Closed Bug 1199866 Opened 9 years ago Closed 8 years ago

Create B2G content processes' EGL contexts before sandbox startup

Categories

(Core :: Security: Process Sandboxing, defect)

Product:
Core
Component:
Security: Process Sandboxing
Platform:
Unspecified
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX
Tracking Flags:
Tracking Status
firefox43 --- affected

People

(Reporter: jld, Unassigned)

References

Details

(Whiteboard: sb-)

There are two problems with a sandboxed B2G process deferring EGL context creation until/unless it needs to do WebGL: * It will need to search /{system,vendor}/lib/egl for libraries. * Some devices' graphics drivers (e.g., Flame) won't work if the device fd isn't opened by the same process that uses it (bug 930258 comment #9). The first can be worked around by brokering; the second cannot. Bug 1078971 comment #3 suggests that eagerly creating the EGL context before sandboxing is a possibility, and that seems to work in practice, but there could be concerns with increasing startup latency, so I don't want to block 930258 itself on it. Alternately, it would be possible to pre-open the device file in-process and then, as a special case, return that fd instead of brokering. But that's extra code with potentially odd failure modes and needs per-device knowledge of the filename to open, so I'd rather not if possible. For now, whitelisting the lib/egl directories and limiting to emulators only only will let bug 930258 land and get test coverage.
Whiteboard: sb-
B2G-specific sandboxing bugs are WONTFIX. (I'm reasonably sure these bugs don't have implications for other platforms, but comment if I missed something.)
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.