Merge pull request #323 from MoonchildProductions/nuke-sandbox

Nuke sandbox

13 files changed, 1 insertions, 169 deletions

diff --git a/xpcom/base/nsSystemInfo.cpp b/xpcom/base/nsSystemInfo.cpp
index f6d9fd5ad..a72dd3826 100644
--- a/xpcom/base/nsSystemInfo.cpp
+++ b/xpcom/base/nsSystemInfo.cpp
@@ -66,10 +66,6 @@ NS_EXPORT int android_sdk_version;
 #include <sys/sysctl.h>
 #endif
 
-#if defined(XP_LINUX) && defined(MOZ_SANDBOX)
-#include "mozilla/SandboxInfo.h"
-#endif
-
 // Slot for NS_InitXPCOM2 to pass information to nsSystemInfo::Init.
 // Only set to nonzero (potentially) if XP_UNIX.  On such systems, the
 // system call to discover the appropriate value is not thread-safe,
@@ -789,29 +785,6 @@ nsSystemInfo::Init()
   }
 #endif
 
-#if defined(XP_LINUX) && defined(MOZ_SANDBOX)
-  SandboxInfo sandInfo = SandboxInfo::Get();
-
-  SetPropertyAsBool(NS_LITERAL_STRING("hasSeccompBPF"),
-                    sandInfo.Test(SandboxInfo::kHasSeccompBPF));
-  SetPropertyAsBool(NS_LITERAL_STRING("hasSeccompTSync"),
-                    sandInfo.Test(SandboxInfo::kHasSeccompTSync));
-  SetPropertyAsBool(NS_LITERAL_STRING("hasUserNamespaces"),
-                    sandInfo.Test(SandboxInfo::kHasUserNamespaces));
-  SetPropertyAsBool(NS_LITERAL_STRING("hasPrivilegedUserNamespaces"),
-                    sandInfo.Test(SandboxInfo::kHasPrivilegedUserNamespaces));
-
-  if (sandInfo.Test(SandboxInfo::kEnabledForContent)) {
-    SetPropertyAsBool(NS_LITERAL_STRING("canSandboxContent"),
-                      sandInfo.CanSandboxContent());
-  }
-
-  if (sandInfo.Test(SandboxInfo::kEnabledForMedia)) {
-    SetPropertyAsBool(NS_LITERAL_STRING("canSandboxMedia"),
-                      sandInfo.CanSandboxMedia());
-  }
-#endif // XP_LINUX && MOZ_SANDBOX
-
   return NS_OK;
 }
 
diff --git a/xpcom/build/XREChildData.h b/xpcom/build/XREChildData.h
index 487fede94..96b297d3c 100644
--- a/xpcom/build/XREChildData.h
+++ b/xpcom/build/XREChildData.h
@@ -9,14 +9,6 @@
 
 #include "mozilla/UniquePtr.h"
 
-#if defined(XP_WIN) && defined(MOZ_SANDBOX)
-#include "mozilla/sandboxing/loggingTypes.h"
-
-namespace sandbox {
-class TargetServices;
-}
-#endif
-
 namespace mozilla {
 namespace gmp {
 class GMPLoader;
@@ -35,17 +27,6 @@ struct XREChildData
   mozilla::UniquePtr<mozilla::gmp::GMPLoader> gmpLoader;
 #endif
 
-#if defined(XP_WIN) && defined(MOZ_SANDBOX)
-  /**
-   * Chromium sandbox TargetServices.
-   */
-  sandbox::TargetServices* sandboxTargetServices = nullptr;
-
-  /**
-   * Function to provide a logging function to the chromium sandbox code.
-   */
-  mozilla::sandboxing::ProvideLogFunctionCb ProvideLogFunction = nullptr;
-#endif
 };
 
 #endif // XREChildData_h
diff --git a/xpcom/build/XREShellData.h b/xpcom/build/XREShellData.h
deleted file mode 100644
index 11bc162d9..000000000
--- a/xpcom/build/XREShellData.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef XREShellData_h
-#define XREShellData_h
-
-#if defined(XP_WIN) && defined(MOZ_SANDBOX)
-namespace sandbox {
-class BrokerServices;
-}
-#endif
-
-/**
- * Data needed by XRE_XPCShellMain.
- */
-struct XREShellData
-{
-#if defined(XP_WIN) && defined(MOZ_SANDBOX)
-  /**
-   * Chromium sandbox BrokerServices.
-   */
-  sandbox::BrokerServices* sandboxBrokerServices;
-#endif
-};
-
-#endif // XREShellData_h
diff --git a/xpcom/build/moz.build b/xpcom/build/moz.build
index 68bd001a2..e0adba0a2 100644
--- a/xpcom/build/moz.build
+++ b/xpcom/build/moz.build
@@ -12,7 +12,6 @@ EXPORTS += [
     'nsXULAppAPI.h',
     'XREChildData.h',
     'xrecore.h',
-    'XREShellData.h',
 ]
 
 EXPORTS.mozilla += [
diff --git a/xpcom/build/nsXREAppData.h b/xpcom/build/nsXREAppData.h
index fbc7adb8f..129336ac9 100644
--- a/xpcom/build/nsXREAppData.h
+++ b/xpcom/build/nsXREAppData.h
@@ -12,12 +12,6 @@
 
 class nsIFile;
 
-#if defined(XP_WIN) && defined(MOZ_SANDBOX)
-namespace sandbox {
-class BrokerServices;
-}
-#endif
-
 /**
  * Application-specific data needed to start the apprunner.
  *
@@ -134,13 +128,6 @@ struct nsXREAppData
    * The application name to use in the User Agent string.
    */
   const char* UAName;
-
-#if defined(XP_WIN) && defined(MOZ_SANDBOX)
-  /**
-   * Chromium sandbox BrokerServices.
-   */
-  sandbox::BrokerServices* sandboxBrokerServices;
-#endif
 };
 
 /**
diff --git a/xpcom/build/nsXULAppAPI.h b/xpcom/build/nsXULAppAPI.h
index aae248ca1..c077c7e36 100644
--- a/xpcom/build/nsXULAppAPI.h
+++ b/xpcom/build/nsXULAppAPI.h
@@ -20,7 +20,6 @@
 #include "mozilla/Vector.h"
 #include "mozilla/TimeStamp.h"
 #include "XREChildData.h"
-#include "XREShellData.h"
 
 /**
  * A directory service key which provides the platform-correct "application
@@ -504,8 +503,7 @@ XRE_API(void,
         XRE_EnableSameExecutableForContentProc, ())
 
 XRE_API(int,
-        XRE_XPCShellMain, (int argc, char** argv, char** envp,
-                           const XREShellData* aShellData))
+        XRE_XPCShellMain, (int argc, char** argv, char** envp))
 
 #if MOZ_WIDGET_GTK == 2
 XRE_API(void,
diff --git a/xpcom/glue/AppData.cpp b/xpcom/glue/AppData.cpp
index 845267e60..2fdb6b009 100644
--- a/xpcom/glue/AppData.cpp
+++ b/xpcom/glue/AppData.cpp
@@ -65,10 +65,6 @@ ScopedAppData::ScopedAppData(const nsXREAppData* aAppData)
   if (aAppData->size > offsetof(nsXREAppData, UAName)) {
     SetAllocatedString(this->UAName, aAppData->UAName);
   }
-
-#if defined(XP_WIN) && defined(MOZ_SANDBOX)
-  sandboxBrokerServices = aAppData->sandboxBrokerServices;
-#endif
 }
 
 ScopedAppData::~ScopedAppData()
diff --git a/xpcom/io/SpecialSystemDirectory.cpp b/xpcom/io/SpecialSystemDirectory.cpp
index ab65d38f9..158431088 100644
--- a/xpcom/io/SpecialSystemDirectory.cpp
+++ b/xpcom/io/SpecialSystemDirectory.cpp
@@ -705,12 +705,6 @@ GetSpecialSystemDirectory(SystemDirectories aSystemSystemDirectory,
       }
       return rv;
     }
-#if defined(MOZ_CONTENT_SANDBOX)
-    case Win_LocalAppdataLow: {
-      GUID localAppDataLowGuid = FOLDERID_LocalAppDataLow;
-      return GetKnownFolder(&localAppDataLowGuid, aFile);
-    }
-#endif
     case Win_Documents: {
       return GetLibrarySaveToPath(CSIDL_MYDOCUMENTS,
                                   FOLDERID_DocumentsLibrary,
diff --git a/xpcom/io/SpecialSystemDirectory.h b/xpcom/io/SpecialSystemDirectory.h
index 7c7f8fa42..b1ce31b74 100644
--- a/xpcom/io/SpecialSystemDirectory.h
+++ b/xpcom/io/SpecialSystemDirectory.h
@@ -76,9 +76,6 @@ enum SystemDirectories {
   Win_Pictures              =   233,
   Win_Music                 =   234,
   Win_Videos                =   235,
-#if defined(MOZ_CONTENT_SANDBOX)
-  Win_LocalAppdataLow       =   236,
-#endif
 
