PipeWire camera: Annotate functions with PipeWire calls to avoid CFI

Similar to PipeWire implementation of desktop capture, we have to avoid
CFI check for calls of dlopened PipeWire library. This avoid crashing
PipeWire camera backend when "is_official_build=true" option is used as
this turns on "is_cfi=true" enabling control flow integrity.

Bug: chromium:354776214
Change-Id: I7a9fc1c2d77c4ee0e8fe0586369b7246e0bb9180
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/358103
Commit-Queue: Jan Grulich <grulja@gmail.com>
Reviewed-by: Ilya Nikolaevskiy <ilnik@webrtc.org>
Reviewed-by: Alexander Cooper <alcooper@chromium.org>
Cr-Commit-Position: refs/heads/main@{#42706}

modules/video_capture/BUILD.gn

@@ -81,7 +81,10 @@ if (!build_with_chromium || is_linux || is_chromeos) {
         "linux/video_capture_v4l2.cc",
         "linux/video_capture_v4l2.h",
       ]
-      deps += [ "../../media:rtc_media_base" ]
+      deps += [
+        "../../media:rtc_media_base",
+        "../../rtc_base:sanitizer",
+      ]
 
       if (rtc_use_pipewire) {
         sources += [

modules/video_capture/linux/pipewire_session.cc

@@ -19,6 +19,7 @@
 #include "common_video/libyuv/include/webrtc_libyuv.h"
 #include "modules/video_capture/device_info_impl.h"
 #include "rtc_base/logging.h"
+#include "rtc_base/sanitizer.h"
 #include "rtc_base/string_encode.h"
 #include "rtc_base/string_to_number.h"
 
@@ -52,6 +53,7 @@ VideoType PipeWireRawFormatToVideoType(uint32_t id) {
   }
 }
 
+RTC_NO_SANITIZE("cfi-icall")
 PipeWireNode::PipeWireNode(PipeWireSession* session,
                            uint32_t id,
                            const spa_dict* props)
@@ -79,6 +81,7 @@ PipeWireNode::~PipeWireNode() {
 }
 
 // static
+RTC_NO_SANITIZE("cfi-icall")
 void PipeWireNode::OnNodeInfo(void* data, const pw_node_info* info) {
   PipeWireNode* that = static_cast<PipeWireNode*>(data);
 
@@ -113,6 +116,7 @@ void PipeWireNode::OnNodeInfo(void* data, const pw_node_info* info) {
 }
 
 // static
+RTC_NO_SANITIZE("cfi-icall")
 void PipeWireNode::OnNodeParam(void* data,
                                int seq,
                                uint32_t id,
@@ -264,6 +268,7 @@ void PipeWireSession::InitPipeWire(int fd) {
     Finish(VideoCaptureOptions::Status::ERROR);
 }
 
+RTC_NO_SANITIZE("cfi-icall")
 bool PipeWireSession::StartPipeWire(int fd) {
   pw_init(/*argc=*/nullptr, /*argv=*/nullptr);
 
@@ -330,6 +335,7 @@ void PipeWireSession::StopPipeWire() {
   }
 }
 
+RTC_NO_SANITIZE("cfi-icall")
 void PipeWireSession::PipeWireSync() {
   sync_seq_ = pw_core_sync(pw_core_, PW_ID_CORE, sync_seq_);
 }
@@ -356,6 +362,7 @@ void PipeWireSession::OnCoreDone(void* data, uint32_t id, int seq) {
 }
 
 // static
+RTC_NO_SANITIZE("cfi-icall")
 void PipeWireSession::OnRegistryGlobal(void* data,
                                        uint32_t id,
                                        uint32_t permissions,

modules/video_capture/linux/video_capture_pipewire.cc

@@ -20,6 +20,7 @@
 #include "common_video/libyuv/include/webrtc_libyuv.h"
 #include "modules/portal/pipewire_utils.h"
 #include "rtc_base/logging.h"
+#include "rtc_base/sanitizer.h"
 #include "rtc_base/string_to_number.h"
 
 namespace webrtc {
@@ -128,6 +129,7 @@ static spa_pod* BuildFormat(spa_pod_builder* builder,
   return static_cast<spa_pod*>(spa_pod_builder_pop(builder, &frames[0]));
 }
 
+RTC_NO_SANITIZE("cfi-icall")
 int32_t VideoCaptureModulePipeWire::StartCapture(
     const VideoCaptureCapability& capability) {
   RTC_DCHECK_RUN_ON(&api_checker_);
@@ -247,6 +249,7 @@ void VideoCaptureModulePipeWire::OnStreamParamChanged(
     that->OnFormatChanged(format);
 }
 
+RTC_NO_SANITIZE("cfi-icall")
 void VideoCaptureModulePipeWire::OnFormatChanged(const struct spa_pod* format) {
   RTC_CHECK_RUNS_SERIALIZED(&capture_checker_);
 
@@ -395,6 +398,7 @@ static VideoRotation VideorotationFromPipeWireTransform(uint32_t transform) {
   }
 }
 
+RTC_NO_SANITIZE("cfi-icall")
 void VideoCaptureModulePipeWire::ProcessBuffers() {
   RTC_CHECK_RUNS_SERIALIZED(&capture_checker_);