Adding "minimal Python Interpreter" for Drivers #47823
Labels
No Label
Interest
Alembic
Interest
Animation & Rigging
Interest
Asset Browser
Interest
Asset Browser Project Overview
Interest
Audio
Interest
Automated Testing
Interest
Blender Asset Bundle
Interest
BlendFile
Interest
Collada
Interest
Compatibility
Interest
Compositing
Interest
Core
Interest
Cycles
Interest
Dependency Graph
Interest
Development Management
Interest
EEVEE
Interest
EEVEE & Viewport
Interest
Freestyle
Interest
Geometry Nodes
Interest
Grease Pencil
Interest
ID Management
Interest
Images & Movies
Interest
Import Export
Interest
Line Art
Interest
Masking
Interest
Metal
Interest
Modeling
Interest
Modifiers
Interest
Motion Tracking
Interest
Nodes & Physics
Interest
OpenGL
Interest
Overlay
Interest
Overrides
Interest
Performance
Interest
Physics
Interest
Pipeline, Assets & IO
Interest
Platforms, Builds & Tests
Interest
Python API
Interest
Render & Cycles
Interest
Render Pipeline
Interest
Sculpt, Paint & Texture
Interest
Text Editor
Interest
Translations
Interest
Triaging
Interest
Undo
Interest
USD
Interest
User Interface
Interest
UV Editing
Interest
VFX & Video
Interest
Video Sequencer
Interest
Virtual Reality
Interest
Vulkan
Interest
Wayland
Interest
Workbench
Interest: X11
Legacy
Blender 2.8 Project
Legacy
Milestone 1: Basic, Local Asset Browser
Legacy
OpenGL Error
Meta
Good First Issue
Meta
Papercut
Meta
Retrospective
Meta
Security
Module
Animation & Rigging
Module
Core
Module
Development Management
Module
EEVEE & Viewport
Module
Grease Pencil
Module
Modeling
Module
Nodes & Physics
Module
Pipeline, Assets & IO
Module
Platforms, Builds & Tests
Module
Python API
Module
Render & Cycles
Module
Sculpt, Paint & Texture
Module
Triaging
Module
User Interface
Module
VFX & Video
Platform
FreeBSD
Platform
Linux
Platform
macOS
Platform
Windows
Priority
High
Priority
Low
Priority
Normal
Priority
Unbreak Now!
Status
Archived
Status
Confirmed
Status
Duplicate
Status
Needs Info from Developers
Status
Needs Information from User
Status
Needs Triage
Status
Resolved
Type
Bug
Type
Design
Type
Known Issue
Type
Patch
Type
Report
Type
To Do
No Milestone
No project
No Assignees
6 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: blender/blender#47823
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This is a summary of an IRC chat of today (with Kaito and Aligorith)
When drivers are used, Python Scripting must be enabled. However it looks like most drivers can be created using a very limited set of Python (basic math operations come to mind). Because of this it may be possible and desirable to add a "minimal python interpreter" only for usage with Drivers.
@JoshuaLeung: Would you mind to add some comments about how such a "minimal python interpreter" could possiblky be implemented?
Some remarks collected from the IRC chat (just so that this information doesn't get lost):
from Aligorith:
from Kaito:
from me:
Changed status to: 'Open'
Added subscribers: @GaiaClary, @JoshuaLeung
Added subscriber: @ideasman42
One concern I have with this, is it gives some kind of challenge for people to circumvent it.
A while ago I looked into the BGE's sandboxing options- and each time I managed to lock it down, some clever Python guys would show an example of how it could be worked around (quite trivially).
I realize with some more advanced tricks (checking bytecode or ast), some restricted set of Python could be enforced, however - if this ends up being easy to workaround (say 10min or searching online).
Then I'm not sure its worth the effort to attempt to sandbox in the first place. Since we would then be promoting a feature as Secure which would in fact be quite insecure.
Other points...
@gaia, would need a more concrete example - how would the classes work?
My preferred option for eliminating any lingering GPL and Python sandbox bypassing would be to simply write our own simple parser and/or interpreter.
