Bug 218887

Summary: [GPU Process] Make getImageData directly read the shared backend instead of sending a sync IPC
Product: WebKit Reporter: Ryosuke Niwa <rniwa>
Component: CanvasAssignee: Ryosuke Niwa <rniwa>
Status: RESOLVED INVALID    
Severity: Normal CC: dino, sabouhallawa, simon.fraser, thorton, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch thorton: review-

Ryosuke Niwa
Reported 2020-11-12 23:12:46 PST
We can make getImageData more efficient by flushing the context and reading off of the shared backend instead of sending a sync IPC.
Attachments
Patch (9.58 KB, patch)
2020-11-12 23:18 PST, Ryosuke Niwa 		thorton: review-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1 2020-11-12 23:18:32 PST
Created attachment 414004 [details] Patch
Tim Horton
Comment 2 2020-11-13 00:56:31 PST
Does this mean we're now reading from the IOSurface mapped in the Web Content process? Because that would be a mistake going forward...
Tim Horton
Comment 3 2020-11-13 01:07:29 PST
Yes, it does. We can't do this.
Ryosuke Niwa
Comment 4 2020-11-13 01:32:34 PST
(In reply to Tim Horton from comment #3) > Yes, it does. We can't do this. Oh, right. That was another thing wrong with this approach. I guess I'd go back to adding new shared memory region.
Said Abou-Hallawa
Comment 5 2020-11-13 08:53:35 PST
(In reply to Tim Horton from comment #3) > Yes, it does. We can't do this. Can you please explain why "we can't do this"? If IOSurface/ShareableBitmap mapped in the Web Content process is read-only, it will act exactly as any shared memory we are going to create. Is there a threat of accessing the IOSurface from the Web Content process even if this access is read-only? Can this cause any security vulnerabilities?
Tim Horton
Comment 6 2020-11-13 11:39:32 PST
(In reply to Said Abou-Hallawa from comment #5) > (In reply to Tim Horton from comment #3) > > Yes, it does. We can't do this. > > Can you please explain why "we can't do this"? > > If IOSurface/ShareableBitmap mapped in the Web Content process is read-only, > it will act exactly as any shared memory we are going to create. ShareableBitmap, true. IOSurface, not true. I think you got the details elsewhere, but we won't be able to use IOSurface from the Web Content process, because it is *not* just a trivial shared memory buffer.
Radar WebKit Bug Importer
Comment 7 2020-11-19 23:13:55 PST
<rdar://problem/71617360>
Note You need to log in before you can comment on or make changes to this bug.