[webkit-changes] [295768] trunk/Source/WTF/wtf/PlatformHave.h
Title: [295768] trunk/Source/WTF/wtf/PlatformHave.h Revision 295768 Author pvol...@apple.com Date 2022-06-22 20:45:31 -0700 (Wed, 22 Jun 2022) Log Message Partially revert r295530 https://bugs.webkit.org/show_bug.cgi?id=241900 Unreviewed, partially revert r295530 since the system part is not ready. * Source/WTF/wtf/PlatformHave.h: Canonical link: https://commits.webkit.org/251773@main Modified Paths trunk/Source/WTF/wtf/PlatformHave.h Diff Modified: trunk/Source/WTF/wtf/PlatformHave.h (295767 => 295768) --- trunk/Source/WTF/wtf/PlatformHave.h 2022-06-23 03:22:03 UTC (rev 295767) +++ trunk/Source/WTF/wtf/PlatformHave.h 2022-06-23 03:45:31 UTC (rev 295768) @@ -1265,10 +1265,6 @@ #define HAVE_APPLE_PUSH_SERVICE_URL_TOKEN_SUPPORT 1 #endif -#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 13) -#define HAVE_POWERLOG_TASK_MODE_QUERY 1 -#endif - #if !PLATFORM(IOS_FAMILY) #define HAVE_MEDIA_VOLUME_PER_ELEMENT 1 #endif ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295705] trunk/Source/WebKit/GPUProcess/mac/ com.apple.WebKit.GPUProcess.sb.in
Title: [295705] trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in Revision 295705 Author pvol...@apple.com Date 2022-06-21 17:17:21 -0700 (Tue, 21 Jun 2022) Log Message Allow access to power log service in internal builds https://bugs.webkit.org/show_bug.cgi?id=241688 Reviewed by Geoffrey Garen. Allow access to power log service in the GPU process in internal builds. * Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: Canonical link: https://commits.webkit.org/251710@main Modified Paths trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in Diff Modified: trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in (295704 => 295705) --- trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-06-22 00:15:30 UTC (rev 295704) +++ trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-06-22 00:17:21 UTC (rev 295705) @@ -661,6 +661,10 @@ (extension "com.apple.webkit.extension.mach") (global-name "com.apple.powerlog.plxpclogger.xpc"))) +(with-filter (system-attribute apple-internal) +(allow mach-lookup +(global-name "com.apple.powerlog.plxpclogger.xpc"))) + (with-filter (uid 0) (allow mach-lookup (global-name "com.apple.system.logger"))) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295697] trunk/Source/WebKit
Title: [295697] trunk/Source/WebKit Revision 295697 Author pvol...@apple.com Date 2022-06-21 16:01:30 -0700 (Tue, 21 Jun 2022) Log Message Block access to socket syscalls https://bugs.webkit.org/show_bug.cgi?id=241722 Reviewed by Geoffrey Garen. Block access to socket syscalls in the WebContent process. These are used by the legacy ASL logging system. The legacy logging system is rarely used in the WebContent process. * Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * Source/WebKit/WebProcess/com.apple.WebProcess.sb.in: Canonical link: https://commits.webkit.org/251702@main Modified Paths trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (295696 => 295697) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-06-21 22:39:28 UTC (rev 295696) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-06-21 23:01:30 UTC (rev 295697) @@ -1061,7 +1061,6 @@ (syscall-number SYS_bsdthread_register SYS_chdir -SYS_connect SYS_dup2 SYS_fsgetpath SYS_getpid @@ -1203,7 +1202,6 @@ SYS_necp_open #endif SYS_psynch_rw_wrlock -SYS_socket SYS_umask SYS_work_interval_ctl)) @@ -1231,6 +1229,10 @@ (syscall-unix-rarely-in-use-need-backtrace)) ) +(deny syscall-unix (syscall-number +SYS_connect +SYS_socket)) + (when (defined? 'SYS_map_with_linking_np) (allow syscall-unix (syscall-number SYS_map_with_linking_np))) Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (295696 => 295697) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-06-21 22:39:28 UTC (rev 295696) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-06-21 23:01:30 UTC (rev 295697) @@ -1948,7 +1948,6 @@ SYS_sendto SYS_sigaltstack SYS_sigprocmask -SYS_socket SYS_stat64 SYS_sysctlbyname SYS_thread_selfid @@ -1974,7 +1973,6 @@ SYS___semwait_signal_nocancel SYS_change_fdguard_np SYS_chmod -SYS_connect SYS_dup ;; Remove when is fixed SYS_fchmod SYS_fsync @@ -2052,6 +2050,10 @@ (allow syscall-unix (syscall-number SYS_map_with_linking_np))) ) +(deny syscall-unix (syscall-number +SYS_connect +SYS_socket)) + (with-filter (uid 0) (allow syscall-unix (syscall-number SYS_gettid))) ;; Needed for base system, see ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295688] trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm
Title: [295688] trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Revision 295688 Author pvol...@apple.com Date 2022-06-21 14:06:40 -0700 (Tue, 21 Jun 2022) Log Message Adopt new function to set video decoder behavior https://bugs.webkit.org/show_bug.cgi?id=241603 Reviewed by Geoffrey Garen. The only behavior change from this is that common video decoders will not be permitted in the WebContent process. * Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::platformInitializeWebProcess): Canonical link: https://commits.webkit.org/251693@main Modified Paths trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Diff Modified: trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm (295687 => 295688) --- trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2022-06-21 16:22:18 UTC (rev 295687) +++ trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2022-06-21 21:06:40 UTC (rev 295688) @@ -273,7 +273,7 @@ #if USE(APPLE_INTERNAL_SDK) if (parameters.enableDecodingHEIC) { ImageDecoderCG::enableDecodingHEIC(); -enableDecodingHEIC(); +setVideoDecoderBehaviors({ VideoDecoderBehavior::AvoidIOSurface, VideoDecoderBehavior::AvoidHardware, VideoDecoderBehavior::EnableHEIC }); } #endif #endif // HAVE(VIDEO_RESTRICTED_DECODING) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295644] trunk/Source/WebKit/Resources/SandboxProfiles/ios/ com.apple.WebKit.WebContent.sb.in
Title: [295644] trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Revision 295644 Author pvol...@apple.com Date 2022-06-17 14:42:20 -0700 (Fri, 17 Jun 2022) Log Message Remove some sandbox telemetry https://bugs.webkit.org/show_bug.cgi?id=241725 Reviewed by Geoffrey Garen. Remove some sandbox telemetry in the WebContent process on iOS to make room for other telemetry. * Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: Canonical link: https://commits.webkit.org/251649@main Modified Paths trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Diff Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (295643 => 295644) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-06-17 20:33:59 UTC (rev 295643) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-06-17 21:42:20 UTC (rev 295644) @@ -353,7 +353,7 @@ "com.apple.mt" "com.apple.preferences.sounds") -(deny mach-lookup (with telemetry) +(deny mach-lookup (global-name "com.apple.frontboard.systemappservices") ; -[UIViewServiceInterface _createProcessAssertion] -> SBSProcessIDForDisplayIdentifier() ) @@ -518,7 +518,7 @@ (global-name "com.apple.logd.events") ) -(deny mach-lookup (with telemetry) +(deny mach-lookup (with no-report) (global-name "com.apple.distributed_notifications@1v3")) (deny mach-lookup (with no-report) @@ -1172,9 +1172,12 @@ SYS_fgetxattr SYS_fstatat64 SYS_fsync +SYS_getattrlistbulk ;; xpc_realpath and directory enumeration SYS_getgid SYS_getxattr +SYS_iopolicysys SYS_mkdirat +SYS_open_dprotected_np SYS_openat_nocancel SYS_pread_nocancel SYS_rmdir @@ -1195,13 +1198,10 @@ SYS___pthread_kill SYS___pthread_sigmask SYS___semwait_signal -SYS_getattrlistbulk ;; xpc_realpath and directory enumeration -SYS_iopolicysys #if !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) SYS_necp_client_action SYS_necp_open #endif -SYS_open_dprotected_np SYS_psynch_rw_wrlock SYS_socket SYS_umask ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295600] trunk/Source/WebKit/UIProcess/WebProcessPool.cpp
Title: [295600] trunk/Source/WebKit/UIProcess/WebProcessPool.cpp Revision 295600 Author pvol...@apple.com Date 2022-06-16 11:08:23 -0700 (Thu, 16 Jun 2022) Log Message Handle display reconfiguration on main thread https://bugs.webkit.org/show_bug.cgi?id=241683 Reviewed by Simon Fraser. It is not safe to handle this on a non main thread, since we send messages to the WebContent and GPU process. * Source/WebKit/UIProcess/WebProcessPool.cpp: (WebKit::displayReconfigurationCallBack): Canonical link: https://commits.webkit.org/251605@main Modified Paths trunk/Source/WebKit/UIProcess/WebProcessPool.cpp Diff Modified: trunk/Source/WebKit/UIProcess/WebProcessPool.cpp (295599 => 295600) --- trunk/Source/WebKit/UIProcess/WebProcessPool.cpp 2022-06-16 18:06:45 UTC (rev 295599) +++ trunk/Source/WebKit/UIProcess/WebProcessPool.cpp 2022-06-16 18:08:23 UTC (rev 295600) @@ -682,15 +682,17 @@ #if PLATFORM(MAC) static void displayReconfigurationCallBack(CGDirectDisplayID display, CGDisplayChangeSummaryFlags flags, void *userInfo) { -auto screenProperties = WebCore::collectScreenProperties(); -for (auto& processPool : WebProcessPool::allProcessPools()) { -processPool->sendToAllProcesses(Messages::WebProcess::SetScreenProperties(screenProperties)); -processPool->sendToAllProcesses(Messages::WebProcess::DisplayConfigurationChanged(display, flags)); -if (auto gpuProcess = processPool->gpuProcess()) { -gpuProcess->displayConfigurationChanged(display, flags); -gpuProcess->setScreenProperties(screenProperties); +RunLoop::main().dispatch([display, flags]() { +auto screenProperties = WebCore::collectScreenProperties(); +for (auto& processPool : WebProcessPool::allProcessPools()) { +processPool->sendToAllProcesses(Messages::WebProcess::SetScreenProperties(screenProperties)); +processPool->sendToAllProcesses(Messages::WebProcess::DisplayConfigurationChanged(display, flags)); +if (auto gpuProcess = processPool->gpuProcess()) { +gpuProcess->displayConfigurationChanged(display, flags); +gpuProcess->setScreenProperties(screenProperties); +} } -} +}); } static void registerDisplayConfigurationCallback() ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295572] trunk/Source/WebKit
Title: [295572] trunk/Source/WebKit Revision 295572 Author pvol...@apple.com Date 2022-06-15 14:35:30 -0700 (Wed, 15 Jun 2022) Log Message Block network extension system calls https://bugs.webkit.org/show_bug.cgi?id=241633 Reviewed by Sihui Liu. After moving content filtering to the Network process and fixing an issue where Safari's injected bundle were making network calls, network extension system calls can be blocked in the WebContent process. * Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * Source/WebKit/WebProcess/com.apple.WebProcess.sb.in: Canonical link: https://commits.webkit.org/251577@main Modified Paths trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (295571 => 295572) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-06-15 20:44:22 UTC (rev 295571) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-06-15 21:35:30 UTC (rev 295572) @@ -1197,8 +1197,10 @@ SYS___semwait_signal SYS_getattrlistbulk ;; xpc_realpath and directory enumeration SYS_iopolicysys +#if !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) SYS_necp_client_action SYS_necp_open +#endif SYS_open_dprotected_np SYS_psynch_rw_wrlock SYS_socket Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (295571 => 295572) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-06-15 20:44:22 UTC (rev 295571) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-06-15 21:35:30 UTC (rev 295572) @@ -1987,8 +1987,10 @@ SYS_kevent ;; SYS_mlock SYS_munlock +#if !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) SYS_necp_client_action SYS_necp_open +#endif SYS_openat_nocancel SYS_proc_rlimit_control SYS_psynch_rw_rdlock ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295571] trunk/Source/WebKit
Title: [295571] trunk/Source/WebKit Revision 295571 Author pvol...@apple.com Date 2022-06-15 13:44:22 -0700 (Wed, 15 Jun 2022) Log Message Rename file https://bugs.webkit.org/show_bug.cgi?id=241644 Unreviewed, rename incorrectly named file AuxiliaryProcessProcyCocoa.mm. * Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProxyCocoa.mm: Renamed from Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProcyCocoa.mm. (WebKit::AuxiliaryProcessProxy::fetchAudioComponentServerRegistrations): * Source/WebKit/WebKit.xcodeproj/project.pbxproj: Canonical link: https://commits.webkit.org/251576@main Modified Paths trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj Added Paths trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProxyCocoa.mm Removed Paths trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProcyCocoa.mm Diff Deleted: trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProcyCocoa.mm (295570 => 295571) --- trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProcyCocoa.mm 2022-06-15 20:20:53 UTC (rev 295570) +++ trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProcyCocoa.mm 2022-06-15 20:44:22 UTC (rev 295571) @@ -1,58 +0,0 @@ -/* - * Copyright (C) 2022 Apple Inc. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - *notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - *notice, this list of conditions and the following disclaimer in the - *documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, - * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF - * THE POSSIBILITY OF SUCH DAMAGE. - */ - -#import "config.h" -#import "AuxiliaryProcessProxy.h" - -#if PLATFORM(COCOA) - -#import -#import - -namespace WebKit { - -#if HAVE(AUDIO_COMPONENT_SERVER_REGISTRATIONS) -RefPtr AuxiliaryProcessProxy::fetchAudioComponentServerRegistrations() -{ -using namespace PAL; - -CFDataRef registrations { nullptr }; - -if (!PAL::isAudioToolboxCoreFrameworkAvailable() || !PAL::canLoad_AudioToolboxCore_AudioComponentFetchServerRegistrations()) -return nullptr; - -WebCore::registerOpusDecoderIfNeeded(); -WebCore::registerVorbisDecoderIfNeeded(); - -if (noErr != AudioComponentFetchServerRegistrations() || !registrations) -return nullptr; - -return WebCore::SharedBuffer::create(registrations); -} -#endif - -} // namespace WebKit - -#endif // PLATFORM(COCOA) Copied: trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProxyCocoa.mm (from rev 295570, trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProcyCocoa.mm) (0 => 295571) --- trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProxyCocoa.mm (rev 0) +++ trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProxyCocoa.mm 2022-06-15 20:44:22 UTC (rev 295571) @@ -0,0 +1,58 @@ +/* + * Copyright (C) 2022 Apple Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
[webkit-changes] [295567] trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm
Title: [295567] trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm Revision 295567 Author pvol...@apple.com Date 2022-06-15 11:01:02 -0700 (Wed, 15 Jun 2022) Log Message Fix build issue https://bugs.webkit.org/show_bug.cgi?id=241637 Unreviewed, fix build issue after r295560. * Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm: Canonical link: https://commits.webkit.org/251572@main Modified Paths trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm Diff Modified: trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm (295566 => 295567) --- trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm 2022-06-15 17:58:39 UTC (rev 295566) +++ trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm 2022-06-15 18:01:02 UTC (rev 295567) @@ -26,7 +26,9 @@ #import "config.h" #import "AuxiliaryProcess.h" +#import "Logging.h" #import "OSStateSPI.h" +#import "SharedBufferReference.h" #import "WKCrashReporter.h" #import "XPCServiceEntryPoint.h" #import ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295560] trunk/Source
Title: [295560] trunk/Source Revision 295560 Author pvol...@apple.com Date 2022-06-15 08:39:17 -0700 (Wed, 15 Jun 2022) Log Message [GPUP] Send Audio component registrations from the UI process https://bugs.webkit.org/show_bug.cgi?id=241339 Reviewed by Geoffrey Garen. Currently, Audio component registrations are only sent to the WebContent process. They should be sent to the GPU process as well. This patch moves the existing registration code from the WebContent process code to the Auxiliary process code. * Source/WebKit/GPUProcess/GPUProcess.messages.in: * Source/WebKit/Shared/AuxiliaryProcess.h: * Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm: (WebKit::AuxiliaryProcess::consumeAudioComponentRegistrations): * Source/WebKit/UIProcess/AuxiliaryProcessProxy.h: * Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProcyCocoa.mm: Added. (WebKit::AuxiliaryProcessProxy::fetchAudioComponentServerRegistrations): * Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm: (WebKit::WebProcessProxy::sendAudioComponentRegistrations): * Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp: (WebKit::GPUProcessProxy::didFinishLaunching): * Source/WebKit/WebKit.xcodeproj/project.pbxproj: * Source/WebKit/WebProcess/WebProcess.h: * Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::consumeAudioComponentRegistrations): Deleted. Canonical link: https://commits.webkit.org/251565@main Modified Paths trunk/Source/WTF/wtf/PlatformHave.h trunk/Source/WebKit/GPUProcess/GPUProcess.messages.in trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in trunk/Source/WebKit/Shared/AuxiliaryProcess.h trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h trunk/Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp trunk/Source/WebKit/UIProcess/WebProcessPool.cpp trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj trunk/Source/WebKit/WebProcess/WebProcess.h trunk/Source/WebKit/WebProcess/WebProcess.messages.in trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Added Paths trunk/Source/WebKit/UIProcess/Cocoa/AuxiliaryProcessProcyCocoa.mm Diff Modified: trunk/Source/WTF/wtf/PlatformHave.h (295559 => 295560) --- trunk/Source/WTF/wtf/PlatformHave.h 2022-06-15 15:34:26 UTC (rev 295559) +++ trunk/Source/WTF/wtf/PlatformHave.h 2022-06-15 15:39:17 UTC (rev 295560) @@ -1236,6 +1236,10 @@ #define HAVE_UIKIT_RESIZABLE_WINDOWS 1 #endif +#if !defined(HAVE_AUDIO_COMPONENT_SERVER_REGISTRATIONS) && PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 12 +#define HAVE_AUDIO_COMPONENT_SERVER_REGISTRATIONS 1 +#endif + #if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 13) #define HAVE_SHARING_SERVICE_PICKER_POPOVER_SPI 1 #endif Modified: trunk/Source/WebKit/GPUProcess/GPUProcess.messages.in (295559 => 295560) --- trunk/Source/WebKit/GPUProcess/GPUProcess.messages.in 2022-06-15 15:34:26 UTC (rev 295559) +++ trunk/Source/WebKit/GPUProcess/GPUProcess.messages.in 2022-06-15 15:39:17 UTC (rev 295560) @@ -91,6 +91,10 @@ OpenDirectoryCacheInvalidated(WebKit::SandboxExtension::Handle handle) #endif +#if HAVE(AUDIO_COMPONENT_SERVER_REGISTRATIONS) +ConsumeAudioComponentRegistrations(IPC::SharedBufferReference registrationData) +#endif + #if HAVE(POWERLOG_TASK_MODE_QUERY) EnablePowerLogging(WebKit::SandboxExtension::Handle handle) #endif Modified: trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in (295559 => 295560) --- trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-06-15 15:34:26 UTC (rev 295559) +++ trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-06-15 15:39:17 UTC (rev 295560) @@ -642,8 +642,13 @@ (allow ipc-posix-shm-read* ipc-posix-shm-write-data (ipc-posix-name-prefix "AudioIO")) +#if HAVE(AUDIO_COMPONENT_SERVER_REGISTRATIONS) +(deny mach-lookup (with telemetry) +(global-name "com.apple.audio.AudioComponentRegistrar")) +#else (allow mach-lookup (global-name "com.apple.audio.AudioComponentRegistrar")) +#endif #if !ENABLE(CFPREFS_DIRECT_MODE) (allow mach-lookup (with telemetry) Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in (295559 => 295560) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-06-15 15:34:26 UTC (rev 295559) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-06-15 15:39:17 UTC (rev 295560) @@ -694,6 +694,9 @@ (xpc-service-name "com.apple.audio.toolbox.reporting.service") ) +(deny mach-lookup (with no-log) (with telemetry) +(global-name "com.apple.audio.AudioComponentRegistrar")) + (deny mach-lookup (with telemetry) (xpc-service-name "com.apple.iconservices") (global-name Modified: trunk/Source/WebKit/Shared/AuxiliaryProcess.h (295559 =>
[webkit-changes] [295530] trunk/Source
Title: [295530] trunk/Source Revision 295530 Author pvol...@apple.com Date 2022-06-14 11:06:06 -0700 (Tue, 14 Jun 2022) Log Message Create sandbox extension for Power logging service in the GPU process https://bugs.webkit.org/show_bug.cgi?id=241227 Reviewed by Geoffrey Garen. When power logging is enabled, the GPU process on macOS should be granted access to the Power logging service. * Source/WTF/wtf/PlatformHave.h: * Source/WebCore/PAL/PAL.xcodeproj/project.pbxproj: * Source/WebCore/PAL/pal/spi/mac/PowerLogSPI.h: Copied from Source/WebKit/UIProcess/Cocoa/GPUProcessProxyCocoa.mm. * Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp: (WebCore::createImageSourceOptions): * Source/WebKit/Configurations/WebKit.xcconfig: * Source/WebKit/GPUProcess/GPUProcess.h: * Source/WebKit/GPUProcess/GPUProcess.messages.in: * Source/WebKit/GPUProcess/mac/GPUProcessMac.mm: (WebKit::GPUProcess::openDirectoryCacheInvalidated): (WebKit::GPUProcess::enablePowerLogging): * Source/WebKit/UIProcess/Cocoa/GPUProcessProxyCocoa.mm: (WebKit::GPUProcessProxy::powerLoggingInTaskMode const): (WebKit::GPUProcessProxy::enablePowerLogging): * Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::registerNotificationObservers): (WebKit::WebProcessPool::unregisterNotificationObservers): * Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp: (WebKit::GPUProcessProxy::didFinishLaunching): * Source/WebKit/UIProcess/GPU/GPUProcessProxy.h: * Source/WebKit/UIProcess/WebProcessPool.h: * WebKit.xcworkspace/xcshareddata/xcschemes/All Source.xcscheme: Canonical link: https://commits.webkit.org/251534@main Modified Paths trunk/Source/WTF/wtf/PlatformHave.h trunk/Source/WebCore/PAL/PAL.xcodeproj/project.pbxproj trunk/Source/WebKit/Configurations/WebKit.xcconfig trunk/Source/WebKit/GPUProcess/GPUProcess.h trunk/Source/WebKit/GPUProcess/GPUProcess.messages.in trunk/Source/WebKit/GPUProcess/mac/GPUProcessMac.mm trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in trunk/Source/WebKit/UIProcess/Cocoa/GPUProcessProxyCocoa.mm trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.h trunk/Source/WebKit/UIProcess/WebProcessPool.h Added Paths trunk/Source/WebCore/PAL/pal/spi/mac/PowerLogSPI.h Diff Modified: trunk/Source/WTF/wtf/PlatformHave.h (295529 => 295530) --- trunk/Source/WTF/wtf/PlatformHave.h 2022-06-14 18:05:06 UTC (rev 295529) +++ trunk/Source/WTF/wtf/PlatformHave.h 2022-06-14 18:06:06 UTC (rev 295530) @@ -1256,3 +1256,7 @@ || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 16)) #define HAVE_APPLE_PUSH_SERVICE_URL_TOKEN_SUPPORT 1 #endif + +#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 13) +#define HAVE_POWERLOG_TASK_MODE_QUERY 1 +#endif Modified: trunk/Source/WebCore/PAL/PAL.xcodeproj/project.pbxproj (295529 => 295530) --- trunk/Source/WebCore/PAL/PAL.xcodeproj/project.pbxproj 2022-06-14 18:05:06 UTC (rev 295529) +++ trunk/Source/WebCore/PAL/PAL.xcodeproj/project.pbxproj 2022-06-14 18:06:06 UTC (rev 295530) @@ -437,6 +437,7 @@ DD20DE6427BC90D80093D175 /* ThreadGlobalData.h in Headers */ = {isa = PBXBuildFile; fileRef = 1C5C57DE275719F4003B540D /* ThreadGlobalData.h */; settings = {ATTRIBUTES = (Private, ); }; }; DD20DE6527BC90F90093D175 /* config.h in Headers */ = {isa = PBXBuildFile; fileRef = 1C09D0571E31C57E00725F18 /* config.h */; }; DDB04F32278E4F1B008D3678 /* libWebKitAdditions.a in Product Dependencies */ = {isa = PBXBuildFile; fileRef = DDE99300278D07B800F60D26 /* libWebKitAdditions.a */; }; + E34F26F62846D0D90076E549 /* PowerLogSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = E34F26F52846B7550076E549 /* PowerLogSPI.h */; settings = {ATTRIBUTES = (Private, ); }; }; F44291641FA52670002CC93E /* FileSizeFormatter.cpp in Sources */ = {isa = PBXBuildFile; fileRef = F44291621FA52670002CC93E /* FileSizeFormatter.cpp */; }; F44291681FA52705002CC93E /* FileSizeFormatterCocoa.mm in Sources */ = {isa = PBXBuildFile; fileRef = F44291661FA52705002CC93E /* FileSizeFormatterCocoa.mm */; }; F46B8C4D26740918007A6554 /* VisionKitCoreSoftLink.mm in Sources */ = {isa = PBXBuildFile; fileRef = F46B8C4C26740918007A6554 /* VisionKitCoreSoftLink.mm */; }; @@ -948,6 +949,7 @@ DDE99300278D07B800F60D26 /* libWebKitAdditions.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; path = libWebKitAdditions.a; sourceTree = BUILT_PRODUCTS_DIR; }; DF83E208263734F1000825EF /* CryptoKitPrivateSPI.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoKitPrivateSPI.h; sourceTree = ""; }; E327C0DE260BDC90002281C5 /* NotifySPI.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = NotifySPI.h; sourceTree = ""; }; + E34F26F52846B7550076E549 /* PowerLogSPI.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = PowerLogSPI.h; sourceTree = ""; };
[webkit-changes] [295528] trunk/Source
Title: [295528] trunk/Source Revision 295528 Author pvol...@apple.com Date 2022-06-14 11:02:18 -0700 (Tue, 14 Jun 2022) Log Message Adopt SPI to get default content of Launch Services database https://bugs.webkit.org/show_bug.cgi?id=241286 Reviewed by Geoffrey Garen. Adopt SPI to get system content of Launch Services database. If this SPI is available, it will replace the SPI we currently use to retrieve the database in the Network process. * Source/WTF/wtf/PlatformHave.h: * Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm: (WebKit::LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver): (WebKit::LaunchServicesDatabaseObserver::startObserving): (WebKit::LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver): Canonical link: https://commits.webkit.org/251533@main Modified Paths trunk/Source/WTF/wtf/PlatformHave.h trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm Diff Modified: trunk/Source/WTF/wtf/PlatformHave.h (295527 => 295528) --- trunk/Source/WTF/wtf/PlatformHave.h 2022-06-14 17:51:22 UTC (rev 295527) +++ trunk/Source/WTF/wtf/PlatformHave.h 2022-06-14 18:02:18 UTC (rev 295528) @@ -1229,6 +1229,11 @@ #define HAVE_DDRESULT_DISABLE_URL_SCHEME_CHECKING 1 #endif +#if ((PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 13) \ +|| (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 16)) +#define HAVE_SYSTEM_CONTENT_LS_DATABASE 1 +#endif + #if !defined(HAVE_VK_IMAGE_TRANSLATION_SUPPORT) \ && ((PLATFORM(MAC) && __MAC_OS_X_VERSION_MAX_ALLOWED >= 13) \ || ((PLATFORM(IOS) || PLATFORM(MACCATALYST)) && __IPHONE_OS_VERSION_MAX_ALLOWED >= 16)) Modified: trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm (295527 => 295528) --- trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-06-14 17:51:22 UTC (rev 295527) +++ trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-06-14 18:02:18 UTC (rev 295528) @@ -36,7 +36,7 @@ LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver(NetworkProcess&) { -#if HAVE(LSDATABASECONTEXT) +#if HAVE(LSDATABASECONTEXT) && !HAVE(SYSTEM_CONTENT_LS_DATABASE) m_observer = [LSDatabaseContext.sharedDatabaseContext addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); @@ -63,7 +63,18 @@ m_connections.append(connection); } -#if HAVE(LSDATABASECONTEXT) +#if HAVE(SYSTEM_CONTENT_LS_DATABASE) +[LSDatabaseContext.sharedDatabaseContext getSystemContentDatabaseObject4WebKit:makeBlockPtr([connection = connection] (xpc_object_t _Nullable object, NSError * _Nullable error) { +if (!object) +return; +auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); +xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); +xpc_dictionary_set_value(message.get(), LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseKey, object); + +xpc_connection_send_message(connection.get(), message.get()); + +}).get()]; +#elif HAVE(LSDATABASECONTEXT) RetainPtr observer = [LSDatabaseContext.sharedDatabaseContext addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); @@ -82,7 +93,7 @@ LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver() { -#if HAVE(LSDATABASECONTEXT) +#if HAVE(LSDATABASECONTEXT) && !HAVE(SYSTEM_CONTENT_LS_DATABASE) [LSDatabaseContext.sharedDatabaseContext removeDatabaseChangeObserver4WebKit:m_observer.get()]; #endif } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295510] trunk/Source
Title: [295510] trunk/Source Revision 295510 Author pvol...@apple.com Date 2022-06-13 18:17:18 -0700 (Mon, 13 Jun 2022) Log Message [Catalyst] Fix build https://bugs.webkit.org/show_bug.cgi?id=241573 Reviewed by Wenson Hsieh. The function CGSSetDenyWindowServerConnections has not been declared. * Source/WebCore/PAL/pal/spi/cg/CoreGraphicsSPI.h: * Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm: Canonical link: https://commits.webkit.org/251515@main Modified Paths trunk/Source/WebCore/PAL/pal/spi/cg/CoreGraphicsSPI.h trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm Diff Modified: trunk/Source/WebCore/PAL/pal/spi/cg/CoreGraphicsSPI.h (295509 => 295510) --- trunk/Source/WebCore/PAL/pal/spi/cg/CoreGraphicsSPI.h 2022-06-14 01:00:05 UTC (rev 295509) +++ trunk/Source/WebCore/PAL/pal/spi/cg/CoreGraphicsSPI.h 2022-06-14 01:17:18 UTC (rev 295510) @@ -368,7 +368,6 @@ size_t CGDisplayModeGetPixelsWide(CGDisplayModeRef); size_t CGDisplayModeGetPixelsHigh(CGDisplayModeRef); -CGError CGSSetDenyWindowServerConnections(bool); typedef int32_t CGSDisplayID; CGSDisplayID CGSMainDisplayID(void); @@ -375,6 +374,10 @@ IOHIDEventRef CGEventCopyIOHIDEvent(CGEventRef); #endif // PLATFORM(MAC) +#if PLATFORM(MAC) || PLATFORM(MACCATALYST) +CGError CGSSetDenyWindowServerConnections(bool); +#endif + #if ENABLE(PDFKIT_PLUGIN) && !USE(APPLE_INTERNAL_SDK) extern const off_t kCGDataProviderIndeterminateSize; Modified: trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm (295509 => 295510) --- trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm 2022-06-14 01:00:05 UTC (rev 295509) +++ trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm 2022-06-14 01:17:18 UTC (rev 295510) @@ -32,6 +32,7 @@ #import #import #import +#import #import #import #import ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295452] trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm
Title: [295452] trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Revision 295452 Author pvol...@apple.com Date 2022-06-10 08:11:58 -0700 (Fri, 10 Jun 2022) Log Message Disable URL scheme check in Data Detectors for all clients https://bugs.webkit.org/show_bug.cgi?id=241273 Reviewed by Geoffrey Garen. We are seeing telmetry where also Web browser clients are attempting to connect to Launch Services when data detection is trying to find an application to handle a URL with a custom scheme. Since Launch Services is blocked in the sandbox, the WebContent process will be unable to determine if there is an application that can open this URL, and the link will not be clickable. This can be addressed by disabling the URL scheme check in Data Detectors for all clients. * Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::platformInitializeWebProcess): Canonical link: https://commits.webkit.org/251458@main Modified Paths trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Diff Modified: trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm (295451 => 295452) --- trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2022-06-10 14:51:23 UTC (rev 295451) +++ trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2022-06-10 15:11:58 UTC (rev 295452) @@ -431,8 +431,7 @@ accessibilityPreferencesDidChange(parameters.accessibilityPreferences); -if (!isParentProcessAFullWebBrowser(*this)) -disableURLSchemeCheckInDataDetectors(); +disableURLSchemeCheckInDataDetectors(); // Soft link frameworks related to Data Detection before we disconnect from launchd because these frameworks connect to // launchd temporarily at link time to register XPC services. See rdar://93598951 (my feature request to stop doing that) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295445] trunk/Source/WebKit/NetworkProcess/cocoa/ LaunchServicesDatabaseObserver.mm
Title: [295445] trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm Revision 295445 Author pvol...@apple.com Date 2022-06-09 21:58:46 -0700 (Thu, 09 Jun 2022) Log Message Revert r295422 https://bugs.webkit.org/show_bug.cgi?id=241502 Unreviewed, revert r295422. * Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm: (WebKit::LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver): (WebKit::LaunchServicesDatabaseObserver::startObserving): (WebKit::LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver): (WebKit::hasSystemContentDatabase): Deleted. Canonical link: https://commits.webkit.org/251451@main Modified Paths trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm Diff Modified: trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm (295444 => 295445) --- trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-06-10 03:08:10 UTC (rev 295444) +++ trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-06-10 04:58:46 UTC (rev 295445) @@ -34,19 +34,9 @@ namespace WebKit { -#if HAVE(LSDATABASECONTEXT) -static bool hasSystemContentDatabase() -{ -return [LSDatabaseContext.sharedDatabaseContext respondsToSelector:@selector(getSystemContentDatabaseObject4WebKit:)]; -} -#endif - LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver(NetworkProcess&) { #if HAVE(LSDATABASECONTEXT) -if (hasSystemContentDatabase()) -return; - m_observer = [LSDatabaseContext.sharedDatabaseContext addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); @@ -74,20 +64,6 @@ } #if HAVE(LSDATABASECONTEXT) -if (hasSystemContentDatabase()) { -[LSDatabaseContext.sharedDatabaseContext getSystemContentDatabaseObject4WebKit:makeBlockPtr([connection = connection] (xpc_object_t _Nullable object, NSError * _Nullable error) { -if (!object) -return; -auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); -xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); -xpc_dictionary_set_value(message.get(), LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseKey, object); - -xpc_connection_send_message(connection.get(), message.get()); - -}).get()]; -return; -} - RetainPtr observer = [LSDatabaseContext.sharedDatabaseContext addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); @@ -107,8 +83,6 @@ LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver() { #if HAVE(LSDATABASECONTEXT) -if (hasSystemContentDatabase()) -return; [LSDatabaseContext.sharedDatabaseContext removeDatabaseChangeObserver4WebKit:m_observer.get()]; #endif } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295442] trunk/Source/WebKit/NetworkProcess/cocoa/ LaunchServicesDatabaseObserver.mm
Title: [295442] trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm Revision 295442 Author pvol...@apple.com Date 2022-06-09 17:31:13 -0700 (Thu, 09 Jun 2022) Log Message Build fix after r295422 https://bugs.webkit.org/show_bug.cgi?id=241494 Unreviewed, build fix. * Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm: Canonical link: https://commits.webkit.org/251448@main Modified Paths trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm Diff Modified: trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm (295441 => 295442) --- trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-06-10 00:14:26 UTC (rev 295441) +++ trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-06-10 00:31:13 UTC (rev 295442) @@ -34,10 +34,12 @@ namespace WebKit { +#if HAVE(LSDATABASECONTEXT) static bool hasSystemContentDatabase() { return [LSDatabaseContext.sharedDatabaseContext respondsToSelector:@selector(getSystemContentDatabaseObject4WebKit:)]; } +#endif LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver(NetworkProcess&) { ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295422] trunk/Source
Title: [295422] trunk/Source Revision 295422 Author pvol...@apple.com Date 2022-06-09 10:16:02 -0700 (Thu, 09 Jun 2022) Log Message Adopt SPI to get default content of Launch Services database https://bugs.webkit.org/show_bug.cgi?id=241286 Reviewed by Geoffrey Garen. Adopt SPI to get system content of Launch Services database. If this SPI is available, it will replace the SPI we currently use to retrieve the database in the Network process. * Source/WebCore/PAL/pal/spi/cocoa/LaunchServicesSPI.h: * Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm: (WebKit::LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver): (WebKit::LaunchServicesDatabaseObserver::startObserving): (WebKit::LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver): Canonical link: https://commits.webkit.org/251428@main Modified Paths trunk/Source/WebCore/PAL/pal/spi/cocoa/LaunchServicesSPI.h trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm Diff Modified: trunk/Source/WebCore/PAL/pal/spi/cocoa/LaunchServicesSPI.h (295421 => 295422) --- trunk/Source/WebCore/PAL/pal/spi/cocoa/LaunchServicesSPI.h 2022-06-09 15:58:02 UTC (rev 295421) +++ trunk/Source/WebCore/PAL/pal/spi/cocoa/LaunchServicesSPI.h 2022-06-09 17:16:02 UTC (rev 295422) @@ -120,6 +120,8 @@ - (id )addDatabaseChangeObserver4WebKit:(void (^)(xpc_object_t change))observer; - (void)removeDatabaseChangeObserver4WebKit:(id )token; - (void)observeDatabaseChange4WebKit:(xpc_object_t)change; + +- (void)getSystemContentDatabaseObject4WebKit:(void (^)(xpc_object_t object, NSError *error))completion; @end #endif #endif Modified: trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm (295421 => 295422) --- trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-06-09 15:58:02 UTC (rev 295421) +++ trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-06-09 17:16:02 UTC (rev 295422) @@ -1,5 +1,5 @@ /* - * Copyright (C) 2020 Apple Inc. All rights reserved. + * Copyright (C) 2020, 2022 Apple Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -28,14 +28,23 @@ #import "LaunchServicesDatabaseXPCConstants.h" #import +#import #import #import namespace WebKit { +static bool hasSystemContentDatabase() +{ +return [LSDatabaseContext.sharedDatabaseContext respondsToSelector:@selector(getSystemContentDatabaseObject4WebKit:)]; +} + LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver(NetworkProcess&) { #if HAVE(LSDATABASECONTEXT) +if (hasSystemContentDatabase()) +return; + m_observer = [LSDatabaseContext.sharedDatabaseContext addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); @@ -63,6 +72,20 @@ } #if HAVE(LSDATABASECONTEXT) +if (hasSystemContentDatabase()) { +[LSDatabaseContext.sharedDatabaseContext getSystemContentDatabaseObject4WebKit:makeBlockPtr([connection = connection] (xpc_object_t _Nullable object, NSError * _Nullable error) { +if (!object) +return; +auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); +xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); +xpc_dictionary_set_value(message.get(), LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseKey, object); + +xpc_connection_send_message(connection.get(), message.get()); + +}).get()]; +return; +} + RetainPtr observer = [LSDatabaseContext.sharedDatabaseContext addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); @@ -82,6 +105,8 @@ LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver() { #if HAVE(LSDATABASECONTEXT) +if (hasSystemContentDatabase()) +return; [LSDatabaseContext.sharedDatabaseContext removeDatabaseChangeObserver4WebKit:m_observer.get()]; #endif } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295395] trunk/Source/WebKitLegacy/WebKitLegacy.vcxproj/WebKitLegacy.proj
Title: [295395] trunk/Source/WebKitLegacy/WebKitLegacy.vcxproj/WebKitLegacy.proj Revision 295395 Author pvol...@apple.com Date 2022-06-08 15:10:21 -0700 (Wed, 08 Jun 2022) Log Message [Win] WebKitQuartzCoreAdditions.dll is not installed https://bugs.webkit.org/show_bug.cgi?id=241430 Reviewed by Brent Fulgham. WebKitQuartzCoreAdditions.dll is not copied to DSTROOT after build. * Source/WebKitLegacy/WebKitLegacy.vcxproj/WebKitLegacy.proj: Canonical link: https://commits.webkit.org/251401@main Modified Paths trunk/Source/WebKitLegacy/WebKitLegacy.vcxproj/WebKitLegacy.proj Diff Modified: trunk/Source/WebKitLegacy/WebKitLegacy.vcxproj/WebKitLegacy.proj (295394 => 295395) --- trunk/Source/WebKitLegacy/WebKitLegacy.vcxproj/WebKitLegacy.proj 2022-06-08 21:23:35 UTC (rev 295394) +++ trunk/Source/WebKitLegacy/WebKitLegacy.vcxproj/WebKitLegacy.proj 2022-06-08 22:10:21 UTC (rev 295395) @@ -75,10 +75,10 @@ - + - + ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295287] trunk/Source
Title: [295287] trunk/Source Revision 295287 Author pvol...@apple.com Date 2022-06-06 08:22:21 -0700 (Mon, 06 Jun 2022) Log Message Eagerly soft link Data Detection frameworks https://bugs.webkit.org/show_bug.cgi?id=241267 Reviewed by Geoffrey Garen. Eagerly soft link Data Detection frameworks in the WebContent process. There are two motivations behind this change. First, soft linking frameworks may lead to communication with launchd. Doing the soft linking before the WebContent process has finished launching, will help our effort in blocking launchd post launch. Second, the data detection frameworks are normally used in every WebContent process, and eagerly soft linking them should be a performance improvement. Ideally, these frameworks should be hard linked or weak linked. However, that would most likely create cycles in the build dependencies. * Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h: * Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm: * Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::softlinkDataDetectorsFrameworks): (WebKit::WebProcess::platformInitializeWebProcess): Canonical link: https://commits.webkit.org/251333@main Modified Paths trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Diff Modified: trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h (295286 => 295287) --- trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h 2022-06-06 14:34:46 UTC (rev 295286) +++ trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h 2022-06-06 15:22:21 UTC (rev 295287) @@ -30,6 +30,8 @@ #include #include +SOFT_LINK_FRAMEWORK_FOR_HEADER(PAL, DataDetectorsCore); + SOFT_LINK_CLASS_FOR_HEADER(PAL, DDScannerResult) #if PLATFORM(MAC) Modified: trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm (295286 => 295287) --- trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm 2022-06-06 14:34:46 UTC (rev 295286) +++ trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm 2022-06-06 15:22:21 UTC (rev 295287) @@ -30,7 +30,7 @@ #include #include -SOFT_LINK_PRIVATE_FRAMEWORK_FOR_SOURCE(PAL, DataDetectorsCore) +SOFT_LINK_PRIVATE_FRAMEWORK_FOR_SOURCE_WITH_EXPORT(PAL, DataDetectorsCore, PAL_EXPORT) SOFT_LINK_CLASS_FOR_SOURCE_WITH_EXPORT(PAL, DataDetectorsCore, DDScannerResult, PAL_EXPORT) #if PLATFORM(MAC) Modified: trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm (295286 => 295287) --- trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2022-06-06 14:34:46 UTC (rev 295286) +++ trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2022-06-06 15:22:21 UTC (rev 295287) @@ -154,6 +154,10 @@ #import #endif +#if ENABLE(DATA_DETECTION) && PLATFORM(IOS_FAMILY) +#import +#endif + #import #import #import @@ -224,6 +228,16 @@ } #endif +static void softlinkDataDetectorsFrameworks() +{ +#if ENABLE(DATA_DETECTION) +PAL::isDataDetectorsCoreFrameworkAvailable(); +#if PLATFORM(IOS_FAMILY) +DataDetectorsUILibrary(); +#endif // PLATFORM(IOS_FAMILY) +#endif // ENABLE(DATA_DETECTION) +} + void WebProcess::platformInitializeWebProcess(WebProcessCreationParameters& parameters) { applyProcessCreationParameters(parameters.auxiliaryProcessParameters); @@ -418,6 +432,10 @@ if (!isParentProcessAFullWebBrowser(*this)) disableURLSchemeCheckInDataDetectors(); + +// Soft link frameworks related to Data Detection before we disconnect from launchd because these frameworks connect to +// launchd temporarily at link time to register XPC services. See rdar://93598951 (my feature request to stop doing that) +softlinkDataDetectorsFrameworks(); } void WebProcess::platformSetWebsiteDataStoreParameters(WebProcessDataStoreParameters&& parameters) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295235] trunk/Source/WebKit/Resources/SandboxProfiles/ios/ com.apple.WebKit.GPU.sb.in
Title: [295235] trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in Revision 295235 Author pvol...@apple.com Date 2022-06-03 14:44:57 -0700 (Fri, 03 Jun 2022) Log Message [iOS][GPUP] Add read access to Mobile asset font directory https://bugs.webkit.org/show_bug.cgi?id=241276 Reviewed by Geoffrey Garen. * Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in: Canonical link: https://commits.webkit.org/251290@main Modified Paths trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in Diff Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in (295234 => 295235) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-06-03 21:21:14 UTC (rev 295234) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-06-03 21:44:57 UTC (rev 295235) @@ -490,6 +490,9 @@ ;; Permit reading assets via MobileAsset framework. (asset-access 'with-media-playback) +(allow file-read* +(subpath "/private/var/MobileAsset/AssetsV2/com_apple_MobileAsset_Font7")) + ;; allow 3rd party applications to access nsurlstoraged's top level domain data cache (allow-well-known-system-group-container-literal-read "/systemgroup.com.apple.nsurlstoragedresources/Library/dafsaData.bin") ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295234] trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm
Title: [295234] trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm Revision 295234 Author pvol...@apple.com Date 2022-06-03 14:21:14 -0700 (Fri, 03 Jun 2022) Log Message Enable HEIC decoding for all non-browser apps on macOS https://bugs.webkit.org/show_bug.cgi?id=241271 Reviewed by Geoffrey Garen. Enable HEIC decoding for all non-browser apps on macOS, since this capability is also needed for other apps besides Mail. We do not want to enable it for Web browsers yet, since this currently requries an unconditional sandbox extension for trustd. * Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitializeWebProcess): Canonical link: https://commits.webkit.org/251289@main Modified Paths trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm Diff Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm (295233 => 295234) --- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2022-06-03 21:12:12 UTC (rev 295233) +++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2022-06-03 21:21:14 UTC (rev 295234) @@ -393,7 +393,7 @@ #if HAVE(VIDEO_RESTRICTED_DECODING) #if PLATFORM(MAC) -if (MacApplication::isAppleMail() || CocoaApplication::isWebkitTestRunner()) { +if (!isFullWebBrowser()) { if (auto trustdExtensionHandle = SandboxExtension::createHandleForMachLookup("com.apple.trustd.agent"_s, std::nullopt)) parameters.trustdExtensionHandle = WTFMove(*trustdExtensionHandle); parameters.enableDecodingHEIC = true; ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [295213] trunk/Source
Title: [295213] trunk/Source Revision 295213 Author pvol...@apple.com Date 2022-06-03 08:55:01 -0700 (Fri, 03 Jun 2022) Log Message Call function to restrict image decoders for all clients https://bugs.webkit.org/show_bug.cgi?id=240958 Reviewed by Geoffrey Garen. Call function to enable HEIC decoding for all clients on iOS. The main motivation behind this patch is to avoid using IOKit when decoding HEIC or JPEGs with aux HEIC. Calling enableDecodingHEIC() will make sure IOKit is not being used, as well as enabling HEIC decoding. We previously only did this for Mail, but decoding of HEIC images should be possible for all clients. We are not enabling this for all clients on macOS, since macOS is not blocking IOKit in the WebContent process. This patch also renames the function, since the former name was not accurate. * Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp: (WebCore::createImageSourceOptions): (WebCore::ImageDecoderCG::enableDecodeHEIC): (WebCore::ImageDecoderCG::decodeHEICEnabled): (WebCore::ImageDecoderCG::enableRestrictedDecoding): Deleted. (WebCore::ImageDecoderCG::restrictedDecodingEnabled): Deleted. * Source/WebCore/platform/graphics/cg/ImageDecoderCG.h: * Source/WebKit/Shared/WebProcessCreationParameters.cpp: (WebKit::WebProcessCreationParameters::encode const): (WebKit::WebProcessCreationParameters::decode): * Source/WebKit/Shared/WebProcessCreationParameters.h: * Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitializeWebProcess): * Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::platformInitializeWebProcess): Canonical link: https://commits.webkit.org/251270@main Modified Paths trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.h trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp trunk/Source/WebKit/Shared/WebProcessCreationParameters.h trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Diff Modified: trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp (295212 => 295213) --- trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp 2022-06-03 15:47:55 UTC (rev 295212) +++ trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp 2022-06-03 15:55:01 UTC (rev 295213) @@ -76,7 +76,7 @@ CFDictionarySetValue(options.get(), kCGImageSourceUseHardwareAcceleration, kCFBooleanFalse); #if HAVE(IMAGE_RESTRICTED_DECODING) && USE(APPLE_INTERNAL_SDK) -if (ImageDecoderCG::restrictedDecodingEnabled()) +if (ImageDecoderCG::decodingHEICEnabled()) CFDictionarySetValue(options.get(), kCGImageSourceEnableRestrictedDecoding, kCFBooleanTrue); #endif @@ -268,7 +268,7 @@ } #endif -bool ImageDecoderCG::s_enableRestrictedDecoding = false; +bool ImageDecoderCG::s_enableDecodingHEIC = false; bool ImageDecoderCG::s_hardwareAcceleratedDecodingDisabled = false; ImageDecoderCG::ImageDecoderCG(FragmentedSharedBuffer& data, AlphaOption, GammaAndColorProfileOption) @@ -611,14 +611,14 @@ return MIMETypeRegistry::isSupportedImageMIMEType(mimeType); } -void ImageDecoderCG::enableRestrictedDecoding() +void ImageDecoderCG::enableDecodingHEIC() { -s_enableRestrictedDecoding = true; +s_enableDecodingHEIC = true; } -bool ImageDecoderCG::restrictedDecodingEnabled() +bool ImageDecoderCG::decodingHEICEnabled() { -return s_enableRestrictedDecoding; +return s_enableDecodingHEIC; } void ImageDecoderCG::disableHardwareAcceleratedDecoding() Modified: trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.h (295212 => 295213) --- trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.h 2022-06-03 15:47:55 UTC (rev 295212) +++ trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.h 2022-06-03 15:55:01 UTC (rev 295213) @@ -70,8 +70,8 @@ bool isAllDataReceived() const final { return m_isAllDataReceived; } void clearFrameBufferCache(size_t) final { } -WEBCORE_EXPORT static void enableRestrictedDecoding(); -static bool restrictedDecodingEnabled(); +WEBCORE_EXPORT static void enableDecodingHEIC(); +static bool decodingHEICEnabled(); WEBCORE_EXPORT static void disableHardwareAcceleratedDecoding(); static bool hardwareAcceleratedDecodingDisabled(); @@ -80,7 +80,7 @@ bool m_isAllDataReceived { false }; mutable EncodedDataStatus m_encodedDataStatus { EncodedDataStatus::Unknown }; RetainPtr m_nativeDecoder; -static bool s_enableRestrictedDecoding; +static bool s_enableDecodingHEIC; static bool s_hardwareAcceleratedDecodingDisabled; }; Modified: trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp (295212 => 295213) --- trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp 2022-06-03 15:47:55 UTC (rev 295212) +++ trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp 2022-06-03 15:55:01 UTC (rev 295213) @@ -163,7 +163,7 @@ #if
[webkit-changes] [295087] trunk/Source/WebKit
Title: [295087] trunk/Source/WebKit Revision 295087 Author pvol...@apple.com Date 2022-06-01 08:04:44 -0700 (Wed, 01 Jun 2022) Log Message [iOS][GPUP] Apply workaround for invalid Mobile Gestalt cache https://bugs.webkit.org/show_bug.cgi?id=241036 Reviewed by Geoffrey Garen. In the WebContent process on iOS, we have a workaround to repopulate the Mobile Gestalt cache in case the disk version is invalid. This workaround should be applied to the GPU process as well. * Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp: (WebKit::GPUProcessCreationParameters::encode const): (WebKit::GPUProcessCreationParameters::decode): * Source/WebKit/GPUProcess/GPUProcessCreationParameters.h: * Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in: * Source/WebKit/Shared/AuxiliaryProcess.h: * Source/WebKit/Shared/AuxiliaryProcess.cpp: (WebKit::AuxiliaryProcess::populateMobileGestaltCache): * Source/WebKit/Shared/ios/AuxiliaryProcessIOS.cpp: (WebKit::AuxiliaryProcess::populateMobileGestaltCache): * Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp: (WebKit::AuxiliaryProcessProxy::createMobileGestaltSandboxExtensionIfNeeded const): * Source/WebKit/UIProcess/AuxiliaryProcessProxy.h: * Source/WebKit/UIProcess/Cocoa/GPUProcessProxyCocoa.mm: (WebKit::GPUProcessProxy::platformInitializeGPUProcessParameters): * Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitializeWebProcess): * Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::platformInitializeWebProcess): Canonical link: https://commits.webkit.org/251182@main Modified Paths trunk/Source/WebKit/GPUProcess/GPUProcess.cpp trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in trunk/Source/WebKit/Shared/AuxiliaryProcess.cpp trunk/Source/WebKit/Shared/AuxiliaryProcess.h trunk/Source/WebKit/Shared/ios/AuxiliaryProcessIOS.mm trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h trunk/Source/WebKit/UIProcess/Cocoa/GPUProcessProxyCocoa.mm trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Diff Modified: trunk/Source/WebKit/GPUProcess/GPUProcess.cpp (295086 => 295087) --- trunk/Source/WebKit/GPUProcess/GPUProcess.cpp 2022-06-01 11:29:56 UTC (rev 295086) +++ trunk/Source/WebKit/GPUProcess/GPUProcess.cpp 2022-06-01 15:04:44 UTC (rev 295087) @@ -265,6 +265,8 @@ SandboxExtension::consumePermanently(parameters.dynamicIOKitExtensionHandles); #endif +populateMobileGestaltCache(WTFMove(parameters.mobileGestaltExtensionHandle)); + #if HAVE(CGIMAGESOURCE_WITH_SET_ALLOWABLE_TYPES) auto emptyArray = adoptCF(CFArrayCreate(kCFAllocatorDefault, nullptr, 0, )); CGImageSourceSetAllowableTypes(emptyArray.get()); Modified: trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp (295086 => 295087) --- trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp 2022-06-01 11:29:56 UTC (rev 295086) +++ trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp 2022-06-01 15:04:44 UTC (rev 295087) @@ -61,6 +61,7 @@ encoder << compilerServiceExtensionHandles; encoder << dynamicIOKitExtensionHandles; #endif +encoder << mobileGestaltExtensionHandle; encoder << applicationVisibleName; } @@ -112,6 +113,12 @@ result.dynamicIOKitExtensionHandles = WTFMove(*dynamicIOKitExtensionHandles); #endif +std::optional> mobileGestaltExtensionHandle; +decoder >> mobileGestaltExtensionHandle; +if (!mobileGestaltExtensionHandle) +return false; +result.mobileGestaltExtensionHandle = WTFMove(*mobileGestaltExtensionHandle); + if (!decoder.decode(result.applicationVisibleName)) return false; Modified: trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h (295086 => 295087) --- trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h 2022-06-01 11:29:56 UTC (rev 295086) +++ trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h 2022-06-01 15:04:44 UTC (rev 295087) @@ -61,6 +61,7 @@ Vector compilerServiceExtensionHandles; Vector dynamicIOKitExtensionHandles; #endif +std::optional mobileGestaltExtensionHandle; String applicationVisibleName; Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in (295086 => 295087) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-06-01 11:29:56 UTC (rev 295086) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-06-01 15:04:44 UTC (rev 295087) @@ -401,6 +401,11 @@ (allow mach-lookup (with telemetry) (global-name "com.apple.tccd")) +(allow mach-lookup +(require-all +(extension "com.apple.webkit.extension.mach") +(global-name
[webkit-changes] [294969] trunk/Source/WebKit/GPUProcess/mac/ com.apple.WebKit.GPUProcess.sb.in
Title: [294969] trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in Revision 294969 Author pvol...@apple.com Date 2022-05-27 17:00:04 -0700 (Fri, 27 May 2022) Log Message [macOS][GPUP] Block unused system calls https://bugs.webkit.org/show_bug.cgi?id=240966 Reviewed by Chris Dumez. * Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: Canonical link: https://commits.webkit.org/251073@main Modified Paths trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in Diff Modified: trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in (294968 => 294969) --- trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-05-27 23:55:11 UTC (rev 294968) +++ trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-05-28 00:00:04 UTC (rev 294969) @@ -904,7 +904,7 @@ (allow mach-message-send (with telemetry) (when (and (equal? (param "ENABLE_SANDBOX_MESSAGE_FILTER") "YES") (defined? 'syscall-mach)) -(allow syscall-mach (with telemetry)) +(deny syscall-mach (with telemetry)) (allow syscall-mach (machtrap-number MSC__kernelrpc_mach_port_allocate_trap MSC__kernelrpc_mach_port_construct_trap @@ -911,6 +911,7 @@ MSC__kernelrpc_mach_port_deallocate_trap MSC__kernelrpc_mach_port_destruct_trap MSC__kernelrpc_mach_port_extract_member_trap +MSC__kernelrpc_mach_port_get_attributes_trap MSC__kernelrpc_mach_port_guard_trap MSC__kernelrpc_mach_port_insert_member_trap MSC__kernelrpc_mach_port_insert_right_trap @@ -917,29 +918,45 @@ MSC__kernelrpc_mach_port_mod_refs_trap MSC__kernelrpc_mach_port_request_notification_trap MSC__kernelrpc_mach_port_type_trap +MSC__kernelrpc_mach_port_unguard_trap MSC__kernelrpc_mach_vm_allocate_trap MSC__kernelrpc_mach_vm_deallocate_trap MSC__kernelrpc_mach_vm_map_trap MSC__kernelrpc_mach_vm_protect_trap +MSC__kernelrpc_mach_vm_purgable_control_trap MSC_host_create_mach_voucher_trap MSC_host_self_trap +MSC_iokit_user_client_trap +MSC_mach_generate_activity_id MSC_mach_msg_trap MSC_mach_reply_port MSC_mach_voucher_extract_attr_recipe_trap +MSC_mk_timer_arm +MSC_mk_timer_cancel +MSC_mk_timer_create +MSC_mk_timer_destroy MSC_pid_for_task MSC_semaphore_signal_trap +MSC_semaphore_timedwait_trap MSC_semaphore_wait_trap MSC_swtch_pri MSC_syscall_thread_switch -MSC_thread_get_special_reply_port))) +MSC_task_name_for_pid +MSC_task_self_trap +MSC_thread_get_special_reply_port)) + +(when (defined? 'MSC_mach_msg2_trap) +(allow syscall-mach +(machtrap-number MSC_mach_msg2_trap #endif // HAVE(SANDBOX_MESSAGE_FILTERING) (when (defined? 'syscall-unix) -(allow syscall-unix (with telemetry)) +(deny syscall-unix (with telemetry)) (allow syscall-unix (syscall-number SYS___channel_open SYS___disable_threadsignal SYS___mac_syscall +SYS___pthread_canceled SYS___pthread_kill SYS___pthread_sigmask SYS___semwait_signal @@ -981,6 +998,7 @@ SYS_gettimeofday SYS_getuid SYS_getxattr +SYS_guarded_open_np SYS_issetugid SYS_kdebug_trace SYS_kdebug_trace64 @@ -1024,6 +1042,8 @@ SYS_readlink SYS_rename SYS_sendto +SYS_setrlimit +SYS_setsockopt SYS_sigaltstack SYS_sigprocmask SYS_socket ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294903] trunk/Source/WebKit/Resources/SandboxProfiles/ios/ com.apple.WebKit.WebContent.sb.in
Title: [294903] trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Revision 294903 Author pvol...@apple.com Date 2022-05-26 15:34:25 -0700 (Thu, 26 May 2022) Log Message [iOS][WP] Block access to file-ioctl commands https://bugs.webkit.org/show_bug.cgi?id=240977 Reviewed by Chris Dumez. This is based on collected telemetry. This patch also adds telemetry to file read/write of /dev/aes_0 to determine if that can be removed as well. * Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: Canonical link: https://commits.webkit.org/251026@main Modified Paths trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Diff Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (294902 => 294903) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-05-26 22:22:08 UTC (rev 294902) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-05-26 22:34:25 UTC (rev 294903) @@ -315,7 +315,7 @@ (literal "/dev/random") (literal "/dev/urandom")) -(allow file-read* file-write-data +(allow file-read* file-write-data (with telemetry) (literal "/dev/aes_0"))) (define required-etc-files @@ -1239,14 +1239,8 @@ (deny file-ioctl (with telemetry)) -;; restrict to the two ioctl's /dev/aes_0 needs -(allow file-ioctl (with telemetry) -(require-all -(literal "/dev/aes_0") -(require-any -(ioctl-command (_IO "T" 101)) ;; IOAES_GET_INFO -(ioctl-command (_IO "T" 102)) ;; IOAES_ENCRYPT_DECRYPT -))) +(deny file-ioctl (with telemetry) +(literal "/dev/aes_0")) (deny socket-ioctl (with telemetry)) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294899] trunk/Source/WebKit/Resources/SandboxProfiles/ios/ com.apple.WebKit.GPU.sb.in
Title: [294899] trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in Revision 294899 Author pvol...@apple.com Date 2022-05-26 14:31:26 -0700 (Thu, 26 May 2022) Log Message [iOS][GPUP] Block unused system calls https://bugs.webkit.org/show_bug.cgi?id=240960 Reviewed by Chris Dumez. * Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in: Canonical link: https://commits.webkit.org/251022@main Modified Paths trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in Diff Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in (294898 => 294899) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-05-26 21:29:42 UTC (rev 294898) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-05-26 21:31:26 UTC (rev 294899) @@ -714,12 +714,14 @@ ) (when (defined? 'syscall-unix) -(allow syscall-unix (with telemetry)) +(deny syscall-unix (with telemetry)) (allow syscall-unix (syscall-number SYS___disable_threadsignal SYS___mac_syscall SYS___pthread_sigmask +SYS___pthread_kill SYS___semwait_signal +SYS_abort_with_payload SYS_access SYS_bsdthread_create SYS_bsdthread_ctl @@ -804,6 +806,7 @@ SYS_shared_region_check_np SYS_shm_open SYS_sigaction +SYS_sigprocmask SYS_socket SYS_stat64 SYS_statfs64 @@ -822,7 +825,7 @@ (allow syscall-unix (syscall-number SYS_map_with_linking_np))) (when (defined? 'syscall-mach) -(allow syscall-mach (with telemetry)) +(deny syscall-mach (with telemetry)) (allow syscall-mach (machtrap-number MSC__kernelrpc_mach_port_allocate_trap ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294898] trunk/Source/WebKit/GPUProcess/mac/ com.apple.WebKit.GPUProcess.sb.in
Title: [294898] trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in Revision 294898 Author pvol...@apple.com Date 2022-05-26 14:29:42 -0700 (Thu, 26 May 2022) Log Message [macOS][GPUP] Block unused system calls https://bugs.webkit.org/show_bug.cgi?id=240966 Reviewed by Chris Dumez. * Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: Canonical link: https://commits.webkit.org/251021@main Modified Paths trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in Diff Modified: trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in (294897 => 294898) --- trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-05-26 21:12:24 UTC (rev 294897) +++ trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-05-26 21:29:42 UTC (rev 294898) @@ -904,7 +904,7 @@ (allow mach-message-send (with telemetry) (when (and (equal? (param "ENABLE_SANDBOX_MESSAGE_FILTER") "YES") (defined? 'syscall-mach)) -(allow syscall-mach (with telemetry)) +(deny syscall-mach (with telemetry)) (allow syscall-mach (machtrap-number MSC__kernelrpc_mach_port_allocate_trap MSC__kernelrpc_mach_port_construct_trap @@ -911,6 +911,7 @@ MSC__kernelrpc_mach_port_deallocate_trap MSC__kernelrpc_mach_port_destruct_trap MSC__kernelrpc_mach_port_extract_member_trap +MSC__kernelrpc_mach_port_get_attributes_trap MSC__kernelrpc_mach_port_guard_trap MSC__kernelrpc_mach_port_insert_member_trap MSC__kernelrpc_mach_port_insert_right_trap @@ -917,29 +918,42 @@ MSC__kernelrpc_mach_port_mod_refs_trap MSC__kernelrpc_mach_port_request_notification_trap MSC__kernelrpc_mach_port_type_trap +MSC__kernelrpc_mach_port_unguard_trap MSC__kernelrpc_mach_vm_allocate_trap MSC__kernelrpc_mach_vm_deallocate_trap MSC__kernelrpc_mach_vm_map_trap MSC__kernelrpc_mach_vm_protect_trap +MSC__kernelrpc_mach_vm_purgable_control_trap MSC_host_create_mach_voucher_trap MSC_host_self_trap +MSC_iokit_user_client_trap +MSC_mach_generate_activity_id MSC_mach_msg_trap +MSC_mach_msg2_trap MSC_mach_reply_port MSC_mach_voucher_extract_attr_recipe_trap +MSC_mk_timer_arm +MSC_mk_timer_cancel +MSC_mk_timer_create +MSC_mk_timer_destroy MSC_pid_for_task MSC_semaphore_signal_trap +MSC_semaphore_timedwait_trap MSC_semaphore_wait_trap MSC_swtch_pri MSC_syscall_thread_switch +MSC_task_name_for_pid +MSC_task_self_trap MSC_thread_get_special_reply_port))) #endif // HAVE(SANDBOX_MESSAGE_FILTERING) (when (defined? 'syscall-unix) -(allow syscall-unix (with telemetry)) +(deny syscall-unix (with telemetry)) (allow syscall-unix (syscall-number SYS___channel_open SYS___disable_threadsignal SYS___mac_syscall +SYS___pthread_canceled SYS___pthread_kill SYS___pthread_sigmask SYS___semwait_signal @@ -981,6 +995,7 @@ SYS_gettimeofday SYS_getuid SYS_getxattr +SYS_guarded_open_np SYS_issetugid SYS_kdebug_trace SYS_kdebug_trace64 @@ -1024,6 +1039,8 @@ SYS_readlink SYS_rename SYS_sendto +SYS_setrlimit +SYS_setsockopt SYS_sigaltstack SYS_sigprocmask SYS_socket ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294824] trunk/Source/WebKit/Scripts/process-entitlements.sh
Title: [294824] trunk/Source/WebKit/Scripts/process-entitlements.sh Revision 294824 Author pvol...@apple.com Date 2022-05-25 14:38:32 -0700 (Wed, 25 May 2022) Log Message [iOS] WebContent captive portal XPC service needs entitlement to set sandbox state variables https://bugs.webkit.org/show_bug.cgi?id=240921 Reviewed by Geoffrey Garen. This patch also adds a function for the shared WebContent entitlements on iOS. * Source/WebKit/Scripts/process-entitlements.sh: Canonical link: https://commits.webkit.org/250976@main Modified Paths trunk/Source/WebKit/Scripts/process-entitlements.sh Diff Modified: trunk/Source/WebKit/Scripts/process-entitlements.sh (294823 => 294824) --- trunk/Source/WebKit/Scripts/process-entitlements.sh 2022-05-25 21:36:01 UTC (rev 294823) +++ trunk/Source/WebKit/Scripts/process-entitlements.sh 2022-05-25 21:38:32 UTC (rev 294824) @@ -307,7 +307,7 @@ # iOS Family entitlements # -function ios_family_process_webcontent_entitlements() +function ios_family_process_webcontent_shared_entitlements() { plistbuddy Add :com.apple.QuartzCore.secure-mode bool YES plistbuddy Add :com.apple.QuartzCore.webkit-end-points bool YES @@ -322,7 +322,6 @@ plistbuddy Add :com.apple.private.memorystatus bool YES plistbuddy Add :com.apple.private.network.socket-delegate bool YES plistbuddy Add :com.apple.private.pac.exception bool YES -plistbuddy Add :com.apple.private.verified-jit bool YES plistbuddy Add :com.apple.private.security.message-filter bool YES plistbuddy Add :com.apple.private.security.mutable-state-flags array plistbuddy Add :com.apple.private.security.mutable-state-flags:0 string EnableMachBootstrap @@ -330,36 +329,23 @@ plistbuddy Add :com.apple.private.webinspector.proxy-application bool YES plistbuddy Add :com.apple.private.webkit.use-xpc-endpoint bool YES plistbuddy Add :com.apple.runningboard.assertions.webkit bool YES -plistbuddy Add :dynamic-codesigning bool YES - plistbuddy Add :com.apple.tcc.delegated-services array plistbuddy Add :com.apple.tcc.delegated-services:0 string kTCCServiceCamera plistbuddy Add :com.apple.tcc.delegated-services:1 string kTCCServiceMicrophone - plistbuddy Add :com.apple.private.sandbox.profile string com.apple.WebKit.WebContent } +function ios_family_process_webcontent_entitlements() +{ +plistbuddy Add :com.apple.private.verified-jit bool YES +plistbuddy Add :dynamic-codesigning bool YES + +ios_family_process_webcontent_shared_entitlements +} + function ios_family_process_webcontent_captiveportal_entitlements() { -plistbuddy Add :com.apple.QuartzCore.secure-mode bool YES -plistbuddy Add :com.apple.QuartzCore.webkit-end-points bool YES -plistbuddy add :com.apple.QuartzCore.webkit-limited-types bool YES -plistbuddy Add :com.apple.developer.coremedia.allow-alternate-video-decoder-selection bool YES plistbuddy Add :com.apple.developer.kernel.extended-virtual-addressing bool YES -plistbuddy Add :com.apple.mediaremote.set-playback-state bool YES -plistbuddy Add :com.apple.pac.shared_region_id string WebContent -plistbuddy Add :com.apple.private.allow-explicit-graphics-priority bool YES -plistbuddy Add :com.apple.private.coremedia.extensions.audiorecording.allow bool YES -plistbuddy Add :com.apple.private.coremedia.pidinheritance.allow bool YES -plistbuddy Add :com.apple.private.gpu-restricted bool YES -plistbuddy Add :com.apple.private.memorystatus bool YES -plistbuddy Add :com.apple.private.network.socket-delegate bool YES -plistbuddy Add :com.apple.private.pac.exception bool YES -plistbuddy Add :com.apple.private.security.message-filter bool YES -plistbuddy Add :com.apple.private.webinspector.allow-remote-inspection bool YES -plistbuddy Add :com.apple.private.webinspector.proxy-application bool YES -plistbuddy Add :com.apple.private.webkit.use-xpc-endpoint bool YES -plistbuddy Add :com.apple.runningboard.assertions.webkit bool YES plistbuddy Add :com.apple.imageio.allowabletypes array plistbuddy Add :com.apple.imageio.allowabletypes:0 string org.webmproject.webp @@ -367,11 +353,7 @@ plistbuddy Add :com.apple.imageio.allowabletypes:2 string public.png plistbuddy Add :com.apple.imageio.allowabletypes:3 string com.compuserve.gif -plistbuddy Add :com.apple.tcc.delegated-services array -plistbuddy Add :com.apple.tcc.delegated-services:0 string kTCCServiceCamera -plistbuddy Add :com.apple.tcc.delegated-services:1 string kTCCServiceMicrophone - -plistbuddy Add :com.apple.private.sandbox.profile string com.apple.WebKit.WebContent +ios_family_process_webcontent_shared_entitlements } function ios_family_process_gpu_entitlements() ___ webkit-changes mailing list webkit-changes@lists.webkit.org
[webkit-changes] [294814] trunk/Source/WebKit/Resources/SandboxProfiles/ios/ com.apple.WebKit.WebContent.sb.in
Title: [294814] trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Revision 294814 Author pvol...@apple.com Date 2022-05-25 11:55:19 -0700 (Wed, 25 May 2022) Log Message [iOS] Remove obsolete graphics message filters https://bugs.webkit.org/show_bug.cgi?id=240736 Reviewed by Geoffrey Garen. Remove obsolete graphics filters in the WebContent process' sandbox on iOS, since this filtering is now done in other parts of the system. * Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: Canonical link: https://commits.webkit.org/250967@main Modified Paths trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Diff Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (294813 => 294814) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-05-25 18:47:39 UTC (rev 294813) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-05-25 18:55:19 UTC (rev 294814) @@ -220,37 +220,12 @@ (allow iokit-open (require-all (extension "com.apple.webkit.extension.iokit") -(iokit-connection "IOGPU") -) -(when (defined? 'iokit-external-method) -(apply-message-filter -(deny (with telemetry) -iokit-external-trap) -(allow (with telemetry) (with message "IOGPU") -iokit-async-external-method -iokit-external-method) -) -) -) +(iokit-connection "IOGPU"))) (allow iokit-open (require-all (extension "com.apple.webkit.extension.iokit") -(iokit-user-client-class "AGXDeviceUserClient") ;; Used by WebGL -) -(when (defined? 'iokit-external-method) -(apply-message-filter -(deny (with telemetry) -iokit-external-trap) -(deny (with telemetry) (with message "AGXDeviceUserClient") -iokit-async-external-method -iokit-external-method -) -(allow iokit-async-external-method) -(allow iokit-external-method) -) -) -) +(iokit-user-client-class "AGXDeviceUserClient"))) ;; Used by WebGL (allow iokit-get-properties (iokit-property "IOGLBundleName") @@ -367,20 +342,6 @@ (home-subpath "/Library/Assets/com_apple_MobileAsset_VoiceServicesVocalizerVoice")) ) -(define (IOSurfaceRootUserClientMethodFilter) -(when (defined? 'iokit-external-method) -(apply-message-filter -(deny (with telemetry) -iokit-async-external-method -iokit-external-trap) -(allow iokit-async-external-method) -(deny (with telemetry) (with message "IOSurfaceRootUserClient") -iokit-external-method) -(allow iokit-external-method) -) -) -) - ;; Things required by UIKit (define-once (uikit-requirements) (mobile-preferences-read @@ -429,10 +390,7 @@ (allow iokit-open (require-all (extension "com.apple.webkit.extension.iokit") -(iokit-user-client-class "IOSurfaceRootUserClient") ;; Needed by Tiled Grid code. -) -(IOSurfaceRootUserClientMethodFilter) -) +(iokit-user-client-class "IOSurfaceRootUserClient"))) ;; Needed by Tiled Grid code. ;; Silence sandbox violations from apps trying to create the empty plist if it doesn't exist. ;; @@ -976,12 +934,7 @@ (allow iokit-open (with telemetry-backtrace) (require-all (require-not (extension "com.apple.webkit.extension.iokit")) -(iokit-user-client-class -"IOSurfaceRootUserClient" -) -) -(IOSurfaceRootUserClientMethodFilter) -) +(iokit-user-client-class "IOSurfaceRootUserClient"))) (deny iokit-open (with telemetry) (require-all ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294809] trunk/Source/WebKit
Title: [294809] trunk/Source/WebKit Revision 294809 Author pvol...@apple.com Date 2022-05-25 11:01:30 -0700 (Wed, 25 May 2022) Log Message Add logging related to Mach bootstrap enablement https://bugs.webkit.org/show_bug.cgi?id=240909 Reviewed by Chris Dumez. We are seeing telemetry that indicates that enabling Mach bootstrap is failing in some cases. Add logging to help diagnose this. * Source/WebKit/Platform/Logging.h: * Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm: (WebKit::SandboxExtension::createHandleForMachLookup): * Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm: (WebKit::SandboxExtension::createHandleForMachLookup): Canonical link: https://commits.webkit.org/250963@main Modified Paths trunk/Source/WebKit/Platform/Logging.h trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm Diff Modified: trunk/Source/WebKit/Platform/Logging.h (294808 => 294809) --- trunk/Source/WebKit/Platform/Logging.h 2022-05-25 17:57:41 UTC (rev 294808) +++ trunk/Source/WebKit/Platform/Logging.h 2022-05-25 18:01:30 UTC (rev 294809) @@ -93,6 +93,7 @@ M(RemoteLayerTree) \ M(Resize) \ M(ResourceLoadStatistics) \ +M(Sandbox) \ M(ScrollAnimations) \ M(Scrolling) \ M(Selection) \ Modified: trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm (294808 => 294809) --- trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm 2022-05-25 17:57:41 UTC (rev 294808) +++ trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm 2022-05-25 18:01:30 UTC (rev 294809) @@ -32,6 +32,7 @@ #import "DataReference.h" #import "Decoder.h" #import "Encoder.h" +#import "Logging.h" #import "WebCoreArgumentCoders.h" #import #import @@ -337,8 +338,11 @@ // This is done by unblocking launchd, since launchd access is required when creating Mach connections. // Unblocking launchd is done by enabling a sandbox state variable. // In the initial version of this change, Mach bootstrap'ing is enabled unconditionally. -if (auditToken) -sandbox_enable_state_flag(ENABLE_MACH_BOOTSTRAP, *auditToken); +if (auditToken) { +if (!sandbox_enable_state_flag(ENABLE_MACH_BOOTSTRAP, *auditToken)) +RELEASE_LOG_FAULT(Sandbox, "Could not enable Mach bootstrap, errno = %d.", errno); +} else if (machBootstrapOptions == MachBootstrapOptions::EnableMachBootstrap) +RELEASE_LOG_FAULT(Sandbox, "Could not enable Mach bootstrap, no audit token provided."); #endif return WTFMove(handle); ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294801] trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in
Title: [294801] trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Revision 294801 Author pvol...@apple.com Date 2022-05-25 09:47:58 -0700 (Wed, 25 May 2022) Log Message Syscall should only be allowed for newer macOS versions https://bugs.webkit.org/show_bug.cgi?id=240714 Reviewed by Chris Dumez. * Source/WebKit/WebProcess/com.apple.WebProcess.sb.in: Canonical link: https://commits.webkit.org/250957@main Modified Paths trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (294800 => 294801) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-05-25 15:44:48 UTC (rev 294800) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-05-25 16:47:58 UTC (rev 294801) @@ -2200,7 +2200,9 @@ MSC__kernelrpc_mach_vm_purgable_control_trap MSC_host_create_mach_voucher_trap MSC_host_self_trap +#if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 13 MSC_iokit_user_client_trap +#endif MSC_mach_generate_activity_id MSC_mach_msg_trap MSC_mach_reply_port ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294766] trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp
Title: [294766] trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp Revision 294766 Author pvol...@apple.com Date 2022-05-24 14:37:22 -0700 (Tue, 24 May 2022) Log Message [iOS] No message displayed when Parental content filter blocked load https://bugs.webkit.org/show_bug.cgi?id=240724 Reviewed by Geoffrey Garen. The request to unblock a load after it has being blocked by the Parental content filter on iOS needs to be performed in the UI process, since it may show UI. This path does not set the blocked error description on the content filter like we do in the other path, which is addressed in this patch. This is a regression from moving the content filtering to the Network process. * Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp: (WebKit::NetworkResourceLoader::contentFilterDidBlock): Canonical link: https://commits.webkit.org/250931@main Modified Paths trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp Diff Modified: trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp (294765 => 294766) --- trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp 2022-05-24 21:36:47 UTC (rev 294765) +++ trunk/Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp 2022-05-24 21:37:22 UTC (rev 294766) @@ -1830,9 +1830,10 @@ m_unblockHandler = unblockHandler; m_unblockRequestDeniedScript = unblockRequestDeniedScript; -if (unblockHandler.needsUIProcess()) +if (unblockHandler.needsUIProcess()) { +m_contentFilter->setBlockedError(error); m_contentFilter->handleProvisionalLoadFailure(error); -else { +} else { unblockHandler.requestUnblockAsync([this, protectedThis = Ref { *this }](bool unblocked) mutable { m_unblockHandler.setUnblockedAfterRequest(unblocked); ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294511] trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in
Title: [294511] trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Revision 294511 Author pvol...@apple.com Date 2022-05-19 16:00:40 -0700 (Thu, 19 May 2022) Log Message Add sys call MSC_iokit_user_client_trap to the WebContent process' sandbox https://bugs.webkit.org/show_bug.cgi?id=240685 Reviewed by Chris Dumez. * Source/WebKit/WebProcess/com.apple.WebProcess.sb.in: Canonical link: https://commits.webkit.org/250768@main Modified Paths trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (294510 => 294511) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-05-19 22:47:50 UTC (rev 294510) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-05-19 23:00:40 UTC (rev 294511) @@ -2200,6 +2200,7 @@ MSC__kernelrpc_mach_vm_purgable_control_trap MSC_host_create_mach_voucher_trap MSC_host_self_trap +MSC_iokit_user_client_trap MSC_mach_generate_activity_id MSC_mach_msg_trap MSC_mach_reply_port ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294428] trunk/Source/WebKit/UIProcess
Title: [294428] trunk/Source/WebKit/UIProcess Revision 294428 Author pvol...@apple.com Date 2022-05-18 13:39:03 -0700 (Wed, 18 May 2022) Log Message Audit token for font sandbox extension is sometimes wrong https://bugs.webkit.org/show_bug.cgi?id=240547 Reviewed by Chris Dumez. Audit token for font sandbox extension is sometimes wrong. We must get the audit token from the correct WebProcessProxy. (WebKit::WebPageProxy::switchFromStaticFontRegistryToUserFontRegistry): (WebKit::WebPageProxy::fontdMachExtensionHandle): Deleted. * Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm: (WebKit::WebProcessProxy::fontdMachExtensionHandle): * Source/WebKit/UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::creationParameters): * Source/WebKit/UIProcess/WebPageProxy.h: * Source/WebKit/UIProcess/WebProcessProxy.h: Canonical link: https://commits.webkit.org/250710@main Modified Paths trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm trunk/Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm trunk/Source/WebKit/UIProcess/WebPageProxy.cpp trunk/Source/WebKit/UIProcess/WebPageProxy.h trunk/Source/WebKit/UIProcess/WebProcessProxy.h Diff Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm (294427 => 294428) --- trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm 2022-05-18 20:01:09 UTC (rev 294427) +++ trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm 2022-05-18 20:39:03 UTC (rev 294428) @@ -859,17 +859,9 @@ void WebPageProxy::switchFromStaticFontRegistryToUserFontRegistry() { -process().send(Messages::WebProcess::SwitchFromStaticFontRegistryToUserFontRegistry(fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions::EnableMachBootstrap)), 0); +process().send(Messages::WebProcess::SwitchFromStaticFontRegistryToUserFontRegistry(process().fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions::EnableMachBootstrap)), 0); } -SandboxExtension::Handle WebPageProxy::fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions machBootstrapOptions) -{ -SandboxExtension::Handle fontMachExtensionHandle; -if (auto handle = SandboxExtension::createHandleForMachLookup("com.apple.fonts"_s, process().auditToken(), machBootstrapOptions)) -fontMachExtensionHandle = WTFMove(*handle); -return fontMachExtensionHandle; -} - NSDictionary *WebPageProxy::contentsOfUserInterfaceItem(NSString *userInterfaceItem) { #if ENABLE(CONTEXT_MENUS) Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm (294427 => 294428) --- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm 2022-05-18 20:01:09 UTC (rev 294427) +++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm 2022-05-18 20:39:03 UTC (rev 294428) @@ -333,4 +333,9 @@ return connection()->getAuditToken(); } +SandboxExtension::Handle WebProcessProxy::fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions machBootstrapOptions) const +{ +return SandboxExtension::createHandleForMachLookup("com.apple.fonts"_s, auditToken(), machBootstrapOptions).value_or(SandboxExtension::Handle { }); } + +} Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (294427 => 294428) --- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2022-05-18 20:01:09 UTC (rev 294427) +++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2022-05-18 20:39:03 UTC (rev 294428) @@ -8411,7 +8411,7 @@ #endif #if HAVE(STATIC_FONT_REGISTRY) if (preferences().shouldAllowUserInstalledFonts()) -parameters.fontMachExtensionHandle = fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions::DoNotEnableMachBootstrap); +parameters.fontMachExtensionHandle = process.fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions::DoNotEnableMachBootstrap); #endif #if HAVE(APP_ACCENT_COLORS) parameters.accentColor = pageClient().accentColor(); Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.h (294427 => 294428) --- trunk/Source/WebKit/UIProcess/WebPageProxy.h 2022-05-18 20:01:09 UTC (rev 294427) +++ trunk/Source/WebKit/UIProcess/WebPageProxy.h 2022-05-18 20:39:03 UTC (rev 294428) @@ -2656,8 +2656,6 @@ static Vector createNetworkExtensionsSandboxExtensions(WebProcessProxy&); #endif -SandboxExtension::Handle fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions); - void didUpdateEditorState(const EditorState& oldEditorState, const EditorState& newEditorState); void runModalJavaScriptDialog(RefPtr&&, FrameInfoData&&, const String& message, CompletionHandler&&)>&&); Modified: trunk/Source/WebKit/UIProcess/WebProcessProxy.h (294427 => 294428) --- trunk/Source/WebKit/UIProcess/WebProcessProxy.h 2022-05-18 20:01:09 UTC (rev 294427) +++ trunk/Source/WebKit/UIProcess/WebProcessProxy.h 2022-05-18 20:39:03 UTC (rev 294428) @@ -435,6 +435,7 @@ #if PLATFORM(COCOA) std::optional auditToken() const; +SandboxExtension::Handle fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions) const; #endif
[webkit-changes] [294397] trunk/Source
Title: [294397] trunk/Source Revision 294397 Author pvol...@apple.com Date 2022-05-18 08:45:53 -0700 (Wed, 18 May 2022) Log Message Add WebKit API to turn off the URL scheme check when linkifying through Data Detectors https://bugs.webkit.org/show_bug.cgi?id=239900 Reviewed by Geoffrey Garen. This will enable us to block the Mach service com.apple.lsd.open in the WebContent process for all clients. The URL scheme check is disabled by default for all clients that are not Web browsers. This choice was made because we know that com.apple.lsd.open can be blocked for Web browsers without disabling the check, since we already have blocked it there for quite some time without observing any issues. We also have a couple of examples of other apps, which are not Mail clients, that would need this to be the default behavior. * Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h: * Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm: * Source/WebCore/PAL/pal/spi/cocoa/DataDetectorsCoreSPI.h: * Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * Source/WebKit/Shared/WebProcessCreationParameters.cpp: (WebKit::WebProcessCreationParameters::encode const): (WebKit::WebProcessCreationParameters::decode): * Source/WebKit/Shared/WebProcessCreationParameters.h: * Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm: (-[WKWebView _disableURLSchemeCheckInDataDetectors]): * Source/WebKit/UIProcess/API/Cocoa/WKWebViewPrivate.h: * Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm: (WebKit::WebPageProxy::disableURLSchemeCheckInDataDetectors const): * Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitializeWebProcess): (WebKit::nonBrowserServices): Deleted. * Source/WebKit/UIProcess/WebPageProxy.h: * Source/WebKit/WebProcess/WebProcess.h: * Source/WebKit/WebProcess/WebProcess.messages.in: * Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::platformInitializeWebProcess): (WebKit::WebProcess::disableURLSchemeCheckInDataDetectors const): * Source/WTF/wtf/PlatformHave.h: Canonical link: https://commits.webkit.org/250691@main Modified Paths trunk/Source/WTF/wtf/PlatformHave.h trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm trunk/Source/WebCore/PAL/pal/spi/cocoa/DataDetectorsCoreSPI.h trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp trunk/Source/WebKit/Shared/WebProcessCreationParameters.h trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebViewPrivate.h trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm trunk/Source/WebKit/UIProcess/WebPageProxy.h trunk/Source/WebKit/WebProcess/WebProcess.h trunk/Source/WebKit/WebProcess/WebProcess.messages.in trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Diff Modified: trunk/Source/WTF/wtf/PlatformHave.h (294396 => 294397) --- trunk/Source/WTF/wtf/PlatformHave.h 2022-05-18 14:55:24 UTC (rev 294396) +++ trunk/Source/WTF/wtf/PlatformHave.h 2022-05-18 15:45:53 UTC (rev 294397) @@ -1179,3 +1179,7 @@ #if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED < 12) || (PLATFORM(MACCATALYST) && __IPHONE_OS_VERSION_MIN_REQUIRED < 15) #define HAVE_SYSTEM_HTTP_CONTENT_FILTERING 1 #endif + +#if (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 16) +#define HAVE_DDRESULT_DISABLE_URL_SCHEME_CHECKING 1 +#endif Modified: trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h (294396 => 294397) --- trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h 2022-05-18 14:55:24 UTC (rev 294396) +++ trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.h 2022-05-18 15:45:53 UTC (rev 294397) @@ -68,5 +68,5 @@ SOFT_LINK_FUNCTION_FOR_HEADER(PAL, DataDetectorsCore, DDScanQueryCreate, DDScanQueryRef, (CFAllocatorRef allocator), (allocator)) SOFT_LINK_FUNCTION_FOR_HEADER(PAL, DataDetectorsCore, DDScanQueryCreateFromString, DDScanQueryRef, (CFAllocatorRef allocator, CFStringRef string, CFRange range), (allocator, string, range)) SOFT_LINK_FUNCTION_FOR_HEADER(PAL, DataDetectorsCore, DDScannerCopyResultsWithOptions, CFArrayRef, (DDScannerRef scanner, DDScannerCopyResultsOptions options), (scanner, options)) - +SOFT_LINK_FUNCTION_MAY_FAIL_FOR_HEADER(PAL, DataDetectorsCore, DDResultDisableURLSchemeChecking, void, (), ()) #endif // ENABLE(DATA_DETECTION) Modified: trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm (294396 => 294397) --- trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm 2022-05-18 14:55:24 UTC (rev 294396) +++ trunk/Source/WebCore/PAL/pal/cocoa/DataDetectorsCoreSoftLink.mm 2022-05-18 15:45:53 UTC (rev 294397) @@ -69,4 +69,5 @@ SOFT_LINK_FUNCTION_FOR_SOURCE(PAL, DataDetectorsCore, DDScanQueryCreate, DDScanQueryRef, (CFAllocatorRef
[webkit-changes] [294362] trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in
Title: [294362] trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Revision 294362 Author pvol...@apple.com Date 2022-05-17 16:45:30 -0700 (Tue, 17 May 2022) Log Message [macOS][WP] Add required methods to graphics filters https://bugs.webkit.org/show_bug.cgi?id=240398 Reviewed by Geoffrey Garen. Add required methods to graphics filters. These have been observed being used in telemetry. * Source/WebKit/WebProcess/com.apple.WebProcess.sb.in: Canonical link: https://commits.webkit.org/250665@main Modified Paths trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (294361 => 294362) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-05-17 23:23:29 UTC (rev 294361) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-05-17 23:45:30 UTC (rev 294362) @@ -178,6 +178,7 @@ 41 42 43 +46 48 49 256 @@ -256,6 +257,7 @@ 36 38 39 +43 44 ) #endif ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294282] trunk/Source/WebKit/NetworkProcess/mac/ com.apple.WebKit.NetworkProcess.sb.in
Title: [294282] trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in Revision 294282 Author pvol...@apple.com Date 2022-05-16 18:00:05 -0700 (Mon, 16 May 2022) Log Message [macOS] Fix mach syscall sandbox violation in the Network process https://bugs.webkit.org/show_bug.cgi?id=240466 Reviewed by Chris Dumez. Fix mach syscall sandbox violation in the Network process on macOS. * Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: Canonical link: https://commits.webkit.org/250626@main Modified Paths trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in Diff Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (294281 => 294282) --- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-05-16 23:58:42 UTC (rev 294281) +++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-05-17 01:00:05 UTC (rev 294282) @@ -670,7 +670,11 @@ MSC_syscall_thread_switch MSC_task_dyld_process_info_notify_get MSC_task_self_trap -MSC_thread_get_special_reply_port)) +MSC_thread_get_special_reply_port +#if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED < 12 +MSC_thread_self_trap +#endif +)) (when (defined? 'MSC_mach_msg2_trap) (allow syscall-mach ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [294060] trunk/Source/WebKit
Title: [294060] trunk/Source/WebKit Revision 294060 Author pvol...@apple.com Date 2022-05-11 10:51:04 -0700 (Wed, 11 May 2022) Log Message [WP] Remove obsolete message filters https://bugs.webkit.org/show_bug.cgi?id=240242 Reviewed by Chris Dumez. Remove obsolete message filters in the WebContent process' sandbox. This filtering is now done in other parts of the system. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (294059 => 294060) --- trunk/Source/WebKit/ChangeLog 2022-05-11 17:46:29 UTC (rev 294059) +++ trunk/Source/WebKit/ChangeLog 2022-05-11 17:51:04 UTC (rev 294060) @@ -1,3 +1,15 @@ +2022-05-11 Per Arne Vollan + +[WP] Remove obsolete message filters +https://bugs.webkit.org/show_bug.cgi?id=240242 + +Reviewed by Chris Dumez. + +Remove obsolete message filters in the WebContent process' sandbox. This filtering is now done in other parts of the system. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: +* WebProcess/com.apple.WebProcess.sb.in: + 2022-05-11 Youenn Fablet MediaPlayerPrivateRemote::nativeImageForCurrentTime should not use IOSurfaces Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (294059 => 294060) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-05-11 17:46:29 UTC (rev 294059) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-05-11 17:51:04 UTC (rev 294060) @@ -373,42 +373,10 @@ (deny (with telemetry) iokit-async-external-method iokit-external-trap) -(allow iokit-async-external-method -(iokit-method-number -40 -) -) +(allow iokit-async-external-method) (deny (with telemetry) (with message "IOSurfaceRootUserClient") iokit-external-method) -(allow iokit-external-method -(iokit-method-number -0 -1 -2 -3 -5 -9 -10 -11 -12 -13 -14 -15 -20 -21 -23 -27 -31 -32 -34 -35 -36 -38 -39 -40 -41 -) -) +(allow iokit-external-method) ) ) ) Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (294059 => 294060) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-05-11 17:46:29 UTC (rev 294059) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-05-11 17:51:04 UTC (rev 294060) @@ -225,7 +225,7 @@ iokit-external-method ) (allow iokit-async-external-method -#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 12 +#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 12 && __MAC_OS_X_VERSION_MIN_REQUIRED < 13 (iokit-method-number 17 40 @@ -233,7 +233,7 @@ #endif ) (allow iokit-external-method -#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 12 +#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 12 && __MAC_OS_X_VERSION_MIN_REQUIRED < 13 (iokit-method-number 0 1 ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293990] trunk/Source
Title: [293990] trunk/Source Revision 293990 Author pvol...@apple.com Date 2022-05-09 14:17:57 -0700 (Mon, 09 May 2022) Log Message [macOS] HTTP traffic is not filtered in the parental controls filter https://bugs.webkit.org/show_bug.cgi?id=240180 Reviewed by Alexey Proskuryakov. Source/WebCore: Traditionally, we have not filtered HTTP in the parental controls filter on macOS, since other parts of the system has taken care of this. This has changed in the most recent macOS version, and WebKit should also filter HTTP in addition to HTTPS. * platform/cocoa/ParentalControlsContentFilter.mm: (WebCore::canHandleResponse): Source/WTF: Add HAVE macro which tells us which OS versions are filtering HTTP traffic on behalf of WebKit. * wtf/PlatformHave.h: Modified Paths trunk/Source/WTF/ChangeLog trunk/Source/WTF/wtf/PlatformHave.h trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/platform/cocoa/ParentalControlsContentFilter.mm Diff Modified: trunk/Source/WTF/ChangeLog (293989 => 293990) --- trunk/Source/WTF/ChangeLog 2022-05-09 20:56:14 UTC (rev 293989) +++ trunk/Source/WTF/ChangeLog 2022-05-09 21:17:57 UTC (rev 293990) @@ -1,3 +1,15 @@ +2022-05-09 Per Arne Vollan + +[macOS] HTTP traffic is not filtered in the parental controls filter +https://bugs.webkit.org/show_bug.cgi?id=240180 + + +Reviewed by Alexey Proskuryakov. + +Add HAVE macro which tells us which OS versions are filtering HTTP traffic on behalf of WebKit. + +* wtf/PlatformHave.h: + 2022-05-08 Wenson Hsieh [iOS] Double tapping on YouTube video causes playback to pause instead of seek Modified: trunk/Source/WTF/wtf/PlatformHave.h (293989 => 293990) --- trunk/Source/WTF/wtf/PlatformHave.h 2022-05-09 20:56:14 UTC (rev 293989) +++ trunk/Source/WTF/wtf/PlatformHave.h 2022-05-09 21:17:57 UTC (rev 293990) @@ -1175,3 +1175,7 @@ || (PLATFORM(APPLETV) && __TV_OS_VERSION_MIN_REQUIRED >= 16)) #define HAVE_UI_CONTEXT_MENU_PREVIEW_ITEM_IDENTIFIER 1 #endif + +#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED < 12) || (PLATFORM(MACCATALYST) && __IPHONE_OS_VERSION_MIN_REQUIRED < 15) +#define HAVE_SYSTEM_HTTP_CONTENT_FILTERING 1 +#endif Modified: trunk/Source/WebCore/ChangeLog (293989 => 293990) --- trunk/Source/WebCore/ChangeLog 2022-05-09 20:56:14 UTC (rev 293989) +++ trunk/Source/WebCore/ChangeLog 2022-05-09 21:17:57 UTC (rev 293990) @@ -1,3 +1,18 @@ +2022-05-09 Per Arne Vollan + +[macOS] HTTP traffic is not filtered in the parental controls filter +https://bugs.webkit.org/show_bug.cgi?id=240180 + + +Reviewed by Alexey Proskuryakov. + +Traditionally, we have not filtered HTTP in the parental controls filter on macOS, since other parts of the system +has taken care of this. This has changed in the most recent macOS version, and WebKit should also filter HTTP in +addition to HTTPS. + +* platform/cocoa/ParentalControlsContentFilter.mm: +(WebCore::canHandleResponse): + 2022-05-09 Simon Fraser Cache the viewport size inside SVGLengthContext Modified: trunk/Source/WebCore/platform/cocoa/ParentalControlsContentFilter.mm (293989 => 293990) --- trunk/Source/WebCore/platform/cocoa/ParentalControlsContentFilter.mm 2022-05-09 20:56:14 UTC (rev 293989) +++ trunk/Source/WebCore/platform/cocoa/ParentalControlsContentFilter.mm 2022-05-09 21:17:57 UTC (rev 293990) @@ -74,7 +74,11 @@ static inline bool canHandleResponse(const ResourceResponse& response) { +#if HAVE(SYSTEM_HTTP_CONTENT_FILTERING) +return response.url().protocolIs("https"); +#else return response.url().protocolIsInHTTPFamily(); +#endif } void ParentalControlsContentFilter::responseReceived(const ResourceResponse& response) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293979] trunk/Source/WebKit
Title: [293979] trunk/Source/WebKit Revision 293979 Author pvol...@apple.com Date 2022-05-09 09:52:10 -0700 (Mon, 09 May 2022) Log Message Create reports for long process launch times https://bugs.webkit.org/show_bug.cgi?id=240127 Unreviewed, fix typo. * UIProcess/AuxiliaryProcessProxy.cpp: (WebKit::AuxiliaryProcessProxy::connect): (WebKit::AuxiliaryProcessProxy::didFinishLaunching): * UIProcess/AuxiliaryProcessProxy.h: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h Diff Modified: trunk/Source/WebKit/ChangeLog (293978 => 293979) --- trunk/Source/WebKit/ChangeLog 2022-05-09 16:41:49 UTC (rev 293978) +++ trunk/Source/WebKit/ChangeLog 2022-05-09 16:52:10 UTC (rev 293979) @@ -1,3 +1,15 @@ +2022-05-09 Per Arne Vollan + +Create reports for long process launch times +https://bugs.webkit.org/show_bug.cgi?id=240127 + +Unreviewed, fix typo. + +* UIProcess/AuxiliaryProcessProxy.cpp: +(WebKit::AuxiliaryProcessProxy::connect): +(WebKit::AuxiliaryProcessProxy::didFinishLaunching): +* UIProcess/AuxiliaryProcessProxy.h: + 2022-05-09 Kate Cheney Image controls menu button is not appearing for multi-page PDFs Modified: trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp (293978 => 293979) --- trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp 2022-05-09 16:41:49 UTC (rev 293978) +++ trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp 2022-05-09 16:52:10 UTC (rev 293979) @@ -108,7 +108,7 @@ void AuxiliaryProcessProxy::connect() { ASSERT(!m_processLauncher); -m_proccessStart = MonotonicTime::now(); +m_processStart = MonotonicTime::now(); ProcessLauncher::LaunchOptions launchOptions; getLaunchOptions(launchOptions); m_processLauncher = ProcessLauncher::create(this, WTFMove(launchOptions)); @@ -258,7 +258,7 @@ ASSERT(!m_connection); ASSERT(isMainRunLoop()); -auto launchTime = MonotonicTime::now() - m_proccessStart; +auto launchTime = MonotonicTime::now() - m_processStart; if (launchTime > 1_s) RELEASE_LOG_FAULT(Process, "%s process (%p) took %f seconds to launch", processName().characters(), this, launchTime.value()); Modified: trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h (293978 => 293979) --- trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h 2022-05-09 16:41:49 UTC (rev 293978) +++ trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h 2022-05-09 16:52:10 UTC (rev 293979) @@ -187,7 +187,7 @@ bool m_didBeginResponsivenessChecks { false }; WebCore::ProcessIdentifier m_processIdentifier { WebCore::ProcessIdentifier::generate() }; std::optional m_delayedResponsivenessCheck; -MonotonicTime m_proccessStart; +MonotonicTime m_processStart; }; template ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293931] trunk/Source/WebCore
Title: [293931] trunk/Source/WebCore Revision 293931 Author pvol...@apple.com Date 2022-05-06 17:01:44 -0700 (Fri, 06 May 2022) Log Message [macOS] Content filter blocking shield is not displayed https://bugs.webkit.org/show_bug.cgi?id=240178 Reviewed by Geoffrey Garen. This is a regression from moving content filtering from the WebContent process to the Network process in r291630. After r291630, the function to determine if a blocked request can be unblocked, is called in the Network process, but it is not handling the case where the function to unblock the request is not set. This is causing the load for blocked URLs to never finish, since the decision handler provided to the unblock request function is never called. This patch addresses this by calling the decisionhandler with the blocked flag set in this case. * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm: (WebCore::ContentFilterUnblockHandler::requestUnblockAsync const): Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/platform/cocoa/ContentFilterUnblockHandlerCocoa.mm Diff Modified: trunk/Source/WebCore/ChangeLog (293930 => 293931) --- trunk/Source/WebCore/ChangeLog 2022-05-06 23:17:18 UTC (rev 293930) +++ trunk/Source/WebCore/ChangeLog 2022-05-07 00:01:44 UTC (rev 293931) @@ -1,5 +1,22 @@ 2022-05-06 Per Arne Vollan +[macOS] Content filter blocking shield is not displayed +https://bugs.webkit.org/show_bug.cgi?id=240178 + + +Reviewed by Geoffrey Garen. + +This is a regression from moving content filtering from the WebContent process to the Network process in r291630. +After r291630, the function to determine if a blocked request can be unblocked, is called in the Network process, +but it is not handling the case where the function to unblock the request is not set. This is causing the load +for blocked URLs to never finish, since the decision handler provided to the unblock request function is never +called. This patch addresses this by calling the decisionhandler with the blocked flag set in this case. + +* platform/cocoa/ContentFilterUnblockHandlerCocoa.mm: +(WebCore::ContentFilterUnblockHandler::requestUnblockAsync const): + +2022-05-06 Per Arne Vollan + [macOS] HTTP traffic is not filtered in the parental controls filter https://bugs.webkit.org/show_bug.cgi?id=240180 Modified: trunk/Source/WebCore/platform/cocoa/ContentFilterUnblockHandlerCocoa.mm (293930 => 293931) --- trunk/Source/WebCore/platform/cocoa/ContentFilterUnblockHandlerCocoa.mm 2022-05-06 23:17:18 UTC (rev 293930) +++ trunk/Source/WebCore/platform/cocoa/ContentFilterUnblockHandlerCocoa.mm 2022-05-07 00:01:44 UTC (rev 293931) @@ -178,6 +178,11 @@ decisionHandler(unblocked); }); }); +} else { +callOnMainThread([decisionHandler] { +auto unblocked = false; +decisionHandler(unblocked); +}); } } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293929] trunk/Source/WebCore
Title: [293929] trunk/Source/WebCore Revision 293929 Author pvol...@apple.com Date 2022-05-06 16:10:39 -0700 (Fri, 06 May 2022) Log Message [macOS] HTTP traffic is not filtered in the parental controls filter https://bugs.webkit.org/show_bug.cgi?id=240180 Reviewed by Geoffrey Garen. Traditionally, we have not filtered HTTP in the parental controls filter on macOS, since other parts of the system has taken care of this. This appears to have changed now, and WebKit should also filter HTTP in addition to HTTPS. * platform/cocoa/ParentalControlsContentFilter.mm: (WebCore::canHandleResponse): Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/platform/cocoa/ParentalControlsContentFilter.mm Diff Modified: trunk/Source/WebCore/ChangeLog (293928 => 293929) --- trunk/Source/WebCore/ChangeLog 2022-05-06 22:33:06 UTC (rev 293928) +++ trunk/Source/WebCore/ChangeLog 2022-05-06 23:10:39 UTC (rev 293929) @@ -1,3 +1,17 @@ +2022-05-06 Per Arne Vollan + +[macOS] HTTP traffic is not filtered in the parental controls filter +https://bugs.webkit.org/show_bug.cgi?id=240180 + + +Reviewed by Geoffrey Garen. + +Traditionally, we have not filtered HTTP in the parental controls filter on macOS, since other parts of the system +has taken care of this. This appears to have changed now, and WebKit should also filter HTTP in addition to HTTPS. + +* platform/cocoa/ParentalControlsContentFilter.mm: +(WebCore::canHandleResponse): + 2022-05-06 Manuel Rego Casasnovas [selectors] Double script focus after mouse click shouldn't match :focus-visible Modified: trunk/Source/WebCore/platform/cocoa/ParentalControlsContentFilter.mm (293928 => 293929) --- trunk/Source/WebCore/platform/cocoa/ParentalControlsContentFilter.mm 2022-05-06 22:33:06 UTC (rev 293928) +++ trunk/Source/WebCore/platform/cocoa/ParentalControlsContentFilter.mm 2022-05-06 23:10:39 UTC (rev 293929) @@ -74,11 +74,7 @@ static inline bool canHandleResponse(const ResourceResponse& response) { -#if PLATFORM(MAC) || PLATFORM(MACCATALYST) -return response.url().protocolIs("https"); -#else return response.url().protocolIsInHTTPFamily(); -#endif } void ParentalControlsContentFilter::responseReceived(const ResourceResponse& response) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293893] trunk/Source/WebKit
Title: [293893] trunk/Source/WebKit Revision 293893 Author pvol...@apple.com Date 2022-05-06 08:58:40 -0700 (Fri, 06 May 2022) Log Message Create reports for long process launch times https://bugs.webkit.org/show_bug.cgi?id=240127 Reviewed by Yusuke Suzuki. We have reports that it can take a long time to launch WebKit processes in some cases. This is the time it takes from the XPC message is sent until the XPC reply is received. Add reporting when this happens in order to help diagnose the issue. * UIProcess/AuxiliaryProcessProxy.cpp: (WebKit::AuxiliaryProcessProxy::connect): (WebKit::AuxiliaryProcessProxy::didFinishLaunching): * UIProcess/AuxiliaryProcessProxy.h: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h Diff Modified: trunk/Source/WebKit/ChangeLog (293892 => 293893) --- trunk/Source/WebKit/ChangeLog 2022-05-06 15:23:27 UTC (rev 293892) +++ trunk/Source/WebKit/ChangeLog 2022-05-06 15:58:40 UTC (rev 293893) @@ -1,5 +1,21 @@ 2022-05-06 Per Arne Vollan +Create reports for long process launch times +https://bugs.webkit.org/show_bug.cgi?id=240127 + +Reviewed by Yusuke Suzuki. + +We have reports that it can take a long time to launch WebKit processes in some cases. This is the time +it takes from the XPC message is sent until the XPC reply is received. Add reporting when this happens +in order to help diagnose the issue. + +* UIProcess/AuxiliaryProcessProxy.cpp: +(WebKit::AuxiliaryProcessProxy::connect): +(WebKit::AuxiliaryProcessProxy::didFinishLaunching): +* UIProcess/AuxiliaryProcessProxy.h: + +2022-05-06 Per Arne Vollan + [WP] Wait for Launch Services database after Network process connection has been established https://bugs.webkit.org/show_bug.cgi?id=240125 Modified: trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp (293892 => 293893) --- trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp 2022-05-06 15:23:27 UTC (rev 293892) +++ trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.cpp 2022-05-06 15:58:40 UTC (rev 293893) @@ -108,6 +108,7 @@ void AuxiliaryProcessProxy::connect() { ASSERT(!m_processLauncher); +m_proccessStart = MonotonicTime::now(); ProcessLauncher::LaunchOptions launchOptions; getLaunchOptions(launchOptions); m_processLauncher = ProcessLauncher::create(this, WTFMove(launchOptions)); @@ -257,6 +258,10 @@ ASSERT(!m_connection); ASSERT(isMainRunLoop()); +auto launchTime = MonotonicTime::now() - m_proccessStart; +if (launchTime > 1_s) +RELEASE_LOG_FAULT(Process, "%s process (%p) took %f seconds to launch", processName().characters(), this, launchTime.value()); + if (!IPC::Connection::identifierIsValid(connectionIdentifier)) return; Modified: trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h (293892 => 293893) --- trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h 2022-05-06 15:23:27 UTC (rev 293892) +++ trunk/Source/WebKit/UIProcess/AuxiliaryProcessProxy.h 2022-05-06 15:58:40 UTC (rev 293893) @@ -187,6 +187,7 @@ bool m_didBeginResponsivenessChecks { false }; WebCore::ProcessIdentifier m_processIdentifier { WebCore::ProcessIdentifier::generate() }; std::optional m_delayedResponsivenessCheck; +MonotonicTime m_proccessStart; }; template ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293892] trunk/Source/WebKit
Title: [293892] trunk/Source/WebKit Revision 293892 Author pvol...@apple.com Date 2022-05-06 08:23:27 -0700 (Fri, 06 May 2022) Log Message [WP] Wait for Launch Services database after Network process connection has been established https://bugs.webkit.org/show_bug.cgi?id=240125 Reviewed by Geoffrey Garen. Since the Launch Services database is provided to the WebContent process by the Network process, it makes sense to wait for the database when we're certain that the Network process is running. This should fix main thread hangs in the cases where we before started waiting for the database before the Network process had launched. To support this move, we also need to delay the initialization of accessibility in NSApplication, since that depends on having the database available. This is now being done in WebPage::platformInitializeAccessibility, which is a natural place for this initialization to take place. * WebProcess/WebPage/mac/WebPageMac.mm: (WebKit::WebPage::platformInitializeAccessibility): * WebProcess/WebProcess.cpp: (WebKit::WebProcess::ensureNetworkProcessConnection): * WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::platformInitializeWebProcess): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/WebProcess/WebPage/mac/WebPageMac.mm trunk/Source/WebKit/WebProcess/WebProcess.cpp trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Diff Modified: trunk/Source/WebKit/ChangeLog (293891 => 293892) --- trunk/Source/WebKit/ChangeLog 2022-05-06 15:21:16 UTC (rev 293891) +++ trunk/Source/WebKit/ChangeLog 2022-05-06 15:23:27 UTC (rev 293892) @@ -1,3 +1,25 @@ +2022-05-06 Per Arne Vollan + +[WP] Wait for Launch Services database after Network process connection has been established +https://bugs.webkit.org/show_bug.cgi?id=240125 + + +Reviewed by Geoffrey Garen. + +Since the Launch Services database is provided to the WebContent process by the Network process, it makes sense +to wait for the database when we're certain that the Network process is running. This should fix main thread hangs +in the cases where we before started waiting for the database before the Network process had launched. To support +this move, we also need to delay the initialization of accessibility in NSApplication, since that depends on having +the database available. This is now being done in WebPage::platformInitializeAccessibility, which is a natural +place for this initialization to take place. + +* WebProcess/WebPage/mac/WebPageMac.mm: +(WebKit::WebPage::platformInitializeAccessibility): +* WebProcess/WebProcess.cpp: +(WebKit::WebProcess::ensureNetworkProcessConnection): +* WebProcess/cocoa/WebProcessCocoa.mm: +(WebKit::WebProcess::platformInitializeWebProcess): + 2022-05-06 Kimmo Kinnunen GPU Process crash under IPC::Connection::open() ASSERTION FAILED: m_sendPort Modified: trunk/Source/WebKit/WebProcess/WebPage/mac/WebPageMac.mm (293891 => 293892) --- trunk/Source/WebKit/WebProcess/WebPage/mac/WebPageMac.mm 2022-05-06 15:21:16 UTC (rev 293891) +++ trunk/Source/WebKit/WebProcess/WebPage/mac/WebPageMac.mm 2022-05-06 15:23:27 UTC (rev 293892) @@ -113,6 +113,10 @@ void WebPage::platformInitializeAccessibility() { +// Need to initialize accessibility for VoiceOver to work when the WebContent process is using NSRunLoop. +// Currently, it is also needed to allocate and initialize an NSApplication object. +[NSApplication _accessibilityInitialize]; + auto mockAccessibilityElement = adoptNS([[WKAccessibilityWebPageObject alloc] init]); // Get the pid for the starting process. Modified: trunk/Source/WebKit/WebProcess/WebProcess.cpp (293891 => 293892) --- trunk/Source/WebKit/WebProcess/WebProcess.cpp 2022-05-06 15:21:16 UTC (rev 293891) +++ trunk/Source/WebKit/WebProcess/WebProcess.cpp 2022-05-06 15:23:27 UTC (rev 293892) @@ -241,6 +241,10 @@ #include "WebMockContentFilterManager.h" #endif +#if HAVE(LSDATABASECONTEXT) +#include "LaunchServicesDatabaseManager.h" +#endif + #undef WEBPROCESS_RELEASE_LOG #define RELEASE_LOG_SESSION_ID (m_sessionID ? m_sessionID->toUInt64() : 0) #if RELEASE_LOG_DISABLED @@ -1192,6 +1196,12 @@ m_networkProcessConnection->serviceWorkerConnection().registerServiceWorkerClients(); #endif +#if HAVE(LSDATABASECONTEXT) +// On Mac, this needs to be called before NSApplication is being initialized. +// The NSApplication initialization is being done in [NSApplication _accessibilityInitialize] +LaunchServicesDatabaseManager::singleton().waitForDatabaseUpdate(); +#endif + // This can be called during a WebPage's constructor, so wait until after the constructor returns to touch the WebPage. RunLoop::main().dispatch([this] { for (auto& webPage : m_pageMap.values()) Modified:
[webkit-changes] [293873] trunk
Title: [293873] trunk Revision 293873 Author pvol...@apple.com Date 2022-05-05 17:12:45 -0700 (Thu, 05 May 2022) Log Message Add GitHub user name https://bugs.webkit.org/show_bug.cgi?id=240144 Unreviewed, add github user name to contributors.json. * metadata/contributors.json: Modified Paths trunk/ChangeLog trunk/metadata/contributors.json Diff Modified: trunk/ChangeLog (293872 => 293873) --- trunk/ChangeLog 2022-05-06 00:03:51 UTC (rev 293872) +++ trunk/ChangeLog 2022-05-06 00:12:45 UTC (rev 293873) @@ -1,3 +1,12 @@ +2022-05-05 Per Arne Vollan + +Add GitHub user name +https://bugs.webkit.org/show_bug.cgi?id=240144 + +Unreviewed, add github user name to contributors.json. + +* metadata/contributors.json: + 2022-05-05 Megan Gardner Add github info for myself to contributors.json Modified: trunk/metadata/contributors.json (293872 => 293873) --- trunk/metadata/contributors.json 2022-05-06 00:03:51 UTC (rev 293872) +++ trunk/metadata/contributors.json 2022-05-06 00:12:45 UTC (rev 293873) @@ -5379,6 +5379,7 @@ "pvol...@apple.com", "pe...@outlook.com" ], + "github" : "pvollan", "name" : "Per Arne Vollan", "nicks" : [ "peavo" ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293795] trunk/Source/WebKit
Title: [293795] trunk/Source/WebKit Revision 293795 Author pvol...@apple.com Date 2022-05-04 15:03:39 -0700 (Wed, 04 May 2022) Log Message [iOS][GPUP] Grant read access to font directory https://bugs.webkit.org/show_bug.cgi?id=240080 Reviewed by Brent Fulgham. * Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (293794 => 293795) --- trunk/Source/WebKit/ChangeLog 2022-05-04 21:55:48 UTC (rev 293794) +++ trunk/Source/WebKit/ChangeLog 2022-05-04 22:03:39 UTC (rev 293795) @@ -1,3 +1,12 @@ +2022-05-04 Per Arne Vollan + +[iOS][GPUP] Grant read access to font directory +https://bugs.webkit.org/show_bug.cgi?id=240080 + +Reviewed by Brent Fulgham. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in: + 2022-05-04 J Pascoe [WebAuthn] Remove user gesture requirement for mediation=conditional assertions Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in (293794 => 293795) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-05-04 21:55:48 UTC (rev 293794) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-05-04 22:03:39 UTC (rev 293795) @@ -495,6 +495,9 @@ (home-literal "/Library/Preferences/com.apple.mobilemail.plist") (with no-log)) +(allow file-read* +(home-subpath "/Library/Fonts")) + (allow-preferences-common) ;; Home Button ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293758] trunk/Source/WebKit
Title: [293758] trunk/Source/WebKit Revision 293758 Author pvol...@apple.com Date 2022-05-03 20:17:09 -0700 (Tue, 03 May 2022) Log Message Add logging related to Launch Services database https://bugs.webkit.org/show_bug.cgi?id=240032 Reviewed by Geoffrey Garen. We have reports indicating that it can sometime take unexpectedly long time for the Network process to provide the Launch Services database to the WebContent and GPU process. Add some logging to help diagnose the issue. There are also some related selector response checks that can be removed now. * NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm: (WebKit::LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver): (WebKit::LaunchServicesDatabaseObserver::startObserving): (WebKit::LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver): (WebKit::databaseContext): Deleted. * UIProcess/Network/NetworkProcessProxy.cpp: (WebKit::NetworkProcessProxy::NetworkProcessProxy): (WebKit::NetworkProcessProxy::didFinishLaunching): * UIProcess/Network/NetworkProcessProxyCocoa.mm: (WebKit::NetworkProcessProxy::sendXPCEndpointToProcess): * WebProcess/cocoa/LaunchServicesDatabaseManager.mm: (WebKit::LaunchServicesDatabaseManager::handleEvent): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxyCocoa.mm trunk/Source/WebKit/WebProcess/cocoa/LaunchServicesDatabaseManager.mm Diff Modified: trunk/Source/WebKit/ChangeLog (293757 => 293758) --- trunk/Source/WebKit/ChangeLog 2022-05-04 02:27:25 UTC (rev 293757) +++ trunk/Source/WebKit/ChangeLog 2022-05-04 03:17:09 UTC (rev 293758) @@ -1,3 +1,27 @@ +2022-05-03 Per Arne Vollan + +Add logging related to Launch Services database +https://bugs.webkit.org/show_bug.cgi?id=240032 + +Reviewed by Geoffrey Garen. + +We have reports indicating that it can sometime take unexpectedly long time for the Network process to provide +the Launch Services database to the WebContent and GPU process. Add some logging to help diagnose the issue. +There are also some related selector response checks that can be removed now. + +* NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm: +(WebKit::LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver): +(WebKit::LaunchServicesDatabaseObserver::startObserving): +(WebKit::LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver): +(WebKit::databaseContext): Deleted. +* UIProcess/Network/NetworkProcessProxy.cpp: +(WebKit::NetworkProcessProxy::NetworkProcessProxy): +(WebKit::NetworkProcessProxy::didFinishLaunching): +* UIProcess/Network/NetworkProcessProxyCocoa.mm: +(WebKit::NetworkProcessProxy::sendXPCEndpointToProcess): +* WebProcess/cocoa/LaunchServicesDatabaseManager.mm: +(WebKit::LaunchServicesDatabaseManager::handleEvent): + 2022-05-03 Yusuke Suzuki [JSC] Initialize empty and null AtomString at compile time Modified: trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm (293757 => 293758) --- trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-05-04 02:27:25 UTC (rev 293757) +++ trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-05-04 03:17:09 UTC (rev 293758) @@ -33,25 +33,10 @@ namespace WebKit { -#if HAVE(LSDATABASECONTEXT) -static LSDatabaseContext *databaseContext() -{ -static dispatch_once_t once; -static LSDatabaseContext *context = nullptr; -dispatch_once(, ^{ -context = [NSClassFromString(@"LSDatabaseContext") sharedDatabaseContext]; -}); -return context; -} -#endif - LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver(NetworkProcess&) { #if HAVE(LSDATABASECONTEXT) -if (![databaseContext() respondsToSelector:@selector(addDatabaseChangeObserver4WebKit:)]) -return; - -m_observer = [databaseContext() addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { +m_observer = [LSDatabaseContext.sharedDatabaseContext addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); xpc_dictionary_set_value(message.get(), LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseKey, change); @@ -78,22 +63,15 @@ } #if HAVE(LSDATABASECONTEXT) -if (![databaseContext() respondsToSelector:@selector(addDatabaseChangeObserver4WebKit:)]) { +RetainPtr observer = [LSDatabaseContext.sharedDatabaseContext addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { auto message =
[webkit-changes] [293743] trunk/Source/WebKit