Pros:
There isn't the risk of anyone escaping the sandbox as our parser would simply barf on any inputs that try to do anything tricky they it can't handle. Anything that we can't handle is passed back to the standard python interpreter (which only runs when allowed). UI wise this distinction should be indicated (maybe via the presence of a py icon or the old radiosity icon).
From GPL perspective, I'm guessing that if we make this "GPL compatible but not GPL" licensed it would rule out any of the standard concerns there.
As we are only handling a very limited subset of python, there may be some perf benefits in some cases? It off course depends how we do it, but just by shortcircuiting some of the typechecks and callback lookups we should get some minimal differences in theory.
Cons:
We need to write a simple parser + interpreter. That however is not such a big issue and can be done quite easily... it just needs a little time...
Potential for other security slips from having our own parser.
Also just to reiterate, we can only use this for handling "simple" driver expressions - ie the sort that just perform math using the builtin math funcs, +-×÷, and the driver vars that were defined for that driver.
Added subscriber: @sindra1961
Think if this is to be solved - having a simple parser that handled basic math expressions is better than attempting to sand-box CPython.
As for GPL issues - think we should get advice here, and not take on a lot of work because of GPL issues that might exist.
We should understand exactly what the implications currently are.
We could make an official statement (and get FSF to double check it), eg:
... this covers typical math expressions (most drivers).
Correction, the patch linked has an error and isn't working, see reply below (fixed and linked to differential).
Similar to @JoshuaLeung's suggestion to manipulate the AST, there have been a few projects that allow byte-code level manipulation.
One thats quite popular and well maintained is
numba
, which converts Python bytecode to LLVM instructions, and interestingly has the ability to disable calling back into CPython from the converted functions [1].This is an experimental patch P338, which uses
numba
from Blender's PyDrivers when auto-execution is disabled,import
andopen
raise an exception, while math functions (sin/cos/tan... etc) work as expected.However since this isn't written with security as the main purpose, its possible there is some way to break out of the sandbox (I'll mail their list and see if this is considered secure).
Tested this with a production file from glass-half (
01_render.blend
), and the rigs work without any problems and the same performance.(improved performance may be possible, most likely the performance cost is setting up the Python context and not the execution it's self).
@ideasman42: Interesting find!
A few questions we'd need to check on:
http://numba.pydata.org/#installing
Though I built it from source - https://github.com/numba/numba#installing-numba
Both the dependencies (LLVM and Numpy) are already included with Blender.
So we should be able to use it without adding extra deps apart from numba it's self.
You cant access
os
because you can't import, and even if you add the functions into the namespace, they won't execute (from my own tests in the Python3.5 command prompt), I've mailed their list to ask if the this could be used as a sandbox, since it isn't mentioned in their docs.Anything that calls back to the CPython API raises an exception, that includes any functions you pass in the name-space.
They must be handling calls from the
math
module as a special case since the math functions in existing rigs are working as expected.It seems am talking rubbish and this is not working at all! my testes in the Py console overlooked that the function needs to run at least once before we can get the newly created "code" object back out of the function. (so the basic principle can work, but needs some tweaks).
However it looks like this isn't so hard to support, though we will need function calls instead of evaluating with a name-space since numba doesn't support reading variables, only arguments to a function.
Added subscriber: @pink.vertex
You might use nodes for drivers?
They would visually represent the AST of an arithmetic expression.
From the node inputs the dependencies for the dependency graph could be derived.
In a text parser you would have to resolve the variables from the driver which you have to setup beforehand?
Further you might want to support vector inputs and vector operations?
Update, got numba working correctly, and tested with glass-half file, D1860
In summary - it works but initial driver compilation is very slow.
Added subscriber: @zanqdo
I think the most sensible comment has been "let's check how others do it". Oh boy it almost doesn't seem like Blender! So how do others do it?
Looked into yet another method of locking down Python, D1862
This method checks the byte-code, restricting what can be done.
Changed status from 'Confirmed' to: 'Resolved'
This has been done, see:
bf2a54b058