Security/Sandbox/2018-02-08

bug 1230910 [MinGW] Get sandbox compiled with MinGW - landing last patch today!
bug 1235982 [Hardening] Control Flow Guard - landed, need to file/work on followup bugs, couldn't find any crashes
WER on symbols:
- "Today those Stack traces will have failure analysis as "*!unknowns" due to FireFox symbols being unavailable, but we are working to light Symbol publishing path, using which FireFox will able to publish their symbols in DevCenter."
- I told them we were very interested in that and would be happy to beta test
bug 1435296 [Spectre] We want to up timer resolution to 2ms ASAP. Lots of tests fails. CSS Animations are complicated. Think I have this though, trying to land it today.
bug 1425462 [Spectre] Timer Fuzzing. Have a path forward.
- Hardest thing in front of me is turning a LRU Cache into something thread-safe when I have no experience with actually doing that
- Second hardest is making it performant, but at least this I have lots of ideas to try
bug 1430841 [Spectre] Fix Float Fuzziness in ReduceTimerPrecision
- Still need to work on this
Discovered scary CA stuff, we need CT =(

bug 1434927 - startup perf regression from network namespace isolation
- Can't reproduce at all locally (newer kernel, older hardware)
- gcp can sort of reproduce it, but much smaller effect size (same kernel modulo patches)
- Eliminated various possible confounders
- Pattern of regressing tests doesn't entirely make sense -- it's not just a fixed overhead at clone() time; see bug comments.
- There won't be a “fix”; at best we'll find that some kernel commit optimized some path being used
  - If we can test on an actual test machine with an updated kernel that would distinguish hardware vs. OS
  - Alternately, installing perf(1) on a test machine & getting an interactive login *might* allow finding the part of the kernel where the slowness is
bug 1376910 - SysV IPC blocking finally landed
- Last-minute comment addition to explain the GPU test

bug 1407693 - not creating files in crashreporter is green! but turns out android has a totally different set of code :-(
- And Android local build instructions are failing on macOS: bug 1436730
bug 1435434 - Removing elevatePrivledges from talos so we can delete it once and for all

bug 1433577 - [Mac] Enable sandboxing for the Flash NPAPI plugin process
- Apart from file dialogs, print-to-file, things seem to work as normal
- Planning to use option-click to disable "safe mode", will send mockups
bug 1436566 - [Mac] Land disabled-by-default sandboxing for the Flash NPAPI plugin process
- Will land it pref'd off in Nightly so Softvision can do some tests next week

bug 1368268 - Is still happening, slight signature change. :-(
bug 1409063 - FF 56.0.1 x64 on W7x64: now creating events in "Microsoft-Windows-Known Folders/ Operational" event log, "Error 0x80070005 occurred while creating known folder" for all known folders, upon each FF startup.
- Creating patch to remove the OS.Constants.Path attributes that are causing the problem, although I'm not entirely clear why we need these in the content process at all.
bug 1435501 - New sec bug.
bug 1432381 - Sandbox MinGW Compilation errors: error: narrowing conversion
- landed this for tor MinGW build.
bug 1396984 - Scrollbar becomes black on first connection of second screen
- looking at kernel debugging

bug 1436253 - PostToDispatchThread concurrency issues
- Last weeks patch from bug 1433855 was part of the problem but I found others
- Landed. Waiting for results.
bug 1358372 - sndvol.exe shows multiple volume sliders for browser
- landed
bug 1426733 - Enable restricting SIDs in NPAPI proc
- landed. So far, so good.
bug 1307708 - Crash in CallGetKeyState
- Eyeing this. Should be fixed by bug 1382251

round table