This is an automated email from the git hooks/post-receive script. pierov pushed a commit to branch geckoview-99.0.1-11.0-1 in repository tor-browser. commit 6167f9034bab0d2d9d22e70d0b7791a0123116e6 Author: Alexandre Lissy <lissyx+mozillians@lissyx.dyndns.org> AuthorDate: Mon Jan 31 20:46:48 2022 +0000 Bug 1751177 - Give sandbox permissions for BCryptGenRandom on Win7. r=tkikuchi, a=RyanVM --- toolkit/xre/nsEmbedFunctions.cpp | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/toolkit/xre/nsEmbedFunctions.cpp b/toolkit/xre/nsEmbedFunctions.cpp index b294a153911a3..dd19c867df1ad 100644 --- a/toolkit/xre/nsEmbedFunctions.cpp +++ b/toolkit/xre/nsEmbedFunctions.cpp @@ -593,10 +593,18 @@ nsresult XRE_InitChildProcess(int aArgc, char* aArgv[], SandboxBroker::GeckoDependentInitialize(); } - // Call RandomUint64 to pre-load bcryptPrimitives.dll while the current - // thread still has an unrestricted impersonation token. - RandomUint64OrDie(); -#endif + // Call BCryptGenRandom() to pre-load bcryptPrimitives.dll while the current + // thread still has an unrestricted impersonation token. We need to perform + // that operation to warmup the BCryptGenRandom() call that is used by + // others, especially rust. See bug 1746524, bug 1751094, bug 1751177 + UCHAR buffer[32]; + NTSTATUS status = BCryptGenRandom(NULL, // hAlgorithm + buffer, // pbBuffer + sizeof(buffer), // cbBuffer + BCRYPT_USE_SYSTEM_PREFERRED_RNG // dwFlags + ); + MOZ_RELEASE_ASSERT(status == STATUS_SUCCESS); +#endif // defined(MOZ_SANDBOX) && defined(XP_WIN) { // This is a lexical scope for the MessageLoop below. We want it -- To stop receiving notification emails like this one, please contact the administrator of this repository.