[webkit-changes] [WebKit/WebKit] ac5c0d: [iOS] Only allow access to the TCC daemon when the...

Per Arne Vollan noreply at github.com
Thu Sep 28 07:55:48 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: ac5c0d67aaf4040d236090f77d11a04bcdff7865
      https://github.com/WebKit/WebKit/commit/ac5c0d67aaf4040d236090f77d11a04bcdff7865
  Author: Per Arne Vollan <pvollan at apple.com>
  Date:   2023-09-28 (Thu, 28 Sep 2023)

  Changed paths:
    M Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in
    M Source/WebKit/Scripts/process-entitlements.sh
    M Source/WebKit/UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.cpp
    M Source/WebKit/UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.h
    M Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.cpp
    M Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.h
    M Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.messages.in
    M Source/WebKit/WebProcess/com.apple.WebProcess.sb.in

  Log Message:
  -----------
  [iOS] Only allow access to the TCC daemon when the GPU process is not enabled
https://bugs.webkit.org/show_bug.cgi?id=262049
rdar://115996579

Reviewed by Youenn Fablet.

Block access to the TCC daemon in the WebContent process on iOS when the GPU process is enabled.
When the GPU process is enabled, the code that requires access to TCCD will be running in the
GPU process. There is no longer any need to grant this sandbox extension to the WebContent
process.

* Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
* Source/WebKit/Scripts/process-entitlements.sh:
* Source/WebKit/UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.cpp:
(WebKit::SpeechRecognitionRemoteRealtimeMediaSourceManager::addSource):
(WebKit::SpeechRecognitionRemoteRealtimeMediaSourceManager::removeSource):
* Source/WebKit/UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.h:
* Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.cpp:
(WebKit::SpeechRecognitionRealtimeMediaSourceManager::grantSandboxExtensions): Deleted.
(WebKit::SpeechRecognitionRealtimeMediaSourceManager::revokeSandboxExtensions): Deleted.
* Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.h:
* Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.messages.in:
* Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:

Canonical link: https://commits.webkit.org/268586@main

More information about the webkit-changes mailing list