[tor-commits] [sandboxed-tor-browser/master] Bug #20858: Make OpenGL work in the container with SW rendering.

yawning at torproject.org yawning at torproject.org
Fri Dec 2 09:36:58 UTC 2016 

commit a1c6e6063e7d912fd069c8ad5ee08797be521521
Author: Yawning Angel <yawning at schwanenlied.me>
Date:   Fri Dec 2 08:53:19 2016 +0000

    Bug #20858: Make OpenGL work in the container with SW rendering.
    
    Tested and works on Debian x86_64, Fedora 25.  Software rendering with
    unsandboxed TBB is busted on my Arch system.
---
 .../internal/sandbox/application.go                | 46 +++++++++++++++++++---
 1 file changed, 40 insertions(+), 6 deletions(-)

diff --git a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go
index f04e572..6ce948e 100644
--- a/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go
+++ b/src/cmd/sandboxed-tor-browser/internal/sandbox/application.go
@@ -172,6 +172,9 @@ func RunTorBrowser(cfg *config.Config, manif *config.Manifest, tor *tor.Tor) (cm
 	h.bind(tor.SocksSurrogatePath(), socksPath, false)
 	h.assetFile(stubPath, "tbb_stub.so")
 
+	// Hardware accelerated OpenGL will not work, and never will.
+	h.setenv("LIBGL_ALWAYS_SOFTWARE", "1")
+
 	// Tor Browser currently is incompatible with PaX MPROTECT, apply the
 	// override if needed.
 	realFirefoxPath := filepath.Join(realBrowserHome, "firefox")
@@ -210,10 +213,15 @@ func RunTorBrowser(cfg *config.Config, manif *config.Manifest, tor *tor.Tor) (cm
 			// "libc.so", - Uhhhhh.... wtf?
 			// "libcanberra.so.0", - Not ubiquitous.
 		}
+
+		glExtraLibs, glLibPaths := h.appendRestrictedOpenGL()
+		extraLibs = append(extraLibs, glExtraLibs...)
+		ldLibraryPath = ldLibraryPath + glLibPaths
+
 		if cfg.Sandbox.EnablePulseAudio && pulseAudioWorks {
 			const libPulse = "libpulse.so.0"
 
-			paLibsPath := findDistributionDependentLibs("", "pulseaudio")
+			paLibsPath := findDistributionDependentLibs(nil, "", "pulseaudio")
 			if paLibsPath != "" && cache.GetLibraryPath(libPulse) != "" {
 				const restrictedPulseDir = "/usr/lib/pulseaudio"
 
@@ -539,8 +547,12 @@ func newConsoleLogger(prefix string) *consoleLogger {
 	return l
 }
 
-func findDistributionDependentLibs(subDir, fn string) string {
-	for _, base := range distributionDependentLibSearchPath {
+func findDistributionDependentLibs(extraSearch []string, subDir, fn string) string {
+	var searchPaths []string
+	searchPaths = append(searchPaths, extraSearch...)
+	searchPaths = append(searchPaths, distributionDependentLibSearchPath...)
+
+	for _, base := range searchPaths {
 		candidate := filepath.Join(base, subDir, fn)
 		if FileExists(candidate) {
 			return candidate
@@ -549,6 +561,28 @@ func findDistributionDependentLibs(subDir, fn string) string {
 	return ""
 }
 
+func (h *hugbox) appendRestrictedOpenGL() ([]string, string) {
+	const (
+		archXorgDir = "/usr/lib/xorg/modules"
+		swrastDri   = "swrast_dri.so"
+	)
+
+	swrastPath := findDistributionDependentLibs([]string{archXorgDir}, "dri", swrastDri)
+	if swrastPath != "" {
+		// Debian needs libGL.so.1 explicitly specified.
+		retLibs := []string{swrastDri, "libGL.so.1"}
+
+		driDir, _ := filepath.Split(swrastPath)
+		restrictedDriDir := filepath.Join(restrictedLibDir, "dri")
+		h.roBind(swrastPath, filepath.Join(restrictedDriDir, swrastDri), false)
+		h.setenv("LIBGL_DRIVERS_PATH", restrictedDriDir)
+
+		return retLibs, ":" + driDir
+	}
+
+	return nil, ""
+}
+
 func (h *hugbox) appendRestrictedGtk2() ([]string, string, error) {
 	const (
 		libAdwaita   = "libadwaita.so"
@@ -567,7 +601,7 @@ func (h *hugbox) appendRestrictedGtk2() ([]string, string, error) {
 
 	// Figure out where the system keeps the Gtk+-2.0 theme libraries,
 	// and bind mount in Adwaita and Pixmap.
-	adwaitaPath := findDistributionDependentLibs(engineSubDir, libAdwaita)
+	adwaitaPath := findDistributionDependentLibs(nil, engineSubDir, libAdwaita)
 	if adwaitaPath != "" {
 		gtkEngineDir, _ := filepath.Split(adwaitaPath)
 		normGtkEngineDir := filepath.Join(restrictedLibDir, "gtk-2.0", "2.10.0", "engines")
@@ -583,7 +617,7 @@ func (h *hugbox) appendRestrictedGtk2() ([]string, string, error) {
 
 	// Figure out where the system keeps the Gtk+-2.0 print backends,
 	// and bind mount in the file one.
-	printFilePath := findDistributionDependentLibs(printSubDir, libPrintFile)
+	printFilePath := findDistributionDependentLibs(nil, printSubDir, libPrintFile)
 	if printFilePath != "" {
 		gtkPrintDir, _ := filepath.Split(printFilePath)
 		normGtkPrintDir := filepath.Join(restrictedLibDir, "gtk-2.0", "2.10.0", "printbackends")
@@ -603,7 +637,7 @@ func (h *hugbox) appendRestrictedGtk2() ([]string, string, error) {
 	// Figure out if the system gdk-pixbuf-2.0 needs loaders for common
 	// file formats.  Arch and Fedora 25 do not.  Debian does.  As far as
 	// I can tell, the only file format we actually care about is PNG.
-	pngLoaderPath := findDistributionDependentLibs(gdkSubDir, libPngLoader)
+	pngLoaderPath := findDistributionDependentLibs(nil, gdkSubDir, libPngLoader)
 	if pngLoaderPath != "" {
 		loaderDir, _ := filepath.Split(pngLoaderPath)
 		normGdkPath := filepath.Join(restrictedLibDir, "gdk-pixbuf-2.0", "2.10.0")

More information about the tor-commits mailing list