A generic sandboxing solution

Background

Implement a generic sandboxing solution by implementing a GstElement / GstPad subclass that can be provide functionality of any GstElement in another process. This feature is interesting for e.g. distributing a processing pipeline across processes (or even systems). One motivation for doing so are moving DRM related processing into a separate process, sandboxing a part of the pipeline (e.g. demuxing and decoding) from the main application process for security/stability reasons, or running 32bit plugins on 64bit systems.

The idea would be to implement subclasses of GstElement and GstPad that act as a proxy to a GstElement (or one of its subclasses like GstBin) running in another process. All of the GstElement and GstPad API would be forwarded to the other process, for each GstPad on the element in the other process a pad would be added, signals would be propagated between processes and events, buffers, queries and messages would be passed from one process to another. The application should not notice that the part of the pipeline runs in another process, it should be completely transparent.

An initial implementation could use a simple, existing IPC system like DBus for IPC. This will not be very performant but would allow prototyping this faster and getting results early to know if any changes will be required in GStreamer core to support this. Later the IPC system could be improved, e.g. by using plain sockets for data transfer (GstBuffers) or even inventing a very specialized IPC system for this specific use case.

Requires: Programming in the C language, some IPC background, ideally some GStreamer or DBus (or any other suitable IPC system) knowledge

Results

• Create a design draft

• Implement GstElement and GstPad proxy subclasses with DBus (or any other suitable IPC system)

• Implement examples and testcases for this
• Discover missing features in GStreamer core and implement them (ideally there are none)
• Optional: Discover bottlenecks in the IPC implementation and optimize them

Resources

• http://guij.emont.org/blog/2012/05/08/video-decoding-in-a-sandbox/

• http://gstreamer.freedesktop.org/data/doc/gstreamer/head/gstreamer/html/

• http://www.freedesktop.org/wiki/Software/dbus

Mentor

Sebastian Dröge, slomo on irc