RESOLVED FIXED 222391
Set ownership of IOSurfaces from the GPUProcess instead of the WebProcess 
https://bugs.webkit.org/show_bug.cgi?id=222391
Summary Set ownership of IOSurfaces from the GPUProcess instead of the WebProcess
Chris Dumez
Reported 2021-02-24 16:04:25 PST
Set ownership of IOSurfaces from the GPUProcess instead of the WebProcess. The WebProcess should stop using IOSurface API/SPI for better sandboxing.
Attachments
WIP Patch (11.81 KB, patch)
2021-02-24 17:13 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (16.83 KB, patch)
2021-02-25 09:34 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (16.93 KB, patch)
2021-02-25 09:56 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (16.34 KB, patch)
2021-02-25 12:04 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (14.92 KB, patch)
2021-02-25 14:10 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (15.05 KB, patch)
2021-03-04 09:53 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2021-02-24 17:13:02 PST
Created attachment 421484 [details] WIP Patch Will check the processes memory footprint tomorrow but at least the ownership transfer calls are running in the GPUProcess and succeeding \o/
Chris Dumez
Comment 2 2021-02-25 09:34:47 PST
Created attachment 421533 [details] Patch
Simon Fraser (smfr)
Comment 3 2021-02-25 09:51:17 PST
Comment on attachment 421533 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=421533&action=review > Source/WebCore/ChangeLog:4 > + https://bugs.webkit.org/show_bug.cgi?id=222391 Radar > Source/WTF/wtf/PlatformHave.h:307 > +#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 120000) \ > + || (((PLATFORM(IOS) && !PLATFORM(IOS_FAMILY_SIMULATOR)) || PLATFORM(MACCATALYST)) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 150000) \ > + || (PLATFORM(WATCHOS) && !PLATFORM(IOS_FAMILY_SIMULATOR) && __WATCH_OS_VERSION_MIN_REQUIRED >= 80000) \ > + || (PLATFORM(APPLETV) && !PLATFORM(IOS_FAMILY_SIMULATOR) && __TV_OS_VERSION_MIN_REQUIRED >= 150000) These are getting out of control.
Radar WebKit Bug Importer
Comment 4 2021-02-25 09:52:19 PST
<rdar://problem/74748353>
Chris Dumez
Comment 5 2021-02-25 09:56:21 PST
Created attachment 421536 [details] Patch
Said Abou-Hallawa
Comment 6 2021-02-25 11:17:54 PST
Comment on attachment 421536 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=421536&action=review > Source/WebCore/platform/graphics/ConcreteImageBuffer.h:65 > +#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY) > + void setProcessOwnership(task_id_token_t newOwner) > + { > + if (m_backend) > + m_backend->setProcessOwnership(newOwner); > + } > +#endif I think this should be moved to RemoteImageBuffer. > Source/WebCore/platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp:226 > +#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY) > +void ImageBufferIOSurfaceBackend::setProcessOwnership(task_id_token_t processIdentityToken) > +{ > + ASSERT(m_surface); > + m_surface->setOwnershipIdentity(processIdentityToken); > +} > +#endif I think this should be moved to ImageBufferShareableMappedIOSurfaceBackend.
