marfrit/libva-v4l2-request-fourier
1
0
Fork 1
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

iter3 Fix: select() → poll() in media_request_wait_completion

Browse Source 
Firefox's RDD seccomp common policy admits poll/ppoll/epoll_* but does
NOT admit select/pselect6. Under the iter3 sandbox-patched RDD process,
our select(except_fds) call returned ENOSYS (Mozilla's seccomp uses
SECCOMP_RET_ERRNO with ENOSYS for filtered syscalls — not SIGSYS),
killing libva decode after just one BeginPicture.

poll(POLLPRI) is functionally equivalent for waiting on the media
request fd's exceptional-condition completion signal, and lives
inside a syscall family Mozilla's sandbox already permits. Driver-side
fix preferred over expanding Firefox's seccomp surface — smaller blast
radius, portable across sandbox policies, and poll() is the modern API.

Verified iter3 Phase 7 on ohm: with this change in place plus the
firefox-fourier broker + seccomp ioctl '|' patches, Firefox decodes
through libva inside the sandboxed RDD without MOZ_DISABLE_RDD_SANDBOX=1.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Markus Fritsche
2026-05-05 12:56:49 +00:00
parent 19acc76da4
commit 4a7a07e0f4
1 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/media.c
+8 -8
View File
@@ -26,7 +26,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <sys/ioctl.h> #include <sys/ioctl.h>
#include <sys/select.h> #include <poll.h>
#include <linux/media.h> #include <linux/media.h>
@@ -78,19 +78,19 @@ int media_request_queue(int request_fd)
int media_request_wait_completion(int request_fd) int media_request_wait_completion(int request_fd)
{ {
struct timeval tv = { 0, 300000 }; /* poll() instead of select(): Firefox's RDD seccomp policy admits
fd_set except_fds; * poll/ppoll but not select/pselect6 (as of FF150). Functionally
* equivalent here — the media request fd signals completion via
* exceptional condition, mapped to POLLPRI for poll(). */
struct pollfd pfd = { .fd = request_fd, .events = POLLPRI };
int rc; int rc;
FD_ZERO(&except_fds); rc = poll(&pfd, 1, 300 /* ms */);
FD_SET(request_fd, &except_fds);
rc = select(request_fd + 1, NULL, NULL, &except_fds, &tv);
if (rc == 0) { if (rc == 0) {
request_log("Timeout when waiting for media request\n"); request_log("Timeout when waiting for media request\n");
return -1; return -1;
} else if (rc < 0) { } else if (rc < 0) {
request_log("Unable to select media request: %s\n", request_log("Unable to poll media request: %s\n",
strerror(errno)); strerror(errno));
return -1; return -1;
} }