This adds a small function that concatenates the args (because not
only does the BSD `setproctitle` take a single string, but also the
Linux kernel code that implements `/proc/{pid}/cmdline` won't allow the
"arguments" to extend past their original length unless it's a single
string), and connects it to the fork server.
Differential Revision: https://phabricator.services.mozilla.com/D187635
Unnamed POSIX semaphores are not supported on macOS, nor is timed wait supported on
named POSIX semaphores. SysV semaphores have similar limitations.
Mach semaphores are one of the only clean ways to create unnamed, shareable semaphores
on macOS. As of bug 1734735, we now can transparently send the mach ports across to
other processes without much added code, overall making this implementation of Mach
semaphores fairly easy.
Differential Revision: https://phabricator.services.mozilla.com/D188429
The special handling for android is in chromium's SharedMemory type,
meaning we can use SharedMemoryBasic_chromium now on Android.
This patch removes the android special casing to use the chromium
backend on that platform as well.
Differential Revision: https://phabricator.services.mozilla.com/D182808
Use a new executable for the GMP process named "<App Name> Media Plugin Helper" so that the content processes (using the plugin-container executable) and the GMP process can be signed with different entitlements allowing for the use of more secure entitlements.
In order for the new executable to load the Widevine plugin, a change is needed in the codesigning infrastructure repo to generate the .sig file for the new executable.
To get the security benefits of using a new executable for GMP, additional changes are needed in the codesigning infrastructure repo to enable signing plugin-container and the new executable with a reduced set of entitlements.
The executable is a copy of plugin-container renamed as "<App Name> Media Plugin Helper" so it appears with a user friendly name in Activity Monitor. For example, "Firefox Media Plugin Helper". (The GMP process runs with limited privileges preventing it from setting its own "nice" process name.)
Pref off the change until the .sig file change lands and media playback has been validated on production builds.
Differential Revision: https://phabricator.services.mozilla.com/D175796
Use a new executable for the GMP process named "<App Name> Media Plugin Helper" so that the content processes (using the plugin-container executable) and the GMP process can be signed with different entitlements allowing for the use of more secure entitlements.
To get the benefits of using a new executable for GMP, additional changes are needed in the codesigning infrastructure repo to enable signing plugin-container and the new executable with a reduced set of entitlements.
The executable is built as media-plugin-helper and then renamed to "<App Name> Media Plugin Helper" so it appears with a user friendly name in Activity Monitor. For example, "Firefox Media Plugin Helper". (The GMP process runs with limited privileges preventing it from setting its own "nice" process name.)
Limit the change to Nightly at this time to allow validation of using a new executable and then enabling the strong entitlements.
Differential Revision: https://phabricator.services.mozilla.com/D175796
Previously, we would always generate a default constructor for IPDL structs
which explicitly initializes every member. This would require members to have
default initializers statically. With the new approach, each member is
individually wrapped with a template parameter which will try to ensure value
initiaization, and the default constructor is implemented with `= default;`.
The default constructor will produce a warning on clang if it is implicitly
deleted, so that warning is also suppressed.
Differential Revision: https://phabricator.services.mozilla.com/D168881
This combines the multiple fields or variants which were previously used to
track sided types like protocol types into a single field wrapped with a
SideVariant.
This will be used in the next part to avoid the need for default constructors
for actor types allowing the proper types to be used.
Differential Revision: https://phabricator.services.mozilla.com/D168879
Previously, we would always generate a default constructor for IPDL structs
which explicitly initializes every member. This would require members to have
default initializers statically. With the new approach, each member is
individually wrapped with a template parameter which will try to ensure value
initiaization, and the default constructor is implemented with `= default;`.
The default constructor will produce a warning on clang if it is implicitly
deleted, so that warning is also suppressed.
Differential Revision: https://phabricator.services.mozilla.com/D168881
This combines the multiple fields or variants which were previously used to
track sided types like protocol types into a single field wrapped with a
SideVariant.
This will be used in the next part to avoid the need for default constructors
for actor types allowing the proper types to be used.
