From owner-freebsd-chromium@freebsd.org  Fri Jul 15 11:57:49 2016
Return-Path: <owner-freebsd-chromium@freebsd.org>
Delivered-To: freebsd-chromium@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C3DE3B9A0FC
 for <freebsd-chromium@mailman.ysv.freebsd.org>;
 Fri, 15 Jul 2016 11:57:49 +0000 (UTC) (envelope-from isoa@kapsi.fi)
Received: from mailman.ysv.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id ACE9B1C48
 for <freebsd-chromium@freebsd.org>; Fri, 15 Jul 2016 11:57:49 +0000 (UTC)
 (envelope-from isoa@kapsi.fi)
Received: by mailman.ysv.freebsd.org (Postfix)
 id A262AB9A0FB; Fri, 15 Jul 2016 11:57:49 +0000 (UTC)
Delivered-To: chromium@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9FC90B9A0FA
 for <chromium@mailman.ysv.freebsd.org>; Fri, 15 Jul 2016 11:57:49 +0000 (UTC)
 (envelope-from isoa@kapsi.fi)
Received: from mail.kapsi.fi (mx1.kapsi.fi [IPv6:2001:1bc8:1004::1:25])
 (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 5EAE11C46;
 Fri, 15 Jul 2016 11:57:49 +0000 (UTC) (envelope-from isoa@kapsi.fi)
Received: from karviainen.kapsi.fi ([217.30.184.182] helo=roundcube.kapsi.fi)
 by mail.kapsi.fi with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
 (Exim 4.80) (envelope-from <isoa@kapsi.fi>)
 id 1bO1kX-0000D6-2N; Fri, 15 Jul 2016 14:57:45 +0300
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
Date: Fri, 15 Jul 2016 14:57:44 +0300
From: Arto Pekkanen <isoa@kapsi.fi>
To: Baptiste Daroussin <bapt@freebsd.org>
Cc: Matthew Macy <mmacy@nextbsd.org>, chromium <chromium@freebsd.org>
In-Reply-To: <20160709195235.rrfflo3tsho7by76@ivaldir.etoilebsd.net>
References: <155d0f236ad.c11b2673215986.622076744465197484@nextbsd.org>
 <20160709195235.rrfflo3tsho7by76@ivaldir.etoilebsd.net>
Message-ID: <a773d3eb29b795a3bc072e9730be233b@kapsi.fi>
X-Sender: isoa@kapsi.fi
User-Agent: RoundCube Webmail/0.9.4
X-SA-Exim-Connect-IP: 217.30.184.182
X-SA-Exim-Mail-From: isoa@kapsi.fi
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=ALL_TRUSTED,BAYES_00,
 RP_MATCHES_RCVD autolearn=ham version=3.3.2
Subject: Re: Chromium sandboxing on FreeBSD
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000)
X-SA-Exim-Scanned: Yes (on mail.kapsi.fi)
X-BeenThere: freebsd-chromium@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: FreeBSD-specific Chromium issues <freebsd-chromium.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-chromium>, 
 <mailto:freebsd-chromium-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chromium/>
List-Post: <mailto:freebsd-chromium@freebsd.org>
List-Help: <mailto:freebsd-chromium-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-chromium>, 
 <mailto:freebsd-chromium-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jul 2016 11:57:49 -0000

The lack of co-operation from Chromium upstream might also explain why 
Chromium is so unstable on FreeBSD. I mean, I get frequent tab crashes, 
and kickstarter.com crashes the browser altogether. If the issues with 
Chromium are to be resolved, we need people from upstream to take part 
in squashing the bugs on the FreeBSD version of Chromium. PRs have been 
filed regarding instability, but thus far there's been no fix.

Firefox is also pretty bad, it slows down to a crawl after using it for 
a few hours. The other browsers are also either unstable or barely 
usable. I tried Epiphany a few days ago, and it seems to get stuck 
frequently. Not sure if the problem is in Webkit2.

I'd like to profile Firefox regarding the slowdown issue, but profiling 
doesn't work on FreeBSD. The current version of Firefox should have a 
profiler function built in, usable via Developer Tools menu, but it is 
simply not there. Maybe I'll file a PR about this ...

Baptiste Daroussin kirjoitti 09.07.2016 22:52:
> On Sat, Jul 09, 2016 at 11:36:22AM -0700, Matthew Macy wrote:
>> 
>> How much of Chromium's sandboxing code actually works on FreeBSD? On 
>> Linux it relies in part on user namespaces which appear to be a much 
>> more modular equivalent of jails usable by unprivileged processes.
> 
> People working on chromium (now, I'm not anymore) would know better but 
> Google
> sponsored capsicum development for sanboxing chromium, there are lots 
> of
> talks/papers available out there explaining that. But on the otherside 
> upstream
> never accepted (or almost never accepted) our patches to run on freebsd
> resulting in the current ports as now contain 395 patches to run there. 
> So the
> capsicum patches were never integrated neither upstream neither on 
> freebsd...
> btw big thanks to the people working on keeping chromium working on 
> FreeBSD
> given how unfriendly upstream is...
> 
> Google chrome team is not friendly to projects which are not Linux, 
> Windows or
> Mac OS.
> 
> Best regards,
> Bapt

-- 
Arto Pekkanen