Closed Bug 1698778 Opened 4 years ago Closed 3 years ago

RDD/VAAPI: Sandbox: seccomp sandbox violation by syscall 16 (DRM_IOCTL_VERSION)

Categories

(Core :: Security: Process Sandboxing, defect, P5)

Product:
Core
Component:
Security: Process Sandboxing
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
96 Branch
Tracking Flags:
Tracking Status
firefox96 --- fixed

People

(Reporter: stransky, Assigned: jld)

References

(Blocks 2 open bugs)

Details

Crash Data

Attachments

(6 files, 1 obsolete file)

Work in progress for VA-API in RDD
(deleted), text/plain
Details
firefox-nightly-vaapi.png
(deleted), image/png
Details
Bug 1698778 - Allow filtering SysV IPC call arguments.
(deleted), text/x-phabricator-request
Details
Bug 1698778 - Move several pieces of the seccomp-bpf policies into SandboxPolicyCommon.
(deleted), text/x-phabricator-request
Details
Bug 1698778 - Loosen the RDD sandbox policy to support VA-API (including Intel VCS2).
(deleted), text/x-phabricator-request
Details
Bug 1698778 - Allow using VA-API in the RDD process.
(deleted), text/x-phabricator-request
Details

This is a follow up from https://bugzilla.mozilla.org/show_bug.cgi?id=1693083#c8

bt:
#0 0x00007f8e9c39155d in syscall () at /lib64/libc.so.6
#1 0x00007f8e8899254c in mozilla::SandboxCrash(int, siginfo_t*, void*) (nr=31, info=0x7f8e742fd9f0, void_context=0x7f8e742fd4c0)
at /home/komat/src/security/sandbox/linux/glue/SandboxCrash.cpp:114
#2 0x00007f8e9c8d8aeb in mozilla::SigSysHandler(int, siginfo_t*, void*) (nr=31, info=0x7f8e742fd9f0, void_context=0x7f8e742fd8c0) at /home/komat/src/security/sandbox/linux/Sandbox.cpp:152
#3 0x00007f8e9c7c61e0 in <signal handler called> () at /lib64/libpthread.so.0
#4 0x00007f8e9c38d5db in ioctl () at /lib64/libc.so.6
#5 0x00007f8e7f0d9440 in drmIoctl (fd=fd@entry=21, request=request@entry=3225445376, arg=arg@entry=0x7f8e783f1300) at ../xf86drm.c:191
#6 0x00007f8e7f0d9979 in drmGetVersion (fd=21) at ../xf86drm.c:843
#7 0x00007f8e9b3432d0 in VA_DRM_GetNumCandidates (ctx=<optimized out>, ctx=0x7f8e9c0c8a60, num_candidates=0x7f8e742fe0a4) at va_drm_utils.c:61
#8 va_DisplayContextGetNumCandidates (pDisplayContext=<optimized out>, num_candidates=0x7f8e742fe0a4) at va_drm.c:64

Summary: RDD/VAAPI: Sandbox: seccomp sandbox violation by syscall 16 (drmIoctl) → RDD/VAAPI: Sandbox: seccomp sandbox violation by syscall 16 (DRM_IOCTL_VERSION)

Gian-Carlo, is that something we can enable for RDD?
Thanks.

Flags: needinfo?(gpascutto)
Flags: needinfo?(gpascutto) → needinfo?(jld)

What is blocking this?

What is blocking this?

Availability of people who can make this call.

Gian-Carlo, what's the course here? If you agree to run RDD/VAAPI in ffmpeg/ffvpx I can look at the sandbox violation bugs and try to open the holes there.

I think we need to look at what exactly drmIoctl requires in terms of (extra additional) ioctl allowed. It's tricky because we currently don't restrict ioctl's much if at all, but we want to/need to (see bug 1302711). And then make some decision whether opening this up would mean we can't effectively sandbox the RDD process any more (which might mean we want to split this off processwise or move to the not-enable-yet-on-Linux GPU process), or if it's only some kind of query call that could be remoted, or...

Sorry, I don't have an easy answer here, if I had the answer ready I would have replied months ago :(

We can allow DRI access in the RDD process. In general we'd actually prefer to expose OS attack surface in the RDD process (or similar “utility” processes) rather than in content processes, if it's a choice of one of them, because they're not directly exposed to hostile JavaScript.

For the seccomp-bpf policy, I'd suggest masking out the type field, which we're currently doing to block tty ioctls in content processes, rather than trying to list each ioctl. Hopefully DRI uses only the 'd' type as seen in libdrm/drm.h, in which case this should be simple. (In contrast, I remember we ran into issues with nvidia using unexpected values, which is one reason why content processes have a default-allow ioctl policy rather than default-deny.)

If we encounter issues with the sched_* syscalls, I'd suggest just changing the default to return EPERM.

Flags: needinfo?(jld)
Severity: -- → S4
Priority: -- → P5

We can't use DRI on nvidia so we should be safe here. Okay, thanks for the hint, I'll try to look at it.

(In reply to Jed Davis [:jld] ⟨⏰|UTC-6⟩ ⟦he/him⟧ from comment #6)

We can allow DRI access in the RDD process. In general we'd actually prefer to expose OS attack surface in the RDD process (or similar “utility” processes) rather than in content processes, if it's a choice of one of them, because they're not directly exposed to hostile JavaScript.

For the seccomp-bpf policy, I'd suggest masking out the type field, which we're currently doing to block tty ioctls in content processes, rather than trying to list each ioctl. Hopefully DRI uses only the 'd' type as seen in libdrm/drm.h, in which case this should be simple. (In contrast, I remember we ran into issues with nvidia using unexpected values, which is one reason why content processes have a default-allow ioctl policy rather than default-deny.)

If we encounter issues with the sched_* syscalls, I'd suggest just changing the default to return EPERM.

Hm, the problem here is with libva library. It uses dlopen on driver library (/usr/lib64/dri/radeonsi_drv_video.so in my case) and uses all the usual stuff you can expect here. I don't think you want to enable such calls for RDD, right?

OTOH the whole thing runs in content process right now (ffmpeg+libva) which seems to be even worse. I wonder what can be used here?
Is GPU process an option here?

Flags: needinfo?(jld)

(In reply to Martin Stránský [:stransky] (ni? me) from comment #8)

Hm, the problem here is with libva library. It uses dlopen on driver library (/usr/lib64/dri/radeonsi_drv_video.so in my case) and uses all the usual stuff you can expect here. I don't think you want to enable such calls for RDD, right?

OTOH the whole thing runs in content process right now (ffmpeg+libva) which seems to be even worse. I wonder what can be used here?
Is GPU process an option here?

Bug 1657041 appears to be relevant here.

Edit: urgh, it just got closed...

See Also: → https://bugzilla.mozilla.org/show_bug.cgi?id=1657041

(I'd been meaning to answer this needinfo for a while but other things kept happening; sorry about that.)

If we need to give the RDD process GPU access then we could just do that, as long as it's the specifics aren't too unreasonable; it's not running hostile script so it's harder to attack than a content process. But it does mean that (at least until media codecs can be refactored into utility processes) it's weakening the sandbox on other codecs; the GPU process, in contrast, doesn't have a sandbox at all on Linux yet.

As for specifics, somewhere else on Bugzilla I remember a report that the Intel driver was using semget; if that is a hard dependency, allowing SysV IPC is not great, but it's not in a content process and we do have a plan to lock it down eventually, so I tend to think it's not a showstopper.

Flags: needinfo?(jld)

Yeah, giving the RDD process GPU access seems like the right short term solution here.

I tested this with the content process: MOZ_SANDBOX_ALLOW_SYSV=1 and syscall 220 were needed to make VAAPI work with intel-media-va-driver (Github) on Debian Testing, Gnome Xwayland, Intel.
@jld: Can you make the RDD sandbox change?

h264 VAAPI and vp8 VAAPI work with this command according to the log and sudo intel_gpu_top:
MOZ_SANDBOX_ALLOW_SYSV=1 MOZ_SANDBOX_LOGGING=1 MOZ_LOG="Dmabuf:5,PlatformDecoderModule:5" mozregression --launch 2021-10-07 --pref gfx.webrender.all:true gfx.x11-egl.force-enabled:true media.rdd-process.enabled:false media.ffmpeg.vaapi.enabled:true security.sandbox.content.syscall_whitelist:"220," -P stdout -a https://bug1619882.bmoattachments.org/attachment.cgi?id=9149605 -a https://upload.wikimedia.org/wikipedia/commons/1/18/The_Earth_in_4k.webm

(Darkspirit from bug 1733680 comment #5)

(In reply to Jeff Muizelaar [:jrmuizel] from comment #4)

Out of curiosity why are you using the GPU process on Linux?

Background:

  • VAAPI hardware video decoding needs GPU access and a more permissive sandbox. It can be used on X11 and Wayland.
  • bug 1698778 comment 10: The RDD sandbox blocks VAAPI.
  • Users then disable media.rdd-ffvpx.enabled, media.rdd-vpx.enabled to use VAAPI in the content process or they disable the RDD sandbox.
  • bug 1619585, https://github.com/intel/media-driver/issues/854: In the content process it works with the old Intel VAAPI driver, but the newer driver is blocked by the sandbox because it wants SysV IPC. Intel Xe users can only use the newer driver, some can only decide between disabling the sandbox (what they shouldn't do) or waiting.
  • bug 1610199 comment 75, bug 1732951: stransky then suggested to move VAAPI into the GPU process, which requires implementing one for Wayland.
  • Robert mentioned in #gfx-firefox on chat.mozilla.org that a Wayland GPU process could make gfx.webrender.compositor more complicated, the parent process would need to act as some kind of Wayland proxy server.
  • Offtopic: bug 1713276 will remove another copy for software decoding.

What do you prefer?

(Martin Stránský [:stransky] (ni? me) from bug 1733680 comment #6)

(In reply to Jeff Muizelaar [:jrmuizel] from comment #4)

Out of curiosity why are you using the GPU process on Linux?

Yes, HW video decoding is the main reason here.

(Darkspirit from bug 1733680 comment #7)

Wouldn't it make sense to keep using RDD process (but slightly changing its sandbox: bug 1698778 comment 10) - until the apparently upcoming GPUFallback utility process can be used - to make things consistent across platforms?
https://firefox-source-docs.mozilla.org/dom/ipc/process_model.html#data-decoder-rdd-process

Data Decoder (RDD) Process
This process is in the process of being restructured into a generic “utility” process type for running untrusted code in a maximally secure sandbox. After these changes, the following new process types will exist, replacing the RDD process:

  • Utility: A maximally sandboxed process used to host untrusted code which does not require access to OS resources. This process will be even more sandboxed than RDD today on Windows, where the RDD process has access to Win32k.
  • UtilityWithWin32k: A Windows-only process with the same sandboxing as the RDD process today. This will be used to host untrusted sandboxed code which requires access to Win32k to allow decoding directly into GPU surfaces.
  • GPUFallback: A Windows-only process using the GPU process’ sandboxing policy which will be used to run Windows Media Foundation (WMF) when the GPU process itself is unavailable, allowing UtilityWithWin32k to re-enable Arbitrary Code Guard (ACG) on Windows.

(Jeff Muizelaar [:jrmuizel] from bug 1733680 comment #8)

Yes, I agree that best short term solution is to allow VAAPI from the RDD. RDD has GPU access on macOS so giving on Linux it has some precedent.

