JoJo
/
LeOSium_webview
1
0
Fork 0
Code Pull Requests Packages Projects Releases 2 Wiki Activity
LeOSium_webview/LeOS/patches/AImageReader-CFI-crash-miti...

261 lines
10 KiB
Diff
Raw Permalink Normal View History

creation
2023-11-18 11:46:19 +01:00
From: csagan5 <32685696+csagan5@users.noreply.github.com>
Date: Tue, 5 May 2020 07:22:20 +0200
Subject: AImageReader CFI crash mitigations
Revert "gpu/android: Remove setup for disabling AImageReader."
This reverts commit dcd5a39518246eb999f1cc63bf1ec95d93fd5b2f.
Revert "Remove flags to enable/disable AImageReader."
This reverts commit 463fa0f2e3b9e418bc26e2c8954463f0b0f76634.
Restore GPU bug blacklist for AImageReader on ARM and Qualcomm CPUs
Restore the AImageReader blacklist for ARM/Qualcomm chipsets which causes
crashes on Android 9 and 10 (at different code locations).
See discussions at:
* https://github.com/bromite/bromite/issues/445
* https://github.com/bromite/bromite/issues/814
* https://github.com/bromite/bromite/issues/1005
License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html
---
base/android/android_image_reader_compat.cc | 8 +++++++-
base/android/android_image_reader_compat.h | 4 ++++
chrome/browser/flag-metadata.json | 6 +++---
gpu/config/gpu_driver_bug_list.json | 16 ++++++++++++++++
gpu/config/gpu_finch_features.cc | 5 +++++
gpu/config/gpu_finch_features.h | 1 +
gpu/config/gpu_util.cc | 8 ++++++++
gpu/config/gpu_workaround_list.txt | 1 +
gpu/ipc/service/gpu_init.cc | 7 +++++++
gpu/ipc/service/stream_texture_android.cc | 11 ++++++++++-
media/base/media_switches.cc | 5 +++++
media/base/media_switches.h | 1 +
12 files changed, 68 insertions(+), 5 deletions(-)
diff --git a/base/android/android_image_reader_compat.cc b/base/android/android_image_reader_compat.cc
--- a/base/android/android_image_reader_compat.cc
+++ b/base/android/android_image_reader_compat.cc
@@ -23,6 +23,8 @@
namespace base {
namespace android {
+bool AndroidImageReader::disable_support_ = false;
+
AndroidImageReader& AndroidImageReader::GetInstance() {
// C++11 static local variable initialization is
// thread-safe.
@@ -30,8 +32,12 @@ AndroidImageReader& AndroidImageReader::GetInstance() {
return instance;
}
+void AndroidImageReader::DisableSupport() {
+ disable_support_ = true;
+}
+
bool AndroidImageReader::IsSupported() {
- return is_supported_;
+ return !disable_support_ && is_supported_;
}
AndroidImageReader::AndroidImageReader() : is_supported_(LoadFunctions()) {}
diff --git a/base/android/android_image_reader_compat.h b/base/android/android_image_reader_compat.h
--- a/base/android/android_image_reader_compat.h
+++ b/base/android/android_image_reader_compat.h
@@ -24,6 +24,9 @@ class BASE_EXPORT AndroidImageReader {
AndroidImageReader(const AndroidImageReader&) = delete;
AndroidImageReader& operator=(const AndroidImageReader&) = delete;
+ // Disable image reader support.
+ static void DisableSupport();
+
// Check if the image reader usage is supported. This function returns TRUE
// if android version is >=OREO, image reader support is not disabled and all
// the required functions are loaded.
