Open Bug 1381019 (win32k-lockdown) Opened 3 years ago Updated 2 days ago

[meta] Remove win32k access from content process

Categories

(Core :: Security: Process Sandboxing, enhancement, P2)

Unspecified
Windows
enhancement

Tracking

()

People

(Reporter: Alex_Gaynor, Assigned: jimm)

References

(Depends on 12 open bugs, Blocks 2 open bugs)

Details

(4 keywords, Whiteboard: sb+)

This is a meta bug for work towards removing win32k usage from the content process, and using the windows8+ mitigation policy to disable access to it.

This work is currently in the research/scoping phase - it is known that we make use of win32k APIs in the content process and we need to establish where and come up with a plan for dealing with all of them.
Depends on: 1381022
Depends on: 1362220
Depends on: 1381938
Depends on: 1382232
See Also: → 1382251
Depends on: 1382326
Depends on: 1382333
Keywords: meta
Whiteboard: sb+
Depends on: 1382795
Depends on: 1383083
Depends on: 1383522
Depends on: win32k-fonts
No longer depends on: 1382795
Depends on: win32k-plugin
No longer depends on: 1362220
Blocks: sb-audio
Depends on: 1395238
Depends on: win32k-webrtc
Depends on: 1395315
Depends on: 1400317
Depends on: 1400344
Alias: win32k-lockdown
Depends on: 1402922
Priority: -- → P3
Depends on: 1394163
Depends on: 1407992
Depends on: 1403302
Assignee: nobody → jmathies
Priority: P3 → P2
Depends on: webrender
Depends on: linux-nnt
No longer depends on: linux-nnt
Depends on: canvas-ipc
Depends on: webgl-ipc-refactor
Depends on: 1527823
Depends on: 1533097
Depends on: 1533100
No longer depends on: 1383522
Depends on: 1539577
No longer depends on: 1539577
Depends on: 1539841
Depends on: 1541029
No longer depends on: 1541029
No longer depends on: 1400317
Depends on: 1535704
Depends on: 1546154
Depends on: 1546156
Depends on: 1400317
You need to log in before you can comment on or make changes to this bug.