Switching to ALSA

madaidan · November 9, 2020, 9:29pm

Gentoo would theoretically be perfect for us as we could design our system from the ground up to be secure, even enabling a host of compiler mitigations like CFI. However, in reality, it’s much too difficult to maintain. We cannot force the user to compile everything themselves as that would be a massive drop in usability, especially for those on weaker hardware. We also cannot compile everything ourselves and distribute binaries to the user as maintaining this would be near impossible with Whonix’s current resources.

FrozenCat · November 9, 2020, 9:44pm

Calculate Linux is a binary distribution built on top of Gentoo Linux. If you can’t maintain a binary distribution on top of Gentoo, you don’t have much resource unfortunately. I do system upgrade every week on my Gentoo system. Once you get the hang of it, it takes more CPU time, but not much human time.

The biggest cost would be the initial learning curve.

Another alternative is to compile torbrowser deb package yourself. I compile torbrowser without pulseaudio on my Gentoo Linux. Or, you can install libapulse. Whonix should have its own PPA.

Patrick · November 10, 2020, 9:42am

Mixing porting to another base distribution (which is a very complex topic) on which Whonix is based on with “Switching to ALSA” (which looks comparatively a lot easier) is too much off-topic for this forum topic. Please create a new forum thread for that if needed.

As for porting to another base distribution and (Hardened) Gentoo, see also the following development notes:

Gentoo / Hardened Gentoo
Criteria for Choosing a Base Distribution
ToDo List for Porting to another Base Distribution
and Dev/Operating System page generally

This seems cool at first sight. Quote:

PulseAudio emulation for ALSA

The program provides an alternative partial implementation of the PulseAudio API. It consists of a loader script and a number of shared libraries with the same names as from original PulseAudio, so applications could dynamically load them and think they are talking to PulseAudio. Internally, no separate sound mixing daemon is used. Instead, apulse relies on ALSA’s dmix, dsnoop, and plug plugins to handle multiple sound sources and capture streams running at the same time. dmix plugin muxes multiple playback streams; dsnoop plugin allow multiple applications to capture from a single microphone; and plug plugin transparently converts audio between various sample formats, sample rates and channel numbers.

What do you think?

This might help with getting Tor Browser to work with ALSA (without recompilation)? (That is, if Tor Browser currently has a hard dependency on PulseAudio for sound which I am not sure yet.)

Indeed.

We don’t have human resources for that either.
Nobody managed to create one yet even though a very popular request:

Related:
Tor Browser Update: Technical Details

Alright. Some issues mentioned on that link (such as Snoop on other application's audio or Have unmediated access to the microphone) may still be issues with ALSA?

However, I can see the general attack surface reduction argument.

Load and unload server modules, including network ones

Makes sense.

Conclusion:

Porting from PulseAudio to ALSA is worthwhile. Help welcome. Let me know which packages to remove/add and/or send pull request for anon-meta-packages.
- Maybe apulse can help.
- We need audio support in Tor Browser.
  - EDIT: maybe possible thanks to apulse torbrowser
- VLC is not important enough for installation by default if it was in theory an obstacle for porting from PulseAudio to ALSA.
Porting from PulseAudio to ALSA is however is not a blocker for System-wide sandboxing framework - sandbox-app-launcher.

FrozenCat · November 10, 2020, 10:59am

Making torbrowser work with apulse is going to be easiest. It’s basically firefox.
Execute apulse torbrowser

If you want to recompile torbrowser, I can show you the steps.

Patrick · November 11, 2020, 4:33pm

Thanks for the offer. Your expertise might be useful in other areas of development.

Forking / re-compilation of software packages by third parties is done as sparingly as possible. The rationale for this has been documented just now:
Kicksecure Coding Style

Related:
Relationship With Upstream

That might come really handy.

madaidan · December 23, 2020, 1:26am

Also, I forgot to mention this before but the Firefox content process “sandbox” allows direct access to PulseAudio, meaning that uninstalling it will plug one hole in the Tor Browser / Firefox “sandbox” (although there are still other holes).

nurmagoz · April 30, 2021, 12:34pm

https://wiki.debian.org/ALSA

Most infamously, Firefox does not support ALSA directly and instead uses the PulseAudio API, forcing usage of PulseAudio (or a compatibility layer) as well.

I think its going to be usability issue.

Though if someone want to see how this is going to work with FF+ALSA maybe he should look at fedora 34 (released stable). (But no info about if its going to have same thing within debian)

Patrick · April 30, 2021, 12:58pm

Quite possibly not. Already addresses earlier in this forum thread.

nurmagoz · April 30, 2021, 1:03pm

good then we have major distro already using it, and i dunno when qubes going to do the same thing as well later since its based on fedora.

rest is how much its of an issue if its used within debian+xfce.

Patrick · July 12, 2023, 6:05pm

2 posts were split to a new topic: port from pulseaudio to pipewire for audio support

Patrick · June 1, 2021, 9:39am

Why PipeWire, why not ALSA?

nurmagoz · June 2, 2021, 7:29pm

Pipewire is what Fedora uses in its 34 release:

Debian (seems) as well want to make this step and move toward pipewire, This will give pipewire stability and its already written with security in mind and wayland friendly:

PipeWire was designed with a powerful security model that makes interacting with audio and video devices from containerized applications easy, with supporting Flatpak applications being the primary goal. Alongside Wayland and Flatpak we expect PipeWire to provide a core building block for the future of Linux application development.

But its not yet coming even inside fedora 34 without issues e.g:

using only ALSA may causes more problems like compatibility, vm audio syncing …etc

nurmagoz · September 14, 2021, 10:12am

https://lists.torproject.org/pipermail/tor-talk/2021-September/045770.html

ALSA support was removed from firefox a few years ago

So only hope is to make pipewire working.

HulaHoop · September 21, 2021, 3:50pm

Pipewire use in Debian 11 possible, but needs testing:
https://wiki.debian.org/PipeWire

Patrick · September 21, 2021, 10:04pm

…

0x1f · June 28, 2022, 9:09pm

I would vote for Alpine linux over Gentoo due musl and packages pre-compiled for ALSA

HulaHoop · June 29, 2022, 6:48pm

Very unlikely that we’ll ever port to something other than Debian for the foreseeable future.

Patrick · July 3, 2022, 9:50am

I meant to say this was already addressed by apulse which was discussed earlier.

apulse is an option in theory.

Was already discussed earlier in this forum thread:
Switching to ALSA - #10 by Patrick

Patrick · July 3, 2022, 9:52am

For Tor Browser, Firefox, applications that depend on pulseaudio that do not support ALSA…

Doesn’t look good:

Therefore asked about it specifically:

Patrick · July 12, 2023, 6:07pm

This seemed infeasible before and it seems even more infeasible with wayland.

Hence, it is unlikely this will be implemented.

There’s no other Linux distribution which by default only uses ALSA.

What likely needs and will be done instead: