[webkit-changes] [WebKit/WebKit] 73fc4f: Use sandbox extension to enable Mach bootstrap'ing

Per Arne Vollan noreply at github.com
Fri Dec 16 03:28:19 PST 2022 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 73fc4fd89f837a0eb9ceebdd631f2e66730072b4
      https://github.com/WebKit/WebKit/commit/73fc4fd89f837a0eb9ceebdd631f2e66730072b4
  Author: Per Arne Vollan <pvollan at apple.com>
  Date:   2022-12-16 (Fri, 16 Dec 2022)

  Changed paths:
    M Source/WTF/wtf/PlatformHave.h
    M Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in
    M Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm
    M Source/WebKit/Shared/SandboxExtension.h
    M Source/WebKit/Shared/WebPageCreationParameters.cpp
    M Source/WebKit/Shared/WebPageCreationParameters.h
    M Source/WebKit/Shared/WebProcessCreationParameters.cpp
    M Source/WebKit/Shared/WebProcessCreationParameters.h
    M Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm
    M Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm
    M Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm
    M Source/WebKit/UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.cpp
    M Source/WebKit/UIProcess/UserMediaPermissionRequestManagerProxy.cpp
    M Source/WebKit/UIProcess/UserMediaProcessManager.cpp
    M Source/WebKit/UIProcess/WebPageProxy.cpp
    M Source/WebKit/UIProcess/WebProcessProxy.h
    M Source/WebKit/WebProcess/MediaStream/MediaDeviceSandboxExtensions.cpp
    M Source/WebKit/WebProcess/MediaStream/MediaDeviceSandboxExtensions.h
    M Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.cpp
    M Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.h
    M Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.messages.in
    M Source/WebKit/WebProcess/WebPage/WebPage.cpp
    M Source/WebKit/WebProcess/WebPage/WebPage.h
    M Source/WebKit/WebProcess/WebPage/WebPage.messages.in
    M Source/WebKit/WebProcess/WebProcess.cpp
    M Source/WebKit/WebProcess/WebProcess.h
    M Source/WebKit/WebProcess/WebProcess.messages.in
    M Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm
    M Source/WebKit/WebProcess/com.apple.WebProcess.sb.in
    M Source/WebKit/WebProcess/glib/WebProcessGLib.cpp
    M Source/WebKit/WebProcess/win/WebProcessWin.cpp

  Log Message:
  -----------
  Use sandbox extension to enable Mach bootstrap'ing
https://bugs.webkit.org/show_bug.cgi?id=239722
rdar://92608084

Reviewed by Geoffrey Garen.

Instead of using a sandbox state variable to block launchd, use a generic sandbox extension instead. This
will enable us to re-block launchd after a temporary Mach sandbox extension has been granted, which was
not possible with the sandbox state variable. This means we need to create an extra sandbox extension
when we create a Mach sandbox extension for the WebContent process.

* Source/WTF/wtf/PlatformHave.h:
* Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
* Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm:
(WebKit::SandboxExtension::createHandleForMachBootstrapExtension):
(WebKit::SandboxExtension::createHandleForMachLookup):
(WebKit::SandboxExtension::createHandlesForMachLookup):
* Source/WebKit/Shared/SandboxExtension.h:
* Source/WebKit/Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):
* Source/WebKit/Shared/WebPageCreationParameters.h:
* Source/WebKit/Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):
* Source/WebKit/Shared/WebProcessCreationParameters.h:
* Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm:
(WebKit::WebPageProxy::createNetworkExtensionsSandboxExtensions):
(WebKit::WebPageProxy::grantAccessToAssetServices):
(WebKit::WebPageProxy::switchFromStaticFontRegistryToUserFontRegistry):
* Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::platformInitializeWebProcess):
(WebKit::WebProcessPool::registerNotificationObservers):
* Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm:
(WebKit::WebProcessProxy::fontdMachExtensionHandles const):
(WebKit::WebProcessProxy::fontdMachExtensionHandle const): Deleted.
* Source/WebKit/UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.cpp:
(WebKit::SpeechRecognitionRemoteRealtimeMediaSourceManager::addSource):
* Source/WebKit/UIProcess/UserMediaPermissionRequestManagerProxy.cpp:
(WebKit::UserMediaPermissionRequestManagerProxy::finishGrantingRequest):
* Source/WebKit/UIProcess/UserMediaProcessManager.cpp:
(WebKit::UserMediaProcessManager::willCreateMediaStream):
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didChooseFilesForOpenPanelWithDisplayStringAndIcon):
(WebKit::WebPageProxy::creationParameters):
* Source/WebKit/UIProcess/WebProcessProxy.h:
* Source/WebKit/WebProcess/MediaStream/MediaDeviceSandboxExtensions.cpp:
(WebKit::MediaDeviceSandboxExtensions::MediaDeviceSandboxExtensions):
(WebKit::MediaDeviceSandboxExtensions::encode const):
(WebKit::MediaDeviceSandboxExtensions::decode):
* Source/WebKit/WebProcess/MediaStream/MediaDeviceSandboxExtensions.h:
(WebKit::MediaDeviceSandboxExtensions::machBootstrapExtension):
* Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.cpp:
(WebKit::SpeechRecognitionRealtimeMediaSourceManager::grantSandboxExtensions):
(WebKit::SpeechRecognitionRealtimeMediaSourceManager::revokeSandboxExtensions):
* Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.h:
* Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.messages.in:
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::m_appHighlightsVisible):
(WebKit::WebPage::didChooseFilesForOpenPanelWithDisplayStringAndIcon):
(WebKit::WebPage::userMediaAccessWasGranted):
* Source/WebKit/WebProcess/WebPage/WebPage.h:
* Source/WebKit/WebProcess/WebPage/WebPage.messages.in:
* Source/WebKit/WebProcess/WebProcess.cpp:
(WebKit::WebProcess::grantUserMediaDeviceSandboxExtensions):
(WebKit::WebProcess::revokeUserMediaDeviceSandboxExtensions):
* Source/WebKit/WebProcess/WebProcess.h:
* Source/WebKit/WebProcess/WebProcess.messages.in:
* Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):
(WebKit::WebProcess::grantAccessToAssetServices):
(WebKit::WebProcess::revokeAccessToAssetServices):
(WebKit::WebProcess::switchFromStaticFontRegistryToUserFontRegistry):
(WebKit::WebProcess::openDirectoryCacheInvalidated):
* Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:
* Source/WebKit/WebProcess/glib/WebProcessGLib.cpp:
(WebKit::WebProcess::grantAccessToAssetServices):
(WebKit::WebProcess::switchFromStaticFontRegistryToUserFontRegistry):
* Source/WebKit/WebProcess/win/WebProcessWin.cpp:
(WebKit::WebProcess::grantAccessToAssetServices):
(WebKit::WebProcess::switchFromStaticFontRegistryToUserFontRegistry):

Canonical link: https://commits.webkit.org/257982@main

More information about the webkit-changes mailing list