Flags: needinfo?(jld)
Attached file Work in progress for VA-API in RDD (deleted) —

I took a stab at adjusting the RDD sandbox for VA-API. This is very much work-in-progress, with a bunch of FIXME comments. And it doesn't handle the intel-media-driver SysV IPC situation yet, but some Intel GPUs (e.g., the one I tested it on) seem to work anyway, probably because of this conditional.

Assignee: nobody → jld
Flags: needinfo?(jld)

While I was looking at the intel-media-driver code, I realized I'd been there before: bug 1619585 comment #12.

See Also: → https://bugzilla.mozilla.org/show_bug.cgi?id=1619585

What about non-Intel systems?

Is there any known issue on the AMD/Mesa combination?

(In reply to Gian-Carlo Pascutto [:gcp] from comment #16)

What about non-Intel systems?

Is there any known issue on the AMD/Mesa combination?

We need only general access to GPU AFAIK but I can test that when the basic support lands.

(In reply to Gian-Carlo Pascutto [:gcp] from comment #16)

What about non-Intel systems?

Is there any known issue on the AMD/Mesa combination?

Not that I know of. So my question was, if VA-API can already be enable by default on systems with AMD graphics card.

(In reply to Paul Menzel from comment #18)

Not that I know of. So my question was, if VA-API can already be enable by default on systems with AMD graphics card.

It's still blocked by this bug / RDD sandbox.

I made a Try run with patches that should handle the Intel SysV IPC usage (direct link to the x86_64 build), and which flips the necessary prefs to use VA-API in the RDD process by default for ease of testing, but I don't have hardware to test it. If I understand correctly, this needs an 11th generation i5 or i7 (or i9?), using the integrated GPU. It would help if someone with the hardware in question could test it: unpack the build, play a suitable video (this VP8/VP9 demo page seems to work for intel), and use lsof or similar on the RDD process (the one with rdd as the last argument) to check for /dmabuf: file descriptors.

(Also posted this on bug 1619585; I'll probably merge the bugs at some point.)

Attached image firefox-nightly-blank.png (obsolete) (deleted) —

(In reply to Jed Davis [:jld] ⟨⏰|UTC-6⟩ ⟦he/him⟧ from comment #20)

I made a Try run with patches that should handle the Intel SysV IPC usage (direct link to the x86_64 build), and which flips the necessary prefs to use VA-API in the RDD process by default for ease of testing, but I don't have hardware to test it. If I understand correctly, this needs an 11th generation i5 or i7 (or i9?), using the integrated GPU. It would help if someone with the hardware in question could test it: unpack the build, play a suitable video (this VP8/VP9 demo page seems to work for intel), and use lsof or similar on the RDD process (the one with rdd as the last argument) to check for /dmabuf: file descriptors.

(Also posted this on bug 1619585; I'll probably merge the bugs at some point.)

Tried running it but just got a black window (see attached). Anything special that needs to be done?

Flags: needinfo?(jld)

Gnome Xwayland, Debian Testing, Macbook Pro, Intel Iris Graphics 6100 (BDW GT3) (0x8086 0x162b with Mesa 21.2.5.0).
Confirmed, H264 VAAPI and VP8 VAAPI work out of the box, thank you! (sudo intel_gpu_top)

mozregression --repo try --launch 5fedc5594ccce464685b1d2d33bedc3230b8a4ab -P stdout -a https://bug1619882.bmoattachments.org/attachment.cgi?id=9149605 -a https://upload.wikimedia.org/wikipedia/commons/1/18/The_Earth_in_4k.webm
**********
You should use a config file. Please use the --write-config command line flag to help you create one.
**********

 0:01.15 INFO: 5fedc5594ccce464685b1d2d33bedc3230b8a4ab is not a release, assuming it's a hash...
 0:04.87 INFO: Downloading build from: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/TOjLuUSjRPCPZvOuifAJYA/runs/1/artifacts/public%2Fbuild%2Ftarget.tar.bz2
===== Downloaded 100% =====
 0:19.23 INFO: Running try build built on 2021-11-05 16:47:01.253000, revision 5fedc559
 0:29.59 INFO: Launching /tmp/tmp_gg51u30/firefox/firefox
 0:29.59 INFO: Application command: /tmp/tmp_gg51u30/firefox/firefox https://bug1619882.bmoattachments.org/attachment.cgi?id=9149605 https://upload.wikimedia.org/wikipedia/commons/1/18/The_Earth_in_4k.webm -profile /tmp/tmp_wslh4zt.mozrunner
 0:29.59 INFO: application_buildid: 20211105145520
 0:29.59 INFO: application_changeset: 5fedc5594ccce464685b1d2d33bedc3230b8a4ab
 0:29.60 INFO: application_name: Firefox
 0:29.60 INFO: application_repository: https://hg.mozilla.org/try
 0:29.60 INFO: application_version: 96.0a1
 0:30.23 INFO: b'ATTENTION: default value of option mesa_glthread overridden by environment.'
 0:30.26 INFO: b'ATTENTION: default value of option mesa_glthread overridden by environment.'
 0:30.45 INFO: b'ATTENTION: default value of option mesa_glthread overridden by environment.'
 0:32.32 INFO: b'ATTENTION: default value of option mesa_glthread overridden by environment.'
 0:33.40 INFO: b'ATTENTION: default value of option mesa_glthread overridden by environment.'
 0:34.22 INFO: b'libva info: VA-API version 1.13.0'
 0:34.22 INFO: b'libva info: Trying to open /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so'
 0:34.22 INFO: b'libva info: Found init function __vaDriverInit_1_13'
 0:34.23 INFO: b'libva info: va_openDriver() returns 0'
 0:34.25 INFO: b'ATTENTION: default value of option mesa_glthread overridden by environment.'
 0:34.40 INFO: b'libva info: VA-API version 1.13.0'
 0:34.40 INFO: b'libva info: Trying to open /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so'
 0:34.40 INFO: b'libva info: Found init function __vaDriverInit_1_13'
 0:34.40 INFO: b'libva info: va_openDriver() returns 0'
 0:43.96 INFO: b'libva info: VA-API version 1.13.0'
 0:43.96 INFO: b'libva info: Trying to open /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so'
 0:43.96 INFO: b'libva info: Found init function __vaDriverInit_1_13'
 0:43.96 INFO: b'libva info: va_openDriver() returns 0'
 0:49.21 INFO: b'libva info: VA-API version 1.13.0'
 0:49.21 INFO: b'libva info: Trying to open /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so'
 0:49.21 INFO: b'libva info: Found init function __vaDriverInit_1_13'
 0:49.21 INFO: b'libva info: va_openDriver() returns 0'

(In reply to Jim from comment #21)
Please open about:support in your regular Nightly, click on "Copy text to clipboard" and paste it here.
Don't try it on Nvidia, Dmabuf VAAPI likely won't work because the deprecated (and from Debian removed) VAAPI-via-VDPAU library does not seem to support vaExportSurfaceHandle.

(In reply to Darkspirit from comment #22)

Gnome Xwayland, Debian Testing, Macbook Pro, Intel Iris Graphics 6100 (BDW GT3) (0x8086 0x162b with Mesa 21.2.5.0).
Confirmed, H264 VAAPI and VP8 VAAPI work out of the box, thank you! (sudo intel_gpu_top)

Yes, /dmabuf: is present:

$ lsof -p 25298
COMMAND     PID       USER   FD      TYPE             DEVICE  SIZE/OFF     NODE NAME
RDD\x20Pr 25298 darkspirit  cwd       DIR               0,21         0  1747300 /proc/25299/fdinfo (deleted)
RDD\x20Pr 25298 darkspirit  rtd       DIR               0,21         0  1747300 /proc/25299/fdinfo (deleted)
RDD\x20Pr 25298 darkspirit  txt       REG              254,0    933024 18743319 /tmp/tmpgcu8i52s/firefox/firefox-bin
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             290671 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG                0,1              39187 /memfd:mozilla-ipc
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             290682 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             292282 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             292281 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291724 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             289423 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             292280 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             292279 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             289422 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             289421 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             292278 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             292277 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291723 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291722 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291719 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291718 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             289420 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             292276 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             289419 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291717 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             292275 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291716 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             290681 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291715 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             289415 /i915
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    525648  3962305 /usr/lib/x86_64-linux-gnu/libigdgmm.so.11.3.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   8054944  4194650 /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    274080  3935782 /usr/lib/x86_64-linux-gnu/libgomp.so.1.0.0
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291714 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             290680 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291713 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             292274 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             291712 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             290679 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             290677 /i915
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     52312  3948240 /usr/lib/x86_64-linux-gnu/libnuma.so.1.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     46912  3939349 /usr/lib/x86_64-linux-gnu/libogg.so.0.8.4
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     69136  3939225 /usr/lib/x86_64-linux-gnu/libOpenCL.so.1.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     18440  3939422 /usr/lib/x86_64-linux-gnu/libvdpau.so.1.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     27272  3936746 /usr/lib/x86_64-linux-gnu/libva-x11.so.2.1300.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    215960  3939383 /usr/lib/x86_64-linux-gnu/libsoxr.so.0.1.2
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     63728  3956930 /usr/lib/x86_64-linux-gnu/libmfx.so.1.35
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    691200  3939669 /usr/lib/x86_64-linux-gnu/libxvidcore.so.4.3
RDD\x20Pr 25298 darkspirit  mem       REG              254,0  16132800  3939667 /usr/lib/x86_64-linux-gnu/libx265.so.199
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1867928  3939361 /usr/lib/x86_64-linux-gnu/libx264.so.160
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    694248  3939358 /usr/lib/x86_64-linux-gnu/libvorbisenc.so.2.0.12
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    178088  3939355 /usr/lib/x86_64-linux-gnu/libvorbis.so.0.4.9
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    107184  3943386 /usr/lib/x86_64-linux-gnu/libvo-amrwbenc.so.0.0.4
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    128936  3939656 /usr/lib/x86_64-linux-gnu/libtwolame.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    125080  3939651 /usr/lib/x86_64-linux-gnu/libtheoradec.so.1.1.4
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    243864  3939652 /usr/lib/x86_64-linux-gnu/libtheoraenc.so.1.1.2
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    104336  3939645 /usr/lib/x86_64-linux-gnu/libspeex.so.1.5.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     43136  3939641 /usr/lib/x86_64-linux-gnu/libshine.so.3.0.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    366504  3939353 /usr/lib/x86_64-linux-gnu/libopus.so.0.8.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    375232  3939471 /usr/lib/x86_64-linux-gnu/libopenjp2.so.2.4.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    170040  3950259 /usr/lib/x86_64-linux-gnu/libopencore-amrnb.so.0.0.3
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    301032  3939469 /usr/lib/x86_64-linux-gnu/libmp3lame.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     59400  3939467 /usr/lib/x86_64-linux-gnu/libgsm.so.1.0.18
RDD\x20Pr 25298 darkspirit  mem       REG              254,0  14536952  3939463 /usr/lib/x86_64-linux-gnu/libcodec2.so.0.9
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   5650232  3936748 /usr/lib/x86_64-linux-gnu/libaom.so.3.2.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     39320  3939643 /usr/lib/x86_64-linux-gnu/libsnappy.so.1.1.8
