[tbb-commits] [tor-browser] 77/311: Bug 1751177 - Give sandbox permissions for BCryptGenRandom on Win7. r=tkikuchi, a=RyanVM
gitolite role
git at cupani.torproject.org
Tue Apr 26 15:27:57 UTC 2022
This is an automated email from the git hooks/post-receive script.
pierov pushed a commit to branch geckoview-99.0.1-11.0-1
in repository tor-browser.
commit 6167f9034bab0d2d9d22e70d0b7791a0123116e6
Author: Alexandre Lissy <lissyx+mozillians at lissyx.dyndns.org>
AuthorDate: Mon Jan 31 20:46:48 2022 +0000
Bug 1751177 - Give sandbox permissions for BCryptGenRandom on Win7. r=tkikuchi, a=RyanVM
---
toolkit/xre/nsEmbedFunctions.cpp | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/toolkit/xre/nsEmbedFunctions.cpp b/toolkit/xre/nsEmbedFunctions.cpp
index b294a153911a3..dd19c867df1ad 100644
--- a/toolkit/xre/nsEmbedFunctions.cpp
+++ b/toolkit/xre/nsEmbedFunctions.cpp
@@ -593,10 +593,18 @@ nsresult XRE_InitChildProcess(int aArgc, char* aArgv[],
SandboxBroker::GeckoDependentInitialize();
}
- // Call RandomUint64 to pre-load bcryptPrimitives.dll while the current
- // thread still has an unrestricted impersonation token.
- RandomUint64OrDie();
-#endif
+ // Call BCryptGenRandom() to pre-load bcryptPrimitives.dll while the current
+ // thread still has an unrestricted impersonation token. We need to perform
+ // that operation to warmup the BCryptGenRandom() call that is used by
+ // others, especially rust. See bug 1746524, bug 1751094, bug 1751177
+ UCHAR buffer[32];
+ NTSTATUS status = BCryptGenRandom(NULL, // hAlgorithm
+ buffer, // pbBuffer
+ sizeof(buffer), // cbBuffer
+ BCRYPT_USE_SYSTEM_PREFERRED_RNG // dwFlags
+ );
+ MOZ_RELEASE_ASSERT(status == STATUS_SUCCESS);
+#endif // defined(MOZ_SANDBOX) && defined(XP_WIN)
{
// This is a lexical scope for the MessageLoop below. We want it
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the tbb-commits
mailing list