Bug 188002

Summary: [Flatpak] Pass more environment variables to sandbox
Product: WebKit Reporter: Charlie Turner <cturner>
Component: Tools / TestsAssignee: Charlie Turner <cturner>
Status: RESOLVED FIXED    
Severity: Normal CC: aperez, bugs-noreply, commit-queue, lforschler, mcatanzaro, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
none
Patch none

Description Charlie Turner 2018-07-25 07:15:33 PDT 
[Flatpak] Pass environment variables starting with WEBKIT to sandbox
Comment 1 Charlie Turner 2018-07-25 07:22:41 PDT 
Created attachment 345757 [details]
Patch
Comment 2 Adrian Perez 2018-07-25 07:42:27 PDT 
Comment on attachment 345757 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=345757&action=review

Reviewing informally... I have a comment about this, please read below.

> Tools/flatpak/flatpakutils.py:683
> +                if envvar.split("_")[0] in ("GST", "GTK", "G", "WEBKIT", "WEBKIT2") or \

I would also add variables with the WPE_ prefix. At least WPEBackend checks
WPE_BACKEND_LIBRARY in developer mode builds, and WPEBackend-rdk also picks
some variables from the environment like WPE_INIT_VIEW_{WIDTH,HEIGHT} and
WPE_BCMRPI_{TOUCH,CURSOR}.
Comment 3 Charlie Turner 2018-07-25 07:53:42 PDT 
Created attachment 345759 [details]
Patch

Thanks for the review Adrian, WPE_ prefixed variables are passed through as well now
Comment 4 Michael Catanzaro 2018-07-25 07:55:55 PDT 
I think we should just pass through the entire environment. Look at https://trac.webkit.org/wiki/EnvironmentVariables. We also need at least GIGACAGE_ENABLED, JavaScriptCoreUseJIT, and Malloc.

What still  uses WEBKIT2? Any such environment variable should probably be renamed.
Comment 5 Adrian Perez 2018-07-25 08:25:19 PDT 
(In reply to Michael Catanzaro from comment #4)
> I think we should just pass through the entire environment. Look at
> https://trac.webkit.org/wiki/EnvironmentVariables. We also need at least
> GIGACAGE_ENABLED, JavaScriptCoreUseJIT, and Malloc.
> 
> What still  uses WEBKIT2? Any such environment variable should probably be
> renamed.

There's this one for pausing the Web process at launch time:

  % rg 'getenv.*WEBKIT2' Source/
  Source/WebKit/WebProcess/gtk/WebProcessMainGtk.cpp
  49:        if (g_getenv("WEBKIT2_PAUSE_WEB_PROCESS_ON_LAUNCH"))

  Source/WebKit/WebProcess/wpe/WebProcessMainWPE.cpp
  47:        if (g_getenv("WEBKIT2_PAUSE_WEB_PROCESS_ON_LAUNCH"))
  %
Comment 6 Charlie Turner 2018-07-25 08:27:50 PDT 
(In reply to Michael Catanzaro from comment #4)
> I think we should just pass through the entire environment. Look at
> https://trac.webkit.org/wiki/EnvironmentVariables. We also need at least
> GIGACAGE_ENABLED, JavaScriptCoreUseJIT, and Malloc.

My gut feeling is that passing the entire environment would not be a good idea, the sandbox sets up some environment variables of its own, and generally having uncontrolled environment pollution like that sounds a bit risky. I would prefer to just special case the WebKit environment variables as needed, even if there are a lot of special cases.

> 
> What still  uses WEBKIT2? Any such environment variable should probably be
> renamed.

WEBKIT2_PAUSE_WEB_PROCESS_ON_LAUNCH is the only one I can find.
Comment 7 Michael Catanzaro 2018-07-25 08:40:28 PDT 
(In reply to Charlie Turner from comment #6)
> My gut feeling is that passing the entire environment would not be a good
> idea, the sandbox sets up some environment variables of its own, and
> generally having uncontrolled environment pollution like that sounds a bit
> risky. I would prefer to just special case the WebKit environment variables
> as needed, even if there are a lot of special cases.

OK

(In reply to Charlie Turner from comment #6)
> WEBKIT2_PAUSE_WEB_PROCESS_ON_LAUNCH is the only one I can find.

We can consider in another bug whether it's better to rename, or if the cost of breaking old tutorials is too high.
Comment 8 Charlie Turner 2018-07-25 09:01:38 PDT 
Created attachment 345761 [details]
Patch
Comment 9 Adrian Perez 2018-07-25 09:13:40 PDT 
FWIW, I agree with Charlie that it's better to pass a controlled
and well-known set of environment variables. Otherwise we may run
into the kind of weird situations which containers and sandboxing
are supposed to fix.

As a matter of fact, I would go as far as reporting which environment
variables are being copied inside the sandbox before entering the
Flatpak environment. That would help replicate the running conditions
reported e.g. by other developers or build bots, for debugging. It can
also help developers notice that they are unintentionally setting
variables.
Comment 10 WebKit Commit Bot 2018-07-25 09:58:36 PDT 
The commit-queue encountered the following flaky tests while processing attachment 345761 [details]:

fast/repaint/canvas-object-fit.html bug 188004 (author: simon.fraser@apple.com)
The commit-queue is continuing to process your patch.
Comment 11 WebKit Commit Bot 2018-07-25 09:59:20 PDT 
Comment on attachment 345761 [details]
Patch

Clearing flags on attachment: 345761

Committed r234199: <https://trac.webkit.org/changeset/234199>
Comment 12 WebKit Commit Bot 2018-07-25 09:59:21 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 13 Radar WebKit Bug Importer 2018-07-25 10:00:27 PDT 
<rdar://problem/42587131>