The Tor Browser: security/sandbox/moz.build@97036ab72558 (annotated)

security/sandbox/moz.build@97036ab72558 (annotated)

security/sandbox/moz.build

Tue, 06 Jan 2015 21:39:09 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Tue, 06 Jan 2015 21:39:09 +0100
branch: TOR_BUG_9701
changeset 8: 97036ab72558
permissions: -rw-r--r--

Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.

 # -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*-
 # vim: set filetype=python:
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 if CONFIG['OS_ARCH'] == 'Linux':
     DIRS += ['linux']
 elif CONFIG['OS_ARCH'] == 'WINNT':
     LIBRARY_NAME = 'sandbox_s'
     EXPORT_LIBRARY = True
     FORCE_STATIC_LIB = True
     DIRS += [
         'win/src/sandboxbroker',
         'win/src/sandboxtarget',
     ]
     SOURCES += [
         'chromium/base/at_exit.cc',
         'chromium/base/base_switches.cc',
         'chromium/base/callback_internal.cc',
         'chromium/base/cpu.cc',
         'chromium/base/debug/alias.cc',
         'chromium/base/debug/profiler.cc',
         'chromium/base/lazy_instance.cc',
         'chromium/base/location.cc',
         'chromium/base/memory/ref_counted.cc',
         'chromium/base/memory/singleton.cc',
         'chromium/base/shim/base/logging.cpp',
         'chromium/base/strings/nullable_string16.cc',
         'chromium/base/strings/string_number_conversions.cc',
         'chromium/base/strings/string_piece.cc',
         'chromium/base/strings/string_util_constants.cc',
         'chromium/base/strings/string_util_stripped.cc',
         'chromium/base/strings/stringprintf.cc',
         'chromium/base/strings/utf_string_conversion_utils.cc',
         'chromium/base/strings/utf_string_conversions.cc',
         'chromium/base/synchronization/lock.cc',
         'chromium/base/synchronization/lock_impl_win.cc',
         'chromium/base/third_party/dmg_fp/dtoa.cc',
         'chromium/base/third_party/dmg_fp/g_fmt.cc',
         'chromium/base/third_party/icu/icu_utf.cc',
         'chromium/base/threading/platform_thread_win.cc',
         'chromium/base/threading/thread_collision_warner.cc',
         'chromium/base/threading/thread_id_name_manager.cc',
         'chromium/base/threading/thread_local_win.cc',
         'chromium/base/threading/thread_restrictions.cc',
         'chromium/base/time/time.cc',
         'chromium/base/time/time_win.cc',
         'chromium/base/win/event_trace_provider.cc',
         'chromium/base/win/pe_image.cc',
         'chromium/base/win/registry.cc',
         'chromium/base/win/scoped_handle.cc',
         'chromium/base/win/scoped_process_information.cc',
         'chromium/base/win/startup_information.cc',
         'chromium/base/win/windows_version.cc',
         'win/src/acl.cc',
         'win/src/app_container.cc',
         'win/src/broker_services.cc',
         'win/src/crosscall_server.cc',
         'win/src/eat_resolver.cc',
         'win/src/filesystem_dispatcher.cc',
         'win/src/filesystem_interception.cc',
         'win/src/filesystem_policy.cc',
         'win/src/handle_closer.cc',
         'win/src/handle_closer_agent.cc',
         'win/src/handle_dispatcher.cc',
         'win/src/handle_interception.cc',
         'win/src/handle_policy.cc',
         'win/src/handle_table.cc',
         'win/src/interception.cc',
         'win/src/interception_agent.cc',
         'win/src/job.cc',
         'win/src/named_pipe_dispatcher.cc',
         'win/src/named_pipe_interception.cc',
         'win/src/named_pipe_policy.cc',
         'win/src/policy_broker.cc',
         'win/src/policy_engine_opcodes.cc',
         'win/src/policy_engine_processor.cc',
         'win/src/policy_low_level.cc',
         'win/src/policy_target.cc',
         'win/src/process_mitigations.cc',
         'win/src/process_thread_dispatcher.cc',
         'win/src/process_thread_interception.cc',
         'win/src/process_thread_policy.cc',
         'win/src/registry_dispatcher.cc',
         'win/src/registry_interception.cc',
         'win/src/registry_policy.cc',
         'win/src/resolver.cc',
         'win/src/restricted_token.cc',
         'win/src/restricted_token_utils.cc',
         'win/src/sandbox.cc',
         'win/src/sandbox_nt_util.cc',
         'win/src/sandbox_policy_base.cc',
         'win/src/sandbox_utils.cc',
         'win/src/service_resolver.cc',
         'win/src/shared_handles.cc',
         'win/src/sharedmem_ipc_client.cc',
         'win/src/sharedmem_ipc_server.cc',
         'win/src/sid.cc',
         'win/src/sync_dispatcher.cc',
         'win/src/sync_interception.cc',
         'win/src/sync_policy.cc',
         'win/src/target_interceptions.cc',
         'win/src/target_process.cc',
         'win/src/target_services.cc',
         'win/src/win2k_threadpool.cc',
         'win/src/win_utils.cc',
         'win/src/window.cc',
     ]
     if CONFIG['CPU_ARCH'] == 'x86_64':
         SOURCES += [
             'win/src/interceptors_64.cc',
             'win/src/resolver_64.cc',
             'win/src/service_resolver_64.cc',
             'win/src/Wow64_64.cc',
         ]
     else:
         SOURCES += [
             'win/src/resolver_32.cc',
             'win/src/service_resolver_32.cc',
             'win/src/sidestep/ia32_modrm_map.cpp',
             'win/src/sidestep/ia32_opcode_map.cpp',
             'win/src/sidestep/mini_disassembler.cpp',
             'win/src/sidestep/preamble_patcher_with_stub.cpp',
             'win/src/sidestep_resolver.cc',
             'win/src/Wow64.cc',
         ]
     for var in ('UNICODE', '_UNICODE', 'NS_NO_XPCOM', 'SANDBOX_EXPORTS',
                 'NOMINMAX', '_CRT_RAND_S', 'CHROMIUM_SANDBOX_BUILD'):
         DEFINES[var] = True
     LOCAL_INCLUDES += ['/security/sandbox/chromium/base/shim']
     LOCAL_INCLUDES += ['/security/sandbox/chromium']
     LOCAL_INCLUDES += ['/security']
     LOCAL_INCLUDES += ['/nsprpub']
     DISABLE_STL_WRAPPING = True

The Tor Browser / annotate

security/sandbox/moz.build@97036ab72558 (annotated)

security/sandbox/moz.build