Closed
Bug 1287984
Opened 9 years ago
Closed 9 years ago
Content process cannot open GPU process DIBs
Categories
(Core :: Security: Process Sandboxing, defect)
Core
Security: Process Sandboxing
Tracking
()
RESOLVED
FIXED
mozilla50
| Tracking | Status | |
|---|---|---|
| firefox50 | --- | fixed |
People
(Reporter: dvander, Assigned: bobowen)
References
(Blocks 1 open bug)
Details
(Whiteboard: sbwc2)
Attachments
(1 file)
When enabling the GPU process, this code here fails:
http://searchfox.org/mozilla-central/source/gfx/layers/TextureDIB.cpp#346
It looks like we get ERROR_ACCESS_DENIED. When I turn off the content sandbox it works.
Testing the GPU process needs a bunch of patches that haven't landed yet, unfortunately. They should be landing soon though. The working branch is here[1].
[1] https://github.com/dvander/gecko-dev/tree/gpu-process
|
Assignee | |
Comment 1•9 years ago
|
||
So this is handles from the content process, as you said originally.
We don't have the rule to allow Section handles to be duplicated to other child processes.
I'll upload a patch.
In theory we would need this for duplication to GMP processes as well.
However that duplication function falls back to the process attempting the duplication itself and as the GMP normally runs at untrusted the content process can duplicate to it.
If you turn off just the GMP sandbox this then fails.
As the GPU process isn't sandboxed yet, you will also need to add GeckoProcessType_GPU to the following if statement:
https://github.com/dvander/gecko-dev/blob/gpu-process/ipc/glue/GeckoChildProcessHost.cpp#L1122
Hopefully that will be it.
Assignee: nobody → bobowen.code
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 2•9 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/65576/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/65576/
Attachment #8772860 -
Flags: review?(jmathies)
|
||
Updated•9 years ago
|
Whiteboard: sbwc2
|
|
||
Comment 3•9 years ago
|
||
(In reply to Bob Owen (:bobowen) (less responsive 21st-29th) from comment #1)
> As the GPU process isn't sandboxed yet, you will also need to add
> GeckoProcessType_GPU to the following if statement:
> https://github.com/dvander/gecko-dev/blob/gpu-process/ipc/glue/
> GeckoChildProcessHost.cpp#L1122
>
> Hopefully that will be it.
Lets get a bug filed on this sitting under e10s-gpu.
|
|
||
Comment 4•9 years ago
|
||
Comment on attachment 8772860 [details]
Bug 1287984: Add rule to allow content process to duplicate handles to other non-broker processes.
https://reviewboard.mozilla.org/r/65576/#review63190
Attachment #8772860 -
Flags: review?(jmathies) → review+
|
|
Assignee | |
Updated•9 years ago
|
Keywords: checkin-needed
Pushed by cbook@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/4ed590c96a36
Add rule to allow content process to duplicate handles to other non-broker processes. r=jimm
Keywords: checkin-needed
|
|
||
Comment 6•9 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox50:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla50
You need to log in
before you can comment on or make changes to this bug.
Description
•