<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[185298] trunk/Source/WebKit2</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/185298">185298</a></dd>
<dt>Author</dt> <dd>mitz@apple.com</dd>
<dt>Date</dt> <dd>2015-06-06 19:08:46 -0700 (Sat, 06 Jun 2015)</dd>
</dl>
<h3>Log Message</h3>
<pre>[iOS] Can’t debug with Development XPC services due to automatic sandboxing
https://bugs.webkit.org/show_bug.cgi?id=145731
Reviewed by Darin Adler.
In iOS, the XPC services are automatically sandboxed based on their entitlements. The
sandbox doesn’t allow them to re-exec, which is necessary for linking against engineering
builds of the WebKit frameworks placed in a non-system location.
The solution is to opt Engineering builds into manual sandboxing.
* Configurations/BaseTarget.xcconfig:
- Add ENABLE_MANUAL_SANDBOXING to
GCC_PREPROCESSOR_DEFINITIONS when WK_MANUAL_SANDBOXING_ENABLED is YES.
- Set WK_MANUAL_SANDBOXING_ENABLED to YES for OS X, because we always use manual
sandboxing on that platform.
* Configurations/DebugRelease.xcconfig: Removed unused definition of DEBUG_OR_RELEASE. Set
WK_MANUAL_SANDBOXING_ENABLED to YES for all engineering builds.
* Configurations/BaseXPCService.xcconfig: Define CODE_SIGN_ENTITLEMENTS for iOS to be empty
if the service is not installed; to use the base entitlements file from Configurations if
manual sandboxing is not enabled; and to use a derived entitlements file, which doesn’t
specify a sandbox profile, if manual sandboxing is enabled.
* Configurations/DatabaseService.Development.xcconfig: Define
WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE and let BaseXPCService.xcconfig define
CODE_SIGN_ENTITLEMENTS for iOS.
* Configurations/DatabaseService.xcconfig: Ditto.
* Configurations/NetworkService.Development.xcconfig: Ditto.
* Configurations/NetworkService.xcconfig: Ditto.
* Configurations/WebContentService.Development.xcconfig: Ditto.
* Configurations/WebContentService.xcconfig: Ditto.
* WebKit2.xcodeproj/project.pbxproj:
- In the Derived Sources target, added a Derive Entitlements for Manual Sandboxing script
build phase. When building for iOS with manual sandboxing enabled, it creates copies of
the iOS entitlements files with a -no-sandbox suffix and the seatbelt-profiles key
removed.
- In the WebKit target, added a Copy iOS Sandbox Profiles for Manual Sandboxing script build
phase. When building for iOS with manual sandboxing enabled, it copies the iOS sandbox
profiles into the framework, so that the services can apply them to themselves at runtime.
* Shared/ios/ChildProcessIOS.mm:
(WebKit::ChildProcess::initializeSandbox): Use ENABLE(MANUAL_SANDBOXING) and don’t define it
here.
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::initializeSandbox): Use ENABLE(MANUAL_SANDBOXING) instead of defining
and using ENABLE_MANUAL_WEBPROCESS_SANDBOXING here.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebKit2ChangeLog">trunk/Source/WebKit2/ChangeLog</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsBaseTargetxcconfig">trunk/Source/WebKit2/Configurations/BaseTarget.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsBaseXPCServicexcconfig">trunk/Source/WebKit2/Configurations/BaseXPCService.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsDatabaseServiceDevelopmentxcconfig">trunk/Source/WebKit2/Configurations/DatabaseService.Development.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsDatabaseServicexcconfig">trunk/Source/WebKit2/Configurations/DatabaseService.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsDebugReleasexcconfig">trunk/Source/WebKit2/Configurations/DebugRelease.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsNetworkServiceDevelopmentxcconfig">trunk/Source/WebKit2/Configurations/NetworkService.Development.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsNetworkServicexcconfig">trunk/Source/WebKit2/Configurations/NetworkService.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsWebContentServiceDevelopmentxcconfig">trunk/Source/WebKit2/Configurations/WebContentService.Development.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2ConfigurationsWebContentServicexcconfig">trunk/Source/WebKit2/Configurations/WebContentService.xcconfig</a></li>
<li><a href="#trunkSourceWebKit2SharediosChildProcessIOSmm">trunk/Source/WebKit2/Shared/ios/ChildProcessIOS.mm</a></li>
<li><a href="#trunkSourceWebKit2WebKit2xcodeprojprojectpbxproj">trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj</a></li>
<li><a href="#trunkSourceWebKit2WebProcesscocoaWebProcessCocoamm">trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebKit2ChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/ChangeLog (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/ChangeLog 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/ChangeLog 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -1,3 +1,57 @@
</span><ins>+2015-06-06 Dan Bernstein <mitz@apple.com>
+
+ [iOS] Can’t debug with Development XPC services due to automatic sandboxing
+ https://bugs.webkit.org/show_bug.cgi?id=145731
+
+ Reviewed by Darin Adler.
+
+ In iOS, the XPC services are automatically sandboxed based on their entitlements. The
+ sandbox doesn’t allow them to re-exec, which is necessary for linking against engineering
+ builds of the WebKit frameworks placed in a non-system location.
+
+ The solution is to opt Engineering builds into manual sandboxing.
+
+ * Configurations/BaseTarget.xcconfig:
+ - Add ENABLE_MANUAL_SANDBOXING to
+ GCC_PREPROCESSOR_DEFINITIONS when WK_MANUAL_SANDBOXING_ENABLED is YES.
+ - Set WK_MANUAL_SANDBOXING_ENABLED to YES for OS X, because we always use manual
+ sandboxing on that platform.
+
+ * Configurations/DebugRelease.xcconfig: Removed unused definition of DEBUG_OR_RELEASE. Set
+ WK_MANUAL_SANDBOXING_ENABLED to YES for all engineering builds.
+
+ * Configurations/BaseXPCService.xcconfig: Define CODE_SIGN_ENTITLEMENTS for iOS to be empty
+ if the service is not installed; to use the base entitlements file from Configurations if
+ manual sandboxing is not enabled; and to use a derived entitlements file, which doesn’t
+ specify a sandbox profile, if manual sandboxing is enabled.
+
+ * Configurations/DatabaseService.Development.xcconfig: Define
+ WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE and let BaseXPCService.xcconfig define
+ CODE_SIGN_ENTITLEMENTS for iOS.
+
+ * Configurations/DatabaseService.xcconfig: Ditto.
+ * Configurations/NetworkService.Development.xcconfig: Ditto.
+ * Configurations/NetworkService.xcconfig: Ditto.
+ * Configurations/WebContentService.Development.xcconfig: Ditto.
+ * Configurations/WebContentService.xcconfig: Ditto.
+
+ * WebKit2.xcodeproj/project.pbxproj:
+ - In the Derived Sources target, added a Derive Entitlements for Manual Sandboxing script
+ build phase. When building for iOS with manual sandboxing enabled, it creates copies of
+ the iOS entitlements files with a -no-sandbox suffix and the seatbelt-profiles key
+ removed.
+ - In the WebKit target, added a Copy iOS Sandbox Profiles for Manual Sandboxing script build
+ phase. When building for iOS with manual sandboxing enabled, it copies the iOS sandbox
+ profiles into the framework, so that the services can apply them to themselves at runtime.
+
+ * Shared/ios/ChildProcessIOS.mm:
+ (WebKit::ChildProcess::initializeSandbox): Use ENABLE(MANUAL_SANDBOXING) and don’t define it
+ here.
+
+ * WebProcess/cocoa/WebProcessCocoa.mm:
+ (WebKit::WebProcess::initializeSandbox): Use ENABLE(MANUAL_SANDBOXING) instead of defining
+ and using ENABLE_MANUAL_WEBPROCESS_SANDBOXING here.
+
</ins><span class="cx"> 2015-06-06 Anders Carlsson <andersca@apple.com>
</span><span class="cx">
</span><span class="cx"> Remove support from getting plug-in information from Carbon resources
</span></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsBaseTargetxcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/BaseTarget.xcconfig (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/BaseTarget.xcconfig 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Configurations/BaseTarget.xcconfig 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -29,7 +29,7 @@
</span><span class="cx"> FRAMEWORK_SEARCH_PATHS = $(FRAMEWORK_SEARCH_PATHS_base);
</span><span class="cx">
</span><span class="cx"> GCC_PREFIX_HEADER = WebKit2Prefix.h;
</span><del>-GCC_PREPROCESSOR_DEFINITIONS = $(DEBUG_DEFINES) $(FEATURE_DEFINES) FRAMEWORK_NAME=WebKit
</del><ins>+GCC_PREPROCESSOR_DEFINITIONS = $(DEBUG_DEFINES) $(FEATURE_DEFINES) $(WK_MANUAL_SANDBOXING_DEFINES) FRAMEWORK_NAME=WebKit
</ins><span class="cx"> HEADER_SEARCH_PATHS = $(BUILT_PRODUCTS_DIR)/usr/local/include $(WEBCORE_PRIVATE_HEADERS_DIR)/ForwardingHeaders $(WEBCORE_PRIVATE_HEADERS_DIR)/icu $(BUILT_PRODUCTS_DIR)/DerivedSources/WebKit2 $(HEADER_SEARCH_PATHS);
</span><span class="cx">
</span><span class="cx"> OTHER_CFLAGS = $(inherited) -iframework $(SDKROOT)$(SYSTEM_LIBRARY_DIR)/Frameworks/ApplicationServices.framework/Frameworks -iframework $(SDKROOT)$(SYSTEM_LIBRARY_DIR)/Frameworks/Carbon.framework/Frameworks -iframework $(SDKROOT)$(SYSTEM_LIBRARY_DIR)/Frameworks/Quartz.framework/Frameworks -iframework $(SDKROOT)$(SYSTEM_LIBRARY_DIR)/Frameworks/CoreServices.framework/Frameworks -iframework $(SDKROOT)$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks;
</span><span class="lines">@@ -58,3 +58,8 @@
</span><span class="cx">
</span><span class="cx"> OTHER_LDFLAGS_VERSIONED_FRAMEWORK_PATH = $(OTHER_LDFLAGS_VERSIONED_FRAMEWORK_PATH_$(USE_STAGING_INSTALL_PATH));
</span><span class="cx"> OTHER_LDFLAGS_VERSIONED_FRAMEWORK_PATH_YES = -Wl,-dyld_env -Wl,DYLD_VERSIONED_FRAMEWORK_PATH=/System/Library/StagedFrameworks/Safari;
</span><ins>+
+WK_MANUAL_SANDBOXING_ENABLED[sdk=macosx*] = YES;
+
+WK_MANUAL_SANDBOXING_DEFINES = $(WK_MANUAL_SANDBOXING_DEFINES_$(WK_MANUAL_SANDBOXING_ENABLED));
+WK_MANUAL_SANDBOXING_DEFINES_YES = ENABLE_MANUAL_SANDBOXING;
</ins></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsBaseXPCServicexcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/BaseXPCService.xcconfig (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/BaseXPCService.xcconfig 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Configurations/BaseXPCService.xcconfig 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -44,3 +44,13 @@
</span><span class="cx"> MACH_O_TYPE = mh_execute;
</span><span class="cx">
</span><span class="cx"> OTHER_LDFLAGS = $(inherited) $(OTHER_LDFLAGS_VERSIONED_FRAMEWORK_PATH);
</span><ins>+
+CODE_SIGN_ENTITLEMENTS[sdk=iphone*] = $(CODE_SIGN_ENTITLEMENTS_IOS_SKIP_INSTALL_$(SKIP_INSTALL));
+
+CODE_SIGN_ENTITLEMENTS_IOS_SKIP_INSTALL_ = $(CODE_SIGN_ENTITLEMENTS_IOS_SKIP_INSTALL_NO);
+CODE_SIGN_ENTITLEMENTS_IOS_SKIP_INSTALL_NO = $(CODE_SIGN_ENTITLEMENTS_IOS_MANUAL_SANDBOXING_$(WK_MANUAL_SANDBOXING_ENABLED));
+CODE_SIGN_ENTITLEMENTS_IOS_SKIP_INSTALL_YES = ;
+
+CODE_SIGN_ENTITLEMENTS_IOS_MANUAL_SANDBOXING_ = $(CODE_SIGN_ENTITLEMENTS_IOS_MANUAL_SANDBOXING_NO);
+CODE_SIGN_ENTITLEMENTS_IOS_MANUAL_SANDBOXING_NO = Configurations/$(WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE).entitlements;
+CODE_SIGN_ENTITLEMENTS_IOS_MANUAL_SANDBOXING_YES = $(BUILT_PRODUCTS_DIR)/DerivedSources/WebKit2/$(WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE)-no-sandbox.entitlements;
</ins></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsDatabaseServiceDevelopmentxcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/DatabaseService.Development.xcconfig (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/DatabaseService.Development.xcconfig 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Configurations/DatabaseService.Development.xcconfig 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -24,9 +24,7 @@
</span><span class="cx"> #include "BaseXPCService.xcconfig"
</span><span class="cx">
</span><span class="cx"> WK_XPC_SERVICE_VARIANT = Development;
</span><ins>+WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = Databases-iOS;
</ins><span class="cx">
</span><span class="cx"> PRODUCT_NAME = com.apple.WebKit.Databases.Development;
</span><span class="cx"> INFOPLIST_FILE = DatabaseProcess/EntryPoint/mac/XPCService/DatabaseService.Development/Info.plist;
</span><del>-
-CODE_SIGN_ENTITLEMENTS[sdk=iphoneos*] = Configurations/Databases-iOS.entitlements
-CODE_SIGN_ENTITLEMENTS[sdk=iphonesimulator*] = Configurations/Databases-iOS.entitlements
</del></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsDatabaseServicexcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/DatabaseService.xcconfig (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/DatabaseService.xcconfig 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Configurations/DatabaseService.xcconfig 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -24,9 +24,7 @@
</span><span class="cx"> #include "BaseXPCService.xcconfig"
</span><span class="cx">
</span><span class="cx"> WK_XPC_SERVICE_VARIANT = Normal;
</span><ins>+WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = WebContent-iOS;
</ins><span class="cx">
</span><span class="cx"> PRODUCT_NAME = com.apple.WebKit.Databases;
</span><span class="cx"> INFOPLIST_FILE = DatabaseProcess/EntryPoint/mac/XPCService/DatabaseService/Info.plist;
</span><del>-
-CODE_SIGN_ENTITLEMENTS[sdk=iphoneos*] = Configurations/Databases-iOS.entitlements
-CODE_SIGN_ENTITLEMENTS[sdk=iphonesimulator*] = Configurations/Databases-iOS.entitlements
</del></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsDebugReleasexcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/DebugRelease.xcconfig (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/DebugRelease.xcconfig 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Configurations/DebugRelease.xcconfig 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -44,9 +44,9 @@
</span><span class="cx"> WEBKIT_SYSTEM_INTERFACE_LIBRARY_macosx_101100 = $(WEBKIT_SYSTEM_INTERFACE_LIBRARY_macosx_101000);
</span><span class="cx"> WEBKIT_SYSTEM_INTERFACE_LIBRARY_macosx_101200 = $(WEBKIT_SYSTEM_INTERFACE_LIBRARY_macosx_101100);
</span><span class="cx">
</span><del>-DEBUG_OR_RELEASE = YES;
-
</del><span class="cx"> SDKROOT[sdk=iphone*] = $(SDKROOT);
</span><span class="cx"> SDKROOT = $(SDKROOT_$(PLATFORM_NAME)_$(USE_INTERNAL_SDK));
</span><span class="cx"> SDKROOT_macosx_ = macosx;
</span><span class="cx"> SDKROOT_macosx_YES = macosx.internal;
</span><ins>+
+WK_MANUAL_SANDBOXING_ENABLED = YES;
</ins></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsNetworkServiceDevelopmentxcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/NetworkService.Development.xcconfig (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/NetworkService.Development.xcconfig 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Configurations/NetworkService.Development.xcconfig 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -24,9 +24,8 @@
