Add a new field about an injection method in the third-party-module ping
Categories
(Firefox :: Launcher Process, task, P3)
Tracking
()
Tracking | Status | |
---|---|---|
firefox78 | --- | fixed |
People
(Reporter: toshi, Assigned: toshi)
References
Details
Attachments
(4 files)
It would be useful if we can collect how a third-party module was injected into our process. Especially we need modules which use IAT modification because blocking those modules block process launch. Before enabling pre-spawn CIG, we need to whitelist them,
Assignee | ||
Comment 1•4 years ago
|
||
This patch adds a new optional field isDependent
the third-party-modules ping
which indicates the module is loaded via the executable's Import Directory Table.
It's important to collect this information because blocking such modules break
process launch.
This patch also partially reverts Bug 1587539, moving a logic to detect Import
Directory tampering to PEHeaders
's ctor. With this, we can skip generating
a map of the executable's dependent modules if no tampering is detected.
Updated•4 years ago
|
Updated•4 years ago
|
Assignee | ||
Comment 2•4 years ago
|
||
This patch adds an optional boolean field isDependent
to the third-party-modules ping whose value is copied
from ProcessedModuleLoadEvent::mIsDependent
.
Depends on D66274
Assignee | ||
Comment 3•4 years ago
|
||
Comment 4•4 years ago
|
||
Comment 5•4 years ago
|
||
Comment on attachment 9135146 [details] data-review-request-for-bug1620118.txt DATA COLLECTION REVIEW RESPONSE: Is there or will there be documentation that describes the schema for the ultimate data set available publicly, complete and accurate? Yes. This collection is documented in its [in-tree documentation](https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/data/third-party-modules-ping.html). Is there a control mechanism that allows the user to turn the data collection on and off? Yes. This collection is Telemetry so can be controlled through Firefox's Preferences. If the request is for permanent data collection, is there someone who will monitor the data over time? Yes, :toshi is responsible. Using the category system of data types on the Mozilla wiki, what collection type of data do the requested measurements fall under? Category 1, Technical. Is the data collection request for default-on or default-off? Default on for all channels. Does the instrumentation include the addition of any new identifiers? No. Is the data collection covered by the existing Firefox privacy notice? Yes. Does there need to be a check-in in the future to determine whether to renew the data? No. This collection is permanent. --- Result: datareview+
Pushed by dluca@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b1e328341851 Part 1: Add ProcessedModuleLoadEvent::mIsDependent. r=aklotz https://hg.mozilla.org/integration/autoland/rev/6f7df44940a5 Part 2: Add isDependent field to the third-party-modules ping. r=chutten
Comment 7•4 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/b1e328341851
https://hg.mozilla.org/mozilla-central/rev/6f7df44940a5
Description
•