@@ -61,6 +64,7 @@ class BASE_EXPORT AndroidImageReader {
jobject ANativeWindow_toSurface(JNIEnv* env, ANativeWindow* window);
private:
+ static bool disable_support_;
friend class base::NoDestructor<AndroidImageReader>;
AndroidImageReader();
diff --git a/chrome/browser/flag-metadata.json b/chrome/browser/flag-metadata.json
--- a/chrome/browser/flag-metadata.json
+++ b/chrome/browser/flag-metadata.json
@@ -3023,9 +3023,9 @@
"expiry_milestone": 125
},
{
- "name": "enable-image-reader",
- "owners": [ "vikassoni", "liberato" ],
- "expiry_milestone": 125
+ "name": "enable-image-reader", // Bromite: do not expire
+ "owners": [ "vikassoni", "liberato" ], // flag
+ "expiry_milestone": -1
},
{
"name": "enable-immersive-fullscreen-toolbar",
diff --git a/gpu/config/gpu_driver_bug_list.json b/gpu/config/gpu_driver_bug_list.json
--- a/gpu/config/gpu_driver_bug_list.json
+++ b/gpu/config/gpu_driver_bug_list.json
@@ -3212,6 +3212,22 @@
"no_downscaled_overlay_promotion"
]
},
+ {
+ "id":335,
+ "cr_bugs": [1051705],
+ "description": "Disable AImageReader on ARM GPUs",
+ "os": {
+ "type": "android",
+ "version": {
+ "op": "<",
+ "value": "10"
+ }
+ },
+ "gl_vendor": "ARM.*|Qualcomm.*",
+ "features": [
+ "disable_aimagereader"
+ ]
+ },
{
"id": 381,
"cr_bugs": [
diff --git a/gpu/config/gpu_finch_features.cc b/gpu/config/gpu_finch_features.cc
--- a/gpu/config/gpu_finch_features.cc
+++ b/gpu/config/gpu_finch_features.cc
@@ -70,6 +70,11 @@ BASE_FEATURE(kUseGles2ForOopR,
#endif
);
+
+// Use android AImageReader when playing videos with MediaPlayer.
+const base::Feature kAImageReaderMediaPlayer{"AImageReaderMediaPlayer",
+ base::FEATURE_ENABLED_BY_DEFAULT};
+
#if BUILDFLAG(IS_ANDROID)
// Use android SurfaceControl API for managing display compositor's buffer queue
// and using overlays on Android. Also used by webview to disable surface
diff --git a/gpu/config/gpu_finch_features.h b/gpu/config/gpu_finch_features.h
--- a/gpu/config/gpu_finch_features.h
+++ b/gpu/config/gpu_finch_features.h
@@ -22,6 +22,7 @@ namespace features {
GPU_EXPORT BASE_DECLARE_FEATURE(kUseGles2ForOopR);
// All features in alphabetical order. The features should be documented
+GPU_EXPORT extern const base::Feature kAImageReaderMediaPlayer;
// alongside the definition of their values in the .cc file.
#if BUILDFLAG(IS_ANDROID)
GPU_EXPORT BASE_DECLARE_FEATURE(kAndroidSurfaceControl);
diff --git a/gpu/config/gpu_util.cc b/gpu/config/gpu_util.cc
--- a/gpu/config/gpu_util.cc
+++ b/gpu/config/gpu_util.cc
@@ -122,6 +122,9 @@ GpuFeatureStatus GetAndroidSurfaceControlFeatureStatus(
#if !BUILDFLAG(IS_ANDROID)
return kGpuFeatureStatusDisabled;
#else
+ if (blocklisted_features.count(GPU_FEATURE_TYPE_ANDROID_SURFACE_CONTROL))
+ return kGpuFeatureStatusBlocklisted;
+
if (!gpu_preferences.enable_android_surface_control)
return kGpuFeatureStatusDisabled;
@@ -347,6 +350,11 @@ void AdjustGpuFeatureStatusToWorkarounds(GpuFeatureInfo* gpu_feature_info) {
gpu_feature_info->status_values[GPU_FEATURE_TYPE_CANVAS_OOP_RASTERIZATION] =
kGpuFeatureStatusBlocklisted;
}
+
+ if (gpu_feature_info->IsWorkaroundEnabled(DISABLE_AIMAGEREADER)) {
+ gpu_feature_info->status_values[GPU_FEATURE_TYPE_ANDROID_SURFACE_CONTROL] =
+ kGpuFeatureStatusBlocklisted;
+ }
}
// Estimates roughly user total disk space by counting in the drives where
diff --git a/gpu/config/gpu_workaround_list.txt b/gpu/config/gpu_workaround_list.txt
--- a/gpu/config/gpu_workaround_list.txt
+++ b/gpu/config/gpu_workaround_list.txt
@@ -13,6 +13,7 @@ count_all_in_varyings_packing
decode_encode_srgb_for_generatemipmap
disable_2d_canvas_auto_flush
disable_accelerated_av1_decode
+disable_aimagereader
disable_accelerated_av1_encode
disable_accelerated_h264_decode
disable_accelerated_h264_encode
diff --git a/gpu/ipc/service/gpu_init.cc b/gpu/ipc/service/gpu_init.cc
--- a/gpu/ipc/service/gpu_init.cc
+++ b/gpu/ipc/service/gpu_init.cc
@@ -628,6 +628,13 @@ bool GpuInit::InitializeAndStartSandbox(base::CommandLine* command_line,
}
#endif // BUILDFLAG(IS_WIN)
+#if BUILDFLAG(IS_ANDROID)
+ // Disable AImageReader if the workaround is enabled.
