiceUtils.h" #include "nsDocShell.h" #include "nsDocShellLoadState.h" #include "nsHashPropertyBag.h" #include "nsIConsoleListener.h" #include "nsIContentViewer.h" #include "nsICycleCollectorListener.h" #include "nsIDocShellTreeOwner.h" #include "nsIDragService.h" #include "nsIInterfaceRequestorUtils.h" #include "nsIMemoryInfoDumper.h" #include "nsIMemoryReporter.h" #include "nsIObserverService.h" #include "nsIOService.h" #include "nsIScriptError.h" #include "nsIScriptSecurityManager.h" #include "nsJSEnvironment.h" #include "nsJSUtils.h" #include "nsMemoryInfoDumper.h" #include "nsPluginHost.h" #include "nsServiceManagerUtils.h" #include "nsStyleSheetService.h" #include "nsThreadManager.h" #include "nsVariant.h" #include "nsXULAppAPI.h" #include "IHistory.h" #include "ReferrerInfo.h" #include "base/message_loop.h" #include "base/process_util.h" #include "base/task.h" #include "mozilla/dom/BlobURLProtocolHandler.h" #include "mozilla/dom/PCycleCollectWithLogsChild.h" #include "mozilla/dom/PerformanceStorage.h" #include "nsChromeRegistryContent.h" #include "nsFrameMessageManager.h" #include "nsNetUtil.h" #include "nsWindowMemoryReporter.h" #ifdef MOZ_WEBRTC # include "jsapi/WebrtcGlobalChild.h" #endif #include "PermissionMessageUtils.h" #include "mozilla/Permission.h" #include "mozilla/PermissionManager.h" #if defined(MOZ_WIDGET_ANDROID) # include "APKOpen.h" #endif #ifdef XP_WIN # include # define getpid _getpid # include "mozilla/WinDllServices.h" #endif #if defined(XP_MACOSX) # include "nsMacUtilsImpl.h" # include #endif /* XP_MACOSX */ #ifdef MOZ_X11 # include "mozilla/X11Util.h" #endif #ifdef ACCESSIBILITY # include "nsAccessibilityService.h" # ifdef XP_WIN # include "mozilla/a11y/AccessibleWrap.h" # endif # include "mozilla/a11y/DocAccessible.h" # include "mozilla/a11y/DocManager.h" # include "mozilla/a11y/OuterDocAccessible.h" #endif #include "mozilla/dom/File.h" #include "mozilla/dom/MediaControllerBinding.h" #ifdef MOZ_WEBSPEECH # include "mozilla/dom/PSpeechSynthesisChild.h" #endif #include "ClearOnShutdown.h" #include "DomainPolicy.h" #include "GfxInfoBase.h" #include "MMPrinter.h" #include "mozilla/ipc/ProcessUtils.h" #include "mozilla/ipc/URIUtils.h" #include "VRManagerChild.h" #include "gfxPlatform.h" #include "gfxPlatformFontList.h" #include "mozilla/RemoteSpellCheckEngineChild.h" #include "mozilla/dom/TabContext.h" #include "mozilla/dom/ipc/StructuredCloneData.h" #include "mozilla/ipc/CrashReporterClient.h" #include "mozilla/net/NeckoMessageUtils.h" #include "mozilla/widget/PuppetBidiKeyboard.h" #include "nsContentUtils.h" #include "nsIPrincipal.h" #include "nsString.h" #include "nscore.h" // for NS_FREE_PERMANENT_DATA #include "private/pprio.h" #ifdef MOZ_WIDGET_GTK # include "mozilla/WidgetUtilsGtk.h" # include "nsAppRunner.h" # include #endif #ifdef MOZ_CODE_COVERAGE # include "mozilla/CodeCoverageHandler.h" #endif extern mozilla::LazyLogModule gSHIPBFCacheLog; using namespace mozilla; using namespace mozilla::dom::ipc; using namespace mozilla::media; using namespace mozilla::embedding; using namespace mozilla::gmp; using namespace mozilla::hal_sandbox; using namespace mozilla::ipc; using namespace mozilla::intl; using namespace mozilla::layers; using namespace mozilla::layout; using namespace mozilla::net; using namespace mozilla::widget; using mozilla::loader::PScriptCacheChild; namespace geckoprofiler::markers { struct ProcessPriorityChange { static constexpr Span MarkerTypeName() { return MakeStringSpan("ProcessPriorityChange"); } static void StreamJSONMarkerData(baseprofiler::SpliceableJSONWriter& aWriter, const ProfilerString8View& aPreviousPriority, const ProfilerString8View& aNewPriority) { aWriter.StringProperty("Before", aPreviousPriority); aWriter.StringProperty("After", aNewPriority); } static MarkerSchema MarkerTypeDisplay() { using MS = MarkerSchema; MS schema{MS::Location::MarkerChart, MS::Location::MarkerTable}; schema.AddKeyFormat("Before", MS::Format::String); schema.AddKeyFormat("After", MS::Format::String); schema.AddStaticLabelValue("Note", "This is a notification of the priority change " "that was done by the parent process"); schema.SetAllLabels( "priority: {marker.data.Before} -> {marker.data.After}"); return schema; } }; struct ProcessPriority { static constexpr Span MarkerTypeName() { return MakeStringSpan("ProcessPriority"); } static void StreamJSONMarkerData(baseprofiler::SpliceableJSONWriter& aWriter, const ProfilerString8View& aPriority, const ProfilingState& aProfilingState) { aWriter.StringProperty("Priority", aPriority); aWriter.StringProperty("Marker cause", ProfilerString8View::WrapNullTerminatedString( ProfilingStateToString(aProfilingState))); } static MarkerSchema MarkerTypeDisplay() { using MS = MarkerSchema; MS schema{MS::Location::MarkerChart, MS::Location::MarkerTable}; schema.AddKeyFormat("Priority", MS::Format::String); schema.AddKeyFormat("Marker cause", MS::Format::String); schema.SetAllLabels("priority: {marker.data.Priority}"); return schema; } }; } // namespace geckoprofiler::markers namespace mozilla { namespace dom { // IPC sender for remote GC/CC logging. class CycleCollectWithLogsChild final : public PCycleCollectWithLogsChild { public: NS_INLINE_DECL_REFCOUNTING(CycleCollectWithLogsChild) class Sink final : public nsICycleCollectorLogSink { NS_DECL_ISUPPORTS Sink(CycleCollectWithLogsChild* aActor, const FileDescriptor& aGCLog, const FileDescriptor& aCCLog) { mActor = aActor; mGCLog = FileDescriptorToFILE(aGCLog, "w"); mCCLog = FileDescriptorToFILE(aCCLog, "w"); } NS_IMETHOD Open(FILE** aGCLog, FILE** aCCLog) override { if (NS_WARN_IF(!mGCLog) || NS_WARN_IF(!mCCLog)) { return NS_ERROR_FAILURE; } *aGCLog = mGCLog; *aCCLog = mCCLog; return NS_OK; } NS_IMETHOD CloseGCLog() override { MOZ_ASSERT(mGCLog); fclose(mGCLog); mGCLog = nullptr; mActor->SendCloseGCLog(); return NS_OK; } NS_IMETHOD CloseCCLog() override { MOZ_ASSERT(mCCLog); fclose(mCCLog); mCCLog = nullptr; mActor->SendCloseCCLog(); return NS_OK; } NS_IMETHOD GetFilenameIdentifier(nsAString& aIdentifier) override { return UnimplementedProperty(); } NS_IMETHOD SetFilenameIdentifier(const nsAString& aIdentifier) override { return UnimplementedProperty(); } NS_IMETHOD GetProcessIdentifier(int32_t* aIdentifier) override { return UnimplementedProperty(); } NS_IMETHOD SetProcessIdentifier(int32_t aIdentifier) override { return UnimplementedProperty(); } NS_IMETHOD GetGcLog(nsIFile** aPath) override { return UnimplementedProperty(); } NS_IMETHOD GetCcLog(nsIFile** aPath) override { return UnimplementedProperty(); } private: ~Sink() { if (mGCLog) { fclose(mGCLog); mGCLog = nullptr; } if (mCCLog) { fclose(mCCLog); mCCLog = nullptr; } // The XPCOM refcount drives the IPC lifecycle; Unused << mActor->Send__delete__(mActor); } nsresult UnimplementedProperty() { MOZ_ASSERT(false, "This object is a remote GC/CC logger;" " this property isn't meaningful."); return NS_ERROR_UNEXPECTED; } RefPtr mActor; FILE* mGCLog; FILE* mCCLog; }; private: ~CycleCollectWithLogsChild() = default; }; NS_IMPL_ISUPPORTS(CycleCollectWithLogsChild::Sink, nsICycleCollectorLogSink); class AlertObserver { public: AlertObserver(nsIObserver* aObserver, const nsString& aData) : mObserver(aObserver), mData(aData) {} ~AlertObserver() = default; nsCOMPtr mObserver; nsString mData; }; class ConsoleListener final : public nsIConsoleListener { public: explicit ConsoleListener(ContentChild* aChild) : mChild(aChild) {} NS_DECL_ISUPPORTS NS_DECL_NSICONSOLELISTENER private: ~ConsoleListener() = default; ContentChild* mChild; friend class ContentChild; }; NS_IMPL_ISUPPORTS(ConsoleListener, nsIConsoleListener) // Before we send the error to the parent process (which // involves copying the memory), truncate any long lines. CSS // errors in particular share the memory for long lines with // repeated errors, but the IPC communication we're about to do // will break that sharing, so we better truncate now. static void TruncateString(nsAString& aString) { if (aString.Length() > 1000) { aString.Truncate(1000); } } NS_IMETHODIMP ConsoleListener::Observe(nsIConsoleMessage* aMessage) { if (!mChild) { return NS_OK; } nsCOMPtr scriptError = do_QueryInterface(aMessage); if (scriptError) { nsAutoString msg, sourceName, sourceLine; nsCString category; uint32_t lineNum, colNum, flags; bool fromPrivateWindow, fromChromeContext; nsresult rv = scriptError->GetErrorMessage(msg); NS_ENSURE_SUCCESS(rv, rv); TruncateString(msg); rv = scriptError->GetSourceName(sourceName); NS_ENSURE_SUCCESS(rv, rv); TruncateString(sourceName); rv = scriptError->GetSourceLine(sourceLine); NS_ENSURE_SUCCESS(rv, rv); TruncateString(sourceLine); rv = scriptError->GetCategory(getter_Copies(category)); NS_ENSURE_SUCCESS(rv, rv); rv = scriptError->GetLineNumber(&lineNum); NS_ENSURE_SUCCESS(rv, rv); rv = scriptError->GetColumnNumber(&colNum); NS_ENSURE_SUCCESS(rv, rv); rv = scriptError->GetFlags(&flags); NS_ENSURE_SUCCESS(rv, rv); rv = scriptError->GetIsFromPrivateWindow(&fromPrivateWindow); NS_ENSURE_SUCCESS(rv, rv); rv = scriptError->GetIsFromChromeContext(&fromChromeContext); NS_ENSURE_SUCCESS(rv, rv); { AutoJSAPI jsapi; jsapi.Init(); JSContext* cx = jsapi.cx(); JS::Rooted stack(cx); rv = scriptError->GetStack(&stack); NS_ENSURE_SUCCESS(rv, rv); if (stack.isObject()) { // Because |stack| might be a cross-compartment wrapper, we can't use it // with JSAutoRealm. Use the stackGlobal for that. JS::Rooted stackGlobal(cx); rv = scriptError->GetStackGlobal(&stackGlobal); NS_ENSURE_SUCCESS(rv, rv); JSAutoRealm ar(cx, &stackGlobal.toObject()); StructuredCloneData data; ErrorResult err; data.Write(cx, stack, err); if (err.Failed()) { return err.StealNSResult(); } ClonedMessageData cloned; if (!data.BuildClonedMessageData(cloned)) { return NS_ERROR_FAILURE; } mChild->SendScriptErrorWithStack( msg, sourceName, sourceLine, lineNum, colNum, flags, category, fromPrivateWindow, fromChromeContext, cloned); return NS_OK; } } mChild->SendScriptError(msg, sourceName, sourceLine, lineNum, colNum, flags, category, fromPrivateWindow, 0, fromChromeContext); return NS_OK; } nsString msg; nsresult rv = aMessage->GetMessageMoz(msg); NS_ENSURE_SUCCESS(rv, rv); mChild->SendConsoleMessage(msg); return NS_OK; } #ifdef NIGHTLY_BUILD /** * The singleton of this class is registered with the BackgroundHangMonitor as * an annotator, so that the hang monitor can record whether or not there were * pending input events when the thread hung. */ class PendingInputEventHangAnnotator final : public BackgroundHangAnnotator { public: virtual void AnnotateHang(BackgroundHangAnnotations& aAnnotations) override { int32_t pending = ContentChild::GetSingleton()->GetPendingInputEvents(); if (pending > 0) { aAnnotations.AddAnnotation(u"PendingInput"_ns, pending); } } static PendingInputEventHangAnnotator sSingleton; }; PendingInputEventHangAnnotator PendingInputEventHangAnnotator::sSingleton; #endif class ContentChild::ShutdownCanary final {}; ContentChild* ContentChild::sSingleton; StaticAutoPtr ContentChild::sShutdownCanary; ContentChild::ContentChild() : mID(uint64_t(-1)), mIsForBrowser(false), mIsAlive(true), mShuttingDown(false) { // This process is a content process, so it's clearly running in // multiprocess mode! nsDebugImpl::SetMultiprocessMode("Child"); // Our static analysis doesn't allow capturing ref-counted pointers in // lambdas, so we need to hide it in a uintptr_t. This is safe because this // lambda will be destroyed in ~ContentChild(). uintptr_t self = reinterpret_cast(this); profiler_add_state_change_callback( AllProfilingStates(), [self](ProfilingState aProfilingState) { const ContentChild* selfPtr = reinterpret_cast(self); PROFILER_MARKER("Process Priority", OTHER, mozilla::MarkerThreadId::MainThread(), ProcessPriority, ProfilerString8View::WrapNullTerminatedString( ProcessPriorityToString(selfPtr->mProcessPriority)), aProfilingState); }, self); // When ContentChild is created, the observer service does not even exist. // When ContentChild::RecvSetXPCOMProcessAttributes is called (the first // IPDL call made on this object), shutdown may have already happened. Thus // we create a canary here that relies upon getting cleared if shutdown // happens without requiring the observer service at this time. if (!sShutdownCanary) { sShutdownCanary = new ShutdownCanary(); ClearOnShutdown(&sShutdownCanary, ShutdownPhase::XPCOMShutdown); } } #ifdef _MSC_VER # pragma warning(push) # pragma warning( \ disable : 4722) /* Silence "destructor never returns" warning \ */ #endif ContentChild::~ContentChild() { profiler_remove_state_change_callback(reinterpret_cast(this)); #ifndef NS_FREE_PERMANENT_DATA MOZ_CRASH("Content Child shouldn't be destroyed."); #endif } #ifdef _MSC_VER # pragma warning(pop) #endif NS_INTERFACE_MAP_BEGIN(ContentChild) NS_INTERFACE_MAP_ENTRY(nsIDOMProcessChild) NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIDOMProcessChild) NS_INTERFACE_MAP_END mozilla::ipc::IPCResult ContentChild::RecvSetXPCOMProcessAttributes( XPCOMInitData&& aXPCOMInit, const StructuredCloneData& aInitialData, FullLookAndFeel&& aLookAndFeelData, dom::SystemFontList&& aFontList, Maybe&& aSharedUASheetHandle, const uintptr_t& aSharedUASheetAddress, nsTArray&& aSharedFontListBlocks, const bool& aIsReadyForBackgroundProcessing) { if (!sShutdownCanary) { return IPC_OK(); } mLookAndFeelData = std::move(aLookAndFeelData); mFontList = std::move(aFontList); mSharedFontListBlocks = std::move(aSharedFontListBlocks); gfx::gfxVars::SetValuesForInitialize(aXPCOMInit.gfxNonDefaultVarUpdates()); PerfStats::SetCollectionMask(aXPCOMInit.perfStatsMask()); InitSharedUASheets(std::move(aSharedUASheetHandle), aSharedUASheetAddress); InitXPCOM(std::move(aXPCOMInit), aInitialData, aIsReadyForBackgroundProcessing); InitGraphicsDeviceData(aXPCOMInit.contentDeviceData()); RefPtr dnsServiceChild = dont_AddRef(net::ChildDNSService::GetSingleton()); if (dnsServiceChild) { dnsServiceChild->SetTRRDomain(aXPCOMInit.trrDomain()); dnsServiceChild->SetTRRModeInChild(aXPCOMInit.trrMode(), aXPCOMInit.trrModeFromPref()); } return IPC_OK(); } class nsGtkNativeInitRunnable : public Runnable { public: nsGtkNativeInitRunnable() : Runnable("nsGtkNativeInitRunnable") {} NS_IMETHOD Run() override { LookAndFeel::NativeInit(); return NS_OK; } }; void ContentChild::Init(mozilla::ipc::UntypedEndpoint&& aEndpoint, const char* aParentBuildID, uint64_t aChildID, bool aIsForBrowser) { #ifdef MOZ_WIDGET_GTK // When running X11 only build we need to pass a display down // to gtk_init because it's not going to use the one from the environment // on its own when deciding which backend to use, and when starting under // XWayland, it may choose to start with the wayland backend // instead of the x11 backend. // The DISPLAY environment variable is normally set by the parent process. // The MOZ_GDK_DISPLAY environment variable is set from nsAppRunner.cpp // when --display is set by the command line. if (!gfxPlatform::IsHeadless()) { const char* display_name = PR_GetEnv("MOZ_GDK_DISPLAY"); if (!display_name) { bool waylandEnabled = false; # ifdef MOZ_WAYLAND waylandEnabled = IsWaylandEnabled(); # endif if (!waylandEnabled) { display_name = PR_GetEnv("DISPLAY"); } } if (display_name) { int argc = 3; char option_name[] = "--display"; char* argv[] = { // argv0 is unused because g_set_prgname() was called in // XRE_InitChildProcess(). nullptr, option_name, const_cast(display_name), nullptr}; char** argvp = argv; gtk_init(&argc, &argvp); } else { gtk_init(nullptr, nullptr); } } #endif #ifdef MOZ_X11 if (!gfxPlatform::IsHeadless()) { // Do this after initializing GDK, or GDK will install its own handler. XRE_InstallX11ErrorHandler(); } #endif MOZ_ASSERT(!sSingleton, "only one ContentChild per child"); // Once we start sending IPC messages, we need the thread manager to be // initialized so we can deal with the responses. Do that here before we // try to construct the crash reporter. nsresult rv = nsThreadManager::get().Init(); if (NS_WARN_IF(NS_FAILED(rv))) { MOZ_CRASH("Failed to initialize the thread manager in ContentChild::Init"); } if (!aEndpoint.Bind(this)) { MOZ_CRASH("Bind failed in ContentChild::Init"); } sSingleton = this; // If communications with the parent have broken down, take the process // down so it's not hanging around. GetIPCChannel()->SetAbortOnError(true); // This must be checked before any IPDL message, which may hit sentinel // errors due to parent and content processes having different // versions. MessageChannel* channel = GetIPCChannel(); if (channel && !channel->SendBuildIDsMatchMessage(aParentBuildID)) { // We need to quit this process if the buildID doesn't match the parent's. // This can occur when an update occurred in the background. ProcessChild::QuickExit(); } #if defined(__OpenBSD__) && defined(MOZ_SANDBOX) StartOpenBSDSandbox(GeckoProcessType_Content); #endif #ifdef MOZ_X11 # ifdef MOZ_WIDGET_GTK if (GdkIsX11Display() && !gfxPlatform::IsHeadless()) { // Send the parent our X socket to act as a proxy reference for our X // resources. int xSocketFd = ConnectionNumber(DefaultXDisplay()); SendBackUpXResources(FileDescriptor(xSocketFd)); } # endif #endif CrashReporterClient::InitSingleton(this); mID = aChildID; mIsForBrowser = aIsForBrowser; SetProcessName("Web Content"_ns); #ifdef NIGHTLY_BUILD // NOTE: We have to register the annotator on the main thread, as annotators // only affect a single thread. SchedulerGroup::Dispatch( TaskCategory::Other, NS_NewRunnableFunction("RegisterPendingInputEventHangAnnotator", [] { BackgroundHangMonitor::RegisterAnnotator( PendingInputEventHangAnnotator::sSingleton); })); #endif } void ContentChild::AddProfileToProcessName(const nsACString& aProfile) { nsCOMPtr isolationPrincipal = ContentParent::CreateRemoteTypeIsolationPrincipal(mRemoteType); if (isolationPrincipal) { // DEFAULT_PRIVATE_BROWSING_ID is the value when it's not private if (isolationPrincipal->OriginAttributesRef().mPrivateBrowsingId != nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID) { return; } } mProcessName = aProfile + ":"_ns + mProcessName; //:example.com } void ContentChild::SetProcessName(const nsACString& aName, const nsACString* aSite, const nsACString* aCurrentProfile) { char* name; if ((name = PR_GetEnv("MOZ_DEBUG_APP_PROCESS")) && aName.EqualsASCII(name)) { #ifdef OS_POSIX printf_stderr("\n\nCHILDCHILDCHILDCHILD\n [%s] debug me @%d\n\n", name, getpid()); sleep(30); #elif defined(OS_WIN) // Windows has a decent JIT debugging story, so NS_DebugBreak does the // right thing. NS_DebugBreak(NS_DEBUG_BREAK, "Invoking NS_DebugBreak() to debug child process", nullptr, __FILE__, __LINE__); #endif } if (aSite) { profiler_set_process_name(aName, aSite); } else { profiler_set_process_name(aName); } mProcessName = aName; // Requires pref flip if (aSite && StaticPrefs::fission_processSiteNames()) { nsCOMPtr isolationPrincipal = ContentParent::CreateRemoteTypeIsolationPrincipal(mRemoteType); if (isolationPrincipal) { // DEFAULT_PRIVATE_BROWSING_ID is the value when it's not private MOZ_LOG(ContentParent::GetLog(), LogLevel::Debug, ("private = %d, pref = %d", isolationPrincipal->OriginAttributesRef().mPrivateBrowsingId != nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID, StaticPrefs::fission_processPrivateWindowSiteNames())); if (isolationPrincipal->OriginAttributesRef().mPrivateBrowsingId == nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID #ifdef NIGHTLY_BUILD // Nightly can show site names for private windows, with a second pref || StaticPrefs::fission_processPrivateWindowSiteNames() #endif ) { #if !defined(XP_MACOSX) // Mac doesn't have the 15-character limit Linux does // Sets profiler process name if (isolationPrincipal->SchemeIs("https")) { nsAutoCString schemeless; isolationPrincipal->GetHostPort(schemeless); nsAutoCString originSuffix; isolationPrincipal->GetOriginSuffix(originSuffix); schemeless.Append(originSuffix); mProcessName = schemeless; } else #endif { mProcessName = *aSite; } } } } if (StaticPrefs::fission_processProfileName() && aCurrentProfile && !aCurrentProfile->IsEmpty()) { AddProfileToProcessName(*aCurrentProfile); } // else private window, don't change process name, or the pref isn't set // mProcessName is always flat (mProcessName == aName) mozilla::ipc::SetThisProcessName(mProcessName.get()); MOZ_LOG(ContentParent::GetLog(), LogLevel::Debug, ("Changed name of process %d to %s", getpid(), PromiseFlatCString(mProcessName).get())); } static nsresult GetCreateWindowParams(nsIOpenWindowInfo* aOpenWindowInfo, nsDocShellLoadState* aLoadState, bool aForceNoReferrer, nsIReferrerInfo** aReferrerInfo, nsIPrincipal** aTriggeringPrincipal, nsIContentSecurityPolicy** aCsp) { if (!aTriggeringPrincipal || !aCsp) { NS_ERROR("aTriggeringPrincipal || aCsp is null"); return NS_ERROR_FAILURE; } if (!aReferrerInfo) { NS_ERROR("aReferrerInfo is null"); return NS_ERROR_FAILURE; } nsCOMPtr referrerInfo; if (aForceNoReferrer) { referrerInfo = new ReferrerInfo(nullptr, ReferrerPolicy::_empty, false); } if (aLoadState && !referrerInfo) { referrerInfo = aLoadState->GetReferrerInfo(); } RefPtr parent = aOpenWindowInfo->GetParent(); nsCOMPtr opener = parent ? parent->GetDOMWindow() : nullptr; if (!opener) { nsCOMPtr nullPrincipal = NullPrincipal::Create(aOpenWindowInfo->GetOriginAttributes()); if (!referrerInfo) { referrerInfo = new ReferrerInfo(nullptr, ReferrerPolicy::_empty); } referrerInfo.swap(*aReferrerInfo); NS_ADDREF(*aTriggeringPrincipal = nullPrincipal); return NS_OK; } nsCOMPtr doc = opener->GetDoc(); NS_ADDREF(*aTriggeringPrincipal = doc->NodePrincipal()); nsCOMPtr csp = doc->GetCsp(); if (csp) { csp.forget(aCsp); } nsCOMPtr baseURI = doc->GetDocBaseURI(); if (!baseURI) { NS_ERROR("Document didn't return a base URI"); return NS_ERROR_FAILURE; } if (!referrerInfo) { referrerInfo = new ReferrerInfo(*doc); } referrerInfo.swap(*aReferrerInfo); return NS_OK; } nsresult ContentChild::ProvideWindowCommon( NotNull aTabOpener, nsIOpenWindowInfo* aOpenWindowInfo, uint32_t aChromeFlags, bool aCalledFromJS, nsIURI* aURI, const nsAString& aName, const nsACString& aFeatures, bool aForceNoOpener, bool aForceNoReferrer, bool aIsPopupRequested, nsDocShellLoadState* aLoadState, bool* aWindowIsNew, BrowsingContext** aReturn) { *aReturn = nullptr; nsAutoCString features(aFeatures); nsAutoString name(aName); nsresult rv; RefPtr parent = aOpenWindowInfo->GetParent(); MOZ_DIAGNOSTIC_ASSERT(parent, "We must have a parent BC"); // Block the attempt to open a new window if the opening BrowsingContext is // not marked to use remote tabs. This ensures that the newly opened window is // correctly remote. if (NS_WARN_IF(!parent->UseRemoteTabs())) { return NS_ERROR_ABORT; } bool useRemoteSubframes = aChromeFlags & nsIWebBrowserChrome::CHROME_FISSION_WINDOW; uint32_t parentSandboxFlags = parent->SandboxFlags(); if (Document* doc = parent->GetDocument()) { parentSandboxFlags = doc->GetSandboxFlags(); } // Certain conditions complicate the process of creating the new // BrowsingContext, and prevent us from using the // "CreateWindowInDifferentProcess" codepath. // * With Fission enabled, process selection will happen during the load, so // switching processes eagerly will not provide a benefit. // * Windows created for printing must be created within the current process // so that a static clone of the source document can be created. // * Sandboxed popups require the full window creation codepath. // * Loads with form or POST data require the full window creation codepath. bool cannotLoadInDifferentProcess = useRemoteSubframes || aOpenWindowInfo->GetIsForPrinting() || (parentSandboxFlags & SANDBOX_PROPAGATES_TO_AUXILIARY_BROWSING_CONTEXTS) || (aLoadState && (aLoadState->IsFormSubmission() || aLoadState->PostDataStream())); if (!cannotLoadInDifferentProcess) { // If we're in a content process and we have noopener set, there's no reason // to load in our process, so let's load it elsewhere! bool loadInDifferentProcess = aForceNoOpener && StaticPrefs::dom_noopener_newprocess_enabled(); if (loadInDifferentProcess) { nsCOMPtr triggeringPrincipal; nsCOMPtr csp; nsCOMPtr referrerInfo; rv = GetCreateWindowParams(aOpenWindowInfo, aLoadState, aForceNoReferrer, getter_AddRefs(referrerInfo), getter_AddRefs(triggeringPrincipal), getter_AddRefs(csp)); if (NS_WARN_IF(NS_FAILED(rv))) { return rv; } if (name.LowerCaseEqualsLiteral("_blank")) { name.Truncate(); } MOZ_DIAGNOSTIC_ASSERT(!nsContentUtils::IsSpecialName(name)); Unused << SendCreateWindowInDifferentProcess( aTabOpener, parent, aChromeFlags, aCalledFromJS, aURI, features, name, triggeringPrincipal, csp, referrerInfo, aOpenWindowInfo->GetOriginAttributes()); // We return NS_ERROR_ABORT, so that the caller knows that we've abandoned // the window open as far as it is concerned. return NS_ERROR_ABORT; } } TabId tabId(nsContentUtils::GenerateTabId()); // We need to assign a TabGroup to the PBrowser actor before we send it to the // parent. Otherwise, the parent could send messages to us before we have a // proper TabGroup for that actor. RefPtr openerBC; if (!aForceNoOpener) { openerBC = parent; } RefPtr browsingContext = BrowsingContext::CreateDetached( nullptr, openerBC, nullptr, aName, BrowsingContext::Type::Content, aIsPopupRequested); MOZ_ALWAYS_SUCCEEDS(browsingContext->SetRemoteTabs(true)); MOZ_ALWAYS_SUCCEEDS(browsingContext->SetRemoteSubframes(useRemoteSubframes)); MOZ_ALWAYS_SUCCEEDS(browsingContext->SetOriginAttributes( aOpenWindowInfo->GetOriginAttributes())); browsingContext->InitPendingInitialization(true); auto unsetPending = MakeScopeExit([browsingContext]() { Unused << browsingContext->SetPendingInitialization(false); }); browsingContext->EnsureAttached(); // The initial about:blank document we generate within the nsDocShell will // almost certainly be replaced at some point. Unfortunately, getting the // principal right here causes bugs due to frame scripts not getting events // they expect, due to the real initial about:blank not being created yet. // // For this reason, we intentionally mispredict the initial principal here, so // that we can act the same as we did before when not predicting a result // principal. This `PWindowGlobal` will almost immediately be destroyed. nsCOMPtr initialPrincipal = NullPrincipal::Create(browsingContext->OriginAttributesRef()); WindowGlobalInit windowInit = WindowGlobalActor::AboutBlankInitializer( browsingContext, initialPrincipal); RefPtr windowChild = WindowGlobalChild::CreateDisconnected(windowInit); if (NS_WARN_IF(!windowChild)) { return NS_ERROR_ABORT; } auto newChild = MakeNotNull>( this, tabId, *aTabOpener, browsingContext, aChromeFlags, /* aIsTopLevel */ true); if (IsShuttingDown()) { return NS_ERROR_ABORT; } // Open a remote endpoint for our PBrowser actor. ManagedEndpoint parentEp = OpenPBrowserEndpoint(newChild); if (NS_WARN_IF(!parentEp.IsValid())) { return NS_ERROR_ABORT; } // Open a remote endpoint for our PWindowGlobal actor. ManagedEndpoint windowParentEp = newChild->OpenPWindowGlobalEndpoint(windowChild); if (NS_WARN_IF(!windowParentEp.IsValid())) { return NS_ERROR_ABORT; } // Tell the parent process to set up its PBrowserParent. PopupIPCTabContext ipcContext(aTabOpener, 0); if (NS_WARN_IF(!SendConstructPopupBrowser( std::move(parentEp), std::move(windowParentEp), tabId, ipcContext, windowInit, aChromeFlags))) { return NS_ERROR_ABORT; } windowChild->Init(); auto guardNullWindowGlobal = MakeScopeExit([&] { if (!windowChild->GetWindowGlobal()) { windowChild->Destroy(); } }); // Now that |newChild| has had its IPC link established, call |Init| to set it // up. // XXX: This MOZ_KnownLive is only necessary because the static analysis can't // tell that NotNull> is a strong pointer. RefPtr parentWindow = parent ? parent->GetDOMWindow() : nullptr; if (NS_FAILED(MOZ_KnownLive(newChild)->Init(parentWindow, windowChild))) { return NS_ERROR_ABORT; } // Set to true when we're ready to return from this function. bool ready = false; // NOTE: Capturing by reference here is safe, as this function won't return // until one of these callbacks is called. auto resolve = [&](CreatedWindowInfo&& info) { MOZ_RELEASE_ASSERT(NS_IsMainThread()); rv = info.rv(); *aWindowIsNew = info.windowOpened(); nsTArray frameScripts(std::move(info.frameScripts())); uint32_t maxTouchPoints = info.maxTouchPoints(); DimensionInfo dimensionInfo = std::move(info.dimensions()); // Once this function exits, we should try to exit the nested event loop. ready = true; // NOTE: We have to handle this immediately in the resolve callback in order // to make sure that we don't process any more IPC messages before returning // from ProvideWindowCommon. // Handle the error which we got back from the parent process, if we got // one. if (NS_FAILED(rv)) { return; } if (!*aWindowIsNew) { rv = NS_ERROR_ABORT; return; } // If the BrowserChild has been torn down, we don't need to do this anymore. if (NS_WARN_IF(!newChild->IPCOpen() || newChild->IsDestroyed())) { rv = NS_ERROR_ABORT; return; } ParentShowInfo showInfo(u""_ns, /* fakeShowInfo = */ true, /* isTransparent = */ false, newChild->WebWidget()->GetDPI(), newChild->WebWidget()->RoundsWidgetCoordinatesTo(), newChild->WebWidget()->GetDefaultScale().scale); newChild->SetMaxTouchPoints(maxTouchPoints); if (aForceNoOpener || !parent) { MOZ_DIAGNOSTIC_ASSERT(!browsingContext->HadOriginalOpener()); MOZ_DIAGNOSTIC_ASSERT(browsingContext->GetOpenerId() == 0); } else { MOZ_DIAGNOSTIC_ASSERT(browsingContext->HadOriginalOpener()); MOZ_DIAGNOSTIC_ASSERT(browsingContext->GetOpenerId() == parent->Id()); } // Unfortunately we don't get a window unless we've shown the frame. That's // pretty bogus; see bug 763602. newChild->DoFakeShow(showInfo); newChild->RecvUpdateDimensions(dimensionInfo); for (size_t i = 0; i < frameScripts.Length(); i++) { FrameScriptInfo& info = frameScripts[i]; if (!newChild->RecvLoadRemoteScript(info.url(), info.runInGlobalScope())) { MOZ_CRASH(); } } if (xpc::IsInAutomation()) { if (nsCOMPtr outer = do_GetInterface(newChild->WebNavigation())) { nsCOMPtr obs(services::GetObserverService()); obs->NotifyObservers( outer, "dangerous:test-only:new-browser-child-ready", nullptr); } } browsingContext.forget(aReturn); }; // NOTE: Capturing by reference here is safe, as this function won't return // until one of these callbacks is called. auto reject = [&](ResponseRejectReason) { MOZ_RELEASE_ASSERT(NS_IsMainThread()); NS_WARNING("windowCreated promise rejected"); rv = NS_ERROR_NOT_AVAILABLE; ready = true; }; // Send down the request to open the window. nsCOMPtr triggeringPrincipal; nsCOMPtr csp; nsCOMPtr referrerInfo; rv = GetCreateWindowParams(aOpenWindowInfo, aLoadState, aForceNoReferrer, getter_AddRefs(referrerInfo), getter_AddRefs(triggeringPrincipal), getter_AddRefs(csp)); if (NS_WARN_IF(NS_FAILED(rv))) { return rv; } SendCreateWindow(aTabOpener, parent, newChild, aChromeFlags, aCalledFromJS, aOpenWindowInfo->GetIsForPrinting(), aOpenWindowInfo->GetIsForWindowDotPrint(), aURI, features, triggeringPrincipal, csp, referrerInfo, aOpenWindowInfo->GetOriginAttributes(), std::move(resolve), std::move(reject)); // ======================= // Begin Nested Event Loop // ======================= // We have to wait for a response from SendCreateWindow or with information // we're going to need to return from this function, So we spin a nested event // loop until they get back to us. { // Suppress event handling for all contexts in our BrowsingContextGroup so // that event handlers cannot target our new window while it's still being // opened. Note that pending events that were suppressed while our blocker // was active will be dispatched asynchronously from a runnable dispatched // to the main event loop after this function returns, not immediately when // we leave this scope. AutoSuppressEventHandlingAndSuspend seh(browsingContext->Group()); AutoNoJSAPI nojsapi; // Spin the event loop until we get a response. Callers of this function // already have to guard against an inner event loop spinning in the // non-e10s case because of the need to spin one to create a new chrome // window. SpinEventLoopUntil("ContentChild::ProvideWindowCommon"_ns, [&]() { return ready; }); MOZ_RELEASE_ASSERT(ready, "We are on the main thread, so we should not exit this " "loop without ready being true."); } // ===================== // End Nested Event Loop // ===================== // It's possible for our new BrowsingContext to become discarded during the // nested event loop, in which case we shouldn't return it, since our callers // will generally not be prepared to deal with that. if (*aReturn && (*aReturn)->IsDiscarded()) { NS_RELEASE(*aReturn); return NS_ERROR_ABORT; } // We should have the results already set by the callbacks. MOZ_ASSERT_IF(NS_SUCCEEDED(rv), *aReturn); return rv; } bool ContentChild::IsAlive() const { return mIsAlive; } bool ContentChild::IsShuttingDown() const { return mShuttingDown; } void ContentChild::GetProcessName(nsACString& aName) const { aName = mProcessName; } /* static */ void ContentChild::AppendProcessId(nsACString& aName) { if (!aName.IsEmpty()) { aName.Append(' '); } unsigned pid = getpid(); aName.Append(nsPrintfCString("(pid %u)", pid)); } void ContentChild::InitGraphicsDeviceData(const ContentDeviceData& aData) { gfxPlatform::InitChild(aData); } void ContentChild::InitSharedUASheets(Maybe&& aHandle, uintptr_t aAddress) { MOZ_ASSERT_IF(!aHandle, !aAddress); if (!aAddress) { return; } // Map the shared memory storing the user agent style sheets. Do this as // early as possible to maximize the chance of being able to map at the // address we want. GlobalStyleSheetCache::SetSharedMemory(std::move(*aHandle), aAddress); } void ContentChild::InitXPCOM( XPCOMInitData&& aXPCOMInit, const mozilla::dom::ipc::StructuredCloneData& aInitialData, bool aIsReadyForBackgroundProcessing) { #ifdef MOZ_WIDGET_GTK // LookAndFeel::NativeInit takes a long time to run on Linux, here we schedule // it as soon as possible after BackgroundChild::Startup to give // it chance to run ahead of ConstructBrowser nsCOMPtr event = new nsGtkNativeInitRunnable(); NS_DispatchToMainThreadQueue(event.forget(), EventQueuePriority::Idle); #endif #if defined(XP_WIN) // DLL services untrusted modules processing depends on // BackgroundChild::Startup having been called RefPtr dllSvc(DllServices::Get()); dllSvc->StartUntrustedModulesProcessor(aIsReadyForBackgroundProcessing); #endif // defined(XP_WIN) PBackgroundChild* actorChild = BackgroundChild::GetOrCreateForCurrentThread(); if (NS_WARN_IF(!actorChild)) { MOZ_ASSERT_UNREACHABLE("PBackground init can't fail at this point"); return; } ClientManager::Startup(); // RemoteWorkerService will be initialized in RecvRemoteType, to avoid to // register it to the RemoteWorkerManager while it is still a prealloc // remoteType and defer it to the point the child process is assigned a. // actual remoteType. nsCOMPtr svc(do_GetService(NS_CONSOLESERVICE_CONTRACTID)); if (!svc) { NS_WARNING("Couldn't acquire console service"); return; } mConsoleListener = new ConsoleListener(this); if (NS_FAILED(svc->RegisterListener(mConsoleListener))) NS_WARNING("Couldn't register console listener for child process"); mAvailableDictionaries = std::move(aXPCOMInit.dictionaries()); RecvSetOffline(aXPCOMInit.isOffline()); RecvSetConnectivity(aXPCOMInit.isConnected()); LocaleService::GetInstance()->AssignAppLocales(aXPCOMInit.appLocales()); LocaleService::GetInstance()->AssignRequestedLocales( aXPCOMInit.requestedLocales()); L10nRegistry::RegisterFileSourcesFromParentProcess( aXPCOMInit.l10nFileSources()); RecvSetCaptivePortalState(aXPCOMInit.captivePortalState()); RecvBidiKeyboardNotify(aXPCOMInit.isLangRTL(), aXPCOMInit.haveBidiKeyboards()); if (aXPCOMInit.domainPolicy().active()) { nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); MOZ_ASSERT(ssm); ssm->ActivateDomainPolicyInternal(getter_AddRefs(mPolicy)); if (!mPolicy) { MOZ_CRASH("Failed to activate domain policy."); } mPolicy->ApplyClone(&aXPCOMInit.domainPolicy()); } nsCOMPtr clipboard( do_GetService("@mozilla.org/widget/clipboard;1")); if (nsCOMPtr clipboardProxy = do_QueryInterface(clipboard)) { clipboardProxy->SetCapabilities(aXPCOMInit.clipboardCaps()); } { AutoJSAPI jsapi; if (NS_WARN_IF(!jsapi.Init(xpc::PrivilegedJunkScope()))) { MOZ_CRASH(); } ErrorResult rv; JS::Rooted data(jsapi.cx()); mozilla::dom::ipc::StructuredCloneData id; id.Copy(aInitialData); id.Read(jsapi.cx(), &data, rv); if (NS_WARN_IF(rv.Failed())) { MOZ_CRASH(); } auto* global = ContentProcessMessageManager::Get(); global->SetInitialProcessData(data); } // The stylesheet cache is not ready yet. Store this URL for future use. nsCOMPtr ucsURL = std::move(aXPCOMInit.userContentSheetURL()); GlobalStyleSheetCache::SetUserContentCSSURL(ucsURL); GfxInfoBase::SetFeatureStatus(std::move(aXPCOMInit.gfxFeatureStatus())); // Initialize the RemoteDecoderManager thread and its associated PBackground // channel. RemoteDecoderManagerChild::Init(); Preferences::RegisterCallbackAndCall(&OnFissionBlocklistPrefChange, kFissionEnforceBlockList); Preferences::RegisterCallbackAndCall(&OnFissionBlocklistPrefChange, kFissionOmitBlockListValues); // Set the dynamic scalar definitions for this process. TelemetryIPC::AddDynamicScalarDefinitions(aXPCOMInit.dynamicScalarDefs()); } mozilla::ipc::IPCResult ContentChild::RecvRequestMemoryReport( const uint32_t& aGeneration, const bool& aAnonymize, const bool& aMinimizeMemoryUsage, const Maybe& aDMDFile, const RequestMemoryReportResolver& aResolver) { nsCString process; if (aAnonymize || mRemoteType.IsEmpty()) { GetProcessName(process); } else { process = mRemoteType; } AppendProcessId(process); MOZ_ASSERT(!process.IsEmpty()); MemoryReportRequestClient::Start( aGeneration, aAnonymize, aMinimizeMemoryUsage, aDMDFile, process, [&](const MemoryReport& aReport) { Unused << GetSingleton()->SendAddMemoryReport(aReport); }, aResolver); return IPC_OK(); } #if defined(XP_WIN) mozilla::ipc::IPCResult ContentChild::RecvGetUntrustedModulesData( GetUntrustedModulesDataResolver&& aResolver) { RefPtr dllSvc(DllServices::Get()); dllSvc->GetUntrustedModulesData()->Then( GetMainThreadSerialEventTarget(), __func__, [aResolver](Maybe&& aData) { aResolver(std::move(aData)); }, [aResolver](nsresult aReason) { aResolver(Nothing()); }); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUnblockUntrustedModulesThread() { if (nsCOMPtr obs = mozilla::services::GetObserverService()) { obs->NotifyObservers(nullptr, "unblock-untrusted-modules-thread", nullptr); } return IPC_OK(); } #endif // defined(XP_WIN) PCycleCollectWithLogsChild* ContentChild::AllocPCycleCollectWithLogsChild( const bool& aDumpAllTraces, const FileDescriptor& aGCLog, const FileDescriptor& aCCLog) { return do_AddRef(new CycleCollectWithLogsChild()).take(); } mozilla::ipc::IPCResult ContentChild::RecvPCycleCollectWithLogsConstructor( PCycleCollectWithLogsChild* aActor, const bool& aDumpAllTraces, const FileDescriptor& aGCLog, const FileDescriptor& aCCLog) { // The sink's destructor is called when the last reference goes away, which // will cause the actor to be closed down. auto* actor = static_cast(aActor); RefPtr sink = new CycleCollectWithLogsChild::Sink(actor, aGCLog, aCCLog); // Invoke the dumper, which will take a reference to the sink. nsCOMPtr dumper = do_GetService("@mozilla.org/memory-info-dumper;1"); dumper->DumpGCAndCCLogsToSink(aDumpAllTraces, sink); return IPC_OK(); } bool ContentChild::DeallocPCycleCollectWithLogsChild( PCycleCollectWithLogsChild* aActor) { RefPtr actor = dont_AddRef(static_cast(aActor)); return true; } mozilla::ipc::IPCResult ContentChild::RecvInitGMPService( Endpoint&& aGMPService) { if (!GMPServiceChild::Create(std::move(aGMPService))) { return IPC_FAIL_NO_REASON(this); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvInitProfiler( Endpoint&& aEndpoint) { mProfilerController = ChildProfilerController::Create(std::move(aEndpoint)); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvGMPsChanged( nsTArray&& capabilities) { GeckoMediaPluginServiceChild::UpdateGMPCapabilities(std::move(capabilities)); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvInitProcessHangMonitor( Endpoint&& aHangMonitor) { CreateHangMonitorChild(std::move(aHangMonitor)); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::GetResultForRenderingInitFailure( base::ProcessId aOtherPid) { if (aOtherPid == base::GetCurrentProcId() || aOtherPid == OtherPid()) { // If we are talking to ourselves, or the UI process, then that is a fatal // protocol error. return IPC_FAIL_NO_REASON(this); } // If we are talking to the GPU process, then we should recover from this on // the next ContentChild::RecvReinitRendering call. gfxCriticalNote << "Could not initialize rendering with GPU process"; return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvRequestPerformanceMetrics( const nsID& aID) { RefPtr self = this; RefPtr mainThread = AbstractThread::MainThread(); nsTArray> promises = CollectPerformanceInfo(); PerformanceInfoPromise::All(mainThread, promises) ->Then( mainThread, __func__, [self, aID](const nsTArray& aResult) { self->SendAddPerformanceMetrics(aID, aResult); }, []() { /* silently fails -- the parent times out and proceeds when the data is not coming back */ }); return IPC_OK(); } #if defined(XP_MACOSX) extern "C" { void CGSShutdownServerConnections(); }; #endif mozilla::ipc::IPCResult ContentChild::RecvInitRendering( Endpoint&& aCompositor, Endpoint&& aImageBridge, Endpoint&& aVRBridge, Endpoint&& aVideoManager, nsTArray&& namespaces) { MOZ_ASSERT(namespaces.Length() == 3); // Note that for all of the methods below, if it can fail, it should only // return false if the failure is an IPDL error. In such situations, // ContentChild can reason about whether or not to wait for // RecvReinitRendering (because we surmised the GPU process crashed), or if it // should crash itself (because we are actually talking to the UI process). If // there are localized failures (e.g. failed to spawn a thread), then it // should MOZ_RELEASE_ASSERT or MOZ_CRASH as necessary instead. if (!CompositorManagerChild::Init(std::move(aCompositor), namespaces[0])) { return GetResultForRenderingInitFailure(aCompositor.OtherPid()); } if (!CompositorManagerChild::CreateContentCompositorBridge(namespaces[1])) { return GetResultForRenderingInitFailure(aCompositor.OtherPid()); } if (!ImageBridgeChild::InitForContent(std::move(aImageBridge), namespaces[2])) { return GetResultForRenderingInitFailure(aImageBridge.OtherPid()); } if (!gfx::VRManagerChild::InitForContent(std::move(aVRBridge))) { return GetResultForRenderingInitFailure(aVRBridge.OtherPid()); } RemoteDecoderManagerChild::InitForGPUProcess(std::move(aVideoManager)); #if defined(XP_MACOSX) && !defined(MOZ_SANDBOX) // Close all current connections to the WindowServer. This ensures that the // Activity Monitor will not label the content process as "Not responding" // because it's not running a native event loop. See bug 1384336. When the // build is configured with sandbox support, this is called during sandbox // setup. CGSShutdownServerConnections(); #endif return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvReinitRendering( Endpoint&& aCompositor, Endpoint&& aImageBridge, Endpoint&& aVRBridge, Endpoint&& aVideoManager, nsTArray&& namespaces) { MOZ_ASSERT(namespaces.Length() == 3); nsTArray> tabs = BrowserChild::GetAll(); // Re-establish singleton bridges to the compositor. if (!CompositorManagerChild::Init(std::move(aCompositor), namespaces[0])) { return GetResultForRenderingInitFailure(aCompositor.OtherPid()); } if (!CompositorManagerChild::CreateContentCompositorBridge(namespaces[1])) { return GetResultForRenderingInitFailure(aCompositor.OtherPid()); } if (!ImageBridgeChild::ReinitForContent(std::move(aImageBridge), namespaces[2])) { return GetResultForRenderingInitFailure(aImageBridge.OtherPid()); } if (!gfx::VRManagerChild::InitForContent(std::move(aVRBridge))) { return GetResultForRenderingInitFailure(aVRBridge.OtherPid()); } gfxPlatform::GetPlatform()->CompositorUpdated(); // Establish new PLayerTransactions. for (const auto& browserChild : tabs) { if (browserChild->GetLayersId().IsValid()) { browserChild->ReinitRendering(); } } // Notify any observers that the compositor has been reinitialized, // eg the ZoomConstraintsClients for documents in this process. // This must occur after the ReinitRendering call above so that the // APZCTreeManagers have been connected. nsCOMPtr observerService = services::GetObserverService(); if (observerService) { observerService->NotifyObservers(nullptr, "compositor-reinitialized", nullptr); } RemoteDecoderManagerChild::InitForGPUProcess(std::move(aVideoManager)); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvReinitRenderingForDeviceReset() { gfxPlatform::GetPlatform()->CompositorUpdated(); nsTArray> tabs = BrowserChild::GetAll(); for (const auto& browserChild : tabs) { if (browserChild->GetLayersId().IsValid()) { browserChild->ReinitRenderingForDeviceReset(); } } return IPC_OK(); } #if defined(XP_MACOSX) && defined(MOZ_SANDBOX) extern "C" { CGError CGSSetDenyWindowServerConnections(bool); }; static void DisconnectWindowServer(bool aIsSandboxEnabled) { // Close all current connections to the WindowServer. This ensures that the // Activity Monitor will not label the content process as "Not responding" // because it's not running a native event loop. See bug 1384336. // This is required with or without the sandbox enabled. Until the // window server is blocked as the policy level, this should be called // just before CGSSetDenyWindowServerConnections() so there are no // windowserver connections active when CGSSetDenyWindowServerConnections() // is called. CGSShutdownServerConnections(); // Actual security benefits are only achieved when we additionally deny // future connections using the sandbox policy. WebGL must be remoted if // the windowserver connections are blocked. WebGL remoting is disabled // for some tests. if (aIsSandboxEnabled && Preferences::GetBool( "security.sandbox.content.mac.disconnect-windowserver") && Preferences::GetBool("webgl.out-of-process")) { CGError result = CGSSetDenyWindowServerConnections(true); MOZ_DIAGNOSTIC_ASSERT(result == kCGErrorSuccess); # if !MOZ_DIAGNOSTIC_ASSERT_ENABLED Unused << result; # endif } } #endif mozilla::ipc::IPCResult ContentChild::RecvSetProcessSandbox( const Maybe& aBroker) { // We may want to move the sandbox initialization somewhere else // at some point; see bug 880808. #if defined(MOZ_SANDBOX) bool sandboxEnabled = true; # if defined(XP_LINUX) // On Linux, we have to support systems that can't use any sandboxing. sandboxEnabled = SandboxInfo::Get().CanSandboxContent(); if (sandboxEnabled && !StaticPrefs::media_cubeb_sandbox()) { // Pre-start audio before sandboxing; see bug 1443612. Unused << CubebUtils::GetCubebContext(); } if (sandboxEnabled) { sandboxEnabled = SetContentProcessSandbox( ContentProcessSandboxParams::ForThisProcess(aBroker)); } # elif defined(XP_WIN) mozilla::SandboxTarget::Instance()->StartSandbox(); # elif defined(XP_MACOSX) sandboxEnabled = (GetEffectiveContentSandboxLevel() >= 1); DisconnectWindowServer(sandboxEnabled); # endif CrashReporter::AnnotateCrashReport( CrashReporter::Annotation::ContentSandboxEnabled, sandboxEnabled); # if defined(XP_LINUX) && !defined(OS_ANDROID) CrashReporter::AnnotateCrashReport( CrashReporter::Annotation::ContentSandboxCapabilities, static_cast(SandboxInfo::Get().AsInteger())); # endif /* XP_LINUX && !OS_ANDROID */ #endif /* MOZ_SANDBOX */ return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvBidiKeyboardNotify( const bool& aIsLangRTL, const bool& aHaveBidiKeyboards) { // bidi is always of type PuppetBidiKeyboard* (because in the child, the only // possible implementation of nsIBidiKeyboard is PuppetBidiKeyboard). PuppetBidiKeyboard* bidi = static_cast(nsContentUtils::GetBidiKeyboard()); if (bidi) { bidi->SetBidiKeyboardInfo(aIsLangRTL, aHaveBidiKeyboards); } return IPC_OK(); } static StaticRefPtr gFirstIdleTask; static void FirstIdle(void) { MOZ_ASSERT(gFirstIdleTask); gFirstIdleTask = nullptr; ContentChild::GetSingleton()->SendFirstIdle(); } mozilla::ipc::IPCResult ContentChild::RecvConstructBrowser( ManagedEndpoint&& aBrowserEp, ManagedEndpoint&& aWindowEp, const TabId& aTabId, const IPCTabContext& aContext, const WindowGlobalInit& aWindowInit, const uint32_t& aChromeFlags, const ContentParentId& aCpID, const bool& aIsForBrowser, const bool& aIsTopLevel) { MOZ_DIAGNOSTIC_ASSERT(!IsShuttingDown()); static bool hasRunOnce = false; if (!hasRunOnce) { hasRunOnce = true; MOZ_ASSERT(!gFirstIdleTask); RefPtr firstIdleTask = NewCancelableRunnableFunction("FirstIdleRunnable", FirstIdle); gFirstIdleTask = firstIdleTask; if (NS_FAILED(NS_DispatchToCurrentThreadQueue(firstIdleTask.forget(), EventQueuePriority::Idle))) { gFirstIdleTask = nullptr; hasRunOnce = false; } } RefPtr browsingContext = BrowsingContext::Get(aWindowInit.context().mBrowsingContextId); if (!browsingContext || browsingContext->IsDiscarded()) { nsPrintfCString reason("%s initial %s BrowsingContext", browsingContext ? "discarded" : "missing", aIsTopLevel ? "top" : "frame"); MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Warning, ("%s", reason.get())); if (!aIsTopLevel) { // Recover if the BrowsingContext is missing for a new subframe. The // `ManagedEndpoint` instances will be automatically destroyed. NS_WARNING(reason.get()); return IPC_OK(); } return IPC_FAIL(this, reason.get()); } if (xpc::IsInAutomation() && StaticPrefs:: browser_tabs_remote_testOnly_failPBrowserCreation_enabled()) { nsAutoCString idString; if (NS_SUCCEEDED(Preferences::GetCString( "browser.tabs.remote.testOnly.failPBrowserCreation.browsingContext", idString))) { nsresult rv = NS_OK; uint64_t bcid = idString.ToInteger64(&rv); if (NS_SUCCEEDED(rv) && bcid == browsingContext->Id()) { NS_WARNING("Injecting artificial PBrowser creation failure"); return IPC_OK(); } } } if (!aWindowInit.isInitialDocument() || !NS_IsAboutBlank(aWindowInit.documentURI())) { return IPC_FAIL(this, "Logic in CreateContentViewerForActor currently requires " "actors to be initial about:blank documents"); } // We'll happily accept any kind of IPCTabContext here; we don't need to // check that it's of a certain type for security purposes, because we // believe whatever the parent process tells us. MaybeInvalidTabContext tc(aContext); if (!tc.IsValid()) { NS_ERROR(nsPrintfCString("Received an invalid TabContext from " "the parent process. (%s) Crashing...", tc.GetInvalidReason()) .get()); MOZ_CRASH("Invalid TabContext received from the parent process."); } RefPtr windowChild = WindowGlobalChild::CreateDisconnected(aWindowInit); if (!windowChild) { return IPC_FAIL(this, "Failed to create initial WindowGlobalChild"); } RefPtr browserChild = BrowserChild::Create(this, aTabId, tc.GetTabContext(), browsingContext, aChromeFlags, aIsTopLevel); // Bind the created BrowserChild to IPC to actually link the actor. if (NS_WARN_IF(!BindPBrowserEndpoint(std::move(aBrowserEp), browserChild))) { return IPC_FAIL(this, "BindPBrowserEndpoint failed"); } if (NS_WARN_IF(!browserChild->BindPWindowGlobalEndpoint(std::move(aWindowEp), windowChild))) { return IPC_FAIL(this, "BindPWindowGlobalEndpoint failed"); } windowChild->Init(); auto guardNullWindowGlobal = MakeScopeExit([&] { if (!windowChild->GetWindowGlobal()) { windowChild->Destroy(); } }); // Ensure that a BrowsingContext is set for our BrowserChild before // running `Init`. MOZ_RELEASE_ASSERT(browserChild->mBrowsingContext->Id() == aWindowInit.context().mBrowsingContextId); if (NS_WARN_IF( NS_FAILED(browserChild->Init(/* aOpener */ nullptr, windowChild)))) { return IPC_FAIL(browserChild, "BrowserChild::Init failed"); } nsCOMPtr os = services::GetObserverService(); if (os) { os->NotifyObservers(static_cast(browserChild), "tab-child-created", nullptr); } // Notify parent that we are ready to handle input events. browserChild->SendRemoteIsReadyToHandleInputEvents(); return IPC_OK(); } void ContentChild::GetAvailableDictionaries( nsTArray& aDictionaries) { aDictionaries = mAvailableDictionaries.Clone(); } mozilla::PRemoteSpellcheckEngineChild* ContentChild::AllocPRemoteSpellcheckEngineChild() { MOZ_CRASH( "Default Constructor for PRemoteSpellcheckEngineChild should never be " "called"); return nullptr; } bool ContentChild::DeallocPRemoteSpellcheckEngineChild( PRemoteSpellcheckEngineChild* child) { delete child; return true; } mozilla::ipc::IPCResult ContentChild::RecvNotifyEmptyHTTPCache() { MOZ_ASSERT(NS_IsMainThread()); nsCOMPtr obs = mozilla::services::GetObserverService(); obs->NotifyObservers(nullptr, "cacheservice:empty-cache", nullptr); return IPC_OK(); } PHalChild* ContentChild::AllocPHalChild() { return CreateHalChild(); } bool ContentChild::DeallocPHalChild(PHalChild* aHal) { delete