Bug 1376163 - [10.13] No audio playback on YouTube, no audio/video on Netflix (macOS High Sierra 10.13 Beta). r?Alex_Gaynor
Allow access to the "com.apple.audio.AudioComponentRegistrar" API on 10.13+ systems.
MozReview-Commit-ID: 8gWXvuXTNKi
--- a/security/sandbox/mac/Sandbox.mm
+++ b/security/sandbox/mac/Sandbox.mm
@@ -157,16 +157,18 @@ bool StartMacSandbox(MacSandboxInfo aInf
params.push_back("SANDBOX_LEVEL_1");
params.push_back(aInfo.level == 1 ? "TRUE" : "FALSE");
params.push_back("SANDBOX_LEVEL_2");
params.push_back(aInfo.level == 2 ? "TRUE" : "FALSE");
params.push_back("SANDBOX_LEVEL_3");
params.push_back(aInfo.level == 3 ? "TRUE" : "FALSE");
params.push_back("MAC_OS_MINOR_9");
params.push_back(OSXVersion::OSXVersionMinor() == 9 ? "TRUE" : "FALSE");
+ params.push_back("MAC_OS_MINOR_MIN_13");
+ params.push_back(OSXVersion::OSXVersionMinor() >= 13 ? "TRUE" : "FALSE");
params.push_back("APP_PATH");
params.push_back(aInfo.appPath.c_str());
params.push_back("APP_BINARY_PATH");
params.push_back(aInfo.appBinaryPath.c_str());
params.push_back("APP_DIR");
params.push_back(aInfo.appDir.c_str());
params.push_back("APP_TEMP_DIR");
params.push_back(aInfo.appTempDir.c_str());
--- a/security/sandbox/mac/SandboxPolicies.h
+++ b/security/sandbox/mac/SandboxPolicies.h
@@ -50,16 +50,17 @@ static const char widevinePluginSandboxR
static const char contentSandboxRules[] = R"(
(version 1)
(define should-log (param "SHOULD_LOG"))
(define sandbox-level-1 (param "SANDBOX_LEVEL_1"))
(define sandbox-level-2 (param "SANDBOX_LEVEL_2"))
(define sandbox-level-3 (param "SANDBOX_LEVEL_3"))
(define macosMinorVersion-9 (param "MAC_OS_MINOR_9"))
+ (define macosMinorVersion-min13 (param "MAC_OS_MINOR_MIN_13"))
(define appPath (param "APP_PATH"))
(define appBinaryPath (param "APP_BINARY_PATH"))
(define appdir-path (param "APP_DIR"))
(define appTempDir (param "APP_TEMP_DIR"))
(define hasProfileDir (param "HAS_SANDBOXED_PROFILE"))
(define profileDir (param "PROFILE_DIR"))
(define home-path (param "HOME_PATH"))
(define hasFilePrivileges (param "HAS_FILE_PRIVILEGES"))
@@ -156,16 +157,20 @@ static const char contentSandboxRules[]
(global-name "com.apple.cookied")
(global-name "com.apple.cache_delete")
(global-name "com.apple.pluginkit.pkd")
(global-name "com.apple.bird")
(global-name "com.apple.ocspd")
(global-name "com.apple.cmio.AppleCameraAssistant")
(global-name "com.apple.DesktopServicesHelper"))
+; bug 1376163
+ (if (string=? macosMinorVersion-min13 "TRUE")
+ (allow mach-lookup (global-name "com.apple.audio.AudioComponentRegistrar")))
+
; bug 1312273
(if (string=? macosMinorVersion-9 "TRUE")
(allow mach-lookup (global-name "com.apple.xpcd")))
(allow iokit-open
(iokit-user-client-class "IOHIDParamUserClient")
(iokit-user-client-class "IOAudioControlUserClient")
(iokit-user-client-class "IOAudioEngineUserClient")