Remove sandbox ductwork conditional code.

9 files changed, 2 insertions, 132 deletions

diff --git a/toolkit/content/aboutSupport.js b/toolkit/content/aboutSupport.js
index e9087dfcb0..7209b7ad04 100644
--- a/toolkit/content/aboutSupport.js
+++ b/toolkit/content/aboutSupport.js
@@ -497,26 +497,7 @@ var snapshotFormatters = {
     $("prefs-user-js-section").style.display = "";
     // Clear the no-copy class
     $("prefs-user-js-section").className = "";
-  },
-
-  sandbox: function sandbox(data) {
-    if (!AppConstants.MOZ_SANDBOX)
-      return;
-
-    let strings = stringBundle();
-    let tbody = $("sandbox-tbody");
-    for (let key in data) {
-      // Simplify the display a little in the common case.
-      if (key === "hasPrivilegedUserNamespaces" &&
-          data[key] === data["hasUserNamespaces"]) {
-        continue;
-      }
-      tbody.appendChild($.new("tr", [
-        $.new("th", strings.GetStringFromName(key), "column"),
-        $.new("td", data[key])
-      ]));
-    }
-  },
+  }
 };
 
 var $ = document.getElementById.bind(document);
diff --git a/toolkit/content/aboutSupport.xhtml b/toolkit/content/aboutSupport.xhtml
index 9574365a34..a92dcfb4ab 100644
--- a/toolkit/content/aboutSupport.xhtml
+++ b/toolkit/content/aboutSupport.xhtml
@@ -475,20 +475,6 @@
         </tbody>
       </table>
 
-
-      <!-- - - - - - - - - - - - - - - - - - - - - -->
-
-#if defined(MOZ_SANDBOX)
-      <h2 class="major-section" id="sandbox">
-	&aboutSupport.sandboxTitle;
-      </h2>
-
-      <table>
-	<tbody id="sandbox-tbody">
-	</tbody>
-      </table>
-#endif
-
     </div>
 
   </body>
diff --git a/toolkit/locales/en-US/chrome/global/aboutSupport.dtd b/toolkit/locales/en-US/chrome/global/aboutSupport.dtd
index 9f64ef0f13..8459300c55 100644
--- a/toolkit/locales/en-US/chrome/global/aboutSupport.dtd
+++ b/toolkit/locales/en-US/chrome/global/aboutSupport.dtd
@@ -109,8 +109,6 @@ variant of aboutSupport.showDir.label. -->
 <!ENTITY aboutSupport.copyTextToClipboard.label "Copy text to clipboard">
 <!ENTITY aboutSupport.copyRawDataToClipboard.label "Copy raw data to clipboard">
 
-<!ENTITY aboutSupport.sandboxTitle "Sandbox">
-
 <!ENTITY aboutSupport.safeModeTitle "Try Safe Mode">
 <!ENTITY aboutSupport.restartInSafeMode.label "Restart with Add-ons Disabled…">
 
diff --git a/toolkit/modules/AppConstants.jsm b/toolkit/modules/AppConstants.jsm
index 405f23de8b..b4201ec673 100644
--- a/toolkit/modules/AppConstants.jsm
+++ b/toolkit/modules/AppConstants.jsm
@@ -81,13 +81,6 @@ this.AppConstants = Object.freeze({
   false,
 #endif
 
-  MOZ_SANDBOX:
-#ifdef MOZ_SANDBOX
-  true,
-#else
-  false,
-#endif
-
   MOZ_TELEMETRY_REPORTING:
 #ifdef MOZ_TELEMETRY_REPORTING
   true,
diff --git a/toolkit/modules/Troubleshoot.jsm b/toolkit/modules/Troubleshoot.jsm
index 743a9c4192..e11d477746 100644
--- a/toolkit/modules/Troubleshoot.jsm
+++ b/toolkit/modules/Troubleshoot.jsm
@@ -530,23 +530,3 @@ var dataProviders = {
   }
 };
 