+ if (gpu_feature_info_.IsWorkaroundEnabled(DISABLE_AIMAGEREADER)) {
+ base::android::AndroidImageReader::DisableSupport();
+ }
+#endif
+
if (gpu_feature_info_.status_values[GPU_FEATURE_TYPE_VULKAN] !=
kGpuFeatureStatusEnabled ||
!InitializeVulkan()) {
diff --git a/gpu/ipc/service/stream_texture_android.cc b/gpu/ipc/service/stream_texture_android.cc
--- a/gpu/ipc/service/stream_texture_android.cc
+++ b/gpu/ipc/service/stream_texture_android.cc
@@ -6,6 +6,7 @@
#include <string.h>
+#include "base/android/android_image_reader_compat.h"
#include "base/android/scoped_hardware_buffer_fence_sync.h"
#include "base/feature_list.h"
#include "base/functional/bind.h"
@@ -50,7 +51,15 @@ std::unique_ptr<ui::ScopedMakeCurrent> MakeCurrent(
}
TextureOwner::Mode GetTextureOwnerMode() {
- return features::IsAImageReaderEnabled()
+ const bool a_image_reader_supported =
+ base::android::AndroidImageReader::GetInstance().IsSupported();
+
+ // TODO(vikassoni) : Currently we have 2 different flags to enable/disable
+ // AImageReader - one for MCVD and other for MediaPlayer here. Merge those 2
+ // flags into a single flag. Keeping the 2 flags separate for now since finch
+ // experiment using this flag is in progress.
+ return a_image_reader_supported && features::IsAImageReaderEnabled() &&
+ base::FeatureList::IsEnabled(features::kAImageReaderMediaPlayer)
? TextureOwner::Mode::kAImageReaderInsecure
: TextureOwner::Mode::kSurfaceTextureInsecure;
}
diff --git a/media/base/media_switches.cc b/media/base/media_switches.cc
--- a/media/base/media_switches.cc
+++ b/media/base/media_switches.cc
@@ -1018,6 +1018,11 @@ BASE_FEATURE(kHardwareSecureDecryptionExperiment,
// Allows automatically disabling hardware secure Content Decryption Module
// (CDM) after failures or crashes to fallback to software secure CDMs. If this
// feature is disabled, the fallback will never happen and users could be stuck
+// Enables the Android Image Reader path for Video decoding(for AVDA and MCVD)
+BASE_FEATURE(kAImageReaderVideoOutput,
+ "AImageReaderVideoOutput",
+ base::FEATURE_ENABLED_BY_DEFAULT);
+
// in playback failures.
BASE_FEATURE(kHardwareSecureDecryptionFallback,
"HardwareSecureDecryptionFallback",
diff --git a/media/base/media_switches.h b/media/base/media_switches.h
--- a/media/base/media_switches.h
+++ b/media/base/media_switches.h
@@ -347,6 +347,7 @@ MEDIA_EXPORT BASE_DECLARE_FEATURE(kVideoBlitColorAccuracy);
MEDIA_EXPORT BASE_DECLARE_FEATURE(kVideoToolboxVideoDecoder);
#endif // BUILDFLAG(IS_APPLE)
MEDIA_EXPORT BASE_DECLARE_FEATURE(kWebRTCColorAccuracy);
+MEDIA_EXPORT BASE_DECLARE_FEATURE(kAImageReaderVideoOutput);
MEDIA_EXPORT BASE_DECLARE_FEATURE(kVp9kSVCHWDecoding);
MEDIA_EXPORT BASE_DECLARE_FEATURE(kWebContentsCaptureHiDpi);
MEDIA_EXPORT BASE_DECLARE_FEATURE(kWebrtcMediaCapabilitiesParameters);
--
2.25.1