Oxide

Forks browser process to run sandbox IPC helper

Bug #1304648 reported by Chris Coulson on 2014-04-08

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Oxide	Fix Released	Critical	Unassigned
	oxide-qt (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Chromium forks the browser process to run a sandbox IPC helper process, which provides a mechanism for sandboxed renderers to access things like the font cache. However, it does this without execing a new process image in the child.

Whilst this is fine for Chromium (because it forks at startup and before any threads are created), it is bad for us for a few reasons:

By the time we "start" Chromium:
- We already have a QML app and Qt gunk running in the browser process - I suspect that a lot of the memory used by the app will get copied eventually, which is a waste.
- We already have many threads running. As threads don't get forked, the child process will deadlock if any thread held a lock it requires at some point.

Related branches

lp:~oxide-developers/oxide/oxide.trunk

lp:~oxide-developers/oxide/packaging.trusty

Chris Coulson (chrisccoulson) on 2014-04-08

Changed in oxide:
importance:	Undecided → Critical
status:	New → Triaged
status:	Triaged → Fix Committed

Revision history for this message

David Barth (dbarth) wrote on 2014-04-09:

Awesome! Thank (again) you for the fix Chris :)

Jamie Strandboge (jdstrand) on 2014-04-09

Changed in oxide:
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-04-10:

This bug was fixed in the package oxide-qt - 1.0.0~bzr490-0ubuntu1

---------------
oxide-qt (1.0.0~bzr490-0ubuntu1) trusty; urgency=medium

  * Update to r490
    - Build with enable_plugins: 0 and toolkit_views: 0 to trim the size
      a bit
    - Ensure subframe navigations that require a new window become top-level
      navigations for webviews that don't implement WebView.newViewRequested
    - Add an option for enabling proprietary codecs (ENABLE_PROPRIETARY_CODECS)
    - Build and install the l10n pak files
    - Add file picker support (LP: #1260008)
    - Add some resources to oxide.pak that were missing (eg, directory listing
      HTML)
    - Fix a crash that occurs when handling events from some mouse buttons
    - Add cursor support (LP: #1257662)
    - Reimplement Chromium's RenderSandboxHostLinux so that it runs the sandbox
      IPC helper process as a proper child process rather than just forking
      the browser process, which is dangerous for Oxide (LP: #1304648)
  * Split libffmpegsumo.so in to 2 separate packages (oxideqt-codecs and
    oxideqt-codecs-extra) (LP: #1301341)
-- Chris Coulson <email address hidden> Tue, 08 Apr 2014 15:27:09 +0100

Changed in oxide-qt (Ubuntu):
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.