[webkit-changes] [WebKit/WebKit] df8ea8: Set sandbox state flag on extension processes

Per Arne Vollan noreply at github.com
Wed Dec 6 12:29:50 PST 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: df8ea8c5ad6aa163ecffb4166760fb4f651ab61a
      https://github.com/WebKit/WebKit/commit/df8ea8c5ad6aa163ecffb4166760fb4f651ab61a
  Author: Per Arne Vollan <pvollan at apple.com>
  Date:   2023-12-06 (Wed, 06 Dec 2023)

  Changed paths:
    M Source/WebKit/Shared/AuxiliaryProcessExtensions/GPUProcessExtension.swift
    M Source/WebKit/Shared/AuxiliaryProcessExtensions/NetworkingProcessExtension.swift
    M Source/WebKit/Shared/AuxiliaryProcessExtensions/WebContentProcessExtension.swift
    M Source/WebKit/Shared/Cocoa/WKProcessExtension.h
    M Source/WebKit/Shared/Cocoa/WKProcessExtension.mm
    M Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm
    M Source/WebKit/WebProcess/WebPage/WebPage.cpp
    M Source/WebKit/WebProcess/WebPage/WebPage.h

  Log Message:
  -----------
  Set sandbox state flag on extension processes
https://bugs.webkit.org/show_bug.cgi?id=265835
rdar://119159447

Reviewed by Brent Fulgham.

Add functions to enable WebKit extension processes to set sandbox state flags. These flags can then
be used in the various sandboxes to restrict the sandbox further.

* Source/WebKit/Shared/AuxiliaryProcessExtensions/GPUProcessExtension.swift:
(GPUProcessExtension.lockdownSandbox(_:)):
* Source/WebKit/Shared/AuxiliaryProcessExtensions/NetworkingProcessExtension.swift:
(NetworkingProcessExtension.lockdownSandbox(_:)):
* Source/WebKit/Shared/AuxiliaryProcessExtensions/WebContentProcessExtension.swift:
(WebContentProcessExtension.lockdownSandbox(_:)):
* Source/WebKit/Shared/Cocoa/WKProcessExtension.h:
* Source/WebKit/Shared/Cocoa/WKProcessExtension.mm:
(-[WKProcessExtension lockdownSandbox:]):
(-[WKProcessExtension lockdownSandboxPostLaunch]):
* Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm:
(WebKit::WebPage::setHasLaunchedWebContentProcess):
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::create):
* Source/WebKit/WebProcess/WebPage/WebPage.h:

Canonical link: https://commits.webkit.org/271626@main

More information about the webkit-changes mailing list