The issue meets 403 error because it's marked restricted. Maybe google do that for all security bug.
I will simplify the description as, xwalk on Windows will crash when duplication a DwmDxBlt event handle from browser process to GPU process. The crash only happens after rebase to 32, because the permission CHECK is added in upstream trunk after M31. The other important information is that chromium/Google chrome also do the same duplication. So at least it's not us doing a dangerous operation in xwalk. And the reason why chromium won't crash, even xwalk with dynamic link won't crash, is kind of Windows specified. I will try to explain it simply: 1. chromium code is replacing windows API - DuplicateHandle with DuplicateHandlePatched, which will do extra security check 2. the replacement is also using a windows API, the scope of which is only within the module. You can understand module as the binary name, so chrome.exe and chrome.dll are different modules. 3. For chromium, the replacement is in module chrome.dll, but the duplication for DwmDxBlt is happened in chrome.exe, so that it walks around the CHECK. 4. For xwalk static build, there's only one binary, xwalk.exe, so the CHECK is working for the duplication for DwmDxBlt, which will fail and cause crash. The upstream guys marks it as wontfix, saying the no checking for duplicating DwmDxBlt is on purpose and there is no security issue. Following are my thoughts, There are two things we need to do: 1. What Halton mentioned, to use Official buildtype. But I think it's for long term, as the reason Halton gave, we need to look at whether xwalk is working fine with Official built content layer. As in future, we probably need to build official xwalk for some production. 2. But turn on Official build is not fixing this, the code is still problematic. We still need to make the CHECK not happen for DwmDxBlt duplication. I will work on a PR for this later, it probably needs landing in our chromium fork. I think it's not a rebase blocking issue, I suggest to turn off sandbox by default for rebasing. And fix the issue to re-enable sandbox later. Thanks, Shiliu. -----Original Message----- From: Crosswalk-dev [mailto:crosswalk-dev-boun...@lists.crosswalk-project.org] On Behalf Of Huo, Halton Sent: Monday, November 18, 2013 6:26 PM To: Kubo Da Costa, Raphael; crosswalk-dev@lists.crosswalk-project.org Subject: Re: [Crosswalk-dev] Build xwalk with -Dbuildtype=Official Shiliu, could please explain in details to Raphael? > -----Original Message----- > From: Crosswalk-dev > [mailto:crosswalk-dev-boun...@lists.crosswalk-project.org] On Behalf > Of Raphael Kubo da Costa > Sent: Monday, November 18, 2013 6:20 PM > To: crosswalk-dev@lists.crosswalk-project.org > Subject: Re: [Crosswalk-dev] Build xwalk with -Dbuildtype=Official > > "Huo, Halton" <halton....@intel.com> writes: > > > The background is the xwalk static library of chromium 32 based will > > core dump. After Shiliu’s investigation, it is because non official > > build will replace the DuplicateHandle for test only. > > [...] > > > (This issue does not happens on chrome because there are chrome.dll > > and chrome.exe, while xwalk does not, ask Shiliu for more specific > > reason). > > We definitely need more information before making any kind of decision. > For starters, crbug.com/319681 that Shiliu linked to gives me a 403 > Forbidden error. > > Looking at src/content/common/sandbox_win.cc, I see this: > > // This code is test only, and attempts to catch unsafe uses of > // DuplicateHandle() that copy privileged handles into sandboxed > processes. > > I (and I guess most people) don't know what the deal with chrome.dll > and chrome.exe on Windows is in the first place. > > As a layman looking only at that comment, it looks like the crash > actually means we are doing something wrong and the code is shouting > it out loud at us? > _______________________________________________ > Crosswalk-dev mailing list > Crosswalk-dev@lists.crosswalk-project.org > https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev _______________________________________________ Crosswalk-dev mailing list Crosswalk-dev@lists.crosswalk-project.org https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev _______________________________________________ Crosswalk-dev mailing list Crosswalk-dev@lists.crosswalk-project.org https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev
