Closed Bug 1348269 Opened 8 years ago Closed 8 years ago

Report on last_warning and last_error from BrokerServices::SpawnTarget.

Categories

(Core :: Security: Process Sandboxing, enhancement)

All
Windows
enhancement
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla55
Tracking Status
firefox55 --- fixed

People

(Reporter: bobowen, Assigned: Alex_Gaynor)

References

Details

(Whiteboard: sbwc3)

Attachments

(1 file)

Just noticed during a rebase that I'd forgotten about these two new out params (last_warning and last_error) from SpawnTarget. We should probably report these in some way, depending on the return value I imagine. Possibly always report for last_warning.
Flags: needinfo?(bobowencode)
I don't think we need to block on this for the current milestone (sbwc2), but I'd like to pick it up soon, so dropping it into sbwc3.
Flags: needinfo?(bobowencode)
Whiteboard: sb? → sbwc3
(Still learning the code, sorry if this is a question with an obvious answer!) Where were you thinking would be the right place to report these? Looking up the stack, I see the caller prints to EnvironmentLog("MOZ_PROCESS_LOG"); somewhere like that?
Flags: needinfo?(bobowencode)
(In reply to Alex Gaynor from comment #2) > (Still learning the code, sorry if this is a question with an obvious > answer!) Where were you thinking would be the right place to report these? > Looking up the stack, I see the caller prints to > EnvironmentLog("MOZ_PROCESS_LOG"); somewhere like that? I hadn't put all that much thought into it, just filed so I didn't forget about it. :-) I think at least we would want to use MOZ_LOG, with the appropriate levels (there's already a LOG_E macro defined). I'm guessing that |last_error| should only be something other than ERROR_SUCCESS when |result| is false. It might be useful to add to telemetry [1], to see if there are problems that we're not seeing through bug reports or crashes. I'm particularly thinking about |last_warning| here, although I haven't looked to see in what circumstances this gets set but the process still starts. When |result| is false it might make sense to use AnnotateCrashReport as well, as the child process won't have been started and there's a chance this might lead to a crash. [1] https://gecko.readthedocs.io/en/latest/toolkit/components/telemetry/telemetry/collection/index.html
Flags: needinfo?(bobowencode)
Attachment #8854455 - Flags: review?(bobowencode)
Assignee: nobody → agaynor
Comment on attachment 8854455 [details] Bug 1348269 - When SpawnTarget fails during Windows sandboxed process creation, log more information https://reviewboard.mozilla.org/r/126388/#review129304 If we're just going to add MOZ_LOG logging in this bug, can you file a follow-up for adding in Telemetry and/or crash reporting annotations, please. ::: commit-message-89198:1 (Diff revision 1) > +Bug 1348269 - When SpawnTarget fails, log more information nit: for a bit more context can we add the following after "fails" please: during Windows sandboxed process creation ::: security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp:115 (Diff revision 1) > + LOG_E("Failed (ResultCode %d) to SpawnTarget with last_error=%d, last_warning=%d", > + result, last_error, last_warning); > return false; > } Looks like it can only currently happen for lowbox tokens, which we haven't tried to use yet. However for completeness can we add an: } else if (sandbox::SBOX_ALL_OK != last_warning) { and log the error and warning at Warning level
Blocks: 1353734
Comment on attachment 8854455 [details] Bug 1348269 - When SpawnTarget fails during Windows sandboxed process creation, log more information https://reviewboard.mozilla.org/r/126388/#review129472 Thanks Alex. ::: security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp:117 (Diff revisions 1 - 2) > DWORD last_error = ERROR_SUCCESS; > result = sBrokerService->SpawnTarget(aPath, aArguments, mPolicy, > &last_warning, &last_error, &targetInfo); > if (sandbox::SBOX_ALL_OK != result) { > LOG_E("Failed (ResultCode %d) to SpawnTarget with last_error=%d, last_warning=%d", > result, last_error, last_warning); nit: sorry didn't spot this before, please indent to line up with the first parameter above. Same thing in the LOG_W below. ::: security/sandbox/win/src/sandboxbroker/sandboxBroker.cpp:120 (Diff revisions 1 - 2) > if (sandbox::SBOX_ALL_OK != result) { > LOG_E("Failed (ResultCode %d) to SpawnTarget with last_error=%d, last_warning=%d", > result, last_error, last_warning); > return false; > + } else if (sandbox::SBOX_ALL_OK != last_warning) { > + // If these was a warning (but the result was still ok), log it and proceed. nit: s/these/there/
Attachment #8854455 - Flags: review?(bobowencode) → review+
Keywords: checkin-needed
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/autoland/rev/0c17353ada46 When SpawnTarget fails during Windows sandboxed process creation, log more information r=bobowen
Keywords: checkin-needed
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla55
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: