Diff
Modified: trunk/LayoutTests/ChangeLog (259351 => 259352)
--- trunk/LayoutTests/ChangeLog 2020-04-01 16:33:30 UTC (rev 259351)
+++ trunk/LayoutTests/ChangeLog 2020-04-01 16:48:51 UTC (rev 259352)
@@ -1,3 +1,18 @@
+2020-04-01 Commit Queue <commit-qu...@webkit.org>
+
+ Unreviewed, reverting r259328.
+ https://bugs.webkit.org/show_bug.cgi?id=209861
+
+ Introduced API test failures (Requested by perarne on
+ #webkit).
+
+ Reverted changeset:
+
+ "[macOS] Deny mach-lookup access to "com.apple.lsd.mapdb" in
+ sandbox"
+ https://bugs.webkit.org/show_bug.cgi?id=209814
+ https://trac.webkit.org/changeset/259328
+
2020-04-01 youenn fablet <you...@apple.com>
Bump libwebrtc to M82
Modified: trunk/LayoutTests/fast/sandbox/mac/sandbox-mach-lookup-expected.txt (259351 => 259352)
--- trunk/LayoutTests/fast/sandbox/mac/sandbox-mach-lookup-expected.txt 2020-04-01 16:33:30 UTC (rev 259351)
+++ trunk/LayoutTests/fast/sandbox/mac/sandbox-mach-lookup-expected.txt 2020-04-01 16:48:51 UTC (rev 259352)
@@ -8,5 +8,4 @@
PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.nesessionmanager") is false
PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.nesessionmanager.content-filter") is false
PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.system.logger") is false
-PASS internals.hasSandboxMachLookupAccessToGlobalName("com.apple.WebKit.WebContent", "com.apple.lsd.mapdb") is false
Modified: trunk/LayoutTests/fast/sandbox/mac/sandbox-mach-lookup.html (259351 => 259352)
--- trunk/LayoutTests/fast/sandbox/mac/sandbox-mach-lookup.html 2020-04-01 16:33:30 UTC (rev 259351)
+++ trunk/LayoutTests/fast/sandbox/mac/sandbox-mach-lookup.html 2020-04-01 16:48:51 UTC (rev 259352)
@@ -11,7 +11,6 @@
shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.nesessionmanager\")");
shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.nesessionmanager.content-filter\")");
shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.system.logger\")");
- shouldBeFalse("internals.hasSandboxMachLookupAccessToGlobalName(\"com.apple.WebKit.WebContent\", \"com.apple.lsd.mapdb\")");
}
</script>
</head>
Modified: trunk/Source/WebKit/ChangeLog (259351 => 259352)
--- trunk/Source/WebKit/ChangeLog 2020-04-01 16:33:30 UTC (rev 259351)
+++ trunk/Source/WebKit/ChangeLog 2020-04-01 16:48:51 UTC (rev 259352)
@@ -1,3 +1,18 @@
+2020-04-01 Commit Queue <commit-qu...@webkit.org>
+
+ Unreviewed, reverting r259328.
+ https://bugs.webkit.org/show_bug.cgi?id=209861
+
+ Introduced API test failures (Requested by perarne on
+ #webkit).
+
+ Reverted changeset:
+
+ "[macOS] Deny mach-lookup access to "com.apple.lsd.mapdb" in
+ sandbox"
+ https://bugs.webkit.org/show_bug.cgi?id=209814
+ https://trac.webkit.org/changeset/259328
+
2020-04-01 Brent Fulgham <bfulg...@apple.com>
Convert app-bound domain categorization parameter to a method
Modified: trunk/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm (259351 => 259352)
--- trunk/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm 2020-04-01 16:33:30 UTC (rev 259351)
+++ trunk/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm 2020-04-01 16:48:51 UTC (rev 259352)
@@ -75,9 +75,6 @@
typedef bool (^LSServerConnectionAllowedBlock) ( CFDictionaryRef optionsRef );
extern "C" void _LSSetApplicationLaunchServicesServerConnectionStatus(uint64_t flags, LSServerConnectionAllowedBlock block);
extern "C" CFDictionaryRef _LSApplicationCheckIn(LSSessionID sessionID, CFDictionaryRef applicationInfo);
-#if HAVE(CSCHECKFIXDISABLE)
-extern "C" void _CSCheckFixDisable();
-#endif
namespace WebKit {
using namespace WebCore;
@@ -154,11 +151,6 @@
void AuxiliaryProcess::launchServicesCheckIn()
{
-#if HAVE(CSCHECKFIXDISABLE)
- // _CSCheckFixDisable() needs to be called before checking in with Launch Services.
- _CSCheckFixDisable();
-#endif
-
_LSSetApplicationLaunchServicesServerConnectionStatus(0, 0);
RetainPtr<CFDictionaryRef> unused = _LSApplicationCheckIn(kLSDefaultSessionID, CFBundleGetInfoDictionary(CFBundleGetMainBundle()));
}
Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm (259351 => 259352)
--- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2020-04-01 16:33:30 UTC (rev 259351)
+++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2020-04-01 16:48:51 UTC (rev 259352)
@@ -406,10 +406,6 @@
parameters.systemHasBattery = systemHasBattery();
parameters.mimeTypesMap = commonMimeTypesMap();
parameters.mapUTIFromMIMEType = createUTIFromMIMETypeMap();
-
- SandboxExtension::Handle mapDBHandle;
- SandboxExtension::createHandleForMachLookup("com.apple.lsd.mapdb", WTF::nullopt, mapDBHandle, SandboxExtension::Flags::NoReport);
- parameters.mapDBExtensionHandle = WTFMove(mapDBHandle);
#endif
#if PLATFORM(IOS)
@@ -430,6 +426,10 @@
if (WebCore::IOSApplication::isMobileSafari())
parameters.vectorOfUTTypeItem = createVectorOfUTTypeItem();
#endif
+
+ SandboxExtension::Handle mapDBHandle;
+ SandboxExtension::createHandleForMachLookup("com.apple.lsd.mapdb", WTF::nullopt, mapDBHandle, SandboxExtension::Flags::NoReport);
+ parameters.mapDBExtensionHandle = WTFMove(mapDBHandle);
#endif
// Allow microphone access if either preference is set because WebRTC requires microphone access.
Modified: trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm (259351 => 259352)
--- trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2020-04-01 16:33:30 UTC (rev 259351)
+++ trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2020-04-01 16:48:51 UTC (rev 259352)
@@ -134,6 +134,10 @@
#import <os/state_private.h>
#endif
+#if HAVE(CSCHECKFIXDISABLE)
+extern "C" void _CSCheckFixDisable();
+#endif
+
#define RELEASE_LOG_SESSION_ID (m_sessionID ? m_sessionID->toUInt64() : 0)
#define RELEASE_LOG_IF_ALLOWED(channel, fmt, ...) RELEASE_LOG_IF(isAlwaysOnLoggingAllowed(), channel, "%p - [sessionID=%" PRIu64 "] WebProcess::" fmt, this, RELEASE_LOG_SESSION_ID, ##__VA_ARGS__)
#define RELEASE_LOG_ERROR_IF_ALLOWED(channel, fmt, ...) RELEASE_LOG_ERROR_IF(isAlwaysOnLoggingAllowed(), channel, "%p - [sessionID=%" PRIu64 "] WebProcess::" fmt, this, RELEASE_LOG_SESSION_ID, ##__VA_ARGS__)
@@ -269,7 +273,6 @@
SandboxExtension::consumePermanently(*parameters.neSessionManagerExtensionHandle);
NetworkExtensionContentFilter::setHasConsumedSandboxExtensions(parameters.neHelperExtensionHandle.hasValue() && parameters.neSessionManagerExtensionHandle.hasValue());
- // Map Launch Services database.
if (parameters.mapDBExtensionHandle) {
auto extension = SandboxExtension::create(WTFMove(*parameters.mapDBExtensionHandle));
bool ok = extension->consume();
@@ -314,8 +317,6 @@
#endif
WebCore::sleepDisablerClient() = makeUnique<WebSleepDisablerClient>();
-
- updateProcessName();
}
void WebProcess::platformSetWebsiteDataStoreParameters(WebProcessDataStoreParameters&& parameters)
@@ -334,26 +335,23 @@
}
}
-void WebProcess::initializeProcessName(const AuxiliaryProcessInitializationParameters& parameters)
+void WebProcess::initializeProcessName(const AuxiliaryProcessInitializationParameters&)
{
#if PLATFORM(MAC)
- m_uiProcessName = parameters.uiProcessName;
-#else
- UNUSED_PARAM(parameters);
+#if HAVE(CSCHECKFIXDISABLE)
+ // _CSCheckFixDisable() needs to be called before checking in with Launch Services.
+ _CSCheckFixDisable();
#endif
+ // This is necessary so that we are able to set the process' display name.
+ _RegisterApplication(nullptr, nullptr);
+
+ updateProcessName();
+#endif
}
void WebProcess::updateProcessName()
{
#if PLATFORM(MAC)
- static std::once_flag onceFlag;
- std::call_once(
- onceFlag,
- [this] {
- // Checking in with Launch Services is necessary to be able to set the process' display name.
- launchServicesCheckIn();
- });
-
NSString *applicationName;
switch (m_processType) {
case ProcessType::Inspector:
@@ -523,6 +521,8 @@
launchServicesCheckIn();
}
#endif // ENABLE(WEBPROCESS_WINDOWSERVER_BLOCKING)
+
+ m_uiProcessName = parameters.uiProcessName;
#endif // PLATFORM(MAC)
if (parameters.extraInitializationData.get("inspector-process"_s) == "1")
Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (259351 => 259352)
--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2020-04-01 16:33:30 UTC (rev 259351)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2020-04-01 16:48:51 UTC (rev 259352)
@@ -679,16 +679,10 @@
#endif
(global-name "com.apple.PowerManagement.control")
(global-name "com.apple.coreservices.launchservicesd")
+ (global-name "com.apple.lsd.mapdb")
(global-name "com.apple.trustd.agent")
)
-(deny mach-lookup
-#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101600
- (with telemetry-backtrace)
-#endif
- (global-name "com.apple.lsd.mapdb")
-)
-
(allow mach-lookup
#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101500
(with telemetry)