When trying to play content protected by Widevine CDM (e.g. apple music), the WidevineCdm plugin crashes. Reproducible: Always Steps to Reproduce: 1. open firefox 2. Try to play content protected by widevine e.g. https://bitmovin.com/demos/drm Actual Results: WidevineCdm plugin crashes with a sandbox violation Expected Results: Content plays this is on a clang system (profile: default/linux/amd64/17.1/systemd/clang/merged-usr). firefox-bin seems to work fine, and on my gcc-based system this bug does not occur.
Created attachment 865463 [details] Firefox Error Log
Created attachment 865464 [details] emerge --info
Hmm I'm pretty sure the drm plugin is externally downloaded, and by the looks of it, unconditionally links to libgcc? I wonder how other gcc'less distros are handling it.
I assume /usr/lib/gcc/x86_64-pc-linux-gnu/13/libgcc_s.so.1 doesn't exist for you?
Yeah I get the plugin crash on alpine-edge, with similar error messages in terminal: [Parent 1669, IPC I/O Parent] WARNING: process 1996 exited on signal 11: file /home/buildozer/aports/community/firefox/src/firefox-115.0.2/ipc/chromium/src/base/process_util_posix.cc:264 Sandbox: attempt to open unexpected file /usr/lib/firefox/ld-linux-x86-64.so.2 Sandbox: attempt to open unexpected file /usr/lib/firefox/ld-linux-x86-64.so.2 Sandbox: attempt to open unexpected file /lib/ld-linux-x86-64.so.2 Sandbox: attempt to open unexpected file /usr/local/lib/ld-linux-x86-64.so.2 Sandbox: attempt to open unexpected file /usr/lib/ld-linux-x86-64.so.2 [Parent 1669, IPC I/O Parent] WARNING: process 2046 exited on signal 11: file /home/buildozer/aports/community/firefox/src/firefox-115.0.2/ipc/chromium/src/base/process_util_posix.cc:264 dmesg shows a crash too.
$ scanelf -n libwidevinecdm.so TYPE NEEDED FILE ET_DYN libdl.so.2,libpthread.so.0,libm.so.6,libgcc_s.so.1,libc.so.6,ld-linux-x86-64.so.2 libwidevinecdm.so
So I have GCC and glibc installed, as I have some stuff that needs it, so in addition to requiring glibc, there seems to be an issue with the sandbox preventing access to libgcc_s.so.1 (perhaps similar to this quite old bug https://bugzilla.mozilla.org/show_bug.cgi?id=1276420 from when OS X switched to libc++). I'll add a comment to this effect on the upstream bug as well.
Created attachment 865541 [details, diff] update-sandbox-clang-system.patch As per upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1356038 adding a dlopen call to libgcc_s.so.1 means that there isn't a sandbox violation, but glibc still needs to be present on the system. As it stands, this builds and runs fine, and I'm able to I'm unsure of the best way to proceed in terms of the ebuild, perhaps a widevine use flag like chromium which adds a dependency on glibc and applies the patch if on a clang system?
(In reply to Chris Pritchard from comment #8) > adding a dlopen call to libgcc_s.so.1 means that there isn't a sandbox > violation, but glibc still needs to be present on the system. As it stands, > this builds and runs fine, and I'm able to Meant to say that I'm able to play protected content.
Hmm I'm thinking we could _always_ apply the patch if it doesn't break "normal" systems, then print out a message if glibc isn't found that it's required to play DRM content until upstream bug #1356038 is fixed. I'll try to test your patch tomorrow on a normal system, thanks for creating and confirming it works!
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ba61e38991b7735b49b1883ca0030b2438771e9 commit 0ba61e38991b7735b49b1883ca0030b2438771e9 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2023-07-16 07:40:05 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2023-07-16 07:40:05 +0000 www-client/firefox: include a patch to dlopen libgcc_s.so on 115 - widevine plugin unconditionally depends on glibc and gcc. Closes: https://bugs.gentoo.org/910309 Signed-off-by: Joonas Niilola <juippis@gentoo.org> www-client/firefox/Manifest | 1 + www-client/firefox/firefox-115.0.2.ebuild | 9 ++++++++- 2 files changed, 9 insertions(+), 1 deletion(-)
Since when firefox is built on musl profiles, the message glibc not found! You won't be able to play DRM content. See Gentoo bug #910309 or upstream bug #1843683. appear, let me point out, that with some (not particularly packaging-friendly) extra work, it is possible to get widevine to work on musl profiles. Steps: 1) install sys-libs/gcompat::guru 2) patchelf --add-needed /lib/libgcompat.so.0 $firefox-profile/gmp-widevinecdm/*/libwidevinecdm.so 3) The GMP sandbox needs to be disabled when running firefox: MOZ_DISABLE_GMP_SANDBOX=1 firefox
