1728934 - Ensure Ogg demux fails gracefully on rlbox sandbox OOM

Status: RESOLVED FIXED

(Core :: Security: Process Sandboxing, enhancement, P3)

Description

[Shravan Narayan]

Ogg demuxing sandbox uses a fresh sandbox for each ogg file. This can put a lot of memory pressure on website that have multiple pieces of OGG media. This is even worse on 32-bit platforms. Moving to a single shared ogg sandbox per content process instead should still retain most of the security benefits of compartmentalization.

Comment 1

[Shravan Narayan]

Attachment: Bug 1728934 Part 2 - Allow reuse of OGG rlbox sandbox to reduce memory footprint r=padenot

Comment 2

[Shravan Narayan]

Attachment: Bug 1728934 Part 1 - Update wasm2c to support better use of 32-bit virtual space r=glandium

Comment 3

[Shravan Narayan]

Update --- since the ogg sandbox can be used from multiple threads at the same time, note that this change needs to use a mutex to invoke functions in the ogg sandbox.

Comment 4

[Shravan Narayan]

Attachment: Bug 1728934 Part 1 - Update rlbox,wasm2c plugin for fallible create_sandbox r=glandium

Comment 5

[Shravan Narayan]

Attachment: Bug 1728934 - Ensure Ogg demux fails gracefully on rlbox sandbox OOM r=glandium,padenot

Depends on D127022

Comment 6

[Shravan Narayan]

Attachment: Bug 1728934 Part 3 - Re-enable OGG demux rlbox sandbox on 32-bit platforms r=glandium

Depends on D127023

Comment 7

[Pulsebot]

Pushed by mh@glandium.org:
https://hg.mozilla.org/integration/autoland/rev/a932fbd95f01
Part 1 - Update wasm2c to support better use of 32-bit virtual space r=glandium
https://hg.mozilla.org/integration/autoland/rev/a240e5a52df4
Part 2 - Update rlbox,wasm2c plugin for fallible create_sandbox r=glandium
https://hg.mozilla.org/integration/autoland/rev/3538237090bf
Part 3 - Ensure Ogg demux fails gracefully on rlbox sandbox OOM r=glandium,bholley
https://hg.mozilla.org/integration/autoland/rev/5e64ae0a8b00
Part 4 - Re-enable OGG demux rlbox sandbox on 32-bit platforms r=glandium

Comment 8

[Cristina Cozmuta (:CrissCozmuta)]

Backed out for causing Mochitest failures. CLOSED TREE
Backout link : https://hg.mozilla.org/integration/autoland/rev/40e53c55b467f493c47136f3c421e348124981d5
Push with failures :
https://treeherder.mozilla.org/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception%2Crunnable&revision=5e64ae0a8b00a86cf4ed69a275a1ca310dd2a399&searchStr=Windows%2C10%2Cx86%2C2004%2CWebRender&selectedTaskRun=U0PnlEvwSkazOyx_yhpfWg.0
https://treeherder.mozilla.org/jobs?repo=autoland&group_state=expanded&selectedTaskRun=YwEMaRgEQwOX2JuI1G8ekw.0&resultStatus=testfailed%2Cbusted%2Cexception%2Csuccess%2Crunnable&searchStr=windows%2C10%2Cx86%2C2004%2Cwebrender%2Cdebug%2Cweb%2Cplatform%2Ctests%2Ctest-windows10-32-2004-qr%2Fdebug-web-platform-tests-wdspec-e10s%2Cwd1&fromchange=9790289bfed7ac69a3a990052132db1ead5c2364&tochange=86f46322fd291974c2b296b6fbf96237a80ff525
Link to failure log :
https://treeherder.mozilla.org/logviewer?job_id=353319788&repo=autoland&lineNumber=8054
https://treeherder.mozilla.org/logviewer?job_id=353320298&repo=autoland&lineNumber=1392
Also link to failure log :
https://treeherder.mozilla.org/logviewer?job_id=353321133&repo=autoland&lineNumber=51877

Comment 9

[Phabricator Automation]

Comment on attachment 9243600 [details]
Bug 1728934 Part 3 - Re-enable OGG demux rlbox sandbox on 32-bit platforms r=glandium

Revision D127024 was moved to bug 1737707. Setting attachment 9243600 [details] to obsolete.

Comment 10

[Pulsebot]

Pushed by bholley@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/28e7a49220d1
Ensure Ogg demux fails gracefully on rlbox sandbox OOM r=glandium,bholley

Comment 11

[Norisz Fay [:noriszfay]]

https://hg.mozilla.org/mozilla-central/rev/28e7a49220d1