This is an automated email from the git hooks/post-receive script.
pierov pushed a commit to branch geckoview-99.0.1-11.0-1 in repository tor-browser.
commit 6167f9034bab0d2d9d22e70d0b7791a0123116e6 Author: Alexandre Lissy lissyx+mozillians@lissyx.dyndns.org AuthorDate: Mon Jan 31 20:46:48 2022 +0000
Bug 1751177 - Give sandbox permissions for BCryptGenRandom on Win7. r=tkikuchi, a=RyanVM --- toolkit/xre/nsEmbedFunctions.cpp | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/toolkit/xre/nsEmbedFunctions.cpp b/toolkit/xre/nsEmbedFunctions.cpp index b294a153911a3..dd19c867df1ad 100644 --- a/toolkit/xre/nsEmbedFunctions.cpp +++ b/toolkit/xre/nsEmbedFunctions.cpp @@ -593,10 +593,18 @@ nsresult XRE_InitChildProcess(int aArgc, char* aArgv[], SandboxBroker::GeckoDependentInitialize(); }
- // Call RandomUint64 to pre-load bcryptPrimitives.dll while the current - // thread still has an unrestricted impersonation token. - RandomUint64OrDie(); -#endif + // Call BCryptGenRandom() to pre-load bcryptPrimitives.dll while the current + // thread still has an unrestricted impersonation token. We need to perform + // that operation to warmup the BCryptGenRandom() call that is used by + // others, especially rust. See bug 1746524, bug 1751094, bug 1751177 + UCHAR buffer[32]; + NTSTATUS status = BCryptGenRandom(NULL, // hAlgorithm + buffer, // pbBuffer + sizeof(buffer), // cbBuffer + BCRYPT_USE_SYSTEM_PREFERRED_RNG // dwFlags + ); + MOZ_RELEASE_ASSERT(status == STATUS_SUCCESS); +#endif // defined(MOZ_SANDBOX) && defined(XP_WIN)
{ // This is a lexical scope for the MessageLoop below. We want it