-if (AppConstants.MOZ_SANDBOX) {
-  dataProviders.sandbox = function sandbox(done) {
-    let data = {};
-    if (AppConstants.platform == "linux") {
-      const keys = ["hasSeccompBPF", "hasSeccompTSync",
-                    "hasPrivilegedUserNamespaces", "hasUserNamespaces",
-                    "canSandboxContent", "canSandboxMedia"];
-
-      let sysInfo = Cc["@mozilla.org/system-info;1"].
-                    getService(Ci.nsIPropertyBag2);
-      for (let key of keys) {
-        if (sysInfo.hasKey(key)) {
-          data[key] = sysInfo.getPropertyAsBool(key);
-        }
-      }
-    }
-
-    done(data);
-  }
-}
diff --git a/toolkit/toolkit.mozbuild b/toolkit/toolkit.mozbuild
index b06c58162a..b67b491572 100644
--- a/toolkit/toolkit.mozbuild
+++ b/toolkit/toolkit.mozbuild
@@ -4,12 +4,8 @@
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
-if CONFIG['MOZ_SANDBOX']:
-    DIRS += ['/security/sandbox']
-
 DIRS += [
-    # Depends on NSS and NSPR, and must be built after sandbox or else B2G emulator
-    # builds fail.
+    # Depends on NSS and NSPR
     '/security/certverifier',
     # Depends on certverifier
     '/security/apps',
diff --git a/toolkit/xre/moz.build b/toolkit/xre/moz.build
index 7ada19d41a..55b59ca835 100644
--- a/toolkit/xre/moz.build
+++ b/toolkit/xre/moz.build
@@ -149,12 +149,6 @@ LOCAL_INCLUDES += [
     '/xpcom/build',
 ]
 
-if CONFIG['MOZ_SANDBOX'] and CONFIG['OS_ARCH'] == 'WINNT':
-    LOCAL_INCLUDES += [
-        '/security/sandbox/chromium',
-        '/security/sandbox/chromium-shim',
-    ]
-
 if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa':
     LOCAL_INCLUDES += [
         '/widget',
diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
index ddba0de617..2050b9671c 100644
--- a/toolkit/xre/nsAppRunner.cpp
+++ b/toolkit/xre/nsAppRunner.cpp
@@ -193,14 +193,6 @@
 #include "GeneratedJNIWrappers.h"
 #endif
 
-#if defined(MOZ_SANDBOX)
-#if defined(XP_LINUX) && !defined(ANDROID)
-#include "mozilla/SandboxInfo.h"
-#elif defined(XP_WIN)
-#include "SandboxBroker.h"
-#endif
-#endif
-
 extern uint32_t gRestartMode;
 extern void InstallSignalHandlers(const char *ProgramName);
 
@@ -2948,18 +2940,6 @@ XREMain::XRE_mainInit(bool* aExitFlag)
   if (NS_FAILED(rv))
     return 1;
 
-#if defined(MOZ_SANDBOX) && defined(XP_WIN)
-  if (mAppData->sandboxBrokerServices) {
-    SandboxBroker::Initialize(mAppData->sandboxBrokerServices);
-    Telemetry::Accumulate(Telemetry::SANDBOX_BROKER_INITIALIZED, true);
-  } else {
-    Telemetry::Accumulate(Telemetry::SANDBOX_BROKER_INITIALIZED, false);
-    // Otherwise just warn for the moment, as most things will work.
-    NS_WARNING("Failed to initialize broker services, sandboxed processes will "
-               "fail to start.");
-  }
-#endif
-
 #ifdef XP_MACOSX
   // Set up ability to respond to system (Apple) events. This must occur before
   // ProcessUpdates to ensure that links clicked in external applications aren't
@@ -3902,24 +3882,6 @@ XREMain::XRE_mainRun()
   }
 #endif /* MOZ_INSTRUMENT_EVENT_LOOP */
 
