[webkit-changes] [WebKit/WebKit] 3672c4: [GTK][WPE] Own well-known bus name on a11y bus

Georges Basile Stavracas Neto noreply at github.com
Wed Oct 9 08:19:20 PDT 2024 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 3672c423722b5f0b07fcb7962ee268f278c908ff
      https://github.com/WebKit/WebKit/commit/3672c423722b5f0b07fcb7962ee268f278c908ff
  Author: Georges Basile Stavracas Neto <feaneron at igalia.com>
  Date:   2024-10-09 (Wed, 09 Oct 2024)

  Changed paths:
    M Source/WTF/wtf/glib/Sandbox.cpp
    M Source/WTF/wtf/glib/Sandbox.h
    M Source/WebCore/accessibility/atspi/AccessibilityAtspi.cpp
    M Source/WebCore/accessibility/atspi/AccessibilityAtspi.h
    M Source/WebKit/Shared/WebProcessCreationParameters.h
    M Source/WebKit/Shared/WebProcessCreationParameters.serialization.in
    M Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp
    M Source/WebKit/UIProcess/Launcher/ProcessLauncher.h
    M Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
    M Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.h
    M Source/WebKit/UIProcess/Launcher/glib/FlatpakLauncher.cpp
    M Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp
    M Source/WebKit/UIProcess/Launcher/glib/XDGDBusProxy.cpp
    M Source/WebKit/UIProcess/Launcher/glib/XDGDBusProxy.h
    M Source/WebKit/UIProcess/WebProcessPool.h
    M Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp
    M Source/WebKit/UIProcess/glib/WebProcessProxyGLib.cpp
    M Source/WebKit/UIProcess/gtk/WebPageProxyGtk.cpp
    M Source/WebKit/WebProcess/glib/WebProcessGLib.cpp
    M Tools/Scripts/webkitpy/style/checkers/cpp.py

  Log Message:
  -----------
  [GTK][WPE] Own well-known bus name on a11y bus
https://bugs.webkit.org/show_bug.cgi?id=273245

Reviewed by Michael Catanzaro.

Currently WebKit on Linux is not accesible when running under Flatpak,
because the Web process and the UI process cannot communicate across
sandbox boundaries and connect their a11y trees.

Fundamentally, the problem is that Flatpak creates a separate sandbox
for the Web process, but doesn't let the UI process sandbox talk to it.
It cannot, after all - Flatpak cannot know ahead of time which D-Bus
name the Web process sandboxes will end up having!

One way to circumvent this in a well tested manner, is to use well-known
names to identify the Web process in the a11y bus. The idea is that the
UI process will talk to a bus name that Flatpak can verify at runtime,
e.g. org.gnome.Epiphany.Sandboxed.WebProcess-UUID, instead of an opaque
unique name (e.g. :1.321).

This is possible on Flatpak as per portal version 7, which introduces
the necessary plumbing for the a11y bus ownership to pass through.

The Bubblewrap code path does the same, it lets the Web process own
the specific a11y bus name assigned from the UI process. To do that,
change XDGDBusProxy to spawn once for each Web process, instead of
once for all Web processes.

See https://github.com/flatpak/flatpak/pull/5898
See https://github.com/flatpak/flatpak-xdg-utils/pull/67

* Source/WTF/wtf/glib/Sandbox.cpp:
(WTF::checkFlatpakPortalVersion):
(WTF::sandboxedAccessibilityBusName):
(WTF::setSandboxedAccessibilityBusName):
* Source/WTF/wtf/glib/Sandbox.h:
* Source/WebCore/accessibility/atspi/AccessibilityAtspi.cpp:
(WebCore::AccessibilityAtspi::connect):
(WebCore::AccessibilityAtspi::didConnect):
(WebCore::AccessibilityAtspi::didOwnName):
(WebCore::AccessibilityAtspi::registerRoot):
* Source/WebCore/accessibility/atspi/AccessibilityAtspi.h:
* Source/WebKit/Shared/WebProcessCreationParameters.h:
* Source/WebKit/Shared/WebProcessCreationParameters.serialization.in:
* Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseSetPlugID):
* Source/WebKit/UIProcess/Launcher/glib/FlatpakLauncher.cpp:
(WebKit::flatpakSpawn):
* Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:
(WebKit::ProcessLauncher::launchProcess):
* Source/WebKit/UIProcess/Launcher/glib/XDGDBusProxy.cpp:
(WebKit::XDGDBusProxy::accessibilityProxy):
* Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp:
(WebKit::WebProcessPool::platformInitializeWebProcess):
* Source/WebKit/UIProcess/gtk/WebPageProxyGtk.cpp:
(WebKit::WebPageProxy::bindAccessibilityTree):
* Source/WebKit/WebProcess/glib/WebProcessGLib.cpp:
(WebKit::WebProcess::platformInitializeWebProcess):

Canonical link: https://commits.webkit.org/284894@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list