commit 5525fb5db4da63cc0aeed63bb93a373e12cfa146
parent 90b6fdf202588d2263046924c1a61e171ad904a6
Author: Bob Owen <bobowencode@gmail.com>
Date: Mon, 10 Nov 2025 16:21:56 +0000
Bug 1998388 - Remove sdkdecls.h from windows sandbox code. r=tjr,firefox-build-system-reviewers,sergesanspaille
All of the #defines and declarations are now in upstream mingw.
The need for the windows.h include can be removed by includes in our shim files.
excpt.h now needs to be included explicitly before the GetExceptionCode
override, this used to be included by the windows.h include.
This also fixes the line endings for launch.h.
Differential Revision: https://phabricator.services.mozilla.com/D271421
Diffstat:
8 files changed, 44 insertions(+), 175 deletions(-)
diff --git a/mozilla-config.h.in b/mozilla-config.h.in
@@ -40,20 +40,17 @@
#endif
/*
- * Force-include sdkdecls.h for building the chromium sandbox code.
- *
* CHROMIUM_SANDBOX_BUILD is defined in security/sandbox/moz.build.
- * Note that this include path relies on the LOCAL_INCLUDES in that file.
*/
#if defined(CHROMIUM_SANDBOX_BUILD) && defined(XP_WIN)
-#include "base/win/sdkdecls.h"
-
#ifdef __MINGW32__
/*
* MinGW doesn't support __try / __except. There are a few mechanisms available
* to hack around it and pseudo-support it, but these are untested in Firefox.
* What is tested (and works) is replacing them with if(true) and else.
+ * We need to include excpt.h first, so that we can then override it.
*/
+#include <excpt.h>
#define __try if(true)
#define __except(x) else
#ifdef GetExceptionCode
diff --git a/security/sandbox/chromium-shim/base/file_version_info_win.cpp b/security/sandbox/chromium-shim/base/file_version_info_win.cpp
@@ -9,6 +9,8 @@
#include "base/file_version_info_win.h"
+#include <windows.h>
+
#include "base/files/file_path.h"
#include "base/memory/ptr_util.h"
#include "base/threading/scoped_blocking_call.h"
diff --git a/security/sandbox/chromium-shim/base/file_version_info_win.h b/security/sandbox/chromium-shim/base/file_version_info_win.h
@@ -11,6 +11,7 @@
#define BASE_FILE_VERSION_INFO_WIN_H_
#include <memory>
+#include <minwindef.h>
#include <vector>
#include "base/version.h"
diff --git a/security/sandbox/chromium-shim/base/process/launch.h b/security/sandbox/chromium-shim/base/process/launch.h
@@ -1,25 +1,27 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-// This is a reduced version of Chromium's //base/process/launch.h
-// to satisfy compiler.
-
-#ifndef BASE_PROCESS_LAUNCH_H_
-#define BASE_PROCESS_LAUNCH_H_
-
-#include <vector>
-
-#include "base/environment.h"
-
-namespace base {
-
-#if defined(OS_WIN)
-typedef std::vector<HANDLE> HandlesToInheritVector;
-#endif
-
-} // namespace base
-
-#endif // BASE_PROCESS_LAUNCH_H_
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// This is a reduced version of Chromium's //base/process/launch.h
+// to satisfy compiler.
+
+#ifndef BASE_PROCESS_LAUNCH_H_
+#define BASE_PROCESS_LAUNCH_H_
+
+#include <minwindef.h>
+#include <vector>
+
+// Included because other files rely on it being included here.
+#include "base/environment.h"
+
+namespace base {
+
+#if defined(OS_WIN)
+typedef std::vector<HANDLE> HandlesToInheritVector;
+#endif
+
+} // namespace base
+
+#endif // BASE_PROCESS_LAUNCH_H_
diff --git a/security/sandbox/chromium-shim/base/scoped_native_library.h b/security/sandbox/chromium-shim/base/scoped_native_library.h
@@ -4,28 +4,27 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-// This is a cut down version of Chromium source file base/scoped_native_library.h
-// The chromium sandbox only requires ScopedNativeLibrary class to automatically
-// unload the library, which we can achieve with UniquePtr.
+// This is a cut down version of Chromium source file
+// base/scoped_native_library.h The chromium sandbox only requires
+// ScopedNativeLibrary class to automatically unload the library, which we can
+// achieve with UniquePtr.
#ifndef BASE_SCOPED_NATIVE_LIBRARY_H_
#define BASE_SCOPED_NATIVE_LIBRARY_H_
+#include <windows.h>
+
#include "mozilla/UniquePtr.h"
namespace base {
-struct HModuleFreePolicy
-{
+struct HModuleFreePolicy {
typedef HMODULE pointer;
- void operator()(pointer hModule)
- {
- ::FreeLibrary(hModule);
- }
+ void operator()(pointer hModule) { ::FreeLibrary(hModule); }
};
typedef mozilla::UniquePtr<HMODULE, HModuleFreePolicy> ScopedNativeLibrary;
-} // namespace base
+} // namespace base
#endif // BASE_SCOPED_NATIVE_LIBRARY_H_
diff --git a/security/sandbox/chromium-shim/base/win/sdkdecls.h b/security/sandbox/chromium-shim/base/win/sdkdecls.h
@@ -1,135 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
-#define _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
-
-#include <windows.h>
-
-// This file contains definitions required for things dynamically loaded
-// while building or targetting lower platform versions or lower SDKs.
