1373147 - Fail to load GMPs with a Win32 manifest

Status: RESOLVED WONTFIX

(Core :: Audio/Video: GMP, enhancement, P3)

Description

[Chris Pearce [:cpearce (Not reading bugmail)]]

We have several times had CDMs that weren't loading on Windows under various situations where the root cause was that the CDM DLL contained a Win32 manifest, and that causes the sandbox to block loading it.

As such we don't want to ever accept a CDM/GMP update for a DLL that contains a Win32 manifest. I don't want to have to remember to check new CDM/OpenH264 updates for whether the DLL contains a manifest. So we should change our GMP loading code to explicitly check to see whether the DLL has a manifest, and log and then fail if so. Then we will detect the problem with the DLL when testing a new CDM/GMP update before pushing it out.

Comment 1

[Chris Pearce [:cpearce (Not reading bugmail)]]

I'll upload a patch to detect this, but obviously we can't push it out until we've pushed out Widevine CDM update 970 which doesn't include a manifest!

Comment 2

[Chris Pearce [:cpearce (Not reading bugmail)]]

Attachment: Bug 1373147 - Log and refuse to load GMP DLLs which contain Win32 manifests. ?bobowen

The Windows sandbox blocks loading of GMP/CDM DLLs which contain Win32
manifests under certain conditions. So to make detecting this problem easier to
detect before we push out GMP/CDM updates, check when loading plugins whether
they have manifests, and log and refuse to load them if so.

This means we will detect GMP/CDM updates which regress (i.e. include a manifest)
during testing the new GMP/CDM update before pushing them out.

Review commit: https://reviewboard.mozilla.org/r/149302/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/149302/

Comment 3

[Chris Pearce [:cpearce (Not reading bugmail)]]

Comment on attachment 8877880 [details]
Bug 1373147 - Log and refuse to load GMP DLLs which contain Win32 manifests. ?bobowen

Bob: Are you able to review this? Mozreview seems to be swallowing my review.

Comment 4

[Bob Owen (:bobowen)]

Comment on attachment 8877880 [details]
Bug 1373147 - Log and refuse to load GMP DLLs which contain Win32 manifests. ?bobowen

https://reviewboard.mozilla.org/r/149302/#review167268

This feels like a bit of overkill to be checking this everytime everybody loads these, to catch things up front.
Wouldn't it make more sense to have some stand-alone validator or perhaps as part of an upload process.

If we're really against that maybe it could be Nightly only.

Comment 5

[Emma Humphries ☕️🎸🧞‍♀️✨ (she/they) [:emceeaich] (Pacific Time) use needinfo]

This is an assigned P1 bug without activity in two weeks. 

If you intend to continue working on this bug for the current release/iteration/sprint, remove the 'stale-bug' keyword.

Otherwise we'll reset the priority of the bug back to '--' on Monday, August 28th.

Comment 6

[Bulk Bug Changes for mreavy's org]

Mass change P1->P2 to align with new Mozilla triage process

Comment 7

[Sylvestre Ledru [:Sylvestre]]

Moving to p3 because no activity for at least 1 year(s).
See https://github.com/mozilla/bug-handling/blob/master/policy/triage-bugzilla.md#how-do-you-triage for more information