   Unix_LocalDirectory       =   301,
   Unix_LibDirectory         =   302,
diff --git a/xpcom/io/nsAppDirectoryServiceDefs.h b/xpcom/io/nsAppDirectoryServiceDefs.h
index aa0a68816..3da85c987 100644
--- a/xpcom/io/nsAppDirectoryServiceDefs.h
+++ b/xpcom/io/nsAppDirectoryServiceDefs.h
@@ -84,35 +84,6 @@
 
 #define NS_APP_PERMISSION_PARENT_DIR            "permissionDBPDir"
 
-#if (defined(XP_WIN) || defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX)
-//
-// NS_APP_CONTENT_PROCESS_TEMP_DIR refers to a directory that is read and
-// write accessible from a sandboxed content process. The key may be used in
-// either process, but the directory is intended to be used for short-lived
-// files that need to be saved to the filesystem by the content process and
-// don't need to survive browser restarts. The directory is reset on startup.
-// The key is only valid when MOZ_CONTENT_SANDBOX is defined. When
-// MOZ_CONTENT_SANDBOX is defined, the directory the key refers to differs
-// depending on whether or not content sandboxing is enabled.
-//
-// When MOZ_CONTENT_SANDBOX is defined and sandboxing is enabled (versus
-// manually disabled via prefs), the content process replaces NS_OS_TEMP_DIR
-// with NS_APP_CONTENT_PROCESS_TEMP_DIR so that legacy code in content
-// attempting to write to NS_OS_TEMP_DIR will write to
-// NS_APP_CONTENT_PROCESS_TEMP_DIR instead. When MOZ_CONTENT_SANDBOX is
-// defined but sandboxing is disabled, NS_APP_CONTENT_PROCESS_TEMP_DIR
-// falls back to NS_OS_TEMP_DIR in both content and chrome processes.
-//
-// New code should avoid writing to the filesystem from the content process
-// and should instead proxy through the parent process whenever possible.
-//
-// At present, all sandboxed content processes use the same directory for
-// NS_APP_CONTENT_PROCESS_TEMP_DIR, but that should not be relied upon.
-//
-#define NS_APP_CONTENT_PROCESS_TEMP_DIR         "ContentTmpD"
-#else
-// Otherwise NS_APP_CONTENT_PROCESS_TEMP_DIR must match NS_OS_TEMP_DIR.
 #define NS_APP_CONTENT_PROCESS_TEMP_DIR         "TmpD"
-#endif // (defined(XP_WIN) || defined(XP_MACOSX)) && defined(MOZ_CONTENT_SANDBOX)
 
 #endif // nsAppDirectoryServiceDefs_h___
diff --git a/xpcom/io/nsDirectoryService.cpp b/xpcom/io/nsDirectoryService.cpp
index a4d962395..cfcce096d 100644
--- a/xpcom/io/nsDirectoryService.cpp
+++ b/xpcom/io/nsDirectoryService.cpp
@@ -490,27 +490,6 @@ nsDirectoryService::UnregisterProvider(nsIDirectoryServiceProvider* aProv)
   return NS_OK;
 }
 
