-
Notifications
You must be signed in to change notification settings - Fork 469
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
win: Explore alternatives to use_custom_libcxx=false for cef_sandbox #3824
Comments
From the Windows sandbox docs:
This is the part that requires static linking of cef_sandbox on Windows. The interception needs to run in the main executable (not libcef.dll) to properly hook WinAPI functions. From a related thread:
That thread also contains related technical implementation details that are still valid today. |
Asking some questions to understand more:
|
@danakj Thanks for the follow up!
We distribute CEF + Chromium as a binary distribution that includes libcef.dll (compiled CEF + Chromium code), CEF header files (C and C++), and related resource files (.bin, .pak, etc, same as Chromium). We build libcef.dll as part of the Chromium build (//cef targets added to Chromium's top-level .gn file), utilizing the same Chromium toolchain. The libcef.dll exposes a C ABI only, so no Chromium or C++ symbols are exported across the dll boundary. This allows third-party applications to build with platform toolchains (MSVC stdlib in this case) and utilize CEF without requiring Chromium-specific toolchains or header files.
The cef_sandbox is basically just an entry point wrapper for the Chromium //sandbox target. It's distributed as a .lib (binary contents here) and accessed via a single CEF header file (CEF-side implementation here). With this approach there are linker dependencies on Chromium (.objs from //sandbox, //base, etc, in cef_sandbox.lib) but no source or header dependencies.
Because of the Windows sandbox usage requirements described above.
These headers are used when compiling libcef.dll, but not when building or using cef_sandbox (because we set
We would need to extract all source files (.cc and .h) that are used by the cef_sandbox target and its Chromium dependencies (//sandbox, //base, etc). You can see the complete list of dependent build artifacts here. The //base target, for example, changes frequently so we wouldn't want to do this as a manual process. Automatically extracting those source files from the Chromium configuration and generating the necessary build configuration for CMake or Bazel (for use by third-party apps) would be challenging. Also, those Chromium files would still need to build successfully with the MSVC stdlib, something that we're likely to lose with the removal of |
I see, you're literally building Chromium code against a different stdlib. With our plans for deep and ergonomic interop, that's going to stop compiling (or break entirely at runtime if you lie about which headers will be used to compile with).
Yeah, unfortunately some of the most important places where interop will be required and active though (like //base). As such, distributing the //sandbox code and expecting clients to build it against their own stdlib is also not going to work. The interop tool will generate different bindings, and code in //sandbox and its deps that is using those bindings will fail to build. Clients will really need to use //buildtools/third_party/libc++ to build any part of Chromium in the future. |
@danakj Thanks, that background is really helpful. Maybe there's a better way to implement the sandbox interception on Windows today (Windows 10+ world) so that we can eliminate the cef_sandbox.lib linking requirement all-together? Who would be a good person inside Chromium security to discuss that with? |
I asked around and @wfh-chromium suggested that you file a crbug.com about this, as it should be possible to not require linking the sandbox code into the main exe. It just hasn't been prioritized yet, but if there's a bug about it then they can sort it into their planning. |
Awesome! I filed https://issues.chromium.org/issues/378046068 |
This warning now displays when generating the cef_sandbox target in M132+:
|
Is your feature request related to a problem? Please describe.
Linking the cef_sandbox static library is required for using the sandbox on Windows. Chromium's custom bundled libc++ version must be disabled (set
use_custom_libcxx=false
) when building cef_sandbox in order to link with the MSVC stdlib that is compatible with third-party apps.Chromium is planning to remove the MSVC stdlib compile/link option for reasons. This will break the way that we currently build/utilize cef_sandbox on Windows.
This leaves us with the following options:
[1] Apps that already build against a "new enough" version of clang/llvm libc++ might be fine in this case.
The text was updated successfully, but these errors were encountered: