Hello, Once again. If we are considering single process model - yes, I do not see any problem in SMACK.
I understood question as referring to shared BP. Sorry. Regards, Tomasz Iwanek -----Original Message----- From: Crosswalk-dev [mailto:crosswalk-dev-boun...@lists.crosswalk-project.org] On Behalf Of Tomasz Iwanek Sent: Wednesday, December 10, 2014 3:54 PM To: 'Pozdnyakov, Mikhail'; 'Hur, Joone'; crosswalk-dev@lists.crosswalk-project.org Cc: d...@lists.tizen.org Subject: Re: [Crosswalk-dev] [Dev] [Intent to implement] Crosswalk uses Dual process model on Tizen Hello, My comment was aimed to the fact of removing shared BP. If we have single BP per application then it's SMACK label is fixed and BP do not need to handle anything by itself. Privileges to files are enforced by platform. In actual situation, we have shared browser process. BP is needed to be aware of which app (which RP) had issued file request. Therefore additional code using security framework. I just think it's not easy to maintain those two process models in parallel so that security enforce limit to use just one of those two. Regards, Tomasz Iwanek -----Original Message----- From: Pozdnyakov, Mikhail [mailto:mikhail.pozdnya...@intel.com] Sent: Wednesday, December 10, 2014 3:24 PM To: Tomasz Iwanek; Hur, Joone; crosswalk-dev@lists.crosswalk-project.org Cc: d...@lists.tizen.org Subject: RE: [Dev] [Crosswalk-dev] [Intent to implement] Crosswalk uses Dual process model on Tizen Hello, Could you explain why it is not an option: both processes will have the same SMACK labels. As for memory consumption we made a benchmark which showed that BP sharing does not actually give benefits there. BR, Mikhail ________________________________________ From: Tomasz Iwanek [t.iwa...@samsung.com] Sent: Wednesday, December 10, 2014 3:42 PM To: Pozdnyakov, Mikhail; Hur, Joone; crosswalk-dev@lists.crosswalk-project.org Cc: d...@lists.tizen.org Subject: RE: [Dev] [Crosswalk-dev] [Intent to implement] Crosswalk uses Dual process model on Tizen Hello, Due to security mechanisms on tizen enable/disable dual process is not an option, I think, as different process model requires much different handling. Other question. Applying this architecture increases memory usage by web applications (BP per each app). Has anyone thought of memory usage? Or is it not an issue that should be considered? Regards, Tomasz Iwanek -----Original Message----- From: Dev [mailto:dev-boun...@lists.tizen.org] On Behalf Of Pozdnyakov, Mikhail Sent: Wednesday, December 10, 2014 9:26 AM To: Hur, Joone; crosswalk-dev@lists.crosswalk-project.org Cc: d...@lists.tizen.org Subject: Re: [Dev] [Crosswalk-dev] [Intent to implement] Crosswalk uses Dual process model on Tizen which options would you like to see? BR, Mikhail ________________________________________ From: Hur, Joone Sent: Wednesday, December 10, 2014 5:19 AM To: Pozdnyakov, Mikhail; crosswalk-dev@lists.crosswalk-project.org Cc: d...@lists.tizen.org Subject: RE: [Crosswalk-dev] [Intent to implement] Crosswalk uses Dual process model on Tizen Will you allow us to enable/disable the dual process mode? -----Original Message----- From: Crosswalk-dev [mailto:crosswalk-dev-boun...@lists.crosswalk-project.org] On Behalf Of Pozdnyakov, Mikhail Sent: Monday, December 08, 2014 5:08 AM To: crosswalk-dev@lists.crosswalk-project.org Cc: d...@lists.tizen.org Subject: [Crosswalk-dev] [Intent to implement] Crosswalk uses Dual process model on Tizen Hi, Description: The Dual process model is a process model where each application run contains two processes: The first process includes Browser process (BP), GPU process (GP) and Extension process (EP) The second process is Renderer process (RP) and it runs in Seccomp sandbox Rational: At the moment Crosswalk on Tizen is using Shared process model (sharing BP between all the apps) this however creates the following problems: (1) the diversity from Crosswalk implementations on other platforms (2) great complexity (BP has to do a lot of extra stuff to handle multiple apps + we've a dbus launcher) and hence (3) more bugs (because of more complexity). All these significantly increase the development and maintenance costs (the recent efforts on enabling of Tizen platform security mechanisms in Crosswalk is a good example of how having the Shared process model caused a lot of troubles) Affected components: Crosswalk on Tizen, Crosswalk application tools (xwalk launcher, xwalkctl) This change will apparently modify also the Tizen Crosswalk command line interface (for example remote debugging cmd line options) whereas xwalk binary will be invoked directly. Target platform: Tizen Implementation plan: 1) Add the Tizen appcore-related logic and other functionality from xwalk-launcher to BP 2) Make the necessary modifications in Tizen so that it does not rely on the Shared process model any more (e.g. launches xwalk instead of xwalk-launcher) 3) Merge EP and GP into BP -- make it Dual process model 4) Clean up tons of unused code, including removal of xwalk-launcher (yay!) BR, Mikhail --------------------------------------------------------------------- Intel Finland Oy Registered Address: PL 281, 00181 Helsinki Business Identity Code: 0357606 - 4 Domiciled in Helsinki This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. _______________________________________________ Crosswalk-dev mailing list Crosswalk-dev@lists.crosswalk-project.org https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev --------------------------------------------------------------------- Intel Finland Oy Registered Address: PL 281, 00181 Helsinki Business Identity Code: 0357606 - 4 Domiciled in Helsinki This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. _______________________________________________ Dev mailing list d...@lists.tizen.org https://lists.tizen.org/listinfo/dev --------------------------------------------------------------------- Intel Finland Oy Registered Address: PL 281, 00181 Helsinki Business Identity Code: 0357606 - 4 Domiciled in Helsinki This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. _______________________________________________ Crosswalk-dev mailing list Crosswalk-dev@lists.crosswalk-project.org https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev _______________________________________________ Crosswalk-dev mailing list Crosswalk-dev@lists.crosswalk-project.org https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev
