Closed
Bug 1452090
Opened 6 years ago
Closed 6 years ago
Only enable handle verifier on 32-bit Nightly and debug builds
Categories
(Core :: Security: Process Sandboxing, enhancement, P1)
Tracking
()
RESOLVED
FIXED
mozilla61
People
(Reporter: bobowen, Assigned: bobowen)
References
Details
Attachments
(1 file)
|
7.47 KB,
patch
|
jimm
:
review+
RyanVM
:
approval-mozilla-esr60+
|
Details | Diff | Splinter Review |
Chromium only currently enables this on x86 Canary, developer and debug builds. This also adds hooks similar to chromium to monitor handle closing for non-verifier tracked handles, to catch where problems exist in other code. We might want to turn this on for Beta at some point as our Nightly Win32 coverage is pretty poor. I'm also adding an environment variable MOZ_ENABLE_HANDLE_VERIFIER, so it can be turned on for any build, which might prove useful.
|
Assignee | |
Comment 1•6 years ago
|
||
The hooks cause assertions on 64-bit builds anyway: https://treeherder.mozilla.org/#/jobs?repo=try&revision=16863768c4ad2cff208f6275f09242cb6ca49cbf Here's a push for 32-bit only: https://treeherder.mozilla.org/#/jobs?repo=try&revision=c9f42154781679076917e6e97fd02f3e0c62b38e
|
|
Assignee | |
Comment 2•6 years ago
|
||
This also adds the ability to enable it using the environement variable MOZ_ENABLE_HANDLE_VERIFIER.
Attachment #8965701 -
Flags: review?(jmathies)
|
||
Updated•6 years ago
|
Attachment #8965701 -
Flags: review?(jmathies) → review+
Pushed by bobowencode@gmail.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/d0c0f90a710d Only enable handle verifier on 32-bit Nightly and debug builds. r=jimm
|
||
Comment 4•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/d0c0f90a710d
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox61:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
|
|
Assignee | |
Comment 5•6 years ago
|
||
Comment on attachment 8965701 [details] [diff] [review] Only enable handle verifier on 32-bit Nightly and debug builds [Approval Request Comment] If this is not a sec:{high,crit} bug, please state case for ESR consideration: The ActiveVerifier has caused a couple of different crashes. Chrome don't have it turned on in Release for this reason and I've just realised that my patch to turn it off missed ESR. User impact if declined: Crashes associated with the ActiveVerifier will still occur and there is possibly some performance impact as well. Fix Landed on Version: Fx61 Risk to taking this patch (and alternatives if risky): Fairly low, while the patch does add some hooking code it is only actually used on Nightly. The other change is just to not use the ActiveVerifier, which is diagnostic code to try and catch Windows Handle management issues, but can introduce its own crashes as well. The diagnostic code would still crash either way round, so turning it off should only improve stability. String or UUID changes made by this patch: None. See https://wiki.mozilla.org/Release_Management/ESR_Landing_Process for more info.
Attachment #8965701 -
Flags: approval-mozilla-esr60?
|
||
Comment 6•6 years ago
|
||
Comment on attachment 8965701 [details] [diff] [review] Only enable handle verifier on 32-bit Nightly and debug builds Avoids crashes by not shipping code that was intended for pre-release audiences only. Approved for ESR 60.1.
Attachment #8965701 -
Flags: approval-mozilla-esr60? → approval-mozilla-esr60+
|
|
||
Comment 7•6 years ago
|
||
| bugherder uplift | ||
https://hg.mozilla.org/releases/mozilla-esr60/rev/e85d91afc9a3
status-firefox-esr60:
--- → fixed
Flags: in-testsuite+
You need to log in
before you can comment on or make changes to this bug.
Description
•