-#if defined(MOZ_SANDBOX) && defined(XP_LINUX) && !defined(MOZ_WIDGET_GONK)
-  // If we're on Linux, we now have information about the OS capabilities
-  // available to us.
-  SandboxInfo sandboxInfo = SandboxInfo::Get();
-  Telemetry::Accumulate(Telemetry::SANDBOX_HAS_SECCOMP_BPF,
-                        sandboxInfo.Test(SandboxInfo::kHasSeccompBPF));
-  Telemetry::Accumulate(Telemetry::SANDBOX_HAS_SECCOMP_TSYNC,
-                        sandboxInfo.Test(SandboxInfo::kHasSeccompTSync));
-  Telemetry::Accumulate(Telemetry::SANDBOX_HAS_USER_NAMESPACES_PRIVILEGED,
-                        sandboxInfo.Test(SandboxInfo::kHasPrivilegedUserNamespaces));
-  Telemetry::Accumulate(Telemetry::SANDBOX_HAS_USER_NAMESPACES,
-                        sandboxInfo.Test(SandboxInfo::kHasUserNamespaces));
-  Telemetry::Accumulate(Telemetry::SANDBOX_CONTENT_ENABLED,
-                        sandboxInfo.Test(SandboxInfo::kEnabledForContent));
-  Telemetry::Accumulate(Telemetry::SANDBOX_MEDIA_ENABLED,
-                        sandboxInfo.Test(SandboxInfo::kEnabledForMedia));
-#endif /* MOZ_SANDBOX && XP_LINUX && !MOZ_WIDGET_GONK */
-
   {
     rv = appStartup->Run();
     if (NS_FAILED(rv)) {
@@ -3985,10 +3947,6 @@ XREMain::XRE_main(int argc, char* argv[], const nsXREAppData* aAppData)
   // See bug 1279614.
   XRE_CreateStatsObject();
 
-#if defined(MOZ_SANDBOX) && defined(XP_LINUX) && !defined(ANDROID)
-  SandboxInfo::ThreadingCheck();
-#endif
-
   char aLocal;
   GeckoProfilerInitRAII profilerGuard(&aLocal);
 
diff --git a/toolkit/xre/nsEmbedFunctions.cpp b/toolkit/xre/nsEmbedFunctions.cpp
index 5f5dda9396..a59299c8bc 100644
--- a/toolkit/xre/nsEmbedFunctions.cpp
+++ b/toolkit/xre/nsEmbedFunctions.cpp
@@ -75,11 +75,6 @@
 
 #include "mozilla/Telemetry.h"
 
-#if defined(MOZ_SANDBOX) && defined(XP_WIN)
-#include "mozilla/sandboxTarget.h"
-#include "mozilla/sandboxing/loggingCallbacks.h"
-#endif
-
 #ifdef MOZ_IPDL_TESTS
 #include "mozilla/_ipdltest/IPDLUnitTests.h"
 #include "mozilla/_ipdltest/IPDLUnitTestProcessChild.h"
@@ -295,11 +290,6 @@ XRE_InitChildProcess(int aArgc,
         freopen("CONIN$", "r", stdin);
   }
 
-#if defined(MOZ_SANDBOX)
-  if (aChildData->sandboxTargetServices) {
-    SandboxTarget::Instance()->SetTargetServices(aChildData->sandboxTargetServices);
-  }
-#endif
 #endif
 
   // NB: This must be called before profiler_init
@@ -565,12 +555,6 @@ XRE_InitChildProcess(int aArgc,
       ::SetProcessShutdownParameters(0x280 - 1, SHUTDOWN_NORETRY);
 #endif
 
-#if defined(MOZ_SANDBOX) && defined(XP_WIN)
-      // We need to do this after the process has been initialised, as
-      // InitLoggingIfRequired may need access to prefs.
-      mozilla::sandboxing::InitLoggingIfRequired(aChildData->ProvideLogFunction);
-#endif
-
       OverrideDefaultLocaleIfNeeded();
 
       // Run the UI event loop on the main thread.