</span><span class="cx"> #include "BaseXPCService.xcconfig"
</span><span class="cx">
</span><span class="cx"> WK_XPC_SERVICE_VARIANT = Development;
</span><ins>+WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = Network-iOS;
</ins><span class="cx">
</span><span class="cx"> PRODUCT_NAME = com.apple.WebKit.Networking.Development;
</span><span class="cx"> INFOPLIST_FILE[sdk=iphone*] = NetworkProcess/EntryPoint/mac/XPCService/NetworkService.Development/Info-iOS.plist;
</span><span class="cx"> INFOPLIST_FILE[sdk=macosx*] = NetworkProcess/EntryPoint/mac/XPCService/NetworkService.Development/Info-OSX.plist;
</span><del>-
-CODE_SIGN_ENTITLEMENTS[sdk=iphone*] = Configurations/Network-iOS.entitlements;
</del></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsNetworkServicexcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/NetworkService.xcconfig (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/NetworkService.xcconfig 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Configurations/NetworkService.xcconfig 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -24,6 +24,7 @@
</span><span class="cx"> #include "BaseXPCService.xcconfig"
</span><span class="cx">
</span><span class="cx"> WK_XPC_SERVICE_VARIANT = Normal;
</span><ins>+WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = Network-iOS;
</ins><span class="cx">
</span><span class="cx"> PRODUCT_NAME = com.apple.WebKit.Networking;
</span><span class="cx"> INFOPLIST_FILE[sdk=iphone*] = NetworkProcess/EntryPoint/mac/XPCService/NetworkService/Info-iOS.plist;
</span><span class="lines">@@ -31,8 +32,6 @@
</span><span class="cx"> INFOPLIST_FILE[sdk=macosx10.9*] = NetworkProcess/EntryPoint/mac/XPCService/NetworkService/Info-OSX-10.9-10.10.plist;
</span><span class="cx"> INFOPLIST_FILE[sdk=macosx10.10*] = NetworkProcess/EntryPoint/mac/XPCService/NetworkService/Info-OSX-10.9-10.10.plist;
</span><span class="cx">
</span><del>-CODE_SIGN_ENTITLEMENTS[sdk=iphone*] = Configurations/Network-iOS.entitlements;
-
</del><span class="cx"> OTHER_LDFLAGS = $(inherited) $(OTHER_LDFLAGS_VERSIONED_FRAMEWORK_PATH) $(OTHER_LDFLAGS_PLATFORM);
</span><span class="cx"> OTHER_LDFLAGS_PLATFORM[sdk=macosx*] = $(BUILT_PRODUCTS_DIR)/SecItemShim.dylib;
</span><span class="cx"> OTHER_LDFLAGS_PLATFORM[sdk=macosx10.9*] = ;
</span></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsWebContentServiceDevelopmentxcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/WebContentService.Development.xcconfig (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/WebContentService.Development.xcconfig 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Configurations/WebContentService.Development.xcconfig 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -24,6 +24,7 @@
</span><span class="cx"> #include "BaseXPCService.xcconfig"
</span><span class="cx">
</span><span class="cx"> WK_XPC_SERVICE_VARIANT = Development;
</span><ins>+WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = WebContent-iOS;
</ins><span class="cx">
</span><span class="cx"> PRODUCT_NAME = com.apple.WebKit.WebContent.Development;
</span><span class="cx"> INFOPLIST_FILE[sdk=iphone*] = WebProcess/EntryPoint/mac/XPCService/WebContentService.Development/Info-iOS.plist;
</span><span class="lines">@@ -36,7 +37,5 @@
</span><span class="cx"> BUNDLE_LOCALIZATION_KEY_macosx_101100 = CFBundleFollowParentLocalization;
</span><span class="cx"> BUNDLE_LOCALIZATION_KEY_macosx_101200 = CFBundleFollowParentLocalization;
</span><span class="cx">
</span><del>-CODE_SIGN_ENTITLEMENTS[sdk=iphoneos*] = Configurations/WebContent-iOS.entitlements;
-
</del><span class="cx"> OTHER_LDFLAGS = $(inherited) $(OTHER_LDFLAGS_VERSIONED_FRAMEWORK_PATH) $(OTHER_LDFLAGS_PLATFORM);
</span><span class="cx"> OTHER_LDFLAGS_PLATFORM[sdk=macosx*] = -framework AppKit;
</span></span></pre></div>
<a id="trunkSourceWebKit2ConfigurationsWebContentServicexcconfig"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Configurations/WebContentService.xcconfig (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Configurations/WebContentService.xcconfig 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Configurations/WebContentService.xcconfig 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -24,6 +24,7 @@
</span><span class="cx"> #include "BaseXPCService.xcconfig"
</span><span class="cx">
</span><span class="cx"> WK_XPC_SERVICE_VARIANT = Normal;
</span><ins>+WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = WebContent-iOS;
</ins><span class="cx">
</span><span class="cx"> PRODUCT_NAME = com.apple.WebKit.WebContent;
</span><span class="cx"> INFOPLIST_FILE[sdk=iphone*] = WebProcess/EntryPoint/mac/XPCService/WebContentService/Info-iOS.plist;
</span><span class="lines">@@ -38,8 +39,6 @@
</span><span class="cx"> BUNDLE_LOCALIZATION_KEY_macosx_101100 = CFBundleFollowParentLocalization;
</span><span class="cx"> BUNDLE_LOCALIZATION_KEY_macosx_101200 = CFBundleFollowParentLocalization;
</span><span class="cx">
</span><del>-CODE_SIGN_ENTITLEMENTS[sdk=iphoneos*] = Configurations/WebContent-iOS.entitlements;
-
</del><span class="cx"> OTHER_LDFLAGS = $(inherited) $(OTHER_LDFLAGS_VERSIONED_FRAMEWORK_PATH) $(OTHER_LDFLAGS_PLATFORM);
</span><span class="cx"> OTHER_LDFLAGS_PLATFORM[sdk=macosx*] = -framework AppKit $(BUILT_PRODUCTS_DIR)/WebProcessShim.dylib;
</span><span class="cx"> OTHER_LDFLAGS_PLATFORM[sdk=macosx10.9*] = -framework AppKit;
</span></span></pre></div>
<a id="trunkSourceWebKit2SharediosChildProcessIOSmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Shared/ios/ChildProcessIOS.mm (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Shared/ios/ChildProcessIOS.mm 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/Shared/ios/ChildProcessIOS.mm 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -41,12 +41,8 @@
</span><span class="cx">
</span><span class="cx"> #import <WebCore/FloatingPointEnvironment.h>
</span><span class="cx">
</span><del>-#ifndef ENABLE_MANUAL_SANDBOXING
-#define ENABLE_MANUAL_SANDBOXING 0
-#endif
</del><ins>+#if ENABLE(MANUAL_SANDBOXING)
</ins><span class="cx">
</span><del>-#if ENABLE_MANUAL_SANDBOXING
-
</del><span class="cx"> // We have to #undef __APPLE_API_PRIVATE to prevent sandbox.h from looking for a header file that does not exist (<rdar://problem/9679211>).
</span><span class="cx"> #undef __APPLE_API_PRIVATE
</span><span class="cx"> #import <sandbox.h>
</span><span class="lines">@@ -74,7 +70,7 @@
</span><span class="cx">
</span><span class="cx"> void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters)
</span><span class="cx"> {
</span><del>-#if ENABLE_MANUAL_SANDBOXING
</del><ins>+#if ENABLE(MANUAL_SANDBOXING)
</ins><span class="cx"> NSBundle *webkit2Bundle = [NSBundle bundleForClass:NSClassFromString(@"WKView")];
</span><span class="cx"> String defaultProfilePath = [webkit2Bundle pathForResource:[[NSBundle mainBundle] bundleIdentifier] ofType:@"sb"];
</span><span class="cx"> if (sandboxParameters.systemDirectorySuffix().isNull()) {
</span></span></pre></div>
<a id="trunkSourceWebKit2WebKit2xcodeprojprojectpbxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/WebKit2.xcodeproj/project.pbxproj 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -74,6 +74,7 @@
</span><span class="cx"> buildConfigurationList = C0CE72891247E68600BC0EC4 /* Build configuration list for PBXAggregateTarget "Derived Sources" */;
</span><span class="cx"> buildPhases = (
</span><span class="cx"> C0CE72841247E66800BC0EC4 /* Generate Derived Sources */,
</span><ins>+ 3740E7281B23724A004ADEF1 /* Derive Entitlements for Manual Sandboxing */,
</ins><span class="cx"> );
</span><span class="cx"> dependencies = (
</span><span class="cx"> );
</span><span class="lines">@@ -8690,6 +8691,7 @@
</span><span class="cx"> 1A1D2115191D96380001619F /* Postprocess Framework Headers */,
</span><span class="cx"> 8DC2EF520486A6940098B216 /* Resources */,
</span><span class="cx"> 7CB16FEE1724BA05007A0A95 /* Copy Plug-in Sandbox Profiles */,
</span><ins>+ 37E531011B2391090074F0DF /* Copy iOS Sandbox Profiles for Manual Sandboxing */,
</ins><span class="cx"> 1A07D2F71919B36500ECDA16 /* Copy Message Generation Scripts */,
</span><span class="cx"> 8DC2EF540486A6940098B216 /* Sources */,
</span><span class="cx"> 8DC2EF560486A6940098B216 /* Frameworks */,
</span><span class="lines">@@ -9201,6 +9203,26 @@
</span><span class="cx"> shellPath = /bin/sh;
</span><span class="cx"> shellScript = "if [ \"${ACTION}\" = \"installhdrs\" ]; then\n exit 0;\nfi\n\nif [ -f ../../Tools/Scripts/check-for-inappropriate-objc-class-names ]; then\n ../../Tools/Scripts/check-for-inappropriate-objc-class-names WK _WK || exit $?\nfi";
</span><span class="cx"> };
</span><ins>+ 3740E7281B23724A004ADEF1 /* Derive Entitlements for Manual Sandboxing */ = {
+ isa = PBXShellScriptBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ );
+ inputPaths = (
+ "$(SRCROOT)/Configurations/Databases-iOS.entitlements",
+ "$(SRCROOT)/Configurations/Network-iOS.entitlements",
+ "$(SRCROOT)/Configurations/WebContent-iOS.entitlements",
+ );
+ name = "Derive Entitlements for Manual Sandboxing";
+ outputPaths = (
+ "$(BUILT_PRODUCTS_DIR)/DerivedSources/WebKit2/Databases-iOS-no-sandbox.entitlements",
+ "$(BUILT_PRODUCTS_DIR)/DerivedSources/WebKit2/Network-iOS-no-sandbox.entitlements",
+ "$(BUILT_PRODUCTS_DIR)/DerivedSources/WebKit2/WebContent-iOS-no-sandbox.entitlements",
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ shellPath = /bin/sh;
+ shellScript = "if [[ \"${WK_MANUAL_SANDBOXING_ENABLED}\" != \"YES\" || \"${PLATFORM_NAME}\" == \"macosx\" ]]; then\n exit\nfi\n\nif [[ \"${ACTION}\" == \"build\" || \"${ACTION}\" == \"install\" ]]; then\n for ((i = 0; i < ${SCRIPT_INPUT_FILE_COUNT}; ++i)); do\n eval ENTITLEMENTS=\\${SCRIPT_INPUT_FILE_${i}}\n ENTITLEMENTS_BASE=${ENTITLEMENTS##*/}\n ENTITLEMENTS_BASE=${ENTITLEMENTS_BASE%.entitlements}\n plutil -remove seatbelt-profiles -o \"${BUILT_PRODUCTS_DIR}/DerivedSources/WebKit2/${ENTITLEMENTS_BASE}-no-sandbox.entitlements\" \"${ENTITLEMENTS}\"\n done\nfi";
+ };
</ins><span class="cx"> 375A248817E5048E00C9A086 /* Postprocess WKBase.h */ = {
</span><span class="cx"> isa = PBXShellScriptBuildPhase;
</span><span class="cx"> buildActionMask = 2147483647;
</span><span class="lines">@@ -9216,6 +9238,26 @@
</span><span class="cx"> shellPath = /bin/sh;