-#if defined(MOZ_CONTENT_SANDBOX) && defined(XP_WIN)
-static nsresult
-GetLowIntegrityTempBase(nsIFile** aLowIntegrityTempBase)
-{
-  nsCOMPtr<nsIFile> localFile;
-  nsresult rv = GetSpecialSystemDirectory(Win_LocalAppdataLow,
-                                          getter_AddRefs(localFile));
-  if (NS_WARN_IF(NS_FAILED(rv))) {
-    return rv;
-  }
-
-  rv = localFile->Append(NS_LITERAL_STRING(MOZ_USER_DIR));
-  if (NS_WARN_IF(NS_FAILED(rv))) {
-    return rv;
-  }
-
-  localFile.forget(aLowIntegrityTempBase);
-  return rv;
-}
-#endif
-
 // DO NOT ADD ANY LOCATIONS TO THIS FUNCTION UNTIL YOU TALK TO: dougt@netscape.com.
 // This is meant to be a place of xpcom or system specific file locations, not
 // application specific locations.  If you need the later, register a callback for
@@ -684,12 +663,6 @@ nsDirectoryService::GetFile(const char* aProp, bool* aPersistent,
     rv = GetSpecialSystemDirectory(Win_Appdata, getter_AddRefs(localFile));
   } else if (inAtom == nsDirectoryService::sLocalAppdata) {
     rv = GetSpecialSystemDirectory(Win_LocalAppdata, getter_AddRefs(localFile));
-#if defined(MOZ_CONTENT_SANDBOX)
-  } else if (inAtom == nsDirectoryService::sLocalAppdataLow) {
-    rv = GetSpecialSystemDirectory(Win_LocalAppdataLow, getter_AddRefs(localFile));
-  } else if (inAtom == nsDirectoryService::sLowIntegrityTempBase) {
-    rv = GetLowIntegrityTempBase(getter_AddRefs(localFile));
-#endif
   } else if (inAtom == nsDirectoryService::sPrinthood) {
     rv = GetSpecialSystemDirectory(Win_Printhood, getter_AddRefs(localFile));
   } else if (inAtom == nsDirectoryService::sWinCookiesDirectory) {
diff --git a/xpcom/io/nsDirectoryServiceAtomList.h b/xpcom/io/nsDirectoryServiceAtomList.h
index 38a2f0e9d..f636f60d8 100644
--- a/xpcom/io/nsDirectoryServiceAtomList.h
+++ b/xpcom/io/nsDirectoryServiceAtomList.h
@@ -72,10 +72,6 @@ DIR_ATOM(sCommon_Desktopdirectory, NS_WIN_COMMON_DESKTOP_DIRECTORY)
 DIR_ATOM(sCommon_AppData, NS_WIN_COMMON_APPDATA_DIR)
 DIR_ATOM(sAppdata, NS_WIN_APPDATA_DIR)
 DIR_ATOM(sLocalAppdata, NS_WIN_LOCAL_APPDATA_DIR)
-#if defined(MOZ_CONTENT_SANDBOX)
-DIR_ATOM(sLocalAppdataLow, NS_WIN_LOCAL_APPDATA_LOW_DIR)
-DIR_ATOM(sLowIntegrityTempBase, NS_WIN_LOW_INTEGRITY_TEMP_BASE)
-#endif
 DIR_ATOM(sPrinthood, NS_WIN_PRINTHOOD)
 DIR_ATOM(sWinCookiesDirectory, NS_WIN_COOKIES_DIR)
 DIR_ATOM(sDefaultDownloadDirectory, NS_WIN_DEFAULT_DOWNLOAD_DIR)
diff --git a/xpcom/io/nsDirectoryServiceDefs.h b/xpcom/io/nsDirectoryServiceDefs.h
index 0bdc5e390..4c62e0a7c 100644
--- a/xpcom/io/nsDirectoryServiceDefs.h
+++ b/xpcom/io/nsDirectoryServiceDefs.h
@@ -129,10 +129,6 @@
   #define NS_WIN_COMMON_APPDATA_DIR           "CmAppData"
   #define NS_WIN_APPDATA_DIR                  "AppData"
   #define NS_WIN_LOCAL_APPDATA_DIR            "LocalAppData"
-#if defined(MOZ_CONTENT_SANDBOX)
-  #define NS_WIN_LOCAL_APPDATA_LOW_DIR        "LocalAppDataLow"
-  #define NS_WIN_LOW_INTEGRITY_TEMP_BASE      "LowTmpDBase"
-#endif
   #define NS_WIN_PRINTHOOD                    "PrntHd"
   #define NS_WIN_COOKIES_DIR                  "CookD"
   #define NS_WIN_DEFAULT_DOWNLOAD_DIR         "DfltDwnld"