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    585272  3939680 /usr/lib/x86_64-linux-gnu/libzvbi.so.0.13.2
RDD\x20Pr 25298 darkspirit  mem       REG              254,0  10594864  3943461 /usr/lib/x86_64-linux-gnu/librsvg-2.so.2.47.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     83952  3950261 /usr/lib/x86_64-linux-gnu/libopencore-amrwb.so.0.0.3
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1310720  3936754 /usr/lib/x86_64-linux-gnu/libdav1d.so.5.1.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     71952  3955214 /usr/lib/x86_64-linux-gnu/libaribb24.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    416344  3936792 /usr/lib/x86_64-linux-gnu/libwebp.so.6.0.2
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     43296  3936794 /usr/lib/x86_64-linux-gnu/libwebpmux.so.3.0.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   3164232  3936753 /usr/lib/x86_64-linux-gnu/libvpx.so.7.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    674704  3936734 /usr/lib/x86_64-linux-gnu/libavutil.so.56.70.100
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    133112  3936645 /usr/lib/x86_64-linux-gnu/libswresample.so.3.9.100
RDD\x20Pr 25298 darkspirit  mem       REG              254,0  14707936  3936633 /usr/lib/x86_64-linux-gnu/libavcodec.so.58.134.100
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   2326224 18743299 /tmp/tmpgcu8i52s/firefox/libmozavcodec.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    259048 18743359 /tmp/tmpgcu8i52s/firefox/libmozavutil.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    178736  3939421 /usr/lib/x86_64-linux-gnu/libva.so.2.1300.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     14504  3936743 /usr/lib/x86_64-linux-gnu/libva-drm.so.2.1300.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1310728  6291789 /home/darkspirit/.cache/mesa_shader_cache/index
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     47576  3942948 /usr/lib/x86_64-linux-gnu/libnss_files-2.32.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0  28407344  3941396 /usr/lib/x86_64-linux-gnu/libicudata.so.67.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1988784  3944715 /usr/lib/x86_64-linux-gnu/libicuuc.so.67.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1758296  3934840 /usr/lib/x86_64-linux-gnu/libxml2.so.2.9.12
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    187792  3937137 /usr/lib/x86_64-linux-gnu/libtinfo.so.6.2
RDD\x20Pr 25298 darkspirit  mem       REG              254,0  23065800  3935417 /usr/lib/x86_64-linux-gnu/libz3.so.4
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    212544  3935227 /usr/lib/x86_64-linux-gnu/libedit.so.2.0.68
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    387672  3938923 /usr/lib/x86_64-linux-gnu/libvulkan.so.1.2.189
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    105008  3938960 /usr/lib/x86_64-linux-gnu/libelf-0.185.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0  96665392  3935807 /usr/lib/x86_64-linux-gnu/libLLVM-12.so.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0  24542296  4194648 /usr/lib/x86_64-linux-gnu/dri/iris_dri.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    227576  3937029 /usr/lib/x86_64-linux-gnu/libglapi.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     39224  3934770 /usr/lib/x86_64-linux-gnu/libdrm_nouveau.so.2.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     55488  3934767 /usr/lib/x86_64-linux-gnu/libdrm_radeon.so.1.0.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     59808  3939896 /usr/lib/x86_64-linux-gnu/libsensors.so.5.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     89672  3956920 /usr/lib/x86_64-linux-gnu/libwayland-server.so.0.1.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     80600  3934777 /usr/lib/x86_64-linux-gnu/libdrm.so.2.4.0
RDD\x20Pr 25298 darkspirit  DEL       REG                0,1              36612 /memfd:mozilla-ipc
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    169912  3941880 /usr/lib/x86_64-linux-gnu/libdbus-glib-1.so.2.3.5
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     22976  3939403 /usr/lib/x86_64-linux-gnu/libXtst.so.6.1.0
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             290670 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             290669 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             290668 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             289418 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             289417 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG                0,1              36677 /memfd:mozilla-ipc
RDD\x20Pr 25298 darkspirit  mem       REG              254,0 194412696 18743355 /tmp/tmpgcu8i52s/firefox/libxul.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    153672  3935106 /usr/lib/x86_64-linux-gnu/libgpg-error.so.0.32.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     47312  3937777 /usr/lib/x86_64-linux-gnu/libmd.so.0.0.5
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1288184  3936860 /usr/lib/x86_64-linux-gnu/libgcrypt.so.20.3.4
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     38864  3936058 /usr/lib/x86_64-linux-gnu/libcap.so.2.44
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    137568  3933164 /usr/lib/x86_64-linux-gnu/liblz4.so.1.9.3
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    890800  3936338 /usr/lib/x86_64-linux-gnu/libzstd.so.1.4.8
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    158400  3932190 /usr/lib/x86_64-linux-gnu/liblzma.so.5.2.5
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     84064  3937148 /usr/lib/x86_64-linux-gnu/libbsd.so.0.11.3
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    137400  3939016 /usr/lib/x86_64-linux-gnu/libbrotlicommon.so.1.0.9
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     34736  3942416 /usr/lib/x86_64-linux-gnu/libdatrie.so.1.4.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    617128  3934363 /usr/lib/x86_64-linux-gnu/libpcre2-8.so.0.10.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    343040  3935824 /usr/lib/x86_64-linux-gnu/libblkid.so.1.1.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    799592  3934500 /usr/lib/x86_64-linux-gnu/libsystemd.so.0.32.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     22728  3939370 /usr/lib/x86_64-linux-gnu/libXdmcp.so.6.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     14496  3939368 /usr/lib/x86_64-linux-gnu/libXau.so.6.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     51384  3939017 /usr/lib/x86_64-linux-gnu/libbrotlidec.so.1.0.9