aHal; return true; } devtools::PHeapSnapshotTempFileHelperChild* ContentChild::AllocPHeapSnapshotTempFileHelperChild() { return devtools::HeapSnapshotTempFileHelperChild::Create(); } bool ContentChild::DeallocPHeapSnapshotTempFileHelperChild( devtools::PHeapSnapshotTempFileHelperChild* aHeapSnapshotHelper) { delete aHeapSnapshotHelper; return true; } PTestShellChild* ContentChild::AllocPTestShellChild() { return new TestShellChild(); } bool ContentChild::DeallocPTestShellChild(PTestShellChild* shell) { delete shell; return true; } mozilla::ipc::IPCResult ContentChild::RecvPTestShellConstructor( PTestShellChild* actor) { return IPC_OK(); } void ContentChild::UpdateCookieStatus(nsIChannel* aChannel) { RefPtr csChild = CookieServiceChild::GetSingleton(); NS_ASSERTION(csChild, "Couldn't get CookieServiceChild"); csChild->TrackCookieLoad(aChannel); } PScriptCacheChild* ContentChild::AllocPScriptCacheChild( const FileDescOrError& cacheFile, const bool& wantCacheData) { return new loader::ScriptCacheChild(); } bool ContentChild::DeallocPScriptCacheChild(PScriptCacheChild* cache) { delete static_cast(cache); return true; } mozilla::ipc::IPCResult ContentChild::RecvPScriptCacheConstructor( PScriptCacheChild* actor, const FileDescOrError& cacheFile, const bool& wantCacheData) { Maybe fd; if (cacheFile.type() == cacheFile.TFileDescriptor) { fd.emplace(cacheFile.get_FileDescriptor()); } static_cast(actor)->Init(fd, wantCacheData); // Some scripts listen for "app-startup" to start. However, in the content // process, this category runs before the ScriptPreloader is initialized so // these scripts wouldn't be added to the cache. Instead, if a script needs to // run on start up in the content process, it should listen for this category. NS_CreateServicesFromCategory("content-process-ready-for-script", nullptr, "content-process-ready-for-script", nullptr); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvNetworkLinkTypeChange( const uint32_t& aType) { mNetworkLinkType = aType; nsCOMPtr obs = mozilla::services::GetObserverService(); if (obs) { obs->NotifyObservers(nullptr, "contentchild:network-link-type-changed", nullptr); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSocketProcessCrashed() { nsIOService::IncreaseSocketProcessCrashCount(); return IPC_OK(); } PRemotePrintJobChild* ContentChild::AllocPRemotePrintJobChild() { #ifdef NS_PRINTING return new RemotePrintJobChild(); #else return nullptr; #endif } media::PMediaChild* ContentChild::AllocPMediaChild() { return media::AllocPMediaChild(); } bool ContentChild::DeallocPMediaChild(media::PMediaChild* aActor) { return media::DeallocPMediaChild(aActor); } PBenchmarkStorageChild* ContentChild::AllocPBenchmarkStorageChild() { return BenchmarkStorageChild::Instance(); } bool ContentChild::DeallocPBenchmarkStorageChild( PBenchmarkStorageChild* aActor) { delete aActor; return true; } #ifdef MOZ_WEBSPEECH PSpeechSynthesisChild* ContentChild::AllocPSpeechSynthesisChild() { MOZ_CRASH("No one should be allocating PSpeechSynthesisChild actors"); } bool ContentChild::DeallocPSpeechSynthesisChild(PSpeechSynthesisChild* aActor) { delete aActor; return true; } #endif #ifdef MOZ_WEBRTC PWebrtcGlobalChild* ContentChild::AllocPWebrtcGlobalChild() { auto* child = new WebrtcGlobalChild(); return child; } bool ContentChild::DeallocPWebrtcGlobalChild(PWebrtcGlobalChild* aActor) { delete static_cast(aActor); return true; } #endif mozilla::ipc::IPCResult ContentChild::RecvRegisterChrome( nsTArray&& packages, nsTArray&& resources, nsTArray&& overrides, const nsCString& locale, const bool& reset) { nsCOMPtr registrySvc = nsChromeRegistry::GetService(); nsChromeRegistryContent* chromeRegistry = static_cast(registrySvc.get()); if (!chromeRegistry) { return IPC_FAIL(this, "ChromeRegistryContent is null!"); } chromeRegistry->RegisterRemoteChrome(packages, resources, overrides, locale, reset); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvRegisterChromeItem( const ChromeRegistryItem& item) { nsCOMPtr registrySvc = nsChromeRegistry::GetService(); nsChromeRegistryContent* chromeRegistry = static_cast(registrySvc.get()); if (!chromeRegistry) { return IPC_FAIL(this, "ChromeRegistryContent is null!"); } switch (item.type()) { case ChromeRegistryItem::TChromePackage: chromeRegistry->RegisterPackage(item.get_ChromePackage()); break; case ChromeRegistryItem::TOverrideMapping: chromeRegistry->RegisterOverride(item.get_OverrideMapping()); break; case ChromeRegistryItem::TSubstitutionMapping: chromeRegistry->RegisterSubstitution(item.get_SubstitutionMapping()); break; default: MOZ_ASSERT(false, "bad chrome item"); return IPC_FAIL_NO_REASON(this); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvClearStyleSheetCache( const Maybe>& aForPrincipal, const Maybe& aBaseDomain) { nsIPrincipal* principal = aForPrincipal ? aForPrincipal.value().get() : nullptr; const nsCString* baseDomain = aBaseDomain ? aBaseDomain.ptr() : nullptr; SharedStyleSheetCache::Clear(principal, baseDomain); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvClearImageCacheFromPrincipal( nsIPrincipal* aPrincipal) { imgLoader* loader; if (aPrincipal->OriginAttributesRef().mPrivateBrowsingId == nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID) { loader = imgLoader::NormalLoader(); } else { loader = imgLoader::PrivateBrowsingLoader(); } loader->RemoveEntriesInternal(aPrincipal, nullptr); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvClearImageCacheFromBaseDomain( const nsCString& aBaseDomain) { imgLoader::NormalLoader()->RemoveEntriesInternal(nullptr, &aBaseDomain); imgLoader::PrivateBrowsingLoader()->RemoveEntriesInternal(nullptr, &aBaseDomain); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvClearImageCache( const bool& privateLoader, const bool& chrome) { imgLoader* loader = privateLoader ? imgLoader::PrivateBrowsingLoader() : imgLoader::NormalLoader(); loader->ClearCache(chrome); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSetOffline(const bool& offline) { nsCOMPtr io(do_GetIOService()); NS_ASSERTION(io, "IO Service can not be null"); io->SetOffline(offline); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSetConnectivity( const bool& connectivity) { nsCOMPtr io(do_GetIOService()); nsCOMPtr ioInternal(do_QueryInterface(io)); NS_ASSERTION(ioInternal, "IO Service can not be null"); ioInternal->SetConnectivity(connectivity); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSetCaptivePortalState( const int32_t& aState) { nsCOMPtr cps = do_GetService(NS_CAPTIVEPORTAL_CID); if (!cps) { return IPC_OK(); } mozilla::net::CaptivePortalService* portal = static_cast(cps.get()); portal->SetStateInChild(aState); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSetTRRMode( const nsIDNSService::ResolverMode& mode, const nsIDNSService::ResolverMode& modeFromPref) { RefPtr dnsServiceChild = dont_AddRef(net::ChildDNSService::GetSingleton()); if (dnsServiceChild) { dnsServiceChild->SetTRRModeInChild(mode, modeFromPref); } return IPC_OK(); } void ContentChild::ActorDestroy(ActorDestroyReason why) { if (mForceKillTimer) { mForceKillTimer->Cancel(); mForceKillTimer = nullptr; } if (AbnormalShutdown == why) { NS_WARNING("shutting down early because of crash!"); ProcessChild::QuickExit(); } #ifndef NS_FREE_PERMANENT_DATA // In release builds, there's no point in the content process // going through the full XPCOM shutdown path, because it doesn't // keep persistent state. ProcessChild::QuickExit(); #else // Destroy our JSProcessActors, and reject any pending queries. JSActorDidDestroy(); # if defined(XP_WIN) RefPtr dllSvc(DllServices::Get()); dllSvc->DisableFull(); # endif // defined(XP_WIN) if (gFirstIdleTask) { gFirstIdleTask->Cancel(); gFirstIdleTask = nullptr; } BlobURLProtocolHandler::RemoveDataEntries(); mSharedData = nullptr; mAlertObservers.Clear(); mIdleObservers.Clear(); if (mConsoleListener) { nsCOMPtr svc( do_GetService(NS_CONSOLESERVICE_CONTRACTID)); if (svc) { svc->UnregisterListener(mConsoleListener); mConsoleListener->mChild = nullptr; } } mIsAlive = false; CrashReporterClient::DestroySingleton(); XRE_ShutdownChildProcess(); #endif // NS_FREE_PERMANENT_DATA } void ContentChild::ProcessingError(Result aCode, const char* aReason) { switch (aCode) { case MsgDropped: NS_WARNING("MsgDropped in ContentChild"); return; case MsgNotKnown: case MsgNotAllowed: case MsgPayloadError: case MsgProcessingError: case MsgRouteError: case MsgValueError: break; default: MOZ_CRASH("not reached"); } nsDependentCString reason(aReason); CrashReporter::AnnotateCrashReport( CrashReporter::Annotation::ipc_channel_error, reason); MOZ_CRASH("Content child abort due to IPC error"); } nsresult ContentChild::AddRemoteAlertObserver(const nsString& aData, nsIObserver* aObserver) { NS_ASSERTION(aObserver, "Adding a null observer?"); mAlertObservers.AppendElement(new AlertObserver(aObserver, aData)); return NS_OK; } mozilla::ipc::IPCResult ContentChild::RecvPreferenceUpdate(const Pref& aPref) { Preferences::SetPreference(aPref); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvVarUpdate(const GfxVarUpdate& aVar) { gfx::gfxVars::ApplyUpdate(aVar); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUpdatePerfStatsCollectionMask( const uint64_t& aMask) { PerfStats::SetCollectionMask(static_cast(aMask)); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvCollectPerfStatsJSON( CollectPerfStatsJSONResolver&& aResolver) { aResolver(PerfStats::CollectLocalPerfStatsJSON()); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvCollectScrollingMetrics( CollectScrollingMetricsResolver&& aResolver) { auto metrics = ScrollingMetrics::CollectLocalScrollingMetrics(); using ResolverArgs = std::tuple; aResolver(ResolverArgs(std::get<0>(metrics), std::get<1>(metrics))); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvNotifyAlertsObserver( const nsCString& aType, const nsString& aData) { nsTArray> observersToNotify; mAlertObservers.RemoveElementsBy([&](UniquePtr& observer) { if (!observer->mData.Equals(aData)) { return false; } // aType == alertfinished, this alert is done and we can remove the // observer. observersToNotify.AppendElement(observer->mObserver); return aType.EqualsLiteral("alertfinished"); }); for (auto& observer : observersToNotify) { observer->Observe(nullptr, aType.get(), aData.get()); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvNotifyVisited( nsTArray&& aURIs) { nsCOMPtr history = components::History::Service(); if (!history) { return IPC_OK(); } for (const VisitedQueryResult& result : aURIs) { nsCOMPtr newURI = result.uri(); if (!newURI) { return IPC_FAIL_NO_REASON(this); } auto status = result.visited() ? IHistory::VisitedStatus::Visited : IHistory::VisitedStatus::Unvisited; history->NotifyVisited(newURI, status); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvThemeChanged( FullLookAndFeel&& aLookAndFeelData, widget::ThemeChangeKind aKind) { LookAndFeel::SetData(std::move(aLookAndFeelData)); LookAndFeel::NotifyChangedAllWindows(aKind); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvLoadProcessScript( const nsString& aURL) { auto* global = ContentProcessMessageManager::Get(); global->LoadScript(aURL); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvAsyncMessage( const nsString& aMsg, const ClonedMessageData& aData) { AUTO_PROFILER_LABEL_DYNAMIC_LOSSY_NSSTRING("ContentChild::RecvAsyncMessage", OTHER, aMsg); MMPrinter::Print("ContentChild::RecvAsyncMessage", aMsg, aData); RefPtr cpm = nsFrameMessageManager::GetChildProcessManager(); if (cpm) { StructuredCloneData data; ipc::UnpackClonedMessageData(aData, data); cpm->ReceiveMessage(cpm, nullptr, aMsg, false, &data, nullptr, IgnoreErrors()); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvRegisterStringBundles( nsTArray&& aDescriptors) { nsCOMPtr stringBundleService = components::StringBundle::Service(); for (auto& descriptor : aDescriptors) { stringBundleService->RegisterContentBundle( descriptor.bundleURL(), descriptor.mapFile(), descriptor.mapSize()); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUpdateL10nFileSources( nsTArray&& aDescriptors) { L10nRegistry::RegisterFileSourcesFromParentProcess(aDescriptors); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUpdateSharedData( const FileDescriptor& aMapFile, const uint32_t& aMapSize, nsTArray&& aBlobs, nsTArray&& aChangedKeys) { nsTArray> blobImpls(aBlobs.Length()); for (auto& ipcBlob : aBlobs) { blobImpls.AppendElement(IPCBlobUtils::Deserialize(ipcBlob)); } if (mSharedData) { mSharedData->Update(aMapFile, aMapSize, std::move(blobImpls), std::move(aChangedKeys)); } else { mSharedData = new SharedMap(ContentProcessMessageManager::Get()->GetParentObject(), aMapFile, aMapSize, std::move(blobImpls)); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvFontListChanged() { gfxPlatformFontList::PlatformFontList()->FontListChanged(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvForceGlobalReflow( bool aNeedsReframe) { gfxPlatform::ForceGlobalReflow(aNeedsReframe ? gfxPlatform::NeedsReframe::Yes : gfxPlatform::NeedsReframe::No); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvGeolocationUpdate( nsIDOMGeoPosition* aPosition) { RefPtr gs = nsGeolocationService::GetGeolocationService(); if (!gs) { return IPC_OK(); } gs->Update(aPosition); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvGeolocationError( const uint16_t& errorCode) { RefPtr gs = nsGeolocationService::GetGeolocationService(); if (!gs) { return IPC_OK(); } gs->NotifyError(errorCode); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUpdateDictionaryList( nsTArray&& aDictionaries) { mAvailableDictionaries = std::move(aDictionaries); mozInlineSpellChecker::UpdateCanEnableInlineSpellChecking(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUpdateFontList( dom::SystemFontList&& aFontList) { mFontList = std::move(aFontList); if (gfxPlatform::Initialized()) { gfxPlatform::GetPlatform()->UpdateFontList(true); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvRebuildFontList( const bool& aFullRebuild) { if (gfxPlatform::Initialized()) { gfxPlatform::GetPlatform()->UpdateFontList(aFullRebuild); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvFontListShmBlockAdded( const uint32_t& aGeneration, const uint32_t& aIndex, base::SharedMemoryHandle&& aHandle) { if (gfxPlatform::Initialized()) { gfxPlatformFontList::PlatformFontList()->ShmBlockAdded(aGeneration, aIndex, std::move(aHandle)); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUpdateAppLocales( nsTArray&& aAppLocales) { LocaleService::GetInstance()->AssignAppLocales(aAppLocales); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUpdateRequestedLocales( nsTArray&& aRequestedLocales) { LocaleService::GetInstance()->AssignRequestedLocales(aRequestedLocales); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSystemTimezoneChanged() { nsJSUtils::ResetTimeZone(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvAddPermission( const IPC::Permission& permission) { nsCOMPtr permissionManagerIface = components::PermissionManager::Service(); PermissionManager* permissionManager = static_cast(permissionManagerIface.get()); MOZ_ASSERT(permissionManager, "We have no permissionManager in the Content process !"); // note we do not need to force mUserContextId to the default here because // the permission manager does that internally. nsAutoCString originNoSuffix; OriginAttributes attrs; bool success = attrs.PopulateFromOrigin(permission.origin, originNoSuffix); NS_ENSURE_TRUE(success, IPC_FAIL_NO_REASON(this)); nsCOMPtr uri; nsresult rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix); NS_ENSURE_SUCCESS(rv, IPC_OK()); nsCOMPtr principal = mozilla::BasePrincipal::CreateContentPrincipal(uri, attrs); // child processes don't care about modification time. int64_t modificationTime = 0; permissionManager->AddInternal( principal, nsCString(permission.type), permission.capability, 0, permission.expireType, permission.expireTime, modificationTime, PermissionManager::eNotify, PermissionManager::eNoDBOperation); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvRemoveAllPermissions() { nsCOMPtr permissionManagerIface = components::PermissionManager::Service(); PermissionManager* permissionManager = static_cast(permissionManagerIface.get()); MOZ_ASSERT(permissionManager, "We have no permissionManager in the Content process !"); permissionManager->RemoveAllFromIPC(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvFlushMemory(const nsString& reason) { nsCOMPtr os = mozilla::services::GetObserverService(); if (!mShuttingDown && os) { os->NotifyObservers(nullptr, "memory-pressure", reason.get()); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvActivateA11y() { #ifdef ACCESSIBILITY // Start accessibility in content process if it's running in chrome // process. GetOrCreateAccService(nsAccessibilityService::eMainProcess); #endif // ACCESSIBILITY return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvShutdownA11y() { #ifdef ACCESSIBILITY // Try to shutdown accessibility in content process if it's shutting down in // chrome process. MaybeShutdownAccService(nsAccessibilityService::eMainProcess); #endif return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvApplicationForeground() { // Rebroadcast the "application-foreground" nsCOMPtr obs = mozilla::services::GetObserverService(); if (obs) { obs->NotifyObservers(nullptr, "application-foreground", nullptr); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvApplicationBackground() { // Rebroadcast the "application-background" nsCOMPtr obs = mozilla::services::GetObserverService(); if (obs) { obs->NotifyObservers(nullptr, "application-background", nullptr); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvGarbageCollect() { // Rebroadcast the "child-gc-request" so that workers will GC. nsCOMPtr obs = mozilla::services::GetObserverService(); if (obs) { obs->NotifyObservers(nullptr, "child-gc-request", nullptr); } nsJSContext::GarbageCollectNow(JS::GCReason::DOM_IPC); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvCycleCollect() { // Rebroadcast the "child-cc-request" so that workers will CC. nsCOMPtr obs = mozilla::services::GetObserverService(); if (obs) { obs->NotifyObservers(nullptr, "child-cc-request", nullptr); } nsJSContext::CycleCollectNow(CCReason::IPC_MESSAGE); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUnlinkGhosts() { #ifdef DEBUG nsWindowMemoryReporter::UnlinkGhostWindows(); #endif return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvAppInfo( const nsCString& version, const nsCString& buildID, const nsCString& name, const nsCString& UAName, const nsCString& ID, const nsCString& vendor, const nsCString& sourceURL, const nsCString& updateURL) { mAppInfo.version.Assign(version); mAppInfo.buildID.Assign(buildID); mAppInfo.name.Assign(name); mAppInfo.UAName.Assign(UAName); mAppInfo.ID.Assign(ID); mAppInfo.vendor.Assign(vendor); mAppInfo.sourceURL.Assign(sourceURL); mAppInfo.updateURL.Assign(updateURL); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvRemoteType( const nsCString& aRemoteType, const nsCString& aProfile) { if (aRemoteType == mRemoteType) { // Allocation of preallocated processes that are still launching can // cause this return IPC_OK(); } if (!mRemoteType.IsVoid()) { // Preallocated processes are type PREALLOC_REMOTE_TYPE; they may not // become a File: process, or Privileged About Content Process MOZ_LOG(ContentParent::GetLog(), LogLevel::Debug, ("Changing remoteType of process %d from %s to %s", getpid(), mRemoteType.get(), aRemoteType.get())); // prealloc->anything (but file) or web->web allowed, and no-change MOZ_RELEASE_ASSERT(mRemoteType == PREALLOC_REMOTE_TYPE && aRemoteType != FILE_REMOTE_TYPE && aRemoteType != PRIVILEGEDABOUT_REMOTE_TYPE); } else { // Initial setting of remote type. Either to 'prealloc' or the actual // final type (if we didn't use a preallocated process) MOZ_LOG(ContentParent::GetLog(), LogLevel::Debug, ("Setting remoteType of process %d to %s", getpid(), aRemoteType.get())); if (aRemoteType == PREALLOC_REMOTE_TYPE) { PreallocInit(); } } auto remoteTypePrefix = RemoteTypePrefix(aRemoteType); // Must do before SetProcessName mRemoteType.Assign(aRemoteType); // Update the process name so about:memory's process names are more obvious. if (aRemoteType == FILE_REMOTE_TYPE) { SetProcessName("file:// Content"_ns, nullptr, &aProfile); } else if (aRemoteType == EXTENSION_REMOTE_TYPE) { SetProcessName("WebExtensions"_ns, nullptr, &aProfile); } else if (aRemoteType == PRIVILEGEDABOUT_REMOTE_TYPE) { SetProcessName("Privileged Content"_ns, nullptr, &aProfile); } else if (aRemoteType == PRIVILEGEDMOZILLA_REMOTE_TYPE) { SetProcessName("Privileged Mozilla"_ns, nullptr, &aProfile); } else if (remoteTypePrefix == WITH_COOP_COEP_REMOTE_TYPE) { #ifdef NIGHTLY_BUILD SetProcessName("WebCOOP+COEP Content"_ns, nullptr, &aProfile); #else SetProcessName("Isolated Web Content"_ns, nullptr, &aProfile); // to avoid confusing people #endif } else if (remoteTypePrefix == FISSION_WEB_REMOTE_TYPE) { // The profiler can sanitize out the eTLD+1 nsDependentCSubstring etld = Substring(aRemoteType, FISSION_WEB_REMOTE_TYPE.Length() + 1); SetProcessName("Isolated Web Content"_ns, &etld, &aProfile); } else if (remoteTypePrefix == SERVICEWORKER_REMOTE_TYPE) { // The profiler can sanitize out the eTLD+1 nsDependentCSubstring etld = Substring(aRemoteType, SERVICEWORKER_REMOTE_TYPE.Length() + 1); SetProcessName("Isolated Service Worker"_ns, &etld, &aProfile); } else { // else "prealloc" or "web" type -> "Web Content" SetProcessName("Web Content"_ns, nullptr, &aProfile); } // Turn off Spectre mitigations in isolated web content processes. if (StaticPrefs::javascript_options_spectre_disable_for_isolated_content() && (remoteTypePrefix == FISSION_WEB_REMOTE_TYPE || remoteTypePrefix == SERVICEWORKER_REMOTE_TYPE || remoteTypePrefix == WITH_COOP_COEP_REMOTE_TYPE || aRemoteType == PRIVILEGEDABOUT_REMOTE_TYPE || aRemoteType == PRIVILEGEDMOZILLA_REMOTE_TYPE)) { JS::DisableSpectreMitigationsAfterInit(); } // Use the prefix to avoid URIs from Fission isolated processes. CrashReporter::AnnotateCrashReport(CrashReporter::Annotation::RemoteType, remoteTypePrefix); // Defer RemoteWorkerService initialization until the child process does // receive its specific remoteType and can become actionable for the // RemoteWorkerManager in the parent process. if (mRemoteType != PREALLOC_REMOTE_TYPE) { RemoteWorkerService::Initialize(); } return IPC_OK(); } // A method to initialize anything we need during the preallocation phase void ContentChild::PreallocInit() { EnsureNSSInitializedChromeOrContent(); // SetAcceptLanguages() needs to read localized strings (file access), // which is slow, so do this in prealloc nsHttpHandler::PresetAcceptLanguages(); } // Call RemoteTypePrefix() on the result to remove URIs if you want to use this // for telemetry. const nsACString& ContentChild::GetRemoteType() const { return mRemoteType; } mozilla::ipc::IPCResult ContentChild::RecvInitBlobURLs( nsTArray&& aRegistrations) { for (uint32_t i = 0; i < aRegistrations.Length(); ++i) { BlobURLRegistrationData& registration = aRegistrations[i]; RefPtr blobImpl = IPCBlobUtils::Deserialize(registration.blob()); MOZ_ASSERT(blobImpl); BlobURLProtocolHandler::AddDataEntry( registration.url(), registration.principal(), registration.agentClusterId(), blobImpl); // If we have received an already-revoked blobURL, we have to keep it alive // for a while (see BlobURLProtocolHandler) in order to support pending // operations such as navigation, download and so on. if (registration.revoked()) { BlobURLProtocolHandler::RemoveDataEntry(registration.url(), false); } } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvInitJSActorInfos( nsTArray&& aContentInfos, nsTArray&& aWindowInfos) { RefPtr actSvc = JSActorService::GetSingleton(); actSvc->LoadJSActorInfos(aContentInfos, aWindowInfos); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUnregisterJSWindowActor( const nsCString& aName) { RefPtr actSvc = JSActorService::GetSingleton(); actSvc->UnregisterWindowActor(aName); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUnregisterJSProcessActor( const nsCString& aName) { RefPtr actSvc = JSActorService::GetSingleton(); actSvc->UnregisterProcessActor(aName); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvLastPrivateDocShellDestroyed() { nsCOMPtr obs = mozilla::services::GetObserverService(); obs->NotifyObservers(nullptr, "last-pb-context-exited", nullptr); return IPC_OK(); } // Method used for setting QoS levels on background main threads. #ifdef XP_MACOSX static bool PriorityUsesLowPowerMainThread( const hal::ProcessPriority& aPriority) { return aPriority == hal::PROCESS_PRIORITY_BACKGROUND || aPriority == hal::PROCESS_PRIORITY_PREALLOC; } #endif mozilla::ipc::IPCResult ContentChild::RecvNotifyProcessPriorityChanged( const hal::ProcessPriority& aPriority) { nsCOMPtr os = services::GetObserverService(); NS_ENSURE_TRUE(os, IPC_OK()); RefPtr props = new nsHashPropertyBag(); props->SetPropertyAsInt32(u"priority"_ns, static_cast(aPriority)); PROFILER_MARKER("Process Priority", OTHER, mozilla::MarkerThreadId::MainThread(), ProcessPriorityChange, ProfilerString8View::WrapNullTerminatedString( ProcessPriorityToString(mProcessPriority)), ProfilerString8View::WrapNullTerminatedString( ProcessPriorityToString(aPriority))); // Record FOG data before the priority change. // Ignore the change if it's the first time we set the process priority. if (mProcessPriority != hal::PROCESS_PRIORITY_UNKNOWN) { glean::RecordPowerMetrics(); } #ifdef XP_MACOSX // In cases where we have low-power threads enabled (such as on MacOS) we can // go ahead and put the main thread in the background here. If the new // priority is the background priority, we can tell the OS to put the main // thread on low-power cores. Alternately, if we are changing from the // background to a higher priority, we change the main thread back to the // |user-interactive| state, defined in MacOS's QoS documentation as reserved // for main threads. if (StaticPrefs::threads_use_low_power_enabled() && StaticPrefs::threads_lower_mainthread_priority_in_background_enabled()) { if (PriorityUsesLowPowerMainThread(aPriority)) { pthread_set_qos_class_self_np(QOS_CLASS_UTILITY, 0); } else if (PriorityUsesLowPowerMainThread(mProcessPriority)) { pthread_set_qos_class_self_np(QOS_CLASS_USER_INTERACTIVE, 0); } } #endif mProcessPriority = aPriority; os->NotifyObservers(static_cast(props), "ipc:process-priority-changed", nullptr); if (StaticPrefs:: dom_memory_foreground_content_processes_have_larger_page_cache()) { if (mProcessPriority >= hal::PROCESS_PRIORITY_FOREGROUND) { // Note: keep this in sync with the JS shell (js/src/shell/js.cpp). moz_set_max_dirty_page_modifier(4); } else if (mProcessPriority == hal::PROCESS_PRIORITY_BACKGROUND) { moz_set_max_dirty_page_modifier(-2); } else { moz_set_max_dirty_page_modifier(0); } } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvMinimizeMemoryUsage() { nsCOMPtr mgr = do_GetService("@mozilla.org/memory-reporter-manager;1"); NS_ENSURE_TRUE(mgr, IPC_OK()); Unused << mgr->MinimizeMemoryUsage(/* callback = */ nullptr); return IPC_OK(); } void ContentChild::AddIdleObserver(nsIObserver* aObserver, uint32_t aIdleTimeInS) { MOZ_ASSERT(aObserver, "null idle observer"); // Make sure aObserver isn't released while we wait for the parent aObserver->AddRef(); SendAddIdleObserver(reinterpret_cast(aObserver), aIdleTimeInS); mIdleObservers.Insert(aObserver); } void ContentChild::RemoveIdleObserver(nsIObserver* aObserver, uint32_t aIdleTimeInS) { MOZ_ASSERT(aObserver, "null idle observer"); SendRemoveIdleObserver(reinterpret_cast(aObserver), aIdleTimeInS); aObserver->Release(); mIdleObservers.Remove(aObserver); } mozilla::ipc::IPCResult ContentChild::RecvNotifyIdleObserver( const uint64_t& aObserver, const nsCString& aTopic, const nsString& aTimeStr) { nsIObserver* observer = reinterpret_cast(aObserver); if (mIdleObservers.Contains(observer)) { observer->Observe(nullptr, aTopic.get(), aTimeStr.get()); } else { NS_WARNING("Received notification for an idle observer that was removed."); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvLoadAndRegisterSheet( nsIURI* aURI, const uint32_t& aType) { if (!aURI) { return IPC_OK(); } nsStyleSheetService* sheetService = nsStyleSheetService::GetInstance(); if (sheetService) { sheetService->LoadAndRegisterSheet(aURI, aType); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUnregisterSheet( nsIURI* aURI, const uint32_t& aType) { if (!aURI) { return IPC_OK(); } nsStyleSheetService* sheetService = nsStyleSheetService::GetInstance(); if (sheetService) { sheetService->UnregisterSheet(aURI, aType); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvDomainSetChanged( const uint32_t& aSetType, const uint32_t& aChangeType, nsIURI* aDomain) { if (aChangeType == ACTIVATE_POLICY) { if (mPolicy) { return IPC_OK(); } nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); MOZ_ASSERT(ssm); ssm->ActivateDomainPolicyInternal(getter_AddRefs(mPolicy)); if (!mPolicy) { return IPC_FAIL_NO_REASON(this); } return IPC_OK(); } if (!mPolicy) { MOZ_ASSERT_UNREACHABLE( "If the domain policy is not active yet," " the first message should be ACTIVATE_POLICY"); return IPC_FAIL_NO_REASON(this); } NS_ENSURE_TRUE(mPolicy, IPC_FAIL_NO_REASON(this)); if (aChangeType == DEACTIVATE_POLICY) { mPolicy->Deactivate(); mPolicy = nullptr; return IPC_OK(); } nsCOMPtr set; switch (aSetType) { case BLOCKLIST: mPolicy->GetBlocklist(getter_AddRefs(set)); break; case SUPER_BLOCKLIST: mPolicy->GetSuperBlocklist(getter_AddRefs(set)); break; case ALLOWLIST: mPolicy->GetAllowlist(getter_AddRefs(set)); break; case SUPER_ALLOWLIST: mPolicy->GetSuperAllowlist(getter_AddRefs(set)); break; default: MOZ_ASSERT_UNREACHABLE("Unexpected setType"); return IPC_FAIL_NO_REASON(this); } MOZ_ASSERT(set); switch (aChangeType) { case ADD_DOMAIN: NS_ENSURE_TRUE(aDomain, IPC_FAIL_NO_REASON(this)); set->Add(aDomain); break; case REMOVE_DOMAIN: NS_ENSURE_TRUE(aDomain, IPC_FAIL_NO_REASON(this)); set->Remove(aDomain); break; case CLEAR_DOMAINS: set->Clear(); break; default: MOZ_ASSERT_UNREACHABLE("Unexpected changeType"); return IPC_FAIL_NO_REASON(this); } return IPC_OK(); } void ContentChild::StartForceKillTimer() { if (mForceKillTimer) { return; } int32_t timeoutSecs = StaticPrefs::dom_ipc_tabs_shutdownTimeoutSecs(); if (timeoutSecs > 0) { NS_NewTimerWithFuncCallback(getter_AddRefs(mForceKillTimer), ContentChild::ForceKillTimerCallback, this, timeoutSecs * 1000, nsITimer::TYPE_ONE_SHOT, "dom::ContentChild::StartForceKillTimer"); MOZ_ASSERT(mForceKillTimer); } } /* static */ void ContentChild::ForceKillTimerCallback(nsITimer* aTimer, void* aClosure) { ProcessChild::QuickExit(); } mozilla::ipc::IPCResult ContentChild::RecvShutdownConfirmedHP() { CrashReporter::AppendToCrashReportAnnotation( CrashReporter::Annotation::IPCShutdownState, "RecvShutdownConfirmedHP entry"_ns); // Bug 1755376: If we see "RecvShutdownConfirmedHP entry" often in // bug IPCError_ShutDownKill we might want to anticipate // ShutdownPhase::AppShutdownConfirmed to start here. return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvShutdown() { CrashReporter::AppendToCrashReportAnnotation( CrashReporter::Annotation::IPCShutdownState, "RecvShutdown entry"_ns); // Signal the ongoing shutdown to AppShutdown, this // will make abort nested SpinEventLoopUntilOrQuit loops AppShutdown::AdvanceShutdownPhaseWithoutNotify( ShutdownPhase::AppShutdownConfirmed); nsCOMPtr os = services::GetObserverService(); if (os) { CrashReporter::AppendToCrashReportAnnotation( CrashReporter::Annotation::IPCShutdownState, "content-child-will-shutdown started"_ns); os->NotifyObservers(ToSupports(this), "content-child-will-shutdown", nullptr); } ShutdownInternal(); return IPC_OK(); } void ContentChild::ShutdownInternal() { CrashReporter::AppendToCrashReportAnnotation( CrashReporter::Annotation::IPCShutdownState, "ShutdownInternal entry"_ns); // If we receive the shutdown message from within a nested event loop, we want // to wait for that event loop to finish. Otherwise we could prematurely // terminate an "unload" or "pagehide" event handler (which might be doing a // sync XHR, for example). MOZ_ASSERT(NS_IsMainThread()); RefPtr mainThread = nsThreadManager::get().GetCurrentThread(); // Note that we only have to check the recursion count for the current // cooperative thread. Since the Shutdown message is not labeled with a // SchedulerGroup, there can be no other cooperative threads doing work while // we're running. if (mainThread && mainThread->RecursionDepth() > 1) { // We're in a nested event loop. Let's delay for an arbitrary period of // time (100ms) in the hopes that the event loop will have finished by // then. GetCurrentSerialEventTarget()->DelayedDispatch( NewRunnableMethod("dom::ContentChild::RecvShutdown", this, &ContentChild::ShutdownInternal), 100); return; } mShuttingDown = true; #ifdef NIGHTLY_BUILD BackgroundHangMonitor::UnregisterAnnotator( PendingInputEventHangAnnotator::sSingleton); #endif if (mPolicy) { mPolicy->Deactivate(); mPolicy = nullptr; } nsCOMPtr os = services::GetObserverService(); if (os) { CrashReporter::AppendToCrashReportAnnotation( CrashReporter::Annotation::IPCShutdownState, "content-child-shutdown started"_ns); os->NotifyObservers(ToSupports(this), "content-child-shutdown", nullptr); } GetIPCChannel()->SetAbortOnError(false); if (mProfilerController) { const bool isProfiling = profiler_is_active(); CrashReporter::AnnotateCrashReport( CrashReporter::Annotation::ProfilerChildShutdownPhase, isProfiling ? "Profiling - GrabShutdownProfileAndShutdown"_ns : "Not profiling - GrabShutdownProfileAndShutdown"_ns); ProfileAndAdditionalInformation shutdownProfileAndAdditionalInformation = mProfilerController->GrabShutdownProfileAndShutdown(); CrashReporter::AnnotateCrashReport( CrashReporter::Annotation::ProfilerChildShutdownPhase, isProfiling ? "Profiling - Destroying ChildProfilerController"_ns : "Not profiling - Destroying ChildProfilerController"_ns); mProfilerController = nullptr; CrashReporter::AnnotateCrashReport( CrashReporter::Annotation::ProfilerChildShutdownPhase, isProfiling ? "Profiling - SendShutdownProfile (sending)"_ns : "Not profiling - SendShutdownProfile (sending)"_ns); if (const size_t len = shutdownProfileAndAdditionalInformation.SizeOf(); len >= size_t(IPC::Channel::kMaximumMessageSize)) { shutdownProfileAndAdditionalInformation.mProfile = nsPrintfCString( "*Profile from pid %u bigger (%zu) than IPC max (%zu)", unsigned(profiler_current_process_id().ToNumber()), len, size_t(IPC::Channel::kMaximumMessageSize)); } // Send the shutdown profile to the parent process through our own // message channel, which we know will survive for long enough. bool sent = SendShutdownProfile(shutdownProfileAndAdditionalInformation.mProfile); CrashReporter::AnnotateCrashReport( CrashReporter::Annotation::ProfilerChildShutdownPhase, sent ? (isProfiling ? "Profiling - SendShutdownProfile (sent)"_ns : "Not profiling - SendShutdownProfile (sent)"_ns) : (isProfiling ? "Profiling - SendShutdownProfile (failed)"_ns : "Not profiling - SendShutdownProfile (failed)"_ns)); } if (PerfStats::GetCollectionMask() != 0) { SendShutdownPerfStats(PerfStats::CollectLocalPerfStatsJSON()); } // Start a timer that will ensure we quickly exit after a reasonable period // of time. Prevents shutdown hangs after our connection to the parent // closes or when the parent is too busy to ever kill us. CrashReporter::AppendToCrashReportAnnotation( CrashReporter::Annotation::IPCShutdownState, "StartForceKillTimer"_ns); StartForceKillTimer(); CrashReporter::AppendToCrashReportAnnotation( CrashReporter::Annotation::IPCShutdownState, "SendFinishShutdown (sending)"_ns); // Notify the parent that we are done with shutdown. This is sent with high // priority and will just flag we are done. Unused << SendNotifyShutdownSuccess(); // Now tell the parent to actually destroy our channel which will make end // our process. This is expected to be the last event the parent will // ever process for this ContentChild. bool sent = SendFinishShutdown(); CrashReporter::AppendToCrashReportAnnotation( CrashReporter::Annotation::IPCShutdownState, sent ? "SendFinishShutdown (sent)"_ns : "SendFinishShutdown (failed)"_ns); } mozilla::ipc::IPCResult ContentChild::RecvUpdateWindow( const uintptr_t& aChildId) { MOZ_ASSERT( false, "ContentChild::RecvUpdateWindow calls unexpected on this platform."); return IPC_FAIL_NO_REASON(this); } PContentPermissionRequestChild* ContentChild::AllocPContentPermissionRequestChild( Span aRequests, nsIPrincipal* aPrincipal, nsIPrincipal* aTopLevelPrincipal, const bool& aIsHandlingUserInput, const bool& aMaybeUnsafePermissionDelegate, const TabId& aTabId) { MOZ_CRASH("unused"); return nullptr; } bool ContentChild::DeallocPContentPermissionRequestChild( PContentPermissionRequestChild* actor) { nsContentPermissionUtils::NotifyRemoveContentPermissionRequestChild(actor); auto child = static_cast(actor); child->IPDLRelease(); return true; } PWebBrowserPersistDocumentChild* ContentChild::AllocPWebBrowserPersistDocumentChild( PBrowserChild* aBrowser, const MaybeDiscarded& aContext) { return new WebBrowserPersistDocumentChild(); } mozilla::ipc::IPCResult ContentChild::RecvPWebBrowserPersistDocumentConstructor( PWebBrowserPersistDocumentChild* aActor, PBrowserChild* aBrowser, const MaybeDiscarded& aContext) { if (NS_WARN_IF(!aBrowser)) { return IPC_FAIL_NO_REASON(this); } if (aContext.IsNullOrDiscarded()) { aActor->SendInitFailure(NS_ERROR_NO_CONTENT); return IPC_OK(); } nsCOMPtr foundDoc = aContext.get()->GetDocument(); if (!foundDoc) { aActor->SendInitFailure(NS_ERROR_NO_CONTENT); } else { static_cast(aActor)->Start(foundDoc); } return IPC_OK(); } bool ContentChild::DeallocPWebBrowserPersistDocumentChild( PWebBrowserPersistDocumentChild* aActor) { delete aActor; return true; } mozilla::ipc::IPCResult ContentChild::RecvInvokeDragSession( const MaybeDiscarded& aSourceWindowContext, const MaybeDiscarded& aSourceTopWindowContext, nsTArray&& aTransferables, const uint32_t& aAction) { nsCOMPtr dragService = do_GetService("@mozilla.org/widget/dragservice;1"); if (dragService) { dragService->StartDragSession(); nsCOMPtr session; dragService->GetCurrentSession(getter_AddRefs(session)); if (session) { session->SetSourceWindowContext(aSourceWindowContext.GetMaybeDiscarded()); session->SetSourceTopWindowContext( aSourceTopWindowContext.GetMaybeDiscarded()); session->SetDragAction(aAction); // Check if we are receiving any file objects. If we are we will want // to hide any of the other objects coming in from content. bool hasFiles = false; for (uint32_t i = 0; i < aTransferables.Length() && !hasFiles; ++i) { auto& items = aTransferables[i].items(); for (uint32_t j = 0; j < items.Length() && !hasFiles; ++j) { if (items[j].data().type() == IPCTransferableDataType::TIPCTransferableDataBlob) { hasFiles = true; } } } // Add the entries from the IPC to the new DataTransfer nsCOMPtr dataTransfer = new DataTransfer(nullptr, eDragStart, false, -1); for (uint32_t i = 0; i < aTransferables.Length(); ++i) { auto& items = aTransferables[i].items(); for (uint32_t j = 0; j < items.Length(); ++j) { const IPCTransferableDataItem& item = items[j]; RefPtr variant = new nsVariantCC(); nsresult rv = nsContentUtils::IPCTransferableDataItemToVariant(item, variant); if (NS_FAILED(rv)) { continue; } // We should hide this data from content if we have a file, and we // aren't a file. bool hidden = hasFiles && item.data().type() != IPCTransferableDataType::TIPCTransferableDataBlob; dataTransfer->SetDataWithPrincipalFromOtherProcess( NS_ConvertUTF8toUTF16(item.flavor()), variant, i, nsContentUtils::GetSystemPrincipal(), hidden); } } session->SetDataTransfer(dataTransfer); } } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvEndDragSession( const bool& aDoneDrag, const bool& aUserCancelled, const LayoutDeviceIntPoint& aDragEndPoint, const uint32_t& aKeyModifiers, const uint32_t& aDropEffect) { nsCOMPtr dragService = do_GetService("@mozilla.org/widget/dragservice;1"); if (dragService) { nsCOMPtr dragSession = nsContentUtils::GetDragSession(); if (dragSession) { if (aUserCancelled) { dragSession->UserCancelled(); } RefPtr dataTransfer = dragSession->GetDataTransfer(); if (dataTransfer) { dataTransfer->SetDropEffectInt(aDropEffect); } } static_cast(dragService.get()) ->SetDragEndPoint(aDragEndPoint); dragService->EndDragSession(aDoneDrag, aKeyModifiers); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvPush(const nsCString& aScope, nsIPrincipal* aPrincipal, const nsString& aMessageId) { PushMessageDispatcher dispatcher(aScope, aPrincipal, aMessageId, Nothing()); Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers())); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvPushWithData( const nsCString& aScope, nsIPrincipal* aPrincipal, const nsString& aMessageId, nsTArray&& aData) { PushMessageDispatcher dispatcher(aScope, aPrincipal, aMessageId, Some(std::move(aData))); Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers())); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvPushSubscriptionChange( const nsCString& aScope, nsIPrincipal* aPrincipal) { PushSubscriptionChangeDispatcher dispatcher(aScope, aPrincipal); Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers())); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvPushError(const nsCString& aScope, nsIPrincipal* aPrincipal, const nsString& aMessage, const uint32_t& aFlags) { PushErrorDispatcher dispatcher(aScope, aPrincipal, aMessage, aFlags); Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers())); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvNotifyPushSubscriptionModifiedObservers( const nsCString& aScope, nsIPrincipal* aPrincipal) { PushSubscriptionModifiedDispatcher dispatcher(aScope, aPrincipal); Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObservers())); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvBlobURLRegistration( const nsCString& aURI, const IPCBlob& aBlob, nsIPrincipal* aPrincipal, const Maybe& aAgentClusterId) { RefPtr blobImpl = IPCBlobUtils::Deserialize(aBlob); MOZ_ASSERT(blobImpl); BlobURLProtocolHandler::AddDataEntry(aURI, aPrincipal, aAgentClusterId, blobImpl); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvBlobURLUnregistration( const nsCString& aURI) { BlobURLProtocolHandler::RemoveDataEntry( aURI, /* aBroadcastToOtherProcesses = */ false); return IPC_OK(); } void ContentChild::CreateGetFilesRequest(const nsAString& aDirectoryPath, bool aRecursiveFlag, nsID& aUUID, GetFilesHelperChild* aChild) { MOZ_ASSERT(aChild); MOZ_ASSERT(!mGetFilesPendingRequests.Contains(aUUID)); Unused << SendGetFilesRequest(aUUID, aDirectoryPath, aRecursiveFlag); mGetFilesPendingRequests.InsertOrUpdate(aUUID, RefPtr{aChild}); } void ContentChild::DeleteGetFilesRequest(nsID& aUUID, GetFilesHelperChild* aChild) { MOZ_ASSERT(aChild); MOZ_ASSERT(mGetFilesPendingRequests.Contains(aUUID)); Unused << SendDeleteGetFilesRequest(aUUID); mGetFilesPendingRequests.Remove(aUUID); } mozilla::ipc::IPCResult ContentChild::RecvGetFilesResponse( const nsID& aUUID, const GetFilesResponseResult& aResult) { RefPtr child; // This object can already been deleted in case DeleteGetFilesRequest has // been called when the response was sending by the parent. if (!mGetFilesPendingRequests.Remove(aUUID, getter_AddRefs(child))) { return IPC_OK(); } if (aResult.type() == GetFilesResponseResult::TGetFilesResponseFailure) { child->Finished(aResult.get_GetFilesResponseFailure().errorCode()); } else { MOZ_ASSERT(aResult.type() == GetFilesResponseResult::TGetFilesResponseSuccess); const nsTArray& ipcBlobs = aResult.get_GetFilesResponseSuccess().blobs(); bool succeeded = true; for (uint32_t i = 0; succeeded && i < ipcBlobs.Length(); ++i) { RefPtr impl = IPCBlobUtils::Deserialize(ipcBlobs[i]); succeeded = child->AppendBlobImpl(impl); } child->Finished(succeeded ? NS_OK : NS_ERROR_OUT_OF_MEMORY); } return IPC_OK(); } /* static */ void ContentChild::FatalErrorIfNotUsingGPUProcess(const char* const aErrorMsg, base::ProcessId aOtherPid) { // If we're communicating with the same process or the UI process then we // want to crash normally. Otherwise we want to just warn as the other end // must be the GPU process and it crashing shouldn't be fatal for us. if (aOtherPid == base::GetCurrentProcId() || (GetSingleton() && GetSingleton()->OtherPid() == aOtherPid)) { mozilla::ipc::FatalError(aErrorMsg, false); } else { nsAutoCString formattedMessage("IPDL error: \""); formattedMessage.AppendASCII(aErrorMsg); formattedMessage.AppendLiteral(R"(".)"); NS_WARNING(formattedMessage.get()); } } PURLClassifierChild* ContentChild::AllocPURLClassifierChild( nsIPrincipal* aPrincipal, bool* aSuccess) { *aSuccess = true; return new URLClassifierChild(); } bool ContentChild::DeallocPURLClassifierChild(PURLClassifierChild* aActor) { MOZ_ASSERT(aActor); delete aActor; return true; } PURLClassifierLocalChild* ContentChild::AllocPURLClassifierLocalChild( nsIURI* aUri, Span aFeatures) { return new URLClassifierLocalChild(); } bool ContentChild::DeallocPURLClassifierLocalChild( PURLClassifierLocalChild* aActor) { MOZ_ASSERT(aActor); delete aActor; return true; } PLoginReputationChild* ContentChild::AllocPLoginReputationChild(nsIURI* aUri) { return new PLoginReputationChild(); } bool ContentChild::DeallocPLoginReputationChild(PLoginReputationChild* aActor) { MOZ_ASSERT(aActor); delete aActor; return true; } PSessionStorageObserverChild* ContentChild::AllocPSessionStorageObserverChild() { MOZ_CRASH( "PSessionStorageObserverChild actors should be manually constructed!"); } bool ContentChild::DeallocPSessionStorageObserverChild( PSessionStorageObserverChild* aActor) { MOZ_ASSERT(aActor); delete aActor; return true; } mozilla::ipc::IPCResult ContentChild::RecvProvideAnonymousTemporaryFile( const uint64_t& aID, const FileDescOrError& aFDOrError) { mozilla::UniquePtr callback; mPendingAnonymousTemporaryFiles.Remove(aID, &callback); MOZ_ASSERT(callback); PRFileDesc* prfile = nullptr; if (aFDOrError.type() == FileDescOrError::Tnsresult) { DebugOnly rv = aFDOrError.get_nsresult(); MOZ_ASSERT(NS_FAILED(rv)); } else { auto rawFD = aFDOrError.get_FileDescriptor().ClonePlatformHandle(); prfile = PR_ImportFile(PROsfd(rawFD.release())); } (*callback)(prfile); return IPC_OK(); } nsresult ContentChild::AsyncOpenAnonymousTemporaryFile( const AnonymousTemporaryFileCallback& aCallback) { MOZ_ASSERT(NS_IsMainThread()); static uint64_t id = 0; auto newID = id++; if (!SendRequestAnonymousTemporaryFile(newID)) { return NS_ERROR_FAILURE; } // Remember the association with the callback. MOZ_ASSERT(!mPendingAnonymousTemporaryFiles.Get(newID)); mPendingAnonymousTemporaryFiles.GetOrInsertNew(newID, aCallback); return NS_OK; } mozilla::ipc::IPCResult ContentChild::RecvSetPermissionsWithKey( const nsCString& aPermissionKey, nsTArray&& aPerms) { RefPtr permManager = PermissionManager::GetInstance(); if (permManager) { permManager->SetPermissionsWithKey(aPermissionKey, aPerms); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvRefreshScreens( nsTArray&& aScreens) { ScreenManager& screenManager = ScreenManager::GetSingleton(); screenManager.Refresh(std::move(aScreens)); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvShareCodeCoverageMutex( CrossProcessMutexHandle aHandle) { #ifdef MOZ_CODE_COVERAGE CodeCoverageHandler::Init(std::move(aHandle)); return IPC_OK(); #else MOZ_CRASH("Shouldn't receive this message in non-code coverage builds!"); #endif } mozilla::ipc::IPCResult ContentChild::RecvFlushCodeCoverageCounters( FlushCodeCoverageCountersResolver&& aResolver) { #ifdef MOZ_CODE_COVERAGE CodeCoverageHandler::FlushCounters(); aResolver(/* unused */ true); return IPC_OK(); #else MOZ_CRASH("Shouldn't receive this message in non-code coverage builds!"); #endif } mozilla::ipc::IPCResult ContentChild::RecvSetInputEventQueueEnabled() { nsThreadManager::get().EnableMainThreadEventPrioritization(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvFlushInputEventQueue() { nsThreadManager::get().FlushInputEventPrioritization(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSuspendInputEventQueue() { nsThreadManager::get().SuspendInputEventPrioritization(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvResumeInputEventQueue() { nsThreadManager::get().ResumeInputEventPrioritization(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvAddDynamicScalars( nsTArray&& aDefs) { TelemetryIPC::AddDynamicScalarDefinitions(aDefs); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvCrossProcessRedirect( RedirectToRealChannelArgs&& aArgs, nsTArray>&& aEndpoints, CrossProcessRedirectResolver&& aResolve) { nsCOMPtr loadInfo; nsresult rv = mozilla::ipc::LoadInfoArgsToLoadInfo( aArgs.loadInfo(), NOT_REMOTE_TYPE, getter_AddRefs(loadInfo)); if (NS_FAILED(rv)) { MOZ_DIAGNOSTIC_ASSERT(false, "LoadInfoArgsToLoadInfo failed"); return IPC_OK(); } nsCOMPtr newChannel; MOZ_ASSERT((aArgs.loadStateInternalLoadFlags() & nsDocShell::InternalLoad::INTERNAL_LOAD_FLAGS_IS_SRCDOC) || aArgs.srcdocData().IsVoid()); rv = nsDocShell::CreateRealChannelForDocument( getter_AddRefs(newChannel), aArgs.uri(), loadInfo, nullptr, aArgs.newLoadFlags(), aArgs.srcdocData(), aArgs.baseUri()); if (RefPtr httpChannel = do_QueryObject(newChannel)) { httpChannel->SetEarlyHints(std::move(aArgs.earlyHints())); httpChannel->SetEarlyHintLinkType(aArgs.earlyHintLinkType()); } // This is used to report any errors back to the parent by calling // CrossProcessRedirectFinished. RefPtr httpChild = do_QueryObject(newChannel); auto resolve = [=](const nsresult& aRv) { nsresult rv = aRv; if (httpChild) { rv = httpChild->CrossProcessRedirectFinished(rv); } aResolve(rv); }; auto scopeExit = MakeScopeExit([&]() { resolve(rv); }); if (NS_FAILED(rv)) { return IPC_OK(); } if (nsCOMPtr httpChannel = do_QueryInterface(newChannel)) { rv = httpChannel->SetChannelId(aArgs.channelId()); } if (NS_FAILED(rv)) { return IPC_OK(); } rv = newChannel->SetOriginalURI(aArgs.originalURI()); if (NS_FAILED(rv)) { return IPC_OK(); } if (nsCOMPtr httpChannelInternal = do_QueryInterface(newChannel)) { rv = httpChannelInternal->SetRedirectMode(aArgs.redirectMode()); } if (NS_FAILED(rv)) { return IPC_OK(); } if (aArgs.init()) { HttpBaseChannel::ReplacementChannelConfig config(std::move(*aArgs.init())); HttpBaseChannel::ConfigureReplacementChannel( newChannel, config, HttpBaseChannel::ReplacementReason::DocumentChannel); } if (aArgs.contentDisposition()) { newChannel->SetContentDisposition(*aArgs.contentDisposition()); } if (aArgs.contentDispositionFilename()) { newChannel->SetContentDispositionFilename( *aArgs.contentDispositionFilename()); } if (nsCOMPtr childChannel = do_QueryInterface(newChannel)) { // Connect to the parent if this is a remote channel. If it's entirely // handled locally, then we'll call AsyncOpen from the docshell when // we complete the setup rv = childChannel->ConnectParent( aArgs.registrarId()); // creates parent channel if (NS_FAILED(rv)) { return IPC_OK(); } } // We need to copy the property bag before signaling that the channel // is ready so that the nsDocShell can retrieve the history data when called. if (nsCOMPtr bag = do_QueryInterface(newChannel)) { nsHashPropertyBag::CopyFrom(bag, aArgs.properties()); } RefPtr loadState; rv = nsDocShellLoadState::CreateFromPendingChannel( newChannel, aArgs.loadIdentifier(), aArgs.registrarId(), getter_AddRefs(loadState)); if (NS_WARN_IF(NS_FAILED(rv))) { return IPC_OK(); } loadState->SetLoadFlags(aArgs.loadStateExternalLoadFlags()); loadState->SetInternalLoadFlags(aArgs.loadStateInternalLoadFlags()); if (IsValidLoadType(aArgs.loadStateLoadType())) { loadState->SetLoadType(aArgs.loadStateLoadType()); } if (aArgs.loadingSessionHistoryInfo().isSome()) { loadState->SetLoadingSessionHistoryInfo( aArgs.loadingSessionHistoryInfo().ref()); } if (aArgs.originalUriString().isSome()) { loadState->SetOriginalURIString(aArgs.originalUriString().ref()); } RefPtr processListener = ChildProcessChannelListener::GetSingleton(); // The listener will call completeRedirectSetup or asyncOpen on the channel. processListener->OnChannelReady(loadState, aArgs.loadIdentifier(), std::move(aEndpoints), aArgs.timing(), std::move(resolve)); scopeExit.release(); // scopeExit will call CrossProcessRedirectFinished(rv) here return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvStartDelayedAutoplayMediaComponents( const MaybeDiscarded& aContext) { if (NS_WARN_IF(aContext.IsNullOrDiscarded())) { return IPC_OK(); } aContext.get()->StartDelayedAutoplayMediaComponents(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUpdateMediaControlAction( const MaybeDiscarded& aContext, const MediaControlAction& aAction) { if (NS_WARN_IF(aContext.IsNullOrDiscarded())) { return IPC_OK(); } ContentMediaControlKeyHandler::HandleMediaControlAction(aContext.get(), aAction); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvOnAllowAccessFor( const MaybeDiscarded& aContext, const nsCString& aTrackingOrigin, uint32_t aCookieBehavior, const ContentBlockingNotifier::StorageAccessPermissionGrantedReason& aReason) { MOZ_ASSERT(!aContext.IsNull(), "Browsing context cannot be null"); StorageAccessAPIHelper::OnAllowAccessFor( aContext.GetMaybeDiscarded(), aTrackingOrigin, aCookieBehavior, aReason); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvOnContentBlockingDecision( const MaybeDiscarded& aContext, const ContentBlockingNotifier::BlockingDecision& aDecision, uint32_t aRejectedReason) { MOZ_ASSERT(!aContext.IsNull(), "Browsing context cannot be null"); nsCOMPtr outer = aContext.get()->GetDOMWindow(); if (!outer) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context without a outer " "window")); return IPC_OK(); } nsCOMPtr inner = outer->GetCurrentInnerWindow(); if (!inner) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context without a inner " "window")); return IPC_OK(); } ContentBlockingNotifier::OnDecision(inner, aDecision, aRejectedReason); return IPC_OK(); } #ifdef NIGHTLY_BUILD void ContentChild::OnChannelReceivedMessage(const Message& aMsg) { if (nsContentUtils::IsMessageInputEvent(aMsg)) { mPendingInputEvents++; } } PContentChild::Result ContentChild::OnMessageReceived(const Message& aMsg) { if (nsContentUtils::IsMessageInputEvent(aMsg)) { DebugOnly prevEvts = mPendingInputEvents--; MOZ_ASSERT(prevEvts > 0); } return PContentChild::OnMessageReceived(aMsg); } PContentChild::Result ContentChild::OnMessageReceived( const Message& aMsg, UniquePtr& aReply) { return PContentChild::OnMessageReceived(aMsg, aReply); } #endif mozilla::ipc::IPCResult ContentChild::RecvCreateBrowsingContext( uint64_t aGroupId, BrowsingContext::IPCInitializer&& aInit) { // We can't already have a BrowsingContext with this ID. if (RefPtr existing = BrowsingContext::Get(aInit.mId)) { return IPC_FAIL(this, "Browsing context already exists"); } RefPtr parent = WindowContext::GetById(aInit.mParentId); if (!parent && aInit.mParentId != 0) { // Handle this case by ignoring the request, as parent must be in the // process of being discarded. // In the future it would be nice to avoid sending this message to the child // at all. NS_WARNING("Attempt to attach BrowsingContext to discarded parent"); return IPC_OK(); } RefPtr group = BrowsingContextGroup::GetOrCreate(aGroupId); return BrowsingContext::CreateFromIPC(std::move(aInit), group, nullptr); } mozilla::ipc::IPCResult ContentChild::RecvDiscardBrowsingContext( const MaybeDiscarded& aContext, bool aDoDiscard, DiscardBrowsingContextResolver&& aResolve) { if (BrowsingContext* context = aContext.GetMaybeDiscarded()) { if (aDoDiscard && !context->IsDiscarded()) { context->Detach(/* aFromIPC */ true); } context->AddDiscardListener(aResolve); return IPC_OK(); } // Immediately resolve the promise, as we've received the message. This will // allow the parent process to discard references to this BC. aResolve(true); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvRegisterBrowsingContextGroup( uint64_t aGroupId, nsTArray&& aInits) { RefPtr group = BrowsingContextGroup::GetOrCreate(aGroupId); // Each of the initializers in aInits is sorted in pre-order, so our parent // should always be available before the element itself. for (auto& initUnion : aInits) { switch (initUnion.type()) { case SyncedContextInitializer::TBrowsingContextInitializer: { auto& init = initUnion.get_BrowsingContextInitializer(); #ifdef DEBUG RefPtr existing = BrowsingContext::Get(init.mId); MOZ_ASSERT(!existing, "BrowsingContext must not exist yet!"); RefPtr parent = init.GetParent(); MOZ_ASSERT_IF(parent, parent->Group() == group); #endif BrowsingContext::CreateFromIPC(std::move(init), group, nullptr); break; } case SyncedContextInitializer::TWindowContextInitializer: { auto& init = initUnion.get_WindowContextInitializer(); #ifdef DEBUG RefPtr existing = WindowContext::GetById(init.mInnerWindowId); MOZ_ASSERT(!existing, "WindowContext must not exist yet!"); RefPtr parent = BrowsingContext::Get(init.mBrowsingContextId); MOZ_ASSERT(parent && parent->Group() == group); #endif WindowContext::CreateFromIPC(std::move(init)); break; }; default: MOZ_ASSERT_UNREACHABLE(); } } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvDestroyBrowsingContextGroup( uint64_t aGroupId) { if (RefPtr group = BrowsingContextGroup::GetExisting(aGroupId)) { group->ChildDestroy(); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvWindowClose( const MaybeDiscarded& aContext, bool aTrustedCaller) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsCOMPtr window = aContext.get()->GetDOMWindow(); if (!window) { MOZ_LOG( BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context without a window")); return IPC_OK(); } // Call `GetDocument()` to force the document and its inner window to be // created, as it would be forced to be created if this call was being // performed in-process. if (NS_WARN_IF(!aContext.get()->GetDocument())) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context but document " "creation failed")); return IPC_OK(); } nsGlobalWindowOuter::Cast(window)->CloseOuter(aTrustedCaller); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvWindowFocus( const MaybeDiscarded& aContext, CallerType aCallerType, uint64_t aActionId) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsCOMPtr window = aContext.get()->GetDOMWindow(); if (!window) { MOZ_LOG( BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context without a window")); return IPC_OK(); } // Call `GetDocument()` to force the document and its inner window to be // created, as it would be forced to be created if this call was being // performed in-process. if (NS_WARN_IF(!aContext.get()->GetDocument())) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context but document " "creation failed")); return IPC_OK(); } nsGlobalWindowOuter::Cast(window)->FocusOuter( aCallerType, /* aFromOtherProcess */ true, aActionId); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvWindowBlur( const MaybeDiscarded& aContext, CallerType aCallerType) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsCOMPtr window = aContext.get()->GetDOMWindow(); if (!window) { MOZ_LOG( BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context without a window")); return IPC_OK(); } // Call `GetDocument()` to force the document and its inner window to be // created, as it would be forced to be created if this call was being // performed in-process. if (NS_WARN_IF(!aContext.get()->GetDocument())) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context but document " "creation failed")); return IPC_OK(); } nsGlobalWindowOuter::Cast(window)->BlurOuter(aCallerType); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvRaiseWindow( const MaybeDiscarded& aContext, CallerType aCallerType, uint64_t aActionId) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsCOMPtr window = aContext.get()->GetDOMWindow(); if (!window) { MOZ_LOG( BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context without a window")); return IPC_OK(); } if (RefPtr fm = nsFocusManager::GetFocusManager()) { fm->RaiseWindow(window, aCallerType, aActionId); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvAdjustWindowFocus( const MaybeDiscarded& aContext, bool aIsVisible, uint64_t aActionId) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } if (RefPtr fm = nsFocusManager::GetFocusManager()) { RefPtr bc = aContext.get(); fm->AdjustInProcessWindowFocus(bc, false, aIsVisible, aActionId); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvClearFocus( const MaybeDiscarded& aContext) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsCOMPtr window = aContext.get()->GetDOMWindow(); if (!window) { MOZ_LOG( BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context without a window")); return IPC_OK(); } if (RefPtr fm = nsFocusManager::GetFocusManager()) { fm->ClearFocus(window); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSetFocusedBrowsingContext( const MaybeDiscarded& aContext, uint64_t aActionId) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsFocusManager* fm = nsFocusManager::GetFocusManager(); if (fm) { fm->SetFocusedBrowsingContextFromOtherProcess(aContext.get(), aActionId); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSetActiveBrowsingContext( const MaybeDiscarded& aContext, uint64_t aActionId) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsFocusManager* fm = nsFocusManager::GetFocusManager(); if (fm) { fm->SetActiveBrowsingContextFromOtherProcess(aContext.get(), aActionId); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvAbortOrientationPendingPromises( const MaybeDiscarded& aContext) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } dom::ScreenOrientation::AbortInProcessOrientationPromises(aContext.get()); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvUnsetActiveBrowsingContext( const MaybeDiscarded& aContext, uint64_t aActionId) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsFocusManager* fm = nsFocusManager::GetFocusManager(); if (fm) { fm->UnsetActiveBrowsingContextFromOtherProcess(aContext.get(), aActionId); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSetFocusedElement( const MaybeDiscarded& aContext, bool aNeedsFocus) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsCOMPtr window = aContext.get()->GetDOMWindow(); if (!window) { MOZ_LOG( BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context without a window")); return IPC_OK(); } window->SetFocusedElement(nullptr, 0, aNeedsFocus); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvFinalizeFocusOuter( const MaybeDiscarded& aContext, bool aCanFocus, CallerType aCallerType) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } if (Element* frame = aContext.get()->GetEmbedderElement()) { nsContentUtils::RequestFrameFocus(*frame, aCanFocus, aCallerType); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvBlurToChild( const MaybeDiscarded& aFocusedBrowsingContext, const MaybeDiscarded& aBrowsingContextToClear, const MaybeDiscarded& aAncestorBrowsingContextToFocus, bool aIsLeavingDocument, bool aAdjustWidget, uint64_t aActionId) { if (aFocusedBrowsingContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } RefPtr fm = nsFocusManager::GetFocusManager(); if (MOZ_UNLIKELY(!fm)) { return IPC_OK(); } RefPtr toClear = aBrowsingContextToClear.IsDiscarded() ? nullptr : aBrowsingContextToClear.get(); RefPtr toFocus = aAncestorBrowsingContextToFocus.IsDiscarded() ? nullptr : aAncestorBrowsingContextToFocus.get(); RefPtr focusedBrowsingContext = aFocusedBrowsingContext.get(); fm->BlurFromOtherProcess(focusedBrowsingContext, toClear, toFocus, aIsLeavingDocument, aAdjustWidget, aActionId); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvSetupFocusedAndActive( const MaybeDiscarded& aFocusedBrowsingContext, uint64_t aActionIdForFocused, const MaybeDiscarded& aActiveBrowsingContext, uint64_t aActionIdForActive) { nsFocusManager* fm = nsFocusManager::GetFocusManager(); if (fm) { if (!aActiveBrowsingContext.IsNullOrDiscarded()) { fm->SetActiveBrowsingContextFromOtherProcess(aActiveBrowsingContext.get(), aActionIdForActive); } if (!aFocusedBrowsingContext.IsNullOrDiscarded()) { fm->SetFocusedBrowsingContextFromOtherProcess( aFocusedBrowsingContext.get(), aActionIdForFocused); } } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvReviseActiveBrowsingContext( uint64_t aOldActionId, const MaybeDiscarded& aActiveBrowsingContext, uint64_t aNewActionId) { nsFocusManager* fm = nsFocusManager::GetFocusManager(); if (fm && !aActiveBrowsingContext.IsNullOrDiscarded()) { fm->ReviseActiveBrowsingContext(aOldActionId, aActiveBrowsingContext.get(), aNewActionId); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvReviseFocusedBrowsingContext( uint64_t aOldActionId, const MaybeDiscarded& aFocusedBrowsingContext, uint64_t aNewActionId) { nsFocusManager* fm = nsFocusManager::GetFocusManager(); if (fm && !aFocusedBrowsingContext.IsNullOrDiscarded()) { fm->ReviseFocusedBrowsingContext( aOldActionId, aFocusedBrowsingContext.get(), aNewActionId); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvMaybeExitFullscreen( const MaybeDiscarded& aContext) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } nsIDocShell* shell = aContext.get()->GetDocShell(); if (!shell) { return IPC_OK(); } Document* doc = shell->GetDocument(); if (doc && doc->GetFullscreenElement()) { Document::AsyncExitFullscreen(doc); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvWindowPostMessage( const MaybeDiscarded& aContext, const ClonedOrErrorMessageData& aMessage, const PostMessageData& aData) { if (aContext.IsNullOrDiscarded()) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to dead or detached context")); return IPC_OK(); } RefPtr window = nsGlobalWindowOuter::Cast(aContext.get()->GetDOMWindow()); if (!window) { MOZ_LOG( BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context without a window")); return IPC_OK(); } nsCOMPtr providedPrincipal; if (!window->GetPrincipalForPostMessage( aData.targetOrigin(), aData.targetOriginURI(), aData.callerPrincipal(), *aData.subjectPrincipal(), getter_AddRefs(providedPrincipal))) { return IPC_OK(); } // Call `GetDocument()` to force the document and its inner window to be // created, as it would be forced to be created if this call was being // performed in-process. if (NS_WARN_IF(!aContext.get()->GetDocument())) { MOZ_LOG(BrowsingContext::GetLog(), LogLevel::Debug, ("ChildIPC: Trying to send a message to a context but document " "creation failed")); return IPC_OK(); } // It's OK if `sourceBc` has already been discarded, so long as we can // continue to wrap it. RefPtr sourceBc = aData.source().GetMaybeDiscarded(); // Create and asynchronously dispatch a runnable which will handle actual DOM // event creation and dispatch. RefPtr event = new PostMessageEvent(sourceBc, aData.origin(), window, providedPrincipal, aData.innerWindowId(), aData.callerURI(), aData.scriptLocation(), aData.isFromPrivateWindow()); event->UnpackFrom(aMessage); event->DispatchToTargetThread(IgnoredErrorResult()); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvCommitBrowsingContextTransaction( const MaybeDiscarded& aContext, BrowsingContext::BaseTransaction&& aTransaction, uint64_t aEpoch) { return aTransaction.CommitFromIPC(aContext, aEpoch, this); } mozilla::ipc::IPCResult ContentChild::RecvCommitWindowContextTransaction( const MaybeDiscarded& aContext, WindowContext::BaseTransaction&& aTransaction, uint64_t aEpoch) { return aTransaction.CommitFromIPC(aContext, aEpoch, this); } mozilla::ipc::IPCResult ContentChild::RecvCreateWindowContext( WindowContext::IPCInitializer&& aInit) { RefPtr bc = BrowsingContext::Get(aInit.mBrowsingContextId); if (!bc) { // Handle this case by ignoring the request, as bc must be in the process of // being discarded. // In the future it would be nice to avoid sending this message to the child // at all. NS_WARNING("Attempt to attach WindowContext to discarded parent"); return IPC_OK(); } WindowContext::CreateFromIPC(std::move(aInit)); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvDiscardWindowContext( uint64_t aContextId, DiscardWindowContextResolver&& aResolve) { // Resolve immediately to acknowledge call aResolve(true); RefPtr window = WindowContext::GetById(aContextId); if (NS_WARN_IF(!window) || NS_WARN_IF(window->IsDiscarded())) { return IPC_OK(); } window->Discard(); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvScriptError( const nsString& aMessage, const nsString& aSourceName, const nsString& aSourceLine, const uint32_t& aLineNumber, const uint32_t& aColNumber, const uint32_t& aFlags, const nsCString& aCategory, const bool& aFromPrivateWindow, const uint64_t& aInnerWindowId, const bool& aFromChromeContext) { nsresult rv = NS_OK; nsCOMPtr consoleService = do_GetService(NS_CONSOLESERVICE_CONTRACTID, &rv); NS_ENSURE_SUCCESS(rv, IPC_FAIL(this, "Failed to get console service")); nsCOMPtr scriptError( do_CreateInstance(NS_SCRIPTERROR_CONTRACTID)); NS_ENSURE_TRUE(scriptError, IPC_FAIL(this, "Failed to construct nsIScriptError")); scriptError->InitWithWindowID(aMessage, aSourceName, aSourceLine, aLineNumber, aColNumber, aFlags, aCategory, aInnerWindowId, aFromChromeContext); rv = consoleService->LogMessage(scriptError); NS_ENSURE_SUCCESS(rv, IPC_FAIL(this, "Failed to log script error")); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvReportFrameTimingData( const mozilla::Maybe& loadInfoArgs, const nsString& entryName, const nsString& initiatorType, UniquePtr&& aData) { if (!aData) { return IPC_FAIL(this, "aData should not be null"); } if (loadInfoArgs.isNothing()) { return IPC_FAIL(this, "loadInfoArgs should not be null"); } nsCOMPtr loadInfo; nsresult rv = mozilla::ipc::LoadInfoArgsToLoadInfo( loadInfoArgs, NOT_REMOTE_TYPE, getter_AddRefs(loadInfo)); if (NS_FAILED(rv)) { MOZ_DIAGNOSTIC_ASSERT(false, "LoadInfoArgsToLoadInfo failed"); return IPC_OK(); } // It is important to call LoadInfo::GetPerformanceStorage instead of simply // getting the performance object via the innerWindowID in order to perform // necessary cross origin checks. if (PerformanceStorage* storage = loadInfo->GetPerformanceStorage()) { storage->AddEntry(entryName, initiatorType, std::move(aData)); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvLoadURI( const MaybeDiscarded& aContext, nsDocShellLoadState* aLoadState, bool aSetNavigating, LoadURIResolver&& aResolve) { auto