</span><span class="cx"> shellScript = "WKBASE_H=${TARGET_BUILD_DIR}/${PRIVATE_HEADERS_FOLDER_PATH}/WKBase.h\n\nunifdef -B -D__APPLE__ -UBUILDING_GTK__ -UUSE_SOUP -UBUILDING_EFL__ -UBUILDING_QT__ -o ${WKBASE_H}.unifdef ${WKBASE_H}\n\ncase $? in\n0)\n rm ${WKBASE_H}.unifdef\n ;;\n1)\n mv ${WKBASE_H}{.unifdef,}\n ;;\n*)\n exit 1\nesac\n";
</span><span class="cx"> };
</span><ins>+ 37E531011B2391090074F0DF /* Copy iOS Sandbox Profiles for Manual Sandboxing */ = {
+ isa = PBXShellScriptBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ );
+ inputPaths = (
+ "$(SRCROOT)/Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb",
+ "$(SRCROOT)/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb",
+ "$(SRCROOT)/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb",
+ );
+ name = "Copy iOS Sandbox Profiles for Manual Sandboxing";
+ outputPaths = (
+ "$(TARGET_BUILD_DIR)/$(UNLOCALIZED_RESOURCES_FOLDER_PATH)/com.apple.WebKit.Databases.sb",
+ "$(TARGET_BUILD_DIR)/$(UNLOCALIZED_RESOURCES_FOLDER_PATH)/com.apple.WebKit.Networking.sb",
+ "$(TARGET_BUILD_DIR)/$(UNLOCALIZED_RESOURCES_FOLDER_PATH)/com.apple.WebKit.WebContent.sb",
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ shellPath = /bin/sh;
+ shellScript = "if [[ \"${WK_MANUAL_SANDBOXING_ENABLED}\" != \"YES\" || \"${PLATFORM_NAME}\" == \"macosx\" ]]; then\n exit\nfi\n\nif [[ \"${ACTION}\" == \"build\" || \"${ACTION}\" == \"install\" ]]; then\n for ((i = 0; i < ${SCRIPT_INPUT_FILE_COUNT}; ++i)); do\n eval SANDBOX_PROFILE=\\${SCRIPT_INPUT_FILE_${i}}\n ditto \"${SANDBOX_PROFILE}\" \"${TARGET_BUILD_DIR}/${UNLOCALIZED_RESOURCES_FOLDER_PATH}/${SANDBOX_PROFILE##*/}\"\n done\nfi";
+ };
</ins><span class="cx"> 5DF408C5131DD46700130071 /* Check For Weak VTables and Externals */ = {
</span><span class="cx"> isa = PBXShellScriptBuildPhase;
</span><span class="cx"> buildActionMask = 2147483647;
</span><span class="lines">@@ -11141,6 +11183,7 @@
</span><span class="cx"> 377E7CD21B20FF9E00931AFC /* Production */,
</span><span class="cx"> );
</span><span class="cx"> defaultConfigurationIsVisible = 0;
</span><ins>+ defaultConfigurationName = Production;
</ins><span class="cx"> };
</span><span class="cx"> 510031F21379CACB00C8DFE4 /* Build configuration list for PBXNativeTarget "SecItemShim" */ = {
</span><span class="cx"> isa = XCConfigurationList;
</span></span></pre></div>
<a id="trunkSourceWebKit2WebProcesscocoaWebProcessCocoamm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm (185297 => 185298)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm 2015-06-07 02:07:15 UTC (rev 185297)
+++ trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm 2015-06-07 02:08:46 UTC (rev 185298)
</span><span class="lines">@@ -59,8 +59,6 @@
</span><span class="cx"> #import <stdio.h>
</span><span class="cx"> #import <wtf/RAMSize.h>
</span><span class="cx">
</span><del>-#define ENABLE_MANUAL_WEBPROCESS_SANDBOXING !PLATFORM(IOS)
-
</del><span class="cx"> using namespace WebCore;
</span><span class="cx">
</span><span class="cx"> namespace WebKit {
</span><span class="lines">@@ -207,7 +205,7 @@
</span><span class="cx"> void WebProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters)
</span><span class="cx"> {
</span><span class="cx"> #if ENABLE(WEB_PROCESS_SANDBOX)
</span><del>-#if ENABLE_MANUAL_WEBPROCESS_SANDBOXING
</del><ins>+#if ENABLE(MANUAL_SANDBOXING)
</ins><span class="cx"> // Need to override the default, because service has a different bundle ID.
</span><span class="cx"> NSBundle *webkit2Bundle = [NSBundle bundleForClass:NSClassFromString(@"WKView")];
</span><span class="cx"> #if PLATFORM(IOS)
</span></span></pre>
</div>
</div>
</body>
</html>