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     30776  3935761 /usr/lib/x86_64-linux-gnu/libuuid.so.1.3.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    190616  3932841 /usr/lib/x86_64-linux-gnu/libexpat.so.1.8.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    174264  3939622 /usr/lib/x86_64-linux-gnu/libgraphite2.so.3.2.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    464848  3935577 /usr/lib/x86_64-linux-gnu/libpcre.so.3.13.3
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     47608  3935843 /usr/lib/x86_64-linux-gnu/libffi.so.8.1.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     41000  3937054 /usr/lib/x86_64-linux-gnu/libthai.so.0.3.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     93000  3942952 /usr/lib/x86_64-linux-gnu/libresolv-2.32.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    166120  3939417 /usr/lib/x86_64-linux-gnu/libselinux.so.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    395904  3934940 /usr/lib/x86_64-linux-gnu/libmount.so.1.1.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    239864  3932874 /usr/lib/x86_64-linux-gnu/libatspi.so.0.0.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    338072  3939306 /usr/lib/x86_64-linux-gnu/libdbus-1.so.3.19.13
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    534528  3936716 /usr/lib/x86_64-linux-gnu/libjpeg.so.62.3.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    113088  3934374 /usr/lib/x86_64-linux-gnu/libz.so.1.2.11
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     39480  3939459 /usr/lib/x86_64-linux-gnu/libXrender.so.1.3.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     55576  3939455 /usr/lib/x86_64-linux-gnu/libxcb-render.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     14408  3939457 /usr/lib/x86_64-linux-gnu/libxcb-shm.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    231344  3939434 /usr/lib/x86_64-linux-gnu/libpng16.so.16.37.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    694288  3939452 /usr/lib/x86_64-linux-gnu/libpixman-1.so.0.40.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    170936  3939372 /usr/lib/x86_64-linux-gnu/libxcb.so.1.1.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     81568  3951352 /usr/lib/x86_64-linux-gnu/libXext.so.6.4.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     64840  3956927 /usr/lib/x86_64-linux-gnu/libwayland-client.so.0.3.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     14216  3950800 /usr/lib/x86_64-linux-gnu/libwayland-egl.so.1.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     31136  3936257 /usr/lib/x86_64-linux-gnu/libwayland-cursor.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    281272  3943292 /usr/lib/x86_64-linux-gnu/libxkbcommon.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     14368  3941720 /usr/lib/x86_64-linux-gnu/libXdamage.so.1.1.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     14344  3941716 /usr/lib/x86_64-linux-gnu/libXcomposite.so.1.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     47768  3941718 /usr/lib/x86_64-linux-gnu/libXcursor.so.1.0.2
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     47416  3940986 /usr/lib/x86_64-linux-gnu/libXrandr.so.2.2.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    808872  3934202 /usr/lib/x86_64-linux-gnu/libfreetype.so.6.18.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    281600  3939450 /usr/lib/x86_64-linux-gnu/libfontconfig.so.1.12.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    943840  3939625 /usr/lib/x86_64-linux-gnu/libharfbuzz.so.0.20704.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1252880  3932469 /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0.7000.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    362712  3932471 /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.7000.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    329648  3936857 /usr/lib/x86_64-linux-gnu/libpango-1.0.so.0.4800.10
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     96096  3936855 /usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0.4800.10
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1973488  3932467 /usr/lib/x86_64-linux-gnu/libgio-2.0.so.0.7000.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    108808  3939620 /usr/lib/x86_64-linux-gnu/libfribidi.so.0.4.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1238616  3942427 /usr/lib/x86_64-linux-gnu/libepoxy.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    218856  3935008 /usr/lib/x86_64-linux-gnu/libatk-bridge-2.0.so.0.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    165808  3941545 /usr/lib/x86_64-linux-gnu/libatk-1.0.so.0.23609.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    182456  3933123 /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0.4200.6
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1191528  3939461 /usr/lib/x86_64-linux-gnu/libcairo.so.2.11600.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     42768  3939473 /usr/lib/x86_64-linux-gnu/libcairo-gobject.so.2.11600.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1318408  3942070 /usr/lib/x86_64-linux-gnu/libX11.so.6.4.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1059896  3938077 /usr/lib/x86_64-linux-gnu/libgdk-3.so.0.2404.26
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   8550520  3938078 /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.2404.26
RDD\x20Pr 25298 darkspirit  DEL       REG               0,25             289416 /i915
RDD\x20Pr 25298 darkspirit  DEL       REG                0,1              98347 /SYSV44005658
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     43448  3934773 /usr/lib/x86_64-linux-gnu/libdrm_amdgpu.so.1.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     60368  3941726 /usr/lib/x86_64-linux-gnu/libgbm.so.1.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     13968  3932836 /usr/lib/x86_64-linux-gnu/libX11-xcb.so.1.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     22440 18743354 /tmp/tmpgcu8i52s/firefox/libmozwayland.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    467056 18743365 /tmp/tmpgcu8i52s/firefox/libssl3.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1203216 18743362 /tmp/tmpgcu8i52s/firefox/libmozsqlite3.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    201608 18743304 /tmp/tmpgcu8i52s/firefox/libsmime3.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    821440 18743302 /tmp/tmpgcu8i52s/firefox/libnss3.so
RDD\x20Pr 25298 darkspirit  DEL       REG                0,1              39169 /memfd:mozilla-ipc
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     14496  3941722 /usr/lib/x86_64-linux-gnu/libXinerama.so.1.0.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     26688  3939418 /usr/lib/x86_64-linux-gnu/libXfixes.so.3.1.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     76192  3945128 /usr/lib/x86_64-linux-gnu/libXi.so.6.1.0