Tim Horton
Comment 7 2021-02-25 11:50:22 PST
(In reply to Simon Fraser (smfr) from comment #3) > Comment on attachment 421533 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=421533&action=review > > > Source/WebCore/ChangeLog:4 > > + https://bugs.webkit.org/show_bug.cgi?id=222391 > > Radar > > > Source/WTF/wtf/PlatformHave.h:307 > > +#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 120000) \ > > + || (((PLATFORM(IOS) && !PLATFORM(IOS_FAMILY_SIMULATOR)) || PLATFORM(MACCATALYST)) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 150000) \ > > + || (PLATFORM(WATCHOS) && !PLATFORM(IOS_FAMILY_SIMULATOR) && __WATCH_OS_VERSION_MIN_REQUIRED >= 80000) \ > > + || (PLATFORM(APPLETV) && !PLATFORM(IOS_FAMILY_SIMULATOR) && __TV_OS_VERSION_MIN_REQUIRED >= 150000) > > These are getting out of control. Probably would have said !SIM only once, at the end, but otherwise this is sadly a perfect model of how it should be done for everyone :)
Chris Dumez
Comment 8 2021-02-25 11:52:40 PST
(In reply to Said Abou-Hallawa from comment #6) > Comment on attachment 421536 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=421536&action=review > > > Source/WebCore/platform/graphics/ConcreteImageBuffer.h:65 > > +#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY) > > + void setProcessOwnership(task_id_token_t newOwner) > > + { > > + if (m_backend) > > + m_backend->setProcessOwnership(newOwner); > > + } > > +#endif > > I think this should be moved to RemoteImageBuffer. > > > Source/WebCore/platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp:226 > > +#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY) > > +void ImageBufferIOSurfaceBackend::setProcessOwnership(task_id_token_t processIdentityToken) > > +{ > > + ASSERT(m_surface); > > + m_surface->setOwnershipIdentity(processIdentityToken); > > +} > > +#endif > > I think this should be moved to ImageBufferShareableMappedIOSurfaceBackend. I don't get it, it seems ImageBufferShareableMappedIOSurfaceBackend has a ImageBufferBackendHandle but I don't see an IOSurface. I need an IOSurface to set ownership. How do I do that from ImageBufferShareableMappedIOSurfaceBackend?
Chris Dumez
Comment 9 2021-02-25 11:59:14 PST
(In reply to Chris Dumez from comment #8) > (In reply to Said Abou-Hallawa from comment #6) > > Comment on attachment 421536 [details] > > Patch > > > > View in context: > > https://bugs.webkit.org/attachment.cgi?id=421536&action=review > > > > > Source/WebCore/platform/graphics/ConcreteImageBuffer.h:65 > > > +#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY) > > > + void setProcessOwnership(task_id_token_t newOwner) > > > + { > > > + if (m_backend) > > > + m_backend->setProcessOwnership(newOwner); > > > + } > > > +#endif > > > > I think this should be moved to RemoteImageBuffer. > > > > > Source/WebCore/platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp:226 > > > +#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY) > > > +void ImageBufferIOSurfaceBackend::setProcessOwnership(task_id_token_t processIdentityToken) > > > +{ > > > + ASSERT(m_surface); > > > + m_surface->setOwnershipIdentity(processIdentityToken); > > > +} > > > +#endif > > > > I think this should be moved to ImageBufferShareableMappedIOSurfaceBackend. > > I don't get it, it seems ImageBufferShareableMappedIOSurfaceBackend has a > ImageBufferBackendHandle but I don't see an IOSurface. I need an IOSurface > to set ownership. > How do I do that from ImageBufferShareableMappedIOSurfaceBackend? Oh, looks like I got confused with ImageBufferShareableIOSurfaceBackend. Let me give that another try.
Chris Dumez
Comment 10 2021-02-25 12:04:31 PST
Created attachment 421550 [details] Patch
Chris Dumez
Comment 11 2021-02-25 14:10:59 PST
Created attachment 421564 [details] Patch
EWS
Comment 12 2021-03-01 10:21:51 PST
Committed r273655: <https://commits.webkit.org/r273655> All reviewed patches have been landed. Closing bug and clearing flags on attachment 421564 [details].
Truitt Savell
Comment 13 2021-03-01 15:53:38 PST
Reverted r273655 for reason: Broke internal Mac Committed r273700 (234721@main): <https://commits.webkit.org/234721@main>
Chris Dumez
Comment 14 2021-03-04 09:53:51 PST
Created attachment 422247 [details] Patch
EWS
Comment 15 2021-03-04 10:41:07 PST
Committed r273903: <https://commits.webkit.org/r273903> All reviewed patches have been landed. Closing bug and clearing flags on attachment 421564 [details].
Note You need to log in before you can comment on or make changes to this bug.