resolveOnExit = MakeScopeExit([&] { aResolve(true); }); if (aContext.IsNullOrDiscarded()) { return IPC_OK(); } RefPtr context = aContext.get(); if (!context->IsInProcess()) { // The DocShell has been torn down or the BrowsingContext has changed // process in the middle of the load request. There's not much we can do at // this point, so just give up. return IPC_OK(); } context->LoadURI(aLoadState, aSetNavigating); nsCOMPtr window = context->GetDOMWindow(); BrowserChild* bc = BrowserChild::GetFrom(window); if (bc) { bc->NotifyNavigationFinished(); } #ifdef MOZ_CRASHREPORTER if (CrashReporter::GetEnabled()) { nsCOMPtr annotationURI; nsresult rv = NS_MutateURI(aLoadState->URI()) .SetUserPass(""_ns) .Finalize(annotationURI); if (NS_FAILED(rv)) { // Ignore failures on about: URIs. annotationURI = aLoadState->URI(); } CrashReporter::AnnotateCrashReport(CrashReporter::Annotation::URL, annotationURI->GetSpecOrDefault()); } #endif return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvInternalLoad( nsDocShellLoadState* aLoadState) { if (!aLoadState->Target().IsEmpty() || aLoadState->TargetBrowsingContext().IsNull()) { return IPC_FAIL(this, "must already be retargeted"); } if (aLoadState->TargetBrowsingContext().IsDiscarded()) { return IPC_OK(); } RefPtr context = aLoadState->TargetBrowsingContext().get(); context->InternalLoad(aLoadState); #ifdef MOZ_CRASHREPORTER if (CrashReporter::GetEnabled()) { nsCOMPtr annotationURI; nsresult rv = NS_MutateURI(aLoadState->URI()) .SetUserPass(""_ns) .Finalize(annotationURI); if (NS_FAILED(rv)) { // Ignore failures on about: URIs. annotationURI = aLoadState->URI(); } CrashReporter::AnnotateCrashReport(CrashReporter::Annotation::URL, annotationURI->GetSpecOrDefault()); } #endif return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvDisplayLoadError( const MaybeDiscarded& aContext, const nsAString& aURI) { if (aContext.IsNullOrDiscarded()) { return IPC_OK(); } RefPtr context = aContext.get(); context->DisplayLoadError(aURI); nsCOMPtr window = context->GetDOMWindow(); BrowserChild* bc = BrowserChild::GetFrom(window); if (bc) { bc->NotifyNavigationFinished(); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvHistoryCommitIndexAndLength( const MaybeDiscarded& aContext, const uint32_t& aIndex, const uint32_t& aLength, const nsID& aChangeID) { if (!aContext.IsNullOrDiscarded()) { ChildSHistory* shistory = aContext.get()->GetChildSessionHistory(); if (shistory) { shistory->SetIndexAndLength(aIndex, aLength, aChangeID); } } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvGetLayoutHistoryState( const MaybeDiscarded& aContext, GetLayoutHistoryStateResolver&& aResolver) { nsCOMPtr state; nsIDocShell* docShell; mozilla::Maybe wireframe; if (!aContext.IsNullOrDiscarded() && (docShell = aContext.get()->GetDocShell())) { docShell->PersistLayoutHistoryState(); docShell->GetLayoutHistoryState(getter_AddRefs(state)); wireframe = static_cast(docShell)->GetWireframe(); } aResolver( std::tuple&>( state, wireframe)); return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvDispatchLocationChangeEvent( const MaybeDiscarded& aContext) { if (!aContext.IsNullOrDiscarded() && aContext.get()->GetDocShell()) { aContext.get()->GetDocShell()->DispatchLocationChangeEvent(); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvDispatchBeforeUnloadToSubtree( const MaybeDiscarded& aStartingAt, DispatchBeforeUnloadToSubtreeResolver&& aResolver) { if (aStartingAt.IsNullOrDiscarded()) { aResolver(nsIContentViewer::eAllowNavigation); } else { DispatchBeforeUnloadToSubtree(aStartingAt.get(), std::move(aResolver)); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvDecoderSupportedMimeTypes( nsTArray&& aSupportedTypes) { #ifdef MOZ_WIDGET_ANDROID AndroidDecoderModule::SetSupportedMimeTypes(std::move(aSupportedTypes)); #endif return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvInitNextGenLocalStorageEnabled( const bool& aEnabled) { mozilla::dom::RecvInitNextGenLocalStorageEnabled(aEnabled); return IPC_OK(); } /* static */ void ContentChild::DispatchBeforeUnloadToSubtree( BrowsingContext* aStartingAt, const DispatchBeforeUnloadToSubtreeResolver& aResolver) { bool resolved = false; aStartingAt->PreOrderWalk([&](dom::BrowsingContext* aBC) { if (aBC->GetDocShell()) { nsCOMPtr contentViewer; aBC->GetDocShell()->GetContentViewer(getter_AddRefs(contentViewer)); if (contentViewer && contentViewer->DispatchBeforeUnload() == nsIContentViewer::eRequestBlockNavigation && !resolved) { // Send our response as soon as we find any blocker, so that we can show // the permit unload prompt as soon as possible, without giving // subsequent handlers a chance to delay it. aResolver(nsIContentViewer::eRequestBlockNavigation); resolved = true; } } }); if (!resolved) { aResolver(nsIContentViewer::eAllowNavigation); } } mozilla::ipc::IPCResult ContentChild::RecvGoBack( const MaybeDiscarded& aContext, const Maybe& aCancelContentJSEpoch, bool aRequireUserInteraction, bool aUserActivation) { if (aContext.IsNullOrDiscarded()) { return IPC_OK(); } BrowsingContext* bc = aContext.get(); if (RefPtr docShell = nsDocShell::Cast(bc->GetDocShell())) { if (aCancelContentJSEpoch) { docShell->SetCancelContentJSEpoch(*aCancelContentJSEpoch); } docShell->GoBack(aRequireUserInteraction, aUserActivation); if (BrowserChild* browserChild = BrowserChild::GetFrom(docShell)) { browserChild->NotifyNavigationFinished(); } } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvGoForward( const MaybeDiscarded& aContext, const Maybe& aCancelContentJSEpoch, bool aRequireUserInteraction, bool aUserActivation) { if (aContext.IsNullOrDiscarded()) { return IPC_OK(); } BrowsingContext* bc = aContext.get(); if (RefPtr docShell = nsDocShell::Cast(bc->GetDocShell())) { if (aCancelContentJSEpoch) { docShell->SetCancelContentJSEpoch(*aCancelContentJSEpoch); } docShell->GoForward(aRequireUserInteraction, aUserActivation); if (BrowserChild* browserChild = BrowserChild::GetFrom(docShell)) { browserChild->NotifyNavigationFinished(); } } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvGoToIndex( const MaybeDiscarded& aContext, const int32_t& aIndex, const Maybe& aCancelContentJSEpoch, bool aUserActivation) { if (aContext.IsNullOrDiscarded()) { return IPC_OK(); } BrowsingContext* bc = aContext.get(); if (RefPtr docShell = nsDocShell::Cast(bc->GetDocShell())) { if (aCancelContentJSEpoch) { docShell->SetCancelContentJSEpoch(*aCancelContentJSEpoch); } docShell->GotoIndex(aIndex, aUserActivation); if (BrowserChild* browserChild = BrowserChild::GetFrom(docShell)) { browserChild->NotifyNavigationFinished(); } } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvReload( const MaybeDiscarded& aContext, const uint32_t aReloadFlags) { if (aContext.IsNullOrDiscarded()) { return IPC_OK(); } BrowsingContext* bc = aContext.get(); if (RefPtr docShell = nsDocShell::Cast(bc->GetDocShell())) { docShell->Reload(aReloadFlags); } return IPC_OK(); } mozilla::ipc::IPCResult ContentChild::RecvStopLoad( const MaybeDiscarded& aContext, const uint32_t aStopFlags) { if (aContext.IsNullOrDiscarded()) { return IPC_OK(); } BrowsingContext* bc = aContext.get(); if (auto* docShell = nsDocShell::Cast(bc->GetDocShell())) { docShell->Stop(aStopFlags); } return IPC_OK(); } #if defined(MOZ_SANDBOX) && defined(MOZ_DEBUG) && defined(ENABLE_TESTS) mozilla::ipc::IPCResult ContentChild::RecvInitSandboxTesting( Endpoint&& aEndpoint) { if (!SandboxTestingChild::Initialize(std::move(aEndpoint))) { return IPC_FAIL( this, "InitSandboxTesting failed to initialise the child process."); } return IPC_OK(); } #endif NS_IMETHODIMP ContentChild::GetChildID(uint64_t* aOut) { *aOut = mID; return NS_OK; } NS_IMETHODIMP ContentChild::GetActor(const nsACString& aName, JSContext* aCx, JSProcessActorChild** retval) { ErrorResult error; RefPtr actor = JSActorManager::GetActor(aCx, aName, error) .downcast(); if (error.MaybeSetPendingException(aCx)) { return NS_ERROR_FAILURE; } actor.forget(retval); return NS_OK; } NS_IMETHODIMP ContentChild::GetExistingActor(const nsACString& aName, JSProcessActorChild** retval) { RefPtr actor = JSActorManager::GetExistingActor(aName).downcast(); actor.forget(retval); return NS_OK; } already_AddRefed ContentChild::InitJSActor( JS::Handle aMaybeActor, const nsACString& aName, ErrorResult& aRv) { RefPtr actor; if (aMaybeActor.get()) { aRv = UNWRAP_OBJECT(JSProcessActorChild, aMaybeActor.get(), actor); if (aRv.Failed()) { return nullptr; } } else { actor = new JSProcessActorChild(); } MOZ_RELEASE_ASSERT(!actor->Manager(), "mManager was already initialized once!"); actor->Init(aName, this); return actor.forget(); } IPCResult ContentChild::RecvRawMessage(const JSActorMessageMeta& aMeta, const Maybe& aData, const Maybe& aStack) { Maybe data; if (aData) { data.emplace(); data->BorrowFromClonedMessageData(*aData); } Maybe stack; if (aStack) { stack.emplace(); stack->BorrowFromClonedMessageData(*aStack); } ReceiveRawMessage(aMeta, std::move(data), std::move(stack)); return IPC_OK(); } NS_IMETHODIMP ContentChild::GetCanSend(bool* aCanSend) { *aCanSend = CanSend(); return NS_OK; } ContentChild* ContentChild::AsContentChild() { return this; } JSActorManager* ContentChild::AsJSActorManager() { return this; } IPCResult ContentChild::RecvFlushFOGData(FlushFOGDataResolver&& aResolver) { glean::FlushFOGData(std::move(aResolver)); return IPC_OK(); } IPCResult ContentChild::RecvUpdateMediaCodecsSupported( RemoteDecodeIn aLocation, const media::MediaCodecsSupported& aSupported) { RemoteDecoderManagerChild::SetSupported(aLocation, aSupported); return IPC_OK(); } } // namespace dom #if defined(__OpenBSD__) && defined(MOZ_SANDBOX) static LazyLogModule sPledgeLog("OpenBSDSandbox"); NS_IMETHODIMP OpenBSDFindPledgeUnveilFilePath(const char* file, nsACString& result) { struct stat st; // Allow overriding files in /etc/$MOZ_APP_NAME result.Assign(nsPrintfCString("/etc/%s/%s", MOZ_APP_NAME, file)); if (stat(PromiseFlatCString(result).get(), &st) == 0) { return NS_OK; } // Or look in the system default directory result.Assign(nsPrintfCString( "/usr/local/lib/%s/browser/defaults/preferences/%s", MOZ_APP_NAME, file)); if (stat(PromiseFlatCString(result).get(), &st) == 0) { return NS_OK; } errx(1, "can't locate %s", file); } NS_IMETHODIMP OpenBSDPledgePromises(const nsACString& aPath) { // Using NS_LOCAL_FILE_CONTRACTID/NS_LOCALFILEINPUTSTREAM_CONTRACTID requires // a lot of setup before they are supported and we want to pledge early on // before all of that, so read the file directly std::ifstream input(PromiseFlatCString(aPath).get()); // Build up one line of pledge promises without comments nsAutoCString promises; bool disabled = false; int linenum = 0; for (std::string tLine; std::getline(input, tLine);) { nsAutoCString line(tLine.c_str()); linenum++; // Cut off any comments at the end of the line, also catches lines // that are entirely a comment int32_t hash = line.FindChar('#'); if (hash >= 0) { line = Substring(line, 0, hash); } line.CompressWhitespace(true, true); if (line.IsEmpty()) { continue; } if (linenum == 1 && line.EqualsLiteral("disable")) { disabled = true; break; } if (!promises.IsEmpty()) { promises.Append(" "); } promises.Append(line); } input.close(); if (disabled) { warnx("%s: disabled", PromiseFlatCString(aPath).get()); } else { MOZ_LOG( sPledgeLog, LogLevel::Debug, ("%s: pledge(%s)\n", PromiseFlatCString(aPath).get(), promises.get())); if (pledge(promises.get(), nullptr) != 0) { err(1, "%s: pledge(%s) failed", PromiseFlatCString(aPath).get(), promises.get()); } } return NS_OK; } void ExpandUnveilPath(nsAutoCString& path) { // Expand $XDG_RUNTIME_DIR to the environment variable, or ~/.cache nsCString xdgRuntimeDir(PR_GetEnv("XDG_RUNTIME_DIR")); if (xdgRuntimeDir.IsEmpty()) { xdgRuntimeDir = "~/.cache"; } path.ReplaceSubstring("$XDG_RUNTIME_DIR", xdgRuntimeDir.get()); // Expand $XDG_CONFIG_HOME to the environment variable, or ~/.config nsCString xdgConfigHome(PR_GetEnv("XDG_CONFIG_HOME")); if (xdgConfigHome.IsEmpty()) { xdgConfigHome = "~/.config"; } path.ReplaceSubstring("$XDG_CONFIG_HOME", xdgConfigHome.get()); // Expand $XDG_CACHE_HOME to the environment variable, or ~/.cache nsCString xdgCacheHome(PR_GetEnv("XDG_CACHE_HOME")); if (xdgCacheHome.IsEmpty()) { xdgCacheHome = "~/.cache"; } path.ReplaceSubstring("$XDG_CACHE_HOME", xdgCacheHome.get()); // Expand $XDG_DATA_HOME to the environment variable, or ~/.local/share nsCString xdgDataHome(PR_GetEnv("XDG_DATA_HOME")); if (xdgDataHome.IsEmpty()) { xdgDataHome = "~/.local/share"; } path.ReplaceSubstring("$XDG_DATA_HOME", xdgDataHome.get()); // Expand leading ~ to the user's home directory nsCOMPtr homeDir; nsresult rv = GetSpecialSystemDirectory(Unix_HomeDirectory, getter_AddRefs(homeDir)); if (NS_FAILED(rv)) { errx(1, "failed getting home directory"); } if (path.FindChar('~') == 0) { nsCString tHome(homeDir->NativePath()); tHome.Append(Substring(path, 1, path.Length() - 1)); path = tHome.get(); } } void MkdirP(nsAutoCString& path) { // nsLocalFile::CreateAllAncestors would be nice to use nsAutoCString tPath(""); for (const nsACString& dir : path.Split('/')) { struct stat st; if (dir.IsEmpty()) { continue; } tPath.Append("/"); tPath.Append(dir); if (stat(tPath.get(), &st) == -1) { if (mkdir(tPath.get(), 0700) == -1) { err(1, "failed mkdir(%s) while MkdirP(%s)", PromiseFlatCString(tPath).get(), PromiseFlatCString(path).get()); } } } } NS_IMETHODIMP OpenBSDUnveilPaths(const nsACString& uPath, const nsACString& pledgePath) { // Using NS_LOCAL_FILE_CONTRACTID/NS_LOCALFILEINPUTSTREAM_CONTRACTID requires // a lot of setup before they are allowed/supported and we want to pledge and // unveil early on before all of that is setup std::ifstream input(PromiseFlatCString(uPath).get()); bool disabled = false; int linenum = 0; for (std::string tLine; std::getline(input, tLine);) { nsAutoCString line(tLine.c_str()); linenum++; // Cut off any comments at the end of the line, also catches lines // that are entirely a comment int32_t hash = line.FindChar('#'); if (hash >= 0) { line = Substring(line, 0, hash); } line.CompressWhitespace(true, true); if (line.IsEmpty()) { continue; } if (linenum == 1 && line.EqualsLiteral("disable")) { disabled = true; break; } int32_t space = line.FindChar(' '); if (space <= 0) { errx(1, "%s: line %d: invalid format", PromiseFlatCString(uPath).get(), linenum); } nsAutoCString uPath(Substring(line, 0, space)); ExpandUnveilPath(uPath); nsAutoCString perms(Substring(line, space + 1, line.Length() - space - 1)); MOZ_LOG(sPledgeLog, LogLevel::Debug, ("%s: unveil(%s, %s)\n", PromiseFlatCString(uPath).get(), uPath.get(), perms.get())); if (unveil(uPath.get(), perms.get()) == -1 && errno != ENOENT) { err(1, "%s: unveil(%s, %s) failed", PromiseFlatCString(uPath).get(), uPath.get(), perms.get()); } } input.close(); if (disabled) { warnx("%s: disabled", PromiseFlatCString(uPath).get()); } else { struct stat st; // Only unveil the pledgePath file if it's not already unveiled, otherwise // some containing directory will lose visibility. if (stat(PromiseFlatCString(pledgePath).get(), &st) == -1) { if (errno == ENOENT) { if (unveil(PromiseFlatCString(pledgePath).get(), "r") == -1) { err(1, "unveil(%s, r) failed", PromiseFlatCString(pledgePath).get()); } } else { err(1, "stat(%s)", PromiseFlatCString(pledgePath).get()); } } } return NS_OK; } bool StartOpenBSDSandbox(GeckoProcessType type, ipc::SandboxingKind kind) { nsAutoCString pledgeFile; nsAutoCString unveilFile; char binaryPath[MAXPATHLEN]; switch (type) { case GeckoProcessType_Default: { OpenBSDFindPledgeUnveilFilePath("pledge.main", pledgeFile); OpenBSDFindPledgeUnveilFilePath("unveil.main", unveilFile); // Ensure dconf dir exists before we veil the filesystem nsAutoCString dConf("$XDG_RUNTIME_DIR/dconf"); ExpandUnveilPath(dConf); MkdirP(dConf); break; } case GeckoProcessType_Content: OpenBSDFindPledgeUnveilFilePath("pledge.content", pledgeFile); OpenBSDFindPledgeUnveilFilePath("unveil.content", unveilFile); break; case GeckoProcessType_GPU: OpenBSDFindPledgeUnveilFilePath("pledge.gpu", pledgeFile); OpenBSDFindPledgeUnveilFilePath("unveil.gpu", unveilFile); break; case GeckoProcessType_Socket: OpenBSDFindPledgeUnveilFilePath("pledge.socket", pledgeFile); OpenBSDFindPledgeUnveilFilePath("unveil.socket", unveilFile); break; case GeckoProcessType_RDD: OpenBSDFindPledgeUnveilFilePath("pledge.rdd", pledgeFile); OpenBSDFindPledgeUnveilFilePath("unveil.rdd", unveilFile); break; case GeckoProcessType_Utility: { MOZ_RELEASE_ASSERT(kind <= SandboxingKind::COUNT, "Should define a sandbox"); switch (kind) { case ipc::SandboxingKind::GENERIC_UTILITY: default: OpenBSDFindPledgeUnveilFilePath("pledge.utility", pledgeFile); OpenBSDFindPledgeUnveilFilePath("unveil.utility", unveilFile); break; } } break; default: MOZ_ASSERT(false, "unknown process type"); return false; } nsresult rv = mozilla::BinaryPath::Get(binaryPath); if (NS_FAILED(rv)) { errx(1, "failed to cache binary path ?"); } if (NS_WARN_IF(NS_FAILED(OpenBSDUnveilPaths(unveilFile, pledgeFile)))) { errx(1, "failed reading/parsing %s", unveilFile.get()); } if (NS_WARN_IF(NS_FAILED(OpenBSDPledgePromises(pledgeFile)))) { errx(1, "failed reading/parsing %s", pledgeFile.get()); } // Don't overwrite an existing session dbus address, but ensure it is set if (!PR_GetEnv("DBUS_SESSION_BUS_ADDRESS")) { PR_SetEnv("DBUS_SESSION_BUS_ADDRESS="); } return true; } #endif } // namespace mozilla /* static */ nsIDOMProcessChild* nsIDOMProcessChild::GetSingleton() { if (XRE_IsContentProcess()) { return mozilla::dom::ContentChild::GetSingleton(); } return mozilla::dom::InProcessChild::Singleton(); }