<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[243034] trunk/Source</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/243034">243034</a></dd>
<dt>Author</dt> <dd>pvollan@apple.com</dd>
<dt>Date</dt> <dd>2019-03-15 22:44:22 -0700 (Fri, 15 Mar 2019)</dd>
</dl>

<h3>Log Message</h3>
<pre>[iOS] Block the accessibility server when accessibility is not enabled.
https://bugs.webkit.org/show_bug.cgi?id=195342

Reviewed by Brent Fulgham.

Source/WebKit:

By default, block the iOS accessibility server in the sandbox. If accessibility is enabled,
let the UI process issue a mach extension to the WebContent process. The UI process will
issue the mach extension the the WebContent process by its process identifier. The sandbox
extension handle is sent to the WebContent process to be consumed. The message will be sent
when the WebProcess has finished launching, and also when accessibility is turned on.

* Platform/spi/ios/AccessibilitySupportSPI.h:
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
* Shared/SandboxExtension.h:
* Shared/mac/SandboxExtensionMac.mm:
(WebKit::SandboxExtensionImpl::create):
(WebKit::SandboxExtensionImpl::sandboxExtensionForType):
(WebKit::SandboxExtensionImpl::SandboxExtensionImpl):
(WebKit::SandboxExtension::createHandleForMachLookupByPid):
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::registerNotificationObservers):
(WebKit::WebProcessPool::unregisterNotificationObservers):
* UIProcess/WebProcessPool.h:
* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::didFinishLaunching):
* UIProcess/WebProcessProxy.h:
* UIProcess/ios/WebProcessProxyIOS.mm:
(WebKit::WebProcessProxy::unblockAccessibilityServerIfNeeded):
* WebProcess/WebProcess.cpp:
(WebKit::WebProcess::unblockAccessibilityServer):
* WebProcess/WebProcess.h:
* WebProcess/WebProcess.messages.in:

Source/WTF:

Add SPI to issue a mach extension to a process by pid. Also, add a macro for
the availability of this SPI.

* wtf/Platform.h:
* wtf/spi/darwin/SandboxSPI.h:</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWTFChangeLog">trunk/Source/WTF/ChangeLog</a></li>
<li><a href="#trunkSourceWTFwtfPlatformh">trunk/Source/WTF/wtf/Platform.h</a></li>
<li><a href="#trunkSourceWTFwtfspidarwinSandboxSPIh">trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h</a></li>
<li><a href="#trunkSourceWebKitChangeLog">trunk/Source/WebKit/ChangeLog</a></li>
<li><a href="#trunkSourceWebKitPlatformspiiosAccessibilitySupportSPIh">trunk/Source/WebKit/Platform/spi/ios/AccessibilitySupportSPI.h</a></li>
<li><a href="#trunkSourceWebKitResourcesSandboxProfilesioscomappleWebKitWebContentsb">trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb</a></li>
<li><a href="#trunkSourceWebKitSharedSandboxExtensionh">trunk/Source/WebKit/Shared/SandboxExtension.h</a></li>
<li><a href="#trunkSourceWebKitSharedmacSandboxExtensionMacmm">trunk/Source/WebKit/Shared/mac/SandboxExtensionMac.mm</a></li>
<li><a href="#trunkSourceWebKitUIProcessCocoaWebProcessPoolCocoamm">trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm</a></li>
<li><a href="#trunkSourceWebKitUIProcessWebProcessPoolh">trunk/Source/WebKit/UIProcess/WebProcessPool.h</a></li>
<li><a href="#trunkSourceWebKitUIProcessWebProcessProxycpp">trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp</a></li>
<li><a href="#trunkSourceWebKitUIProcessWebProcessProxyh">trunk/Source/WebKit/UIProcess/WebProcessProxy.h</a></li>
<li><a href="#trunkSourceWebKitUIProcessiosWebProcessProxyIOSmm">trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm</a></li>
<li><a href="#trunkSourceWebKitWebProcessWebProcesscpp">trunk/Source/WebKit/WebProcess/WebProcess.cpp</a></li>
<li><a href="#trunkSourceWebKitWebProcessWebProcessh">trunk/Source/WebKit/WebProcess/WebProcess.h</a></li>
<li><a href="#trunkSourceWebKitWebProcessWebProcessmessagesin">trunk/Source/WebKit/WebProcess/WebProcess.messages.in</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWTFChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WTF/ChangeLog (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WTF/ChangeLog       2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WTF/ChangeLog  2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -1,3 +1,16 @@
</span><ins>+2019-03-15  Per Arne Vollan  <pvollan@apple.com>
+
+        [iOS] Block the accessibility server when accessibility is not enabled.
+        https://bugs.webkit.org/show_bug.cgi?id=195342
+
+        Reviewed by Brent Fulgham.
+
+        Add SPI to issue a mach extension to a process by pid. Also, add a macro for
+        the availability of this SPI.
+
+        * wtf/Platform.h:
+        * wtf/spi/darwin/SandboxSPI.h:
+
</ins><span class="cx"> 2019-03-15  Eric Carlson  <eric.carlson@apple.com>
</span><span class="cx"> 
</span><span class="cx">         Add media stream release logging
</span></span></pre></div>
<a id="trunkSourceWTFwtfPlatformh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WTF/wtf/Platform.h (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WTF/wtf/Platform.h  2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WTF/wtf/Platform.h     2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -1505,6 +1505,10 @@
</span><span class="cx"> #define HAVE_CSCHECKFIXDISABLE 1
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><ins>+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101400) || (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 130000)
+#define HAVE_SANDBOX_ISSUE_MACH_EXTENSION_TO_PROCESS_BY_PID 1
+#endif
+
</ins><span class="cx"> #if PLATFORM(MAC)
</span><span class="cx"> #define ENABLE_MONOSPACE_FONT_EXCEPTION (__MAC_OS_X_VERSION_MIN_REQUIRED < 101500)
</span><span class="cx"> #elif PLATFORM(IOS_FAMILY)
</span></span></pre></div>
<a id="trunkSourceWTFwtfspidarwinSandboxSPIh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h     2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h        2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -63,6 +63,7 @@
</span><span class="cx"> 
</span><span class="cx"> char *sandbox_extension_issue_file(const char *extension_class, const char *path, uint32_t flags);
</span><span class="cx"> char *sandbox_extension_issue_generic(const char *extension_class, uint32_t flags);
</span><ins>+char *sandbox_extension_issue_mach_to_process_by_pid(const char *extension_class, const char *name, uint32_t flags, pid_t);
</ins><span class="cx"> int sandbox_check(pid_t, const char *operation, enum sandbox_filter_type, ...);
</span><span class="cx"> int sandbox_check_by_audit_token(audit_token_t, const char *operation, enum sandbox_filter_type, ...);
</span><span class="cx"> int sandbox_container_path_for_pid(pid_t, char *buffer, size_t bufsize);
</span></span></pre></div>
<a id="trunkSourceWebKitChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/ChangeLog (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/ChangeLog    2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/ChangeLog       2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -1,3 +1,38 @@
</span><ins>+2019-03-15  Per Arne Vollan  <pvollan@apple.com>
+
+        [iOS] Block the accessibility server when accessibility is not enabled.
+        https://bugs.webkit.org/show_bug.cgi?id=195342
+
+        Reviewed by Brent Fulgham.
+
+        By default, block the iOS accessibility server in the sandbox. If accessibility is enabled,
+        let the UI process issue a mach extension to the WebContent process. The UI process will
+        issue the mach extension the the WebContent process by its process identifier. The sandbox
+        extension handle is sent to the WebContent process to be consumed. The message will be sent
+        when the WebProcess has finished launching, and also when accessibility is turned on.
+
+        * Platform/spi/ios/AccessibilitySupportSPI.h:
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+        * Shared/SandboxExtension.h:
+        * Shared/mac/SandboxExtensionMac.mm:
+        (WebKit::SandboxExtensionImpl::create):
+        (WebKit::SandboxExtensionImpl::sandboxExtensionForType):
+        (WebKit::SandboxExtensionImpl::SandboxExtensionImpl):
+        (WebKit::SandboxExtension::createHandleForMachLookupByPid):
+        * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
+        (WebKit::WebProcessPool::registerNotificationObservers):
+        (WebKit::WebProcessPool::unregisterNotificationObservers):
+        * UIProcess/WebProcessPool.h:
+        * UIProcess/WebProcessProxy.cpp:
+        (WebKit::WebProcessProxy::didFinishLaunching):
+        * UIProcess/WebProcessProxy.h:
+        * UIProcess/ios/WebProcessProxyIOS.mm:
+        (WebKit::WebProcessProxy::unblockAccessibilityServerIfNeeded):
+        * WebProcess/WebProcess.cpp:
+        (WebKit::WebProcess::unblockAccessibilityServer):
+        * WebProcess/WebProcess.h:
+        * WebProcess/WebProcess.messages.in:
+
</ins><span class="cx"> 2019-03-15  Timothy Hatcher  <timothy@apple.com>
</span><span class="cx"> 
</span><span class="cx">         Unreviewed speculative build fix for non-Cocoa ports after r243012.
</span></span></pre></div>
<a id="trunkSourceWebKitPlatformspiiosAccessibilitySupportSPIh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/Platform/spi/ios/AccessibilitySupportSPI.h (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/Platform/spi/ios/AccessibilitySupportSPI.h   2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/Platform/spi/ios/AccessibilitySupportSPI.h      2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -41,6 +41,8 @@
</span><span class="cx"> #if PLATFORM(IOS_FAMILY)
</span><span class="cx"> extern Boolean _AXSKeyRepeatEnabled();
</span><span class="cx"> extern CFTimeInterval _AXSKeyRepeatDelay();
</span><ins>+extern Boolean _AXSApplicationAccessibilityEnabled();
+extern CFStringRef kAXSApplicationAccessibilityEnabledNotification;
</ins><span class="cx"> #endif
</span><span class="cx"> 
</span><span class="cx"> #if ENABLE(ACCESSIBILITY_EVENTS)
</span></span></pre></div>
<a id="trunkSourceWebKitResourcesSandboxProfilesioscomappleWebKitWebContentsb"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb    2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -188,7 +188,6 @@
</span><span class="cx">     (global-name "com.apple.backboard.hid.focus")
</span><span class="cx">     (global-name "com.apple.backboard.hid.services")
</span><span class="cx">     (global-name "com.apple.iohideventsystem")
</span><del>-    (global-name "com.apple.iphone.axserver-systemwide")
</del><span class="cx">     (global-name "com.apple.frontboard.workspace")
</span><span class="cx">     (global-name "com.apple.frontboard.systemappservices"))
</span><span class="cx"> 
</span><span class="lines">@@ -451,6 +450,8 @@
</span><span class="cx"> (deny mach-lookup (with send-signal SIGKILL)
</span><span class="cx">     (global-name "com.apple.backboard.hid.services"))
</span><span class="cx"> 
</span><ins>+(allow mach-lookup (extension "com.apple.webkit.extension.mach"))
+
</ins><span class="cx"> ;; These services have been identified as unused during living-on.
</span><span class="cx"> ;; This list overrides some definitions above and in common.sb.
</span><span class="cx"> ;; FIXME: remove overridden rules once the final list has been
</span></span></pre></div>
<a id="trunkSourceWebKitSharedSandboxExtensionh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/Shared/SandboxExtension.h (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/Shared/SandboxExtension.h    2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/Shared/SandboxExtension.h       2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -46,6 +46,7 @@
</span><span class="cx">     enum class Type {
</span><span class="cx">         ReadOnly,
</span><span class="cx">         ReadWrite,
</span><ins>+        Mach,
</ins><span class="cx">         Generic,
</span><span class="cx">     };
</span><span class="cx"> 
</span><span class="lines">@@ -101,6 +102,7 @@
</span><span class="cx">     static bool createHandleForReadWriteDirectory(const String& path, Handle&); // Will attempt to create the directory.
</span><span class="cx">     static String createHandleForTemporaryFile(const String& prefix, Type, Handle&);
</span><span class="cx">     static bool createHandleForGenericExtension(const String& extensionClass, Handle&);
</span><ins>+    static bool createHandleForMachLookupByPid(const String& service, pid_t, Handle&);
</ins><span class="cx">     ~SandboxExtension();
</span><span class="cx"> 
</span><span class="cx">     bool consume();
</span></span></pre></div>
<a id="trunkSourceWebKitSharedmacSandboxExtensionMacmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/Shared/mac/SandboxExtensionMac.mm (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/Shared/mac/SandboxExtensionMac.mm    2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/Shared/mac/SandboxExtensionMac.mm       2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -40,9 +40,9 @@
</span><span class="cx"> 
</span><span class="cx"> class SandboxExtensionImpl {
</span><span class="cx"> public:
</span><del>-    static std::unique_ptr<SandboxExtensionImpl> create(const char* path, SandboxExtension::Type type)
</del><ins>+    static std::unique_ptr<SandboxExtensionImpl> create(const char* path, SandboxExtension::Type type, Optional<pid_t> pid = WTF::nullopt)
</ins><span class="cx">     {
</span><del>-        std::unique_ptr<SandboxExtensionImpl> impl { new SandboxExtensionImpl(path, type) };
</del><ins>+        std::unique_ptr<SandboxExtensionImpl> impl { new SandboxExtensionImpl(path, type, pid) };
</ins><span class="cx">         if (!impl->m_token)
</span><span class="cx">             return nullptr;
</span><span class="cx">         return impl;
</span><span class="lines">@@ -64,6 +64,10 @@
</span><span class="cx"> #if PLATFORM(IOS_FAMILY_SIMULATOR)
</span><span class="cx">         return !sandbox_check(getpid(), 0, SANDBOX_FILTER_NONE);
</span><span class="cx"> #else
</span><ins>+        if (m_handle == -1) {
+            LOG_ERROR("Could not create a sandbox extension for '%s', errno = %d", m_token, errno);
+            return false;
+        }
</ins><span class="cx">         return m_handle;
</span><span class="cx"> #endif
</span><span class="cx">     }
</span><span class="lines">@@ -80,7 +84,7 @@
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx"> private:
</span><del>-    char* sandboxExtensionForType(const char* path, SandboxExtension::Type type)
</del><ins>+    char* sandboxExtensionForType(const char* path, SandboxExtension::Type type, Optional<pid_t> pid = WTF::nullopt)
</ins><span class="cx">     {
</span><span class="cx">         switch (type) {
</span><span class="cx">         case SandboxExtension::Type::ReadOnly:
</span><span class="lines">@@ -87,13 +91,21 @@
</span><span class="cx">             return sandbox_extension_issue_file(APP_SANDBOX_READ, path, 0);
</span><span class="cx">         case SandboxExtension::Type::ReadWrite:
</span><span class="cx">             return sandbox_extension_issue_file(APP_SANDBOX_READ_WRITE, path, 0);
</span><ins>+        case SandboxExtension::Type::Mach:
+#if HAVE(SANDBOX_ISSUE_MACH_EXTENSION_TO_PROCESS_BY_PID)
+            return sandbox_extension_issue_mach_to_process_by_pid("com.apple.webkit.extension.mach"_s, path, 0, pid.value());
+#else
+            UNUSED_PARAM(pid);
+            ASSERT_NOT_REACHED();
+            return nullptr;
+#endif
</ins><span class="cx">         case SandboxExtension::Type::Generic:
</span><span class="cx">             return sandbox_extension_issue_generic(path, 0);
</span><span class="cx">         }
</span><span class="cx">     }
</span><span class="cx"> 
</span><del>-    SandboxExtensionImpl(const char* path, SandboxExtension::Type type)
-        : m_token { sandboxExtensionForType(path, type) }
</del><ins>+    SandboxExtensionImpl(const char* path, SandboxExtension::Type type, Optional<pid_t> pid = WTF::nullopt)
+        : m_token { sandboxExtensionForType(path, type, pid) }
</ins><span class="cx">     {
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="lines">@@ -357,6 +369,19 @@
</span><span class="cx">     return true;
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+bool SandboxExtension::createHandleForMachLookupByPid(const String& service, pid_t pid, Handle& handle)
+{
+    ASSERT(!handle.m_sandboxExtension);
+    
+    handle.m_sandboxExtension = SandboxExtensionImpl::create(service.utf8().data(), Type::Mach, pid);
+    if (!handle.m_sandboxExtension) {
+        WTFLogAlways("Could not create a '%s' sandbox extension", service.utf8().data());
+        return false;
+    }
+    
+    return true;
+}
+
</ins><span class="cx"> SandboxExtension::SandboxExtension(const Handle& handle)
</span><span class="cx">     : m_sandboxExtension(WTFMove(handle.m_sandboxExtension))
</span><span class="cx"> {
</span></span></pre></div>
<a id="trunkSourceWebKitUIProcessCocoaWebProcessPoolCocoamm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm       2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm  2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -26,6 +26,7 @@
</span><span class="cx"> #import "config.h"
</span><span class="cx"> #import "WebProcessPool.h"
</span><span class="cx"> 
</span><ins>+#import "AccessibilitySupportSPI.h"
</ins><span class="cx"> #import "CookieStorageUtilsCF.h"
</span><span class="cx"> #import "LegacyCustomProtocolManagerClient.h"
</span><span class="cx"> #import "NetworkProcessCreationParameters.h"
</span><span class="lines">@@ -447,6 +448,10 @@
</span><span class="cx">     }];
</span><span class="cx"> #elif PLATFORM(IOS)
</span><span class="cx">     CFNotificationCenterAddObserver(CFNotificationCenterGetDarwinNotifyCenter(), this, backlightLevelDidChangeCallback, static_cast<CFStringRef>(UIBacklightLevelChangedNotification), nullptr, CFNotificationSuspensionBehaviorCoalesce);
</span><ins>+    m_accessibilityEnabledObserver = [[NSNotificationCenter defaultCenter] addObserverForName:(__bridge id)kAXSApplicationAccessibilityEnabledNotification object:nil queue:[NSOperationQueue currentQueue] usingBlock:^(NSNotification *) {
+        for (size_t i = 0; i < m_processes.size(); ++i)
+            m_processes[i]->unblockAccessibilityServerIfNeeded();
+    }];
</ins><span class="cx"> #endif // !PLATFORM(IOS_FAMILY)
</span><span class="cx"> }
</span><span class="cx"> 
</span><span class="lines">@@ -466,6 +471,7 @@
</span><span class="cx">     [[NSNotificationCenter defaultCenter] removeObserver:m_deactivationObserver.get()];
</span><span class="cx"> #elif PLATFORM(IOS)
</span><span class="cx">     CFNotificationCenterRemoveObserver(CFNotificationCenterGetDarwinNotifyCenter(), this, static_cast<CFStringRef>(UIBacklightLevelChangedNotification) , nullptr);
</span><ins>+    [[NSNotificationCenter defaultCenter] removeObserver:m_accessibilityEnabledObserver.get()];
</ins><span class="cx"> #endif // !PLATFORM(IOS_FAMILY)
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceWebKitUIProcessWebProcessPoolh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/UIProcess/WebProcessPool.h (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/UIProcess/WebProcessPool.h   2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/UIProcess/WebProcessPool.h      2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -673,6 +673,10 @@
</span><span class="cx">     std::unique_ptr<PerActivityStateCPUUsageSampler> m_perActivityStateCPUUsageSampler;
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><ins>+#if PLATFORM(IOS_FAMILY)
+    RetainPtr<NSObject> m_accessibilityEnabledObserver;
+#endif
+
</ins><span class="cx">     bool m_shouldUseTestingNetworkSession { false };
</span><span class="cx"> 
</span><span class="cx">     bool m_processTerminationEnabled { true };
</span></span></pre></div>
<a id="trunkSourceWebKitUIProcessWebProcessProxycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp        2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp   2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -759,6 +759,8 @@
</span><span class="cx">         if (xpc_connection_t xpcConnection = connection()->xpcConnection())
</span><span class="cx">             m_throttler.didConnectToProcess(xpc_connection_get_pid(xpcConnection));
</span><span class="cx">     }
</span><ins>+
+    unblockAccessibilityServerIfNeeded();
</ins><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceWebKitUIProcessWebProcessProxyh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/UIProcess/WebProcessProxy.h (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/UIProcess/WebProcessProxy.h  2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/UIProcess/WebProcessProxy.h     2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -293,6 +293,10 @@
</span><span class="cx">     void revokeAudioCaptureExtension() { m_mediaCaptureSandboxExtensions &= ~Audio; }
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><ins>+#if PLATFORM(IOS_FAMILY)
+    void unblockAccessibilityServerIfNeeded();
+#endif
+
</ins><span class="cx"> protected:
</span><span class="cx">     static uint64_t generatePageID();
</span><span class="cx">     WebProcessProxy(WebProcessPool&, WebsiteDataStore&, IsPrewarmed);
</span><span class="lines">@@ -431,6 +435,7 @@
</span><span class="cx"> #if PLATFORM(IOS_FAMILY)
</span><span class="cx">     ForegroundWebProcessToken m_foregroundToken;
</span><span class="cx">     BackgroundWebProcessToken m_backgroundToken;
</span><ins>+    bool m_hasSentMessageToUnblockAccessibilityServer { false };
</ins><span class="cx"> #endif
</span><span class="cx"> 
</span><span class="cx">     HashMap<String, uint64_t> m_pageURLRetainCountMap;
</span></span></pre></div>
<a id="trunkSourceWebKitUIProcessiosWebProcessProxyIOSmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm  2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm     2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -28,6 +28,7 @@
</span><span class="cx"> 
</span><span class="cx"> #if PLATFORM(IOS_FAMILY)
</span><span class="cx"> 
</span><ins>+#import "AccessibilitySupportSPI.h"
</ins><span class="cx"> #import "WKFullKeyboardAccessWatcher.h"
</span><span class="cx"> #import "WebProcessMessages.h"
</span><span class="cx"> 
</span><span class="lines">@@ -42,6 +43,25 @@
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+void WebProcessProxy::unblockAccessibilityServerIfNeeded()
+{
+    if (m_hasSentMessageToUnblockAccessibilityServer)
+        return;
+    if (!_AXSApplicationAccessibilityEnabled())
+        return;
+    if (!processIdentifier())
+        return;
+    if (!canSendMessage())
+        return;
+
+    SandboxExtension::Handle handle;
+    if (!SandboxExtension::createHandleForMachLookupByPid("com.apple.iphone.axserver-systemwide", processIdentifier(), handle))
+        return;
+
+    send(Messages::WebProcess::UnblockAccessibilityServer(handle), 0);
+    m_hasSentMessageToUnblockAccessibilityServer = true;
+}
+
</ins><span class="cx"> } // namespace WebKit
</span><span class="cx"> 
</span><span class="cx"> #endif // PLATFORM(IOS_FAMILY)
</span></span></pre></div>
<a id="trunkSourceWebKitWebProcessWebProcesscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/WebProcess/WebProcess.cpp (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/WebProcess/WebProcess.cpp    2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/WebProcess/WebProcess.cpp       2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -1867,4 +1867,12 @@
</span><span class="cx">     PlatformKeyboardEvent::setCurrentModifierState({ });
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+#if PLATFORM(IOS_FAMILY)
+void WebProcess::unblockAccessibilityServer(const SandboxExtension::Handle& handle)
+{
+    bool ok = SandboxExtension::consumePermanently(handle);
+    ASSERT_UNUSED(ok, ok);
+}
+#endif
+
</ins><span class="cx"> } // namespace WebKit
</span></span></pre></div>
<a id="trunkSourceWebKitWebProcessWebProcessh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/WebProcess/WebProcess.h (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/WebProcess/WebProcess.h      2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/WebProcess/WebProcess.h 2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -245,6 +245,8 @@
</span><span class="cx"> 
</span><span class="cx"> #if PLATFORM(IOS_FAMILY)
</span><span class="cx">     void accessibilityProcessSuspendedNotification(bool);
</span><ins>+    
+    void unblockAccessibilityServer(const SandboxExtension::Handle&);
</ins><span class="cx"> #endif
</span><span class="cx"> 
</span><span class="cx"> #if PLATFORM(IOS)
</span></span></pre></div>
<a id="trunkSourceWebKitWebProcessWebProcessmessagesin"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit/WebProcess/WebProcess.messages.in (243033 => 243034)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit/WebProcess/WebProcess.messages.in    2019-03-16 05:21:43 UTC (rev 243033)
+++ trunk/Source/WebKit/WebProcess/WebProcess.messages.in       2019-03-16 05:44:22 UTC (rev 243034)
</span><span class="lines">@@ -157,4 +157,8 @@
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><span class="cx">     ClearCurrentModifierStateForTesting()
</span><ins>+
+#if PLATFORM(IOS_FAMILY)
+    UnblockAccessibilityServer(WebKit::SandboxExtension::Handle handle)
+#endif
</ins><span class="cx"> }
</span></span></pre>
</div>
</div>

</body>
</html>