bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-13 23:03:32 +00:00
Code Issues Releases Wiki Activity

Move to desktop native

Browse Source
This commit is contained in:
Bernd Schoolmann
2025-09-01 16:46:45 +02:00
parent d434fd9b5d
commit c6e79cb417
9 changed files with 85 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
apps/desktop/desktop_native/Cargo.lock generated
View File

@@ -738,6 +738,22 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "ctor"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "67773048316103656a637612c4a62477603b777d91d9c62ff2290f9cde178fdb"
dependencies = [
"ctor-proc-macro",
"dtor",
]
[[package]]
name = "ctor-proc-macro"
version = "0.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e2931af7e13dc045d8e9d26afccc6fa115d64e115c9c84b1166288b46f6782c2"
[[package]] [[package]]
name = "ctr" name = "ctr"
version = "0.9.2" version = "0.9.2"
@@ -1029,6 +1045,21 @@ version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "75b325c5dbd37f80359721ad39aca5a29fb04c89279657cffdda8736d0c0b9d2" checksum = "75b325c5dbd37f80359721ad39aca5a29fb04c89279657cffdda8736d0c0b9d2"
[[package]]
name = "dtor"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e58a0764cddb55ab28955347b45be00ade43d4d6f3ba4bf3dc354e4ec9432934"
dependencies = [
"dtor-proc-macro",
]
[[package]]
name = "dtor-proc-macro"
version = "0.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f678cf4a922c215c63e0de95eb1ff08a958a81d47e485cf9da1e27bf6305cfa5"
[[package]] [[package]]
name = "ecdsa" name = "ecdsa"
version = "0.16.9" version = "0.16.9"
@@ -1821,7 +1852,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "55740c4ae1d8696773c78fdafd5d0e5fe9bc9f1b071c7ba493ba5c413a9184f3" checksum = "55740c4ae1d8696773c78fdafd5d0e5fe9bc9f1b071c7ba493ba5c413a9184f3"
dependencies = [ dependencies = [
"bitflags", "bitflags",
"ctor", "ctor 0.2.9",
"napi-derive", "napi-derive",
"napi-sys", "napi-sys",
"once_cell", "once_cell",
@@ -2473,6 +2504,15 @@ dependencies = [
"unicode-ident", "unicode-ident",
] ]
[[package]]
name = "process_isolation"
version = "0.0.0"
dependencies = [
"ctor 0.5.0",
"desktop_core",
"libc",
]
[[package]] [[package]]
name = "quick-xml" name = "quick-xml"
version = "0.37.5" version = "0.37.5"

3
apps/desktop/desktop_native/Cargo.toml
View File

@@ -1,6 +1,6 @@
[workspace] [workspace]
resolver = "2" resolver = "2"
members = ["napi", "core", "proxy", "macos_provider", "windows_plugin_authenticator", "autotype"] members = ["napi", "core", "proxy", "macos_provider", "windows_plugin_authenticator", "autotype", "process_isolation"]
[workspace.package] [workspace.package]
version = "0.0.0" version = "0.0.0"
@@ -20,6 +20,7 @@ byteorder = "=1.5.0"
bytes = "=1.10.1" bytes = "=1.10.1"
cbc = "=0.1.2" cbc = "=0.1.2"
core-foundation = "=0.10.0" core-foundation = "=0.10.0"
ctor = "=0.5.0"
dirs = "=6.0.0" dirs = "=6.0.0"
ed25519 = "=2.2.3" ed25519 = "=2.2.3"
embed_plist = "=1.2.2" embed_plist = "=1.2.2"

