- Revision
- 254990
- Author
- pvol...@apple.com
- Date
- 2020-01-23 11:09:02 -0800 (Thu, 23 Jan 2020)
Log Message
[iOS] Make it possible for WebKit clients to enable connections to asset services in the WebContent process
https://bugs.webkit.org/show_bug.cgi?id=206551
Reviewed by Brent Fulgham.
Add SPI to grant and revoke access to asset services in the WebContent process.
No new tests, since this should have an API test, but API tests are not running on iOS devices. We could
create an API test for simulator, but the simulator has no sandbox.
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
* UIProcess/API/Cocoa/WKWebViewPrivate.h:
* UIProcess/API/ios/WKWebViewIOS.mm:
(-[WKWebView _grantAccessToAssetServices]):
(-[WKWebView _revokeAccessToAssetServices]):
* UIProcess/WebPageProxy.h:
* UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::grantAccessToAssetServices):
(WebKit::WebPageProxy::revokeAccessToAssetServices):
* WebProcess/WebProcess.h:
* WebProcess/WebProcess.messages.in:
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::grantAccessToAssetServices):
(WebKit::WebProcess::revokeAccessToAssetServices):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (254989 => 254990)
--- trunk/Source/WebKit/ChangeLog 2020-01-23 19:05:24 UTC (rev 254989)
+++ trunk/Source/WebKit/ChangeLog 2020-01-23 19:09:02 UTC (rev 254990)
@@ -1,5 +1,32 @@
2020-01-23 Per Arne Vollan <pvol...@apple.com>
+ [iOS] Make it possible for WebKit clients to enable connections to asset services in the WebContent process
+ https://bugs.webkit.org/show_bug.cgi?id=206551
+
+ Reviewed by Brent Fulgham.
+
+ Add SPI to grant and revoke access to asset services in the WebContent process.
+
+ No new tests, since this should have an API test, but API tests are not running on iOS devices. We could
+ create an API test for simulator, but the simulator has no sandbox.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+ * UIProcess/API/Cocoa/WKWebViewPrivate.h:
+ * UIProcess/API/ios/WKWebViewIOS.mm:
+ (-[WKWebView _grantAccessToAssetServices]):
+ (-[WKWebView _revokeAccessToAssetServices]):
+ * UIProcess/WebPageProxy.h:
+ * UIProcess/ios/WebPageProxyIOS.mm:
+ (WebKit::WebPageProxy::grantAccessToAssetServices):
+ (WebKit::WebPageProxy::revokeAccessToAssetServices):
+ * WebProcess/WebProcess.h:
+ * WebProcess/WebProcess.messages.in:
+ * WebProcess/cocoa/WebProcessCocoa.mm:
+ (WebKit::WebProcess::grantAccessToAssetServices):
+ (WebKit::WebProcess::revokeAccessToAssetServices):
+
+2020-01-23 Per Arne Vollan <pvol...@apple.com>
+
[iOS] Camera is lost during WebRTC demo
https://bugs.webkit.org/show_bug.cgi?id=206613
<rdar://problem/58764572>
Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (254989 => 254990)
--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2020-01-23 19:05:24 UTC (rev 254989)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb 2020-01-23 19:09:02 UTC (rev 254990)
@@ -934,7 +934,7 @@
(allow mach-lookup
(require-all
(extension "com.apple.webkit.extension.mach")
- (global-name "com.apple.iphone.axserver-systemwide" "com.apple.tccd" "com.apple.nehelper" "com.apple.nesessionmanager.content-filter" "com.apple.uikit.viewservice.com.apple.WebContentFilter.remoteUI" "com.apple.diagnosticd" "com.apple.lsd.open")))
+ (global-name "com.apple.iphone.axserver-systemwide" "com.apple.tccd" "com.apple.nehelper" "com.apple.nesessionmanager.content-filter" "com.apple.uikit.viewservice.com.apple.WebContentFilter.remoteUI" "com.apple.diagnosticd" "com.apple.lsd.open" "com.apple.mobileassetd" "com.apple.mobileassetd.v2")))
(allow mach-lookup
(require-all
Modified: trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebViewPrivate.h (254989 => 254990)
--- trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebViewPrivate.h 2020-01-23 19:05:24 UTC (rev 254989)
+++ trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebViewPrivate.h 2020-01-23 19:09:02 UTC (rev 254990)
@@ -487,6 +487,9 @@
- (UIView *)_fullScreenPlaceholderView WK_API_AVAILABLE(ios(12.0));
+- (void)_grantAccessToAssetServices WK_API_AVAILABLE(ios(WK_IOS_TBA));
+- (void)_revokeAccessToAssetServices WK_API_AVAILABLE(ios(WK_IOS_TBA));
+
@end
@interface WKWebView () <UIResponderStandardEditActions>
Modified: trunk/Source/WebKit/UIProcess/API/ios/WKWebViewIOS.mm (254989 => 254990)
--- trunk/Source/WebKit/UIProcess/API/ios/WKWebViewIOS.mm 2020-01-23 19:05:24 UTC (rev 254989)
+++ trunk/Source/WebKit/UIProcess/API/ios/WKWebViewIOS.mm 2020-01-23 19:09:02 UTC (rev 254990)
@@ -3067,6 +3067,18 @@
return nil;
}
+- (void)_grantAccessToAssetServices
+{
+ if (_page)
+ _page->grantAccessToAssetServices();
+}
+
+- (void)_revokeAccessToAssetServices
+{
+ if (_page)
+ _page->revokeAccessToAssetServices();
+}
+
@end // WKWebView (WKPrivateIOS)
#if ENABLE(FULLSCREEN_API)
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.h (254989 => 254990)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.h 2020-01-23 19:05:24 UTC (rev 254989)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.h 2020-01-23 19:09:02 UTC (rev 254990)
@@ -1668,6 +1668,11 @@
bool hasQueuedKeyEvent() const;
const NativeWebKeyboardEvent& firstQueuedKeyEvent() const;
+#if PLATFORM(IOS)
+ void grantAccessToAssetServices();
+ void revokeAccessToAssetServices();
+#endif
+
private:
WebPageProxy(PageClient&, WebProcessProxy&, Ref<API::PageConfiguration>&&);
void platformInitialize();
Modified: trunk/Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm (254989 => 254990)
--- trunk/Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm 2020-01-23 19:05:24 UTC (rev 254989)
+++ trunk/Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm 2020-01-23 19:09:02 UTC (rev 254990)
@@ -58,6 +58,7 @@
#import "WebAutocorrectionContext.h"
#import "WebAutocorrectionData.h"
#import "WebPageMessages.h"
+#import "WebProcessMessages.h"
#import "WebProcessPool.h"
#import "WebProcessProxy.h"
#import <WebCore/FrameView.h>
@@ -1499,6 +1500,21 @@
return WebContentMode::Desktop;
}
+#if PLATFORM(IOS)
+void WebPageProxy::grantAccessToAssetServices()
+{
+ SandboxExtension::Handle mobileAssetHandle, mobileAssetHandleV2;
+ SandboxExtension::createHandleForMachLookup("com.apple.mobileassetd", WTF::nullopt, mobileAssetHandle);
+ SandboxExtension::createHandleForMachLookup("com.apple.mobileassetd.v2", WTF::nullopt, mobileAssetHandle);
+ process().send(Messages::WebProcess::GrantAccessToAssetServices(mobileAssetHandle, mobileAssetHandleV2), 0);
+}
+
+void WebPageProxy::revokeAccessToAssetServices()
+{
+ process().send(Messages::WebProcess::RevokeAccessToAssetServices(), 0);
+}
+#endif
+
} // namespace WebKit
#undef RELEASE_LOG_IF_ALLOWED
Modified: trunk/Source/WebKit/WebProcess/WebProcess.h (254989 => 254990)
--- trunk/Source/WebKit/WebProcess/WebProcess.h 2020-01-23 19:05:24 UTC (rev 254989)
+++ trunk/Source/WebKit/WebProcess/WebProcess.h 2020-01-23 19:09:02 UTC (rev 254990)
@@ -309,6 +309,11 @@
bool removeServiceWorkerRegistration(WebCore::ServiceWorkerRegistrationIdentifier);
#endif
+#if PLATFORM(IOS)
+ void grantAccessToAssetServices(WebKit::SandboxExtension::Handle&& mobileAssetHandle, WebKit::SandboxExtension::Handle&& mobileAssetV2Handle);
+ void revokeAccessToAssetServices();
+#endif
+
private:
WebProcess();
~WebProcess();
@@ -617,6 +622,11 @@
#if ENABLE(RESOURCE_LOAD_STATISTICS)
WebCore::ThirdPartyCookieBlockingMode m_thirdPartyCookieBlockingMode { WebCore::ThirdPartyCookieBlockingMode::All };
#endif
+
+#if PLATFORM(IOS)
+ RefPtr<SandboxExtension> m_assetServiceExtension;
+ RefPtr<SandboxExtension> m_assetServiceV2Extension;
+#endif
};
} // namespace WebKit
Modified: trunk/Source/WebKit/WebProcess/WebProcess.messages.in (254989 => 254990)
--- trunk/Source/WebKit/WebProcess/WebProcess.messages.in 2020-01-23 19:05:24 UTC (rev 254989)
+++ trunk/Source/WebKit/WebProcess/WebProcess.messages.in 2020-01-23 19:09:02 UTC (rev 254990)
@@ -164,4 +164,9 @@
SeedResourceLoadStatisticsForTesting(WebCore::RegistrableDomain firstPartyDomain, WebCore::RegistrableDomain thirdPartyDomain, bool shouldScheduleNotification) -> () Async
SetShouldBlockThirdPartyCookiesForTesting(enum:uint8_t WebCore::ThirdPartyCookieBlockingMode blockingMode) -> () Async
#endif
+
+#if PLATFORM(IOS)
+ GrantAccessToAssetServices(WebKit::SandboxExtension::Handle mobileAssetHandle, WebKit::SandboxExtension::Handle mobileAssetV2Handle)
+ RevokeAccessToAssetServices()
+#endif
}
Modified: trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm (254989 => 254990)
--- trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2020-01-23 19:05:24 UTC (rev 254989)
+++ trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2020-01-23 19:09:02 UTC (rev 254990)
@@ -846,6 +846,28 @@
cache.addSupportedTypes(types);
}
+#if PLATFORM(IOS)
+void WebProcess::grantAccessToAssetServices(WebKit::SandboxExtension::Handle&& mobileAssetHandle, WebKit::SandboxExtension::Handle&& mobileAssetV2Handle)
+{
+ if (m_assetServiceExtension && m_assetServiceV2Extension)
+ return;
+ m_assetServiceExtension = SandboxExtension::create(WTFMove(mobileAssetHandle));
+ m_assetServiceExtension->consume();
+ m_assetServiceV2Extension = SandboxExtension::create(WTFMove(mobileAssetV2Handle));
+ m_assetServiceV2Extension->consume();
+}
+
+void WebProcess::revokeAccessToAssetServices()
+{
+ if (!m_assetServiceExtension || !m_assetServiceV2Extension)
+ return;
+ m_assetServiceExtension->revoke();
+ m_assetServiceExtension = nullptr;
+ m_assetServiceV2Extension->revoke();
+ m_assetServiceV2Extension = nullptr;
+}
+#endif
+
} // namespace WebKit
#undef RELEASE_LOG_SESSION_ID
