ipc-channel icon indicating copy to clipboard operation
ipc-channel copied to clipboard

Published 20 hours ago verified publisher icon servo

Use anonymous shared memory on FreeBSD

Open valpackett opened this issue 7 years ago • 14 comments

It works in Capsicum capability mode (process sandbox).

valpackett avatar Nov 06 '17 18:11 valpackett

What do you think about pulling this code into a separate tiny crate? This exact functionality is needed in a lot of things (mostly Wayland-related). Would you merge a patch that replaces this code with a dependency?

valpackett avatar Dec 07 '17 10:12 valpackett

I think that is reasonable. memfd_create is only available post linux 3.17 and has no glibc wrapper. It must be called via syscall, so as long as that it is only used when a feature is enabled, I think a separate crate would be reasonable.

dlrobertson avatar Dec 08 '17 01:12 dlrobertson

Done! https://github.com/myfreeweb/shmemfdrs & updated this PR to use it

valpackett avatar Dec 09 '17 13:12 valpackett

Looks good to me. I'm not sure though what Servo's policy is for introducing new external dependencies?

@myfreeweb out of curiosity: how and for what purpose does WR need to use this?

@dlrobertson that's a bit tangential: but did we ever discuss checking for memfd support at run-time?...

antrik avatar Dec 09 '17 15:12 antrik

WR? WebRender, on its own? Does it use ipc-channel at all?

Servo needs SHM_ANON to run sandboxed on FreeBSD: https://github.com/servo/servo/issues/11625#issuecomment-342243384

valpackett avatar Dec 09 '17 15:12 valpackett

@antrik I think we discussed it but I think I forgot to create an issue for it and therefore forgot to investigate further.

dlrobertson avatar Dec 09 '17 16:12 dlrobertson

@myfreeweb whoops, I guess I misread "Wayland" as "Webrender"...

So I'm a bit confused now: are there other users for shmemfdrs outside of ipc-channel?

antrik avatar Dec 09 '17 16:12 antrik

No existing users as the crate was created today :) But potential users like https://github.com/Smithay/wayland-window/issues/14

valpackett avatar Dec 09 '17 16:12 valpackett

@myfreeweb going by the discussion there, it seems like they actually need a way to select the specific mechanism depending on client requests, rather than an automatic abstraction? So it doesn't seem like this crate will really help there...

The reason I'm bringing this up is because I am somewhat reluctant -- and from what I gathered, other Servo developers are too -- to introduce a new crate for code that is not actually likely to be used outside of Servo. That would just increase maintenance burden.

antrik avatar Dec 09 '17 17:12 antrik

The mechanism being file descriptors or not file descriptors — not different ways of creating file descriptors :)

valpackett avatar Dec 09 '17 17:12 valpackett

@myfreeweb I was pretty sure it was actually about temporary file based descriptors vs. anonymous descriptors? But then again, I'm not really familiar with the Wayland protocol -- so I guess I might be misreading it...

antrik avatar Dec 09 '17 18:12 antrik

I made similar changes work in weston, so I know something :) Of course no one cares how a file descriptor is made.

Shared memory file descriptors are used to pass software-rendered buffers from the client to the compositor. The primary "other way" is passing GPU (EGL) buffers. And a compositor theoretically could support EGL only.

valpackett avatar Dec 09 '17 18:12 valpackett

:umbrella: The latest upstream changes (presumably #187) made this pull request unmergeable. Please resolve the merge conflicts.

bors-servo avatar Feb 15 '18 02:02 bors-servo

:umbrella: The latest upstream changes (presumably #216) made this pull request unmergeable. Please resolve the merge conflicts.

bors-servo avatar Jan 09 '19 20:01 bors-servo