Differential Revision: https://phabricator.services.mozilla.com/D168879
This changes the serialization strategy for JSStructuredCloneData to use shared
memory if the total size exceeds 64k. This doesn't change how it is represented
when it is within source or destination processes, just how it is represented
when in transit.
Differential Revision: https://phabricator.services.mozilla.com/D153804
This changes and unifies the serialization strategy for types like
`ns[C]String`, `nsTArray<T>`, `std::vector<T>` etc such that they are all
serialized using a common implementation. For types which are trivial to
transfer with `memcpy`, they will automatically be serialized into a shared
memory region and copied out on the other side if its size exceeds 64k.
Differential Revision: https://phabricator.services.mozilla.com/D153803
This patch moves the media engine from the RDD process to the new
utility process, and create video bridge between the new utility process
and the GPU process in order to share the texture.
Differential Revision: https://phabricator.services.mozilla.com/D155901
This type is inspired by the Chromium BigBuffer type, and acts as a type which
intelligently either allocates a shared memory region or in-memory buffer based
on the size of the payload. The current threshold is 64k bytes, and it can be
somewhat cheaply transferred over IPC.
This is intended to be used in places where we currently create a basic `Shmem`
to transfer a potentially large block of bytes over IPC.
Differential Revision: https://phabricator.services.mozilla.com/D151851
This interface should no longer be required due to the changes in part 1
limiting the complexity of IPCStream instances and limiting the number of file
descriptors which a single stream can attach to a message.
Removing this interface is necessary to serialize nsIInputStream instances over
arbitrary toplevel protocols and non-protocol IPC in the future.
Differential Revision: https://phabricator.services.mozilla.com/D141039
This gives us various positive benefits, such as using a shared memory ring
buffer for faster communication, not having data streaming being bound to the
thread which transferred the nsIInputStream (which is often the main thread),
and the ability for some backpressure to be applied to data streaming.
After this change, the "delayed start" parameter for IPCStream serialization is
less relevant, as backpressure will serve a similar purpose. It will still be
used to determine whether or not to use RemoteLazyInputStream when serializing
from the parent process.
Differential Revision: https://phabricator.services.mozilla.com/D141038
This interface should no longer be required due to the changes in part 1
limiting the complexity of IPCStream instances and limiting the number of file
descriptors which a single stream can attach to a message.
Removing this interface is necessary to serialize nsIInputStream instances over
arbitrary toplevel protocols and non-protocol IPC in the future.
Differential Revision: https://phabricator.services.mozilla.com/D141039
This gives us various positive benefits, such as using a shared memory ring
buffer for faster communication, not having data streaming being bound to the
thread which transferred the nsIInputStream (which is often the main thread),
and the ability for some backpressure to be applied to data streaming.
After this change, the "delayed start" parameter for IPCStream serialization is
less relevant, as backpressure will serve a similar purpose. It will still be
used to determine whether or not to use RemoteLazyInputStream when serializing
from the parent process.
Differential Revision: https://phabricator.services.mozilla.com/D141038
This interface should no longer be required due to the changes in part 1
limiting the complexity of IPCStream instances and limiting the number of file
descriptors which a single stream can attach to a message.
Removing this interface is necessary to serialize nsIInputStream instances over
arbitrary toplevel protocols and non-protocol IPC in the future.
Differential Revision: https://phabricator.services.mozilla.com/D141039
This gives us various positive benefits, such as using a shared memory ring
buffer for faster communication, not having data streaming being bound to the
thread which transferred the nsIInputStream (which is often the main thread),
and the ability for some backpressure to be applied to data streaming.
After this change, the "delayed start" parameter for IPCStream serialization is
less relevant, as backpressure will serve a similar purpose. It will still be
used to determine whether or not to use RemoteLazyInputStream when serializing
from the parent process.
Differential Revision: https://phabricator.services.mozilla.com/D141038
This interface should no longer be required due to the changes in part 1
limiting the complexity of IPCStream instances and limiting the number of file
descriptors which a single stream can attach to a message.
Removing this interface is necessary to serialize nsIInputStream instances over
arbitrary toplevel protocols and non-protocol IPC in the future.
Differential Revision: https://phabricator.services.mozilla.com/D141039