16
apps/desktop/desktop_native/build.js
View File

@@ -45,6 +45,19 @@ function buildProxyBin(target, release = true) {
} }
} }
function buildProcessIsolation() {
if (process.platform !== "linux") {
return;
}
child_process.execSync(`cargo build --release`, {
stdio: 'inherit',
cwd: path.join(__dirname, "process_isolation")
});
fs.copyFileSync(path.join(__dirname, "target", "release", "libprocess_isolation.so"), path.join(__dirname, "dist", `libprocess_isolation.so`));
}
function installTarget(target) { function installTarget(target) {
child_process.execSync(`rustup target add ${target}`, { stdio: 'inherit', cwd: __dirname }); child_process.execSync(`rustup target add ${target}`, { stdio: 'inherit', cwd: __dirname });
} }
@@ -53,6 +66,7 @@ if (!crossPlatform && !target) {
console.log(`Building native modules in ${mode} mode for the native architecture`); console.log(`Building native modules in ${mode} mode for the native architecture`);
buildNapiModule(false, mode === "release"); buildNapiModule(false, mode === "release");
buildProxyBin(false, mode === "release"); buildProxyBin(false, mode === "release");
buildProcessIsolation();
return; return;
} }
@@ -61,6 +75,7 @@ if (target) {
installTarget(target); installTarget(target);
buildNapiModule(target, mode === "release"); buildNapiModule(target, mode === "release");
buildProxyBin(target, mode === "release"); buildProxyBin(target, mode === "release");
buildProcessIsolation();
return; return;
} }
@@ -78,4 +93,5 @@ platformTargets.forEach(([target, _]) => {
installTarget(target); installTarget(target);
buildNapiModule(target); buildNapiModule(target);
buildProxyBin(target); buildProxyBin(target);
buildProcessIsolation();
}); });

14
apps/desktop/desktop_native/process_isolation/Cargo.toml Normal file
View File

@@ -0,0 +1,14 @@
[package]
name = "process_isolation"
edition = { workspace = true }
license = { workspace = true }
version = { workspace = true }
publish = { workspace = true }
[lib]
crate-type = ["cdylib"]
[dependencies]
ctor.workspace = true
libc = { workspace = true }
desktop_core = { path = "../core" }

25
apps/desktop/process_isolation/src/lib.rs → apps/desktop/desktop_native/process_isolation/src/lib.rs
View File

@@ -3,14 +3,13 @@
//! On Linux, this is PR_SET_DUMPABLE to prevent debuggers from attaching, the env //! On Linux, this is PR_SET_DUMPABLE to prevent debuggers from attaching, the env
//! from being read and the memory from being stolen. //! from being read and the memory from being stolen.
use std::ffi::{c_char, c_void}; use std::{ffi::c_char, sync::LazyLock};
use desktop_core::process_isolation;
mod isolate; static ORIGINAL_UNSETENV: LazyLock<unsafe extern "C" fn(*const c_char) -> i32> =
LazyLock::new(|| unsafe {
#[link(name = "dl")] std::mem::transmute(libc::dlsym(libc::RTLD_NEXT, c"unsetenv".as_ptr()))
unsafe extern "C" { });
unsafe fn dlsym(handle: *const c_void, symbol: *const c_char) -> *const c_void;
}
/// Hooks unsetenv to fix a bug in zypak-wrapper. /// Hooks unsetenv to fix a bug in zypak-wrapper.
/// Zypak unsets the env in Flatpak as a side-effect, which means that only the top level /// Zypak unsets the env in Flatpak as a side-effect, which means that only the top level
@@ -18,9 +17,9 @@ unsafe extern "C" {
#[unsafe(no_mangle)] #[unsafe(no_mangle)]
unsafe extern "C" fn unsetenv(name: *const c_char) -> i32 { unsafe extern "C" fn unsetenv(name: *const c_char) -> i32 {
unsafe { unsafe {
let name_str = std::ffi::CStr::from_ptr(name).to_str().unwrap(); let Ok(name_str) = std::ffi::CStr::from_ptr(name).to_str() else {
let original_unsetenv: unsafe extern "C" fn(*const c_char) -> i32 = return ORIGINAL_UNSETENV(name);
std::mem::transmute(dlsym(libc::RTLD_NEXT, c"unsetenv".as_ptr())); };
if name_str == "LD_PRELOAD" { if name_str == "LD_PRELOAD" {
// This env variable is provided by the flatpak configuration // This env variable is provided by the flatpak configuration
@@ -29,7 +28,7 @@ unsafe extern "C" fn unsetenv(name: *const c_char) -> i32 {
return 0; return 0;
} }
original_unsetenv(name) ORIGINAL_UNSETENV(name)
} }
} }
@@ -39,7 +38,7 @@ fn preload_init() {
let pid = unsafe { libc::getpid() }; let pid = unsafe { libc::getpid() };
unsafe { unsafe {
println!("[Process Isolation] Enabling memory security for process {pid}"); println!("[Process Isolation] Enabling memory security for process {pid}");
isolate::isolate_process(); process_isolation::disable_memory_access();
isolate::disable_coredumps(); process_isolation::disable_coredumps();
} }
} }

