Platform/GFX/WebGL-Security-2011-10-28

• Patterns of WebGL exploits so far (Benoit)
  • More details have been sent to security-group on June 29 and October 28.
  • Pattern A (Relying on a particular GL state, forgetting that scripts can change it)
    • June 29 review: bug 659349
    • October 28 review: no new bugs in this category
  • Pattern B (Mistake when keeping track of GL state)
    • June 29 review: bug 656752, bug 665070
    • October 28 review: bug 665070
  • Pattern C (Timing attacks)
    • June 29 review: bug 656277
    • October 28 review: no new bugs in this category
  • Pattern D (Driver bugs)
    • Type 1: Can be worked around.
      • June 29 review: bug 631420, bug 657201
      • October 28 review: bug 665578, bug 658826, bug 684882, Template:Bug 675625, bug 674042
    • Type 2: Can be blacklisted. Tons of examples.
    • Type 3: Ones we ignore for now because extensive DOS mitigations not available
  • Pattern E (Implementation Bugs that are not at all GL-specific)
    • June 29 review: bug 648705 in our WebGL implementation; bug 665934 in ANGLE.
    • October 28 review: bug 686398, bug 685793, bug 682335 in our WebGL implementation; bug 680840, bug 665936 in ANGLE.

Securtiy Discussion

• go over action items from previous meeting and evaluate progress
  • conformance tests should be in a very good shape now: https://etherpad.mozilla.org/WebGL-Conf
  • ARB_robustness support finally landing (GLX already landed, WGL has patch)
• go over security bugs we've had since previous meeting and see how they fit in the patterns we discussed.
• regarding the DOS issue, discuss whether the pace of progress around ARB_robustness is enough or we want to do more.
  • things seem to be progressing positively at this point
• discuss state of fuzzing
  • still need to make a push to integrate fuzzcases as tests.
  • If conformance tests revealed some bugs, does it make sense to mutate conformance tests?
  • Does it make sense to do this without a real driver (software rendering)?
    • Recent versions of MESA (7.11) with the llvmpipe driver (or softpipe) but avoid the old 'swrast' driver
• performance tests
  • https://etherpad.mozilla.org/WebGL-Conf