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    225400 18743343 /tmp/tmpgcu8i52s/firefox/libnssutil3.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     39944  3942953 /usr/lib/x86_64-linux-gnu/librt-2.32.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     21424 18743363 /tmp/tmpgcu8i52s/firefox/libplds4.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     26424 18743301 /tmp/tmpgcu8i52s/firefox/libplc4.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    266568 18743348 /tmp/tmpgcu8i52s/firefox/libnspr4.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1839168  3936054 /usr/lib/x86_64-linux-gnu/libc-2.32.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    100736  3935792 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   1325440  3939008 /usr/lib/x86_64-linux-gnu/libm-2.32.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0   2128936  3935805 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.29
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     18688  3939004 /usr/lib/x86_64-linux-gnu/libdl-2.32.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    143184  3942951 /usr/lib/x86_64-linux-gnu/libpthread-2.32.so
RDD\x20Pr 25298 darkspirit  mem       REG               0,14               9305 anon_inode:i915.gem (stat: No such file or directory)
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     63456  3943871 /usr/lib/x86_64-linux-gnu/libpangocairo-1.0.so.0.4800.10
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     18480  3932470 /usr/lib/x86_64-linux-gnu/libgmodule-2.0.so.0.7000.1
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     15424 18743321 /tmp/tmpgcu8i52s/firefox/libmozgtk.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0     55360 18743347 /tmp/tmpgcu8i52s/firefox/liblgpllibs.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    158136 18743352 /tmp/tmpgcu8i52s/firefox/libmozsandbox.so
RDD\x20Pr 25298 darkspirit  mem       REG              254,0    177936  3932985 /usr/lib/x86_64-linux-gnu/ld-2.32.so
RDD\x20Pr 25298 darkspirit    0w      CHR                1,3       0t0        4 /dev/null
RDD\x20Pr 25298 darkspirit    1w     FIFO               0,13       0t0  1741593 pipe
RDD\x20Pr 25298 darkspirit    2w     FIFO               0,13       0t0  1741593 pipe
RDD\x20Pr 25298 darkspirit    3u     unix 0x0000000033a642af       0t0  1744958 type=STREAM
RDD\x20Pr 25298 darkspirit    4u     unix 0x00000000c7d839f2       0t0  1744100 type=SEQPACKET
RDD\x20Pr 25298 darkspirit    5u     unix 0x0000000040d6eb7d       0t0  1744103 type=SEQPACKET
RDD\x20Pr 25298 darkspirit    6r     0000               0,10  12582912  1751896 /dmabuf:
RDD\x20Pr 25298 darkspirit    7w     FIFO               0,13       0t0  1746134 pipe
RDD\x20Pr 25298 darkspirit    8r     0000               0,10  12582912  1761119 /dmabuf:
RDD\x20Pr 25298 darkspirit    9r     FIFO               0,13       0t0  1745118 pipe
RDD\x20Pr 25298 darkspirit   10u     unix 0x0000000089c1854b       0t0  1747294 type=STREAM
RDD\x20Pr 25298 darkspirit   11u  a_inode               0,14         0     9305 [eventpoll]
RDD\x20Pr 25298 darkspirit   12r     FIFO               0,13       0t0  1746320 pipe
RDD\x20Pr 25298 darkspirit   13w     FIFO               0,13       0t0  1746320 pipe
RDD\x20Pr 25298 darkspirit   14r     FIFO               0,13       0t0  1746321 pipe
RDD\x20Pr 25298 darkspirit   15w     FIFO               0,13       0t0  1746321 pipe
RDD\x20Pr 25298 darkspirit   16r      REG                0,1    233077    36612 /memfd:mozilla-ipc (deleted)
RDD\x20Pr 25298 darkspirit   17w     FIFO               0,13       0t0  1745118 pipe
RDD\x20Pr 25298 darkspirit   18u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   19r     FIFO               0,13       0t0  1747296 pipe
RDD\x20Pr 25298 darkspirit   20w     FIFO               0,13       0t0  1747296 pipe
RDD\x20Pr 25298 darkspirit   21u      CHR            226,128       0t0      201 /dev/dri/renderD128
RDD\x20Pr 25298 darkspirit   22u     unix 0x000000002af2d5e3       0t0  1746328 type=STREAM
RDD\x20Pr 25298 darkspirit   23u      CHR            226,128       0t0      201 /dev/dri/renderD128
RDD\x20Pr 25298 darkspirit   24u      CHR            226,128       0t0      201 /dev/dri/renderD128
RDD\x20Pr 25298 darkspirit   25u      CHR            226,128       0t0      201 /dev/dri/renderD128
RDD\x20Pr 25298 darkspirit   26r     0000               0,10  12582912  1751897 /dmabuf:
RDD\x20Pr 25298 darkspirit   27u     unix 0x0000000083106221       0t0  1746325 type=SEQPACKET
RDD\x20Pr 25298 darkspirit   28r     0000               0,10  12582912  1751897 /dmabuf:
RDD\x20Pr 25298 darkspirit   29r     0000               0,10  12582912  1747744 /dmabuf:
RDD\x20Pr 25298 darkspirit   30u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   31r     0000               0,10  12582912  1751898 /dmabuf:
RDD\x20Pr 25298 darkspirit   32u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   33r     0000               0,10  12582912  1761119 /dmabuf:
RDD\x20Pr 25298 darkspirit   34r     0000               0,10  12582912  1761120 /dmabuf:
RDD\x20Pr 25298 darkspirit   35r     0000               0,10  12582912  1751896 /dmabuf:
RDD\x20Pr 25298 darkspirit   36u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   37u     unix 0x000000003ae5dd82       0t0  1746599 type=STREAM
RDD\x20Pr 25298 darkspirit   38r     0000               0,10   1572864  1747975 /dmabuf:
RDD\x20Pr 25298 darkspirit   39u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   41r     0000               0,10   1572864  1747975 /dmabuf:
RDD\x20Pr 25298 darkspirit   42r     0000               0,10   1572864  1747977 /dmabuf:
RDD\x20Pr 25298 darkspirit   43r     0000               0,10  12582912  1747744 /dmabuf:
RDD\x20Pr 25298 darkspirit   44u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   45r     0000               0,10   1572864  1747977 /dmabuf:
RDD\x20Pr 25298 darkspirit   47u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   48u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   49u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   50r     0000               0,10  12582912  1751898 /dmabuf:
RDD\x20Pr 25298 darkspirit   51r     0000               0,10  12582912  1761120 /dmabuf:
RDD\x20Pr 25298 darkspirit   52u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   55u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   58u  a_inode               0,14         0     9305 [eventfd]
RDD\x20Pr 25298 darkspirit   61u  a_inode               0,14         0     9305 [eventfd]