0
apps/desktop/process_isolation/test_isolation.sh → apps/desktop/desktop_native/process_isolation/test_isolation.sh
View File

48
apps/desktop/process_isolation/Cargo.lock generated
View File

@@ -1,48 +0,0 @@
# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 4
[[package]]
name = "ctor"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "67773048316103656a637612c4a62477603b777d91d9c62ff2290f9cde178fdb"
dependencies = [
"ctor-proc-macro",
"dtor",
]
[[package]]
name = "ctor-proc-macro"
version = "0.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e2931af7e13dc045d8e9d26afccc6fa115d64e115c9c84b1166288b46f6782c2"
[[package]]
name = "dtor"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e58a0764cddb55ab28955347b45be00ade43d4d6f3ba4bf3dc354e4ec9432934"
dependencies = [
"dtor-proc-macro",
]
[[package]]
name = "dtor-proc-macro"
version = "0.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f678cf4a922c215c63e0de95eb1ff08a958a81d47e485cf9da1e27bf6305cfa5"
[[package]]
name = "libc"
version = "0.2.175"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6a82ae493e598baaea5209805c49bbf2ea7de956d50d7da0da1164f9c6d28543"
[[package]]
name = "memory-security"
version = "0.1.0"
dependencies = [
"ctor",
"libc",
]

11
apps/desktop/process_isolation/Cargo.toml
View File

@@ -1,11 +0,0 @@
[package]
name = "process-isolation"
version = "0.1.0"
edition = "2024"
[lib]
crate-type = ["cdylib"]
[dependencies]
ctor = "0.5.0"
libc = "0.2.175"

36
apps/desktop/process_isolation/src/isolate.rs
View File

@@ -1,36 +0,0 @@
#[cfg(target_env = "gnu")]
use libc::c_uint;
use libc::{self, c_int};
/// RLIMIT_CORE is the maximum size of a core dump file. Setting both to 0 disables core dumps, on crashes
/// https://github.com/torvalds/linux/blob/1613e604df0cd359cf2a7fbd9be7a0bcfacfabd0/include/uapi/asm-generic/resource.h#L20
#[cfg(target_env = "musl")]
const RLIMIT_CORE: c_int = 4;
#[cfg(target_env = "gnu")]
const RLIMIT_CORE: c_uint = 4;
/// PR_SET_DUMPABLE makes it so no other running process (root or same user) can dump the memory of this process
/// or attach a debugger to it.
/// https://github.com/torvalds/linux/blob/a38297e3fb012ddfa7ce0321a7e5a8daeb1872b6/include/uapi/linux/prctl.h#L14
const PR_SET_DUMPABLE: c_int = 4;
/// Prevents a process crash from creating a coredump on disk
pub(crate) fn disable_coredumps() {
let rlimit = libc::rlimit {
rlim_cur: 0,
rlim_max: 0,
};
if unsafe { libc::setrlimit(RLIMIT_CORE, &rlimit) } != 0 {
let e = std::io::Error::last_os_error();
eprintln!("[Process Isolation] Failed to disable core dumping: {e}");
}
}
/// Prevents other process from accessing env, memory, attaching debugger
pub(crate) fn isolate_process() {
if unsafe { libc::prctl(PR_SET_DUMPABLE, 0) } != 0 {
let e = std::io::Error::last_os_error();
eprintln!("[Process Isolation] Failed to disable memory dumping: {e}");
}
}