-
-#if defined(__MINGW32__)
-//
-// Define Font Disable Policy. When enabled, this option will
-// block loading Non System Fonts.
-//
-
-#define PROCESS_CREATION_MITIGATION_POLICY_FONT_DISABLE_MASK (0x00000003uLL << 48)
-#define PROCESS_CREATION_MITIGATION_POLICY_FONT_DISABLE_DEFER (0x00000000uLL << 48)
-#define PROCESS_CREATION_MITIGATION_POLICY_FONT_DISABLE_ALWAYS_ON (0x00000001uLL << 48)
-#define PROCESS_CREATION_MITIGATION_POLICY_FONT_DISABLE_ALWAYS_OFF (0x00000002uLL << 48)
-#define PROCESS_CREATION_MITIGATION_POLICY_AUDIT_NONSYSTEM_FONTS (0x00000003uLL << 48)
-
-//
-// Define remote image load options. When enabled, this option will
-// block mapping of images from remote devices.
-//
-
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_MASK (0x00000003uLL << 52)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_DEFER (0x00000000uLL << 52)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_ALWAYS_ON (0x00000001uLL << 52)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_ALWAYS_OFF (0x00000002uLL << 52)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_RESERVED (0x00000003uLL << 52)
-
-//
-// Define low IL image load options. When enabled, this option will
-// block mapping of images that have the low mandatory label.
-//
-
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_MASK (0x00000003uLL << 56)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_DEFER (0x00000000uLL << 56)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_ALWAYS_ON (0x00000001uLL << 56)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_ALWAYS_OFF (0x00000002uLL << 56)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_RESERVED (0x00000003uLL << 56)
-
-//
-// Define image load options to prefer System32 images compared to
-// the same images in application directory. When enabled, this option
-// will prefer loading images from system32 folder.
-//
-
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_MASK (0x00000003uLL << 60)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_DEFER (0x00000000uLL << 60)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_ON (0x00000001uLL << 60)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_OFF (0x00000002uLL << 60)
-#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_RESERVED (0x00000003uLL << 60)
-
-//
-// Define the restricted indirect branch prediction mitigation policy options.
-//
-
-#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_MASK (0x00000003ui64 << 16)
-#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_DEFER (0x00000000ui64 << 16)
-#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_ALWAYS_ON (0x00000001ui64 << 16)
-#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_ALWAYS_OFF (0x00000002ui64 << 16)
-#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_RESERVED (0x00000003ui64 << 16)
-
-//
-// Define the user-mode shadow stack mitigation policy options.
-//
-
-#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_MASK (0x00000003ui64 << 28)
-#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_DEFER (0x00000000ui64 << 28)
-#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_ALWAYS_ON (0x00000001ui64 << 28)
-#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_ALWAYS_OFF (0x00000002ui64 << 28)
-#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_RESERVED (0x00000003ui64 << 28)
-#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_STRICT_MODE (0x00000003ui64 << 28)
-
-//
-// Define Attribute to disable creation of child process
-//
-
-#define PROCESS_CREATION_CHILD_PROCESS_RESTRICTED 0x01
-#define PROCESS_CREATION_CHILD_PROCESS_OVERRIDE 0x02
-
-//
-// Define Attribute for Desktop Appx Overide.
-//
-
-#define PROCESS_CREATION_DESKTOP_APPX_OVERRIDE 0x04
-
-#define ProcThreadAttributeChildProcessPolicy 14
-
-#define PROC_THREAD_ATTRIBUTE_CHILD_PROCESS_POLICY \
- ProcThreadAttributeValue (ProcThreadAttributeChildProcessPolicy, FALSE, TRUE, FALSE)
-
-//
-// Define Attribute to opt out of matching All Application Packages
-//
-
-#define PROCESS_CREATION_ALL_APPLICATION_PACKAGES_OPT_OUT 0x01
-
-#define ProcThreadAttributeAllApplicationPackagesPolicy 15
-
-#define PROC_THREAD_ATTRIBUTE_ALL_APPLICATION_PACKAGES_POLICY \
- ProcThreadAttributeValue (ProcThreadAttributeAllApplicationPackagesPolicy, FALSE, TRUE, FALSE)
-
-//
-// Define functions declared only when _WIN32_WINNT >= 0x0A00
-//
-
-WINBASEAPI
-BOOL
-WINAPI
-IsWow64Process2(
- _In_ HANDLE hProcess,
- _Out_ USHORT* pProcessMachine,
- _Out_opt_ USHORT* pNativeMachine
- );
-
-WINBASEAPI
-BOOL
-WINAPI
-IsUserCetAvailableInEnvironment(
- _In_ DWORD UserCetEnvironment
- );
-
-#define USER_CET_ENVIRONMENT_WIN32_PROCESS 0x00000000
-
-#endif // defined(__MINGW32__)
-
-#endif // _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
diff --git a/security/sandbox/chromium-shim/base/win/win_util.cpp b/security/sandbox/chromium-shim/base/win/win_util.cpp
@@ -9,6 +9,8 @@
#include "base/win/win_util.h"
+#include <windows.h>
+
#include "base/logging.h"
#include "base/strings/string_util.h"
diff --git a/security/sandbox/chromium-shim/base/win/win_util.h b/security/sandbox/chromium-shim/base/win/win_util.h
@@ -10,6 +10,7 @@
#ifndef BASE_WIN_WIN_UTIL_H_
#define BASE_WIN_WIN_UTIL_H_
+#include <minwindef.h>
#include <string>
#include "base/base_export.h"