$ vainfo
libva info: VA-API version 1.13.0
libva info: Trying to open /usr/lib/x86_64-linux-gnu/dri/iHD_drv_video.so
libva info: Found init function __vaDriverInit_1_13
libva info: va_openDriver() returns 0
vainfo: VA-API version: 1.13 (libva 2.12.0)
vainfo: Driver version: Intel iHD driver for Intel(R) Gen Graphics - 21.4.0 ()
vainfo: Supported profile and entrypoints
      VAProfileMPEG2Simple            :	VAEntrypointVLD
      VAProfileMPEG2Main              :	VAEntrypointVLD
      VAProfileH264Main               :	VAEntrypointVLD
      VAProfileH264High               :	VAEntrypointVLD
      VAProfileJPEGBaseline           :	VAEntrypointVLD
      VAProfileH264ConstrainedBaseline:	VAEntrypointVLD
      VAProfileVP8Version0_3          :	VAEntrypointVLD
Attached image firefox-nightly-vaapi.png (deleted) —

For some reason it worked today. Not sure what happened yesterday (maybe needed to be restarted?).

I can confirm vaapi is working (see attached) on i7-1165G7. In the current stable the CPU on that video is ~20% and video is 0%. With this vaapi build the CPU is around 8% and GPU video decoder at about 1%.

Attachment #9250318 - Attachment is obsolete: true
Flags: needinfo?(jld)

The black screen thing is happening again. I also tried it on the regular nightly and it works fine until I enable vaapi settings, then I get a black screen. Not sure what is going on.

On 32-bit x86, Linux originally used a single system call, ipc(2), for
all SysV IPC. This is similar to socketcall(2), but the arguments are
passed directly (shifted by one position) instead of indirected via
a pointer, so seccomp-bpf can filter them normally. Also similar to
socketcall(2), individual syscalls were added later (in kernel 5.1,
vs. 4.3 for socket calls), so the policy needs to handle both of them,
adjusting argument offsets as needed. This patch adds an argument to
EvaluateIpcCall to allow that.

Minor functional changes:

  1. fcntl F_DUPFD_CLOEXEC is now allowed everywhere instead of just
    content. It's the obvious (and maybe only? and probably only portable)
    way for a library to dup and atomically set the close-on-exec flag, and
    appears harmless.

  2. ioctls used by the isatty function are denied with ENOTTY by
    default in all processes, instead of being treated as an invalid syscall,
    and this now applies to TIOCGWINSZ (used by musl) as well as TCGETS
    (used by glibc). Nothing new is allowed here; it's just that this is
    treated as an expected denial.

  3. Getting the real or effective user or group ID is allowed everywhere.
    Every process type except RDD previously did, and RDD soon will. See
    also the new comment about why GMP may not always need it, but that it's
    not very meaningful to block.

Refactoring, no functional change intended:

  1. The policy for the kcmp syscall as used by Mesa's amdgpu driver
    is now in a protected method of SandboxPolicyCommon, but is used only in
    the content process as previously. A later patch will also apply it to
    the RDD process, so this avoids code duplication.

Changes:

  1. For the intel drivers on newer hardware, access to SysV IPC
    is granted. There is a slight restriction: semget and shmget are
    restricted to the fixed key_t value used by the driver; however, the
    other calls take shm/sem identifiers, which are dynamically assigned
    and globally scoped, so an attacker could still access other resources.
    This is considered a reasonable tradeoff for not needing to allow this
    (or, eventually, any GPU access) in the content process, which is much
    easier for malicious content to attack than RDD.

  2. Access to devices in /dev/dri and the DRM_IOCTL_* ioctls (type 'd').

  3. Read access to the parts of sysfs used by Mesa to do device detection;
    again, given the choice we'd rather allow this in RDD than content.

  4. Read access to directories containing libraries, for plugin loading.

  5. Allowing kcmp in the special case of comparing the process's
    own fds, for amdgpu (already allowed for content).

  6. The eventfd2 syscall, which we use in connection with dma-buf.

The previous patches mean that VA-API shouldn't cause sandbox violations
in the RDD process, so there's no need to lock it out.

This patch does not change the prefs to enable it
(media.rdd-ffmpeg.enabled and media.ffmpeg.vaapi.enabled), but now
those prefs will be honored if they are flipped, to allow testing.

Crash Signature: [@ @0x0 | iHD_drv_video.so@0x42d3ba] [@ arena_dalloc | replace_free | mozilla::FFmpegVideoDecoder<T>::InitVAAPIDecoder] [@ semget]
Pushed by jedavis@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/7d72f6cb71a2 Allow filtering SysV IPC call arguments. r=gcp https://hg.mozilla.org/integration/autoland/rev/f18d6c08d0e7 Move several pieces of the seccomp-bpf policies into SandboxPolicyCommon. r=gcp https://hg.mozilla.org/integration/autoland/rev/d7b6bccb7b7a Loosen the RDD sandbox policy to support VA-API (including Intel VCS2). r=gcp https://hg.mozilla.org/integration/autoland/rev/669ca27af67f Allow using VA-API in the RDD process. r=alwu,stransky

Great, Thanks!
Changed tracker as it primary affects va-api playback (egl-linux-vaapi) and not gpu process itself.

Blocks: egl-linux-vaapi
No longer blocks: 1683808
Crash Signature: [@ @0x0 | iHD_drv_video.so@0x42d3ba] [@ arena_dalloc | replace_free | mozilla::FFmpegVideoDecoder<T>::InitVAAPIDecoder] [@ semget] → [@ @0x0 | iHD_drv_video.so@0x42d3ba] [@ arena_dalloc | replace_free | mozilla::FFmpegVideoDecoder<T>::InitVAAPIDecoder] [@ semget]
Blocks: 1743638
Blocks: 1743647
No longer blocks: 1742993
Blocks: 1744037
Regressions: 1749609
No longer regressions: 1749609
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: