Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
656023003:
Fix crash with --use-gl=egl on Linux. (Closed)
DescriptionFix crash with --use-gl=egl on Linux.
eglCreateWindowSurface() in mesa egl driver needs mincore() system call, so
allow gpu process to call mincore().
BUG=423674
Committed: https://crrev.com/43815b018eb71e762657cb650496ea6d83134c31
Cr-Commit-Position: refs/heads/master@{#300445}
Patch Set 1 #Patch Set 2 : shorten code #
Total comments: 1
Patch Set 3 : use allow_mincore_ instead of new class #
Total comments: 1
Patch Set 4 : #
Total comments: 1
Patch Set 5 : alphabetical order in switch #
Total comments: 1
Patch Set 6 : rollback __NR_access #
Messages
Total messages: 26 (7 generated)
dongseong.hwang@intel.com changed reviewers: + jln@chromium.org
jln@, could you review? BUG=423674 needs to use --use-gl=egl commend line but it causes crash. So I fix it.
dongseong.hwang@intel.com changed reviewers: + kalyan@intel.com
I guess link_freon chromebook might need this CL, because link_freon uses mesa egl driver. +kalyan
dongseong.hwang@intel.com changed reviewers: + jorgelo@chromium.org
dongseong.hwang@intel.com changed reviewers: - jln@chromium.org
dongseong.hwang@intel.com changed reviewers: + jln@chromium.org
Jorge, could you review?
jln@chromium.org changed reviewers: + marcheu@chromium.org
Adding Stéphane for some GPU expertise. https://codereview.chromium.org/656023003/diff/20001/content/common/sandbox_l... File content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc (right): https://codereview.chromium.org/656023003/diff/20001/content/common/sandbox_l... content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc:161: class GpuEGLProcessPolicy : public GpuProcessPolicy { Why make it a new class? If you really need this, please make it a parameter of an existing class instead. See allow_sysv_shm for an example.
I think Julien's suggestion here makes sense.
On 2014/10/17 18:13:38, jln wrote: > Adding Stéphane for some GPU expertise. > > https://codereview.chromium.org/656023003/diff/20001/content/common/sandbox_l... > File content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc (right): > > https://codereview.chromium.org/656023003/diff/20001/content/common/sandbox_l... > content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc:161: class > GpuEGLProcessPolicy : public GpuProcessPolicy { > Why make it a new class? If you really need this, please make it a parameter of > an existing class instead. See allow_sysv_shm for an example. Thank you for review. There are 2 reasons why I add new class instead of changing GpuProcessPolicy 1. mincore() is needed for only gpu process, not gpu broker process 2. GpuBrokerProcessPolicy, CrosArmGpuProcessPolicy, CrosArmGpuBrokerProcessPolicy inherit GpuProcessPolicy, but mincore() is not related to 3 of them. If you still prefer changing GpuProcessPolicy, I'll update.
On 2014/10/17 19:56:40, dshwang wrote: > On 2014/10/17 18:13:38, jln wrote: > > Adding Stéphane for some GPU expertise. > > > > > https://codereview.chromium.org/656023003/diff/20001/content/common/sandbox_l... > > File content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc (right): > > > > > https://codereview.chromium.org/656023003/diff/20001/content/common/sandbox_l... > > content/common/sandbox_linux/sandbox_seccomp_bpf_linux.cc:161: class > > GpuEGLProcessPolicy : public GpuProcessPolicy { > > Why make it a new class? If you really need this, please make it a parameter > of > > an existing class instead. See allow_sysv_shm for an example. > > Thank you for review. > > There are 2 reasons why I add new class instead of changing GpuProcessPolicy > 1. mincore() is needed for only gpu process, not gpu broker process > 2. GpuBrokerProcessPolicy, CrosArmGpuProcessPolicy, > CrosArmGpuBrokerProcessPolicy inherit GpuProcessPolicy, but mincore() is not > related to 3 of them. > > If you still prefer changing GpuProcessPolicy, I'll update. This seems ok, as long as the derived classes construct GpuProcessPolicy with allow_mincore set to false.
I update it as Julien's suggestion. Could you review again?
https://codereview.chromium.org/656023003/diff/40001/content/common/sandbox_l... File content/common/sandbox_linux/bpf_gpu_policy_linux.cc (right): https://codereview.chromium.org/656023003/diff/40001/content/common/sandbox_l... content/common/sandbox_linux/bpf_gpu_policy_linux.cc:183: if (allow_mincore_ && sysno == __NR_mincore) Please add this as a case in the switch statement below.
On 2014/10/20 18:41:03, Jorge Lucangeli Obes wrote: > https://codereview.chromium.org/656023003/diff/40001/content/common/sandbox_l... > File content/common/sandbox_linux/bpf_gpu_policy_linux.cc (right): > > https://codereview.chromium.org/656023003/diff/40001/content/common/sandbox_l... > content/common/sandbox_linux/bpf_gpu_policy_linux.cc:183: if (allow_mincore_ && > sysno == __NR_mincore) > Please add this as a case in the switch statement below. Thanks. DONE.
https://codereview.chromium.org/656023003/diff/60001/content/common/sandbox_l... File content/common/sandbox_linux/bpf_gpu_policy_linux.cc (right): https://codereview.chromium.org/656023003/diff/60001/content/common/sandbox_l... content/common/sandbox_linux/bpf_gpu_policy_linux.cc:208: return Allow(); We try to keep this in alphabetical order, but it's tricky since if we put it above mmap() it will fall through. I think the best solution is to do: case __NR_ioctl: return Allow(); case __NR_mincore: if (allow_mincore_) return Allow(); else return SandboxBPFBasePolicy::EvaluateSyscall(sysno); And put __NR_mincore right above mmap.
On 2014/10/20 19:01:07, Jorge Lucangeli Obes wrote: > https://codereview.chromium.org/656023003/diff/60001/content/common/sandbox_l... > File content/common/sandbox_linux/bpf_gpu_policy_linux.cc (right): > > https://codereview.chromium.org/656023003/diff/60001/content/common/sandbox_l... > content/common/sandbox_linux/bpf_gpu_policy_linux.cc:208: return Allow(); > We try to keep this in alphabetical order, but it's tricky since if we put it > above mmap() it will fall through. > > I think the best solution is to do: > > case __NR_ioctl: > return Allow(); > case __NR_mincore: > if (allow_mincore_) > return Allow(); > else > return SandboxBPFBasePolicy::EvaluateSyscall(sysno); > > And put __NR_mincore right above mmap. DONE. Ah, thanks. I didn't know alphabetical order belongs to code style. I did as your instruction as well as put __NR_access to top.
https://codereview.chromium.org/656023003/diff/80001/content/common/sandbox_l... File content/common/sandbox_linux/bpf_gpu_policy_linux.cc (right): https://codereview.chromium.org/656023003/diff/80001/content/common/sandbox_l... content/common/sandbox_linux/bpf_gpu_policy_linux.cc:184: case __NR_access: While we order things mostly alphabetically, we don't follow the suggestion when it makes the code more prone to breakage. The reason why __NR_access was below is because it's got the same behaviour as open and openat, and if we ever change it we want to change it for the three syscalls. I think it would be better to keep it below. Sorry about that.
On 2014/10/20 19:52:59, Jorge Lucangeli Obes wrote: > https://codereview.chromium.org/656023003/diff/80001/content/common/sandbox_l... > File content/common/sandbox_linux/bpf_gpu_policy_linux.cc (right): > > https://codereview.chromium.org/656023003/diff/80001/content/common/sandbox_l... > content/common/sandbox_linux/bpf_gpu_policy_linux.cc:184: case __NR_access: > While we order things mostly alphabetically, we don't follow the suggestion when > it makes the code more prone to breakage. The reason why __NR_access was below > is because it's got the same behaviour as open and openat, and if we ever change > it we want to change it for the three syscalls. I think it would be better to > keep it below. Sorry about that. Thank you for continuous explanation. Done. :)
lgtm
On 2014/10/20 21:05:43, Jorge Lucangeli Obes wrote: > lgtm Thank you for review!
The CQ bit was checked by dongseong.hwang@intel.com
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/656023003/100001
Message was sent while issue was closed.
Committed patchset #6 (id:100001)
Message was sent while issue was closed.
Patchset 6 (id:??) landed as https://crrev.com/43815b018eb71e762657cb650496ea6d83134c31 Cr-Commit-Position: refs/heads/master@{#300445} |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