Title: [293743] trunk/Source/WebKit Revision 293743 Author pvol...@apple.com Date 2022-05-03 15:23:23 -0700 (Tue, 03 May 2022) Log Message Add logging related to Launch Services database https://bugs.webkit.org/show_bug.cgi?id=240032 Reviewed by Geoffrey Garen. We have reports indicating that it can sometime take unexpectedly long time for the Network process to provide the Launch Services database to the WebContent and GPU process. Add some logging to help diagnose the issue. There are also some related selector response checks that can be removed now. * NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm: (WebKit::LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver): (WebKit::LaunchServicesDatabaseObserver::startObserving): (WebKit::LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver): (WebKit::databaseContext): Deleted. * UIProcess/Network/NetworkProcessProxy.cpp: (WebKit::NetworkProcessProxy::NetworkProcessProxy): (WebKit::NetworkProcessProxy::didFinishLaunching): * UIProcess/Network/NetworkProcessProxyCocoa.mm: (WebKit::NetworkProcessProxy::sendXPCEndpointToProcess): * WebProcess/cocoa/LaunchServicesDatabaseManager.mm: (WebKit::LaunchServicesDatabaseManager::handleEvent): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxyCocoa.mm trunk/Source/WebKit/WebProcess/cocoa/LaunchServicesDatabaseManager.mm Diff Modified: trunk/Source/WebKit/ChangeLog (293742 => 293743) --- trunk/Source/WebKit/ChangeLog 2022-05-03 22:10:46 UTC (rev 293742) +++ trunk/Source/WebKit/ChangeLog 2022-05-03 22:23:23 UTC (rev 293743) @@ -1,5 +1,29 @@ 2022-05-03 Per Arne Vollan +Add logging related to Launch Services database +https://bugs.webkit.org/show_bug.cgi?id=240032 + +Reviewed by Geoffrey Garen. + +We have reports indicating that it can sometime take unexpectedly long time for the Network process to provide +the Launch Services database to the WebContent and GPU process. Add some logging to help diagnose the issue. +There are also some related selector response checks that can be removed now. + +* NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm: +(WebKit::LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver): +(WebKit::LaunchServicesDatabaseObserver::startObserving): +(WebKit::LaunchServicesDatabaseObserver::~LaunchServicesDatabaseObserver): +(WebKit::databaseContext): Deleted. +* UIProcess/Network/NetworkProcessProxy.cpp: +(WebKit::NetworkProcessProxy::NetworkProcessProxy): +(WebKit::NetworkProcessProxy::didFinishLaunching): +* UIProcess/Network/NetworkProcessProxyCocoa.mm: +(WebKit::NetworkProcessProxy::sendXPCEndpointToProcess): +* WebProcess/cocoa/LaunchServicesDatabaseManager.mm: +(WebKit::LaunchServicesDatabaseManager::handleEvent): + +2022-05-03 Per Arne Vollan + [iOS][WP] Only block IOKit access if all GPUP features are enabled https://bugs.webkit.org/show_bug.cgi?id=240010 Modified: trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm (293742 => 293743) --- trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-05-03 22:10:46 UTC (rev 293742) +++ trunk/Source/WebKit/NetworkProcess/cocoa/LaunchServicesDatabaseObserver.mm 2022-05-03 22:23:23 UTC (rev 293743) @@ -33,25 +33,10 @@ namespace WebKit { -#if HAVE(LSDATABASECONTEXT) -static LSDatabaseContext *databaseContext() -{ -static dispatch_once_t once; -static LSDatabaseContext *context = nullptr; -dispatch_once(, ^{ -context = [NSClassFromString(@"LSDatabaseContext") sharedDatabaseContext]; -}); -return context; -} -#endif - LaunchServicesDatabaseObserver::LaunchServicesDatabaseObserver(NetworkProcess&) { #if HAVE(LSDATABASECONTEXT) -if (![databaseContext() respondsToSelector:@selector(addDatabaseChangeObserver4WebKit:)]) -return; - -m_observer = [databaseContext() addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { +m_observer = [LSDatabaseContext.sharedDatabaseContext addDatabaseChangeObserver4WebKit:^(xpc_object_t change) { auto message = adoptOSObject(xpc_dictionary_create(nullptr, nullptr, 0)); xpc_dictionary_set_string(message.get(), XPCEndpoint::xpcMessageNameKey, LaunchServicesDatabaseXPCConstants::xpcUpdateLaunchServicesDatabaseMessageName); xpc_dictionary_set_value(message.get(), LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseKey, change); @@ -78,22 +63,15 @@ } #if HAVE(LSDATABASECONTEXT) -if (![databaseContext() respondsToSelector:@selector(addDatabaseChangeObserver4WebKit:)]) { +RetainPtr observer = [LSDatabaseContext.sharedDatabaseContext
[webkit-changes] [293734] trunk/Source/WebKit
Title: [293734] trunk/Source/WebKit Revision 293734 Author pvol...@apple.com Date 2022-05-03 11:47:57 -0700 (Tue, 03 May 2022) Log Message [iOS][WP] Only block IOKit access if all GPUP features are enabled https://bugs.webkit.org/show_bug.cgi?id=240010 Reviewed by Tim Horton. Only block IOKit access in the WebContent process' sandbox on iOS if all GPUP features are enabled. * WebProcess/WebPage/WebPage.cpp: (WebKit::m_appHighlightsVisible): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp Diff Modified: trunk/Source/WebKit/ChangeLog (293733 => 293734) --- trunk/Source/WebKit/ChangeLog 2022-05-03 18:25:46 UTC (rev 293733) +++ trunk/Source/WebKit/ChangeLog 2022-05-03 18:47:57 UTC (rev 293734) @@ -1,5 +1,17 @@ 2022-05-03 Per Arne Vollan +[iOS][WP] Only block IOKit access if all GPUP features are enabled +https://bugs.webkit.org/show_bug.cgi?id=240010 + +Reviewed by Tim Horton. + +Only block IOKit access in the WebContent process' sandbox on iOS if all GPUP features are enabled. + +* WebProcess/WebPage/WebPage.cpp: +(WebKit::m_appHighlightsVisible): + +2022-05-03 Per Arne Vollan + [iOS][GPUP] Remove Mach sandbox extensions for non browser clients https://bugs.webkit.org/show_bug.cgi?id=240008 Modified: trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp (293733 => 293734) --- trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2022-05-03 18:25:46 UTC (rev 293733) +++ trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp 2022-05-03 18:47:57 UTC (rev 293734) @@ -919,7 +919,16 @@ // This call should be replaced with proper API when available. CFPreferencesGetAppIntegerValue(CFSTR("key"), CFSTR("com.apple.WebKit.WebContent.AppCacheDisabled"), nullptr); } -if (parameters.store.getBoolValueForKey(WebPreferencesKey::blockIOKitInWebContentSandboxKey())) + +auto blockIOKit = parameters.store.getBoolValueForKey(WebPreferencesKey::blockIOKitInWebContentSandboxKey()) +#if ENABLE(WEBGL) +&& m_shouldRenderWebGLInGPUProcess +#endif +&& m_shouldRenderCanvasInGPUProcess +&& m_shouldRenderDOMInGPUProcess +&& m_shouldPlayMediaInGPUProcess; + +if (blockIOKit) CFPreferencesGetAppIntegerValue(CFSTR("key"), CFSTR("com.apple.WebKit.WebContent.BlockIOKitInWebContentSandbox"), nullptr); #endif ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293733] trunk/Source/WebKit
Title: [293733] trunk/Source/WebKit Revision 293733 Author pvol...@apple.com Date 2022-05-03 11:25:46 -0700 (Tue, 03 May 2022) Log Message [iOS][GPUP] Remove Mach sandbox extensions for non browser clients https://bugs.webkit.org/show_bug.cgi?id=240008 Reviewed by Geoffrey Garen. Remove Mach sandbox extensions for clients that are not browsers in the GPU process on iOS. The same set of extensions has recently been removed from the WebContent process. We also block these in the GPU process' sandbox, so there should be no change in behavior. * GPUProcess/GPUProcess.cpp: (WebKit::GPUProcess::initializeGPUProcess): * GPUProcess/GPUProcessCreationParameters.cpp: (WebKit::GPUProcessCreationParameters::encode const): (WebKit::GPUProcessCreationParameters::decode): * GPUProcess/GPUProcessCreationParameters.h: * UIProcess/GPU/GPUProcessProxy.cpp: (WebKit::GPUProcessProxy::GPUProcessProxy): (WebKit::nonBrowserServices): Deleted. Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/GPUProcess/GPUProcess.cpp trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp Diff Modified: trunk/Source/WebKit/ChangeLog (293732 => 293733) --- trunk/Source/WebKit/ChangeLog 2022-05-03 18:23:32 UTC (rev 293732) +++ trunk/Source/WebKit/ChangeLog 2022-05-03 18:25:46 UTC (rev 293733) @@ -1,5 +1,26 @@ 2022-05-03 Per Arne Vollan +[iOS][GPUP] Remove Mach sandbox extensions for non browser clients +https://bugs.webkit.org/show_bug.cgi?id=240008 + +Reviewed by Geoffrey Garen. + +Remove Mach sandbox extensions for clients that are not browsers in the GPU process on iOS. The same set of extensions +has recently been removed from the WebContent process. We also block these in the GPU process' sandbox, so there should +be no change in behavior. + +* GPUProcess/GPUProcess.cpp: +(WebKit::GPUProcess::initializeGPUProcess): +* GPUProcess/GPUProcessCreationParameters.cpp: +(WebKit::GPUProcessCreationParameters::encode const): +(WebKit::GPUProcessCreationParameters::decode): +* GPUProcess/GPUProcessCreationParameters.h: +* UIProcess/GPU/GPUProcessProxy.cpp: +(WebKit::GPUProcessProxy::GPUProcessProxy): +(WebKit::nonBrowserServices): Deleted. + +2022-05-03 Per Arne Vollan + [iOS][WP] Remove obsolete message filter https://bugs.webkit.org/show_bug.cgi?id=240012 Modified: trunk/Source/WebKit/GPUProcess/GPUProcess.cpp (293732 => 293733) --- trunk/Source/WebKit/GPUProcess/GPUProcess.cpp 2022-05-03 18:23:32 UTC (rev 293732) +++ trunk/Source/WebKit/GPUProcess/GPUProcess.cpp 2022-05-03 18:25:46 UTC (rev 293733) @@ -253,7 +253,6 @@ #if PLATFORM(IOS_FAMILY) SandboxExtension::consumePermanently(parameters.compilerServiceExtensionHandles); SandboxExtension::consumePermanently(parameters.dynamicIOKitExtensionHandles); -SandboxExtension::consumePermanently(parameters.dynamicMachExtensionHandles); #endif #if HAVE(CGIMAGESOURCE_WITH_SET_ALLOWABLE_TYPES) Modified: trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp (293732 => 293733) --- trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp 2022-05-03 18:23:32 UTC (rev 293732) +++ trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp 2022-05-03 18:25:46 UTC (rev 293733) @@ -60,7 +60,6 @@ #if PLATFORM(IOS_FAMILY) encoder << compilerServiceExtensionHandles; encoder << dynamicIOKitExtensionHandles; -encoder << dynamicMachExtensionHandles; #endif encoder << applicationVisibleName; @@ -111,12 +110,6 @@ if (!dynamicIOKitExtensionHandles) return false; result.dynamicIOKitExtensionHandles = WTFMove(*dynamicIOKitExtensionHandles); - -std::optional> dynamicMachExtensionHandles; -decoder >> dynamicMachExtensionHandles; -if (!dynamicMachExtensionHandles) -return false; -result.dynamicMachExtensionHandles = WTFMove(*dynamicMachExtensionHandles); #endif if (!decoder.decode(result.applicationVisibleName)) Modified: trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h (293732 => 293733) --- trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h 2022-05-03 18:23:32 UTC (rev 293732) +++ trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h 2022-05-03 18:25:46 UTC (rev 293733) @@ -60,7 +60,6 @@ #if PLATFORM(IOS_FAMILY) Vector compilerServiceExtensionHandles; Vector dynamicIOKitExtensionHandles; -Vector dynamicMachExtensionHandles; #endif String applicationVisibleName; Modified: trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp (293732 => 293733) --- trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp 2022-05-03 18:23:32 UTC (rev 293732) +++ trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp 2022-05-03 18:25:46 UTC (rev 293733) @@ -81,19 +81,6 @@
[webkit-changes] [293732] trunk/Source/WebKit
Title: [293732] trunk/Source/WebKit Revision 293732 Author pvol...@apple.com Date 2022-05-03 11:23:32 -0700 (Tue, 03 May 2022) Log Message [iOS][WP] Remove obsolete message filter https://bugs.webkit.org/show_bug.cgi?id=240012 Reviewed by Geoffrey Garen. Remove obsolete message filter in the WebContent process on iOS. This filtering is now enabled by the GPU restricted entitlement we have added for the WebContent process. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (293731 => 293732) --- trunk/Source/WebKit/ChangeLog 2022-05-03 18:06:15 UTC (rev 293731) +++ trunk/Source/WebKit/ChangeLog 2022-05-03 18:23:32 UTC (rev 293732) @@ -1,3 +1,15 @@ +2022-05-03 Per Arne Vollan + +[iOS][WP] Remove obsolete message filter +https://bugs.webkit.org/show_bug.cgi?id=240012 + +Reviewed by Geoffrey Garen. + +Remove obsolete message filter in the WebContent process on iOS. This filtering is now enabled by the +GPU restricted entitlement we have added for the WebContent process. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: + 2022-05-03 Wenson Hsieh [iOS] The "Copy Cropped Image" context menu action should be gated on cropped image results Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (293731 => 293732) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-05-03 18:06:15 UTC (rev 293731) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-05-03 18:23:32 UTC (rev 293732) @@ -246,49 +246,8 @@ iokit-async-external-method iokit-external-method ) -(allow iokit-async-external-method -#if PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED < 16 -(iokit-method-number -43 -44 -) -#endif -) -(allow iokit-external-method -#if PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED < 16 -(iokit-method-number -0 -2 -4 -5 -6 -7 -8 -9 -10 -11 -12 -13 -14 -15 -16 -25 -26 -27 -36 -37 -38 -39 -40 -41 -42 -43 -44 -45 -) -#endif -) - +(allow iokit-async-external-method) +(allow iokit-external-method) ) ) ) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293595] trunk/Source
Title: [293595] trunk/Source Revision 293595 Author pvol...@apple.com Date 2022-04-28 16:31:24 -0700 (Thu, 28 Apr 2022) Log Message Dynamically switch message filter https://bugs.webkit.org/show_bug.cgi?id=238577 Reviewed by Geoffrey Garen. Source/WebKit: Use a sandbox state variable to dynamically switch the bootstrap filter in the WebContent process' sandbox. During launch of the WebContent process, we use a more permissive bootstrap filter to allow creating Mach connections in this time frame. After the WebContent process has launched, we switch to a blocking filter, which will essentially block access to launchd. The bootstrap filter is being switched back to the more permissive version when we create new Mach sandbox extensions for the WebContent process. This is done on a case by case basis, by adding a new parameter to control this behavior when creating Mach sandbox extensions. While launching the WebContent process there is usually no need to specify that the permissive bootstrap filter is needed, since we are already using the permissive filter during launch time. However, for some Mach extensions that will only result in a new XPC connection in the WebContent process after launch, we need to specify that the permissive filter is requried. Otherwise, creating the new XPC connection after launch will fail. For Mach sandbox extensions created after launch of the WebContent process, we always need to use the permissive bootstrap filter to be able to create the XPC connection. Enabling the permissive bootstrap filter requires the audit token to be available, which means we need to pass the audit token when creating the new Mach sandbox extensions. This patch also waits until after the Web page has been created to set the sandbox variable which indicates that the WebContent process has launched. Without this last change, the bootstrap filter would have needed switching when creating the Web page, since creating the WebPage will consume and revoke some mach extensions. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * Scripts/process-entitlements.sh: * Shared/Cocoa/SandboxExtensionCocoa.mm: (WebKit::SandboxExtension::createHandleForMachLookup): (WebKit::SandboxExtension::createHandlesForMachLookup): * Shared/Sandbox/SandboxStateVariables.h: Added. * Shared/SandboxExtension.h: * UIProcess/Cocoa/WebPageProxyCocoa.mm: (WebKit::WebPageProxy::addPlatformLoadParameters): (WebKit::WebPageProxy::grantAccessToAssetServices): (WebKit::WebPageProxy::switchFromStaticFontRegistryToUserFontRegistry): (WebKit::WebPageProxy::fontdMachExtensionHandle): * UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::registerNotificationObservers): * UIProcess/Cocoa/WebProcessProxyCocoa.mm: (WebKit::WebProcessProxy::unblockAccessibilityServerIfNeeded): (WebKit::WebProcessProxy::messageSourceIsValidWebContentProcess): (WebKit::WebProcessProxy::auditToken const): * UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.cpp: (WebKit::SpeechRecognitionRemoteRealtimeMediaSourceManager::addSource): * UIProcess/UserMediaPermissionRequestManagerProxy.cpp: (WebKit::UserMediaPermissionRequestManagerProxy::finishGrantingRequest): * UIProcess/UserMediaProcessManager.cpp: (WebKit::UserMediaProcessManager::willCreateMediaStream): * UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::processNextQueuedMouseEvent): (WebKit::WebPageProxy::didChooseFilesForOpenPanelWithDisplayStringAndIcon): (WebKit::WebPageProxy::creationParameters): * UIProcess/WebPageProxy.h: * UIProcess/WebProcessProxy.h: * WebKit.xcodeproj/project.pbxproj: * WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::create): * WebProcess/com.apple.WebProcess.sb.in: Source/WTF: Add SPI to set sandbox state variable. * wtf/spi/darwin/SandboxSPI.h: Modified Paths trunk/Source/WTF/ChangeLog trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/Scripts/process-entitlements.sh trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm trunk/Source/WebKit/Shared/SandboxExtension.h trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm trunk/Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm trunk/Source/WebKit/UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.cpp trunk/Source/WebKit/UIProcess/UserMediaPermissionRequestManagerProxy.cpp trunk/Source/WebKit/UIProcess/UserMediaProcessManager.cpp trunk/Source/WebKit/UIProcess/WebPageProxy.cpp trunk/Source/WebKit/UIProcess/WebPageProxy.h trunk/Source/WebKit/UIProcess/WebProcessProxy.h trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Added Paths trunk/Source/WebKit/Shared/Sandbox/SandboxStateVariables.h Diff Modified: trunk/Source/WTF/ChangeLog (293594 => 293595) ---
[webkit-changes] [293590] trunk/Source/WebKit
Title: [293590] trunk/Source/WebKit Revision 293590 Author pvol...@apple.com Date 2022-04-28 14:46:51 -0700 (Thu, 28 Apr 2022) Log Message Fix build error after r293509 https://bugs.webkit.org/show_bug.cgi?id=239866 Unreviewed build fix. * Shared/mac/AuxiliaryProcessMac.mm: (WebKit::AuxiliaryProcess::isSystemWebKit): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm Diff Modified: trunk/Source/WebKit/ChangeLog (293589 => 293590) --- trunk/Source/WebKit/ChangeLog 2022-04-28 21:23:38 UTC (rev 293589) +++ trunk/Source/WebKit/ChangeLog 2022-04-28 21:46:51 UTC (rev 293590) @@ -1,3 +1,14 @@ +2022-04-28 Per Arne Vollan + +Fix build error after r293509 +https://bugs.webkit.org/show_bug.cgi?id=239866 + + +Unreviewed build fix. + +* Shared/mac/AuxiliaryProcessMac.mm: +(WebKit::AuxiliaryProcess::isSystemWebKit): + 2022-04-28 Simon Fraser [ macOS Debug wk2 ] Thirteen imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/ are a flaky crash (ASSERTION FAILED: willBeComposited == needsToBeComposited(layer, queryData)) Modified: trunk/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm (293589 => 293590) --- trunk/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm 2022-04-28 21:23:38 UTC (rev 293589) +++ trunk/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm 2022-04-28 21:46:51 UTC (rev 293590) @@ -829,7 +829,6 @@ }(); return isSystemWebKit; } -#endif void AuxiliaryProcess::openDirectoryCacheInvalidated(SandboxExtension::Handle&& handle) { @@ -847,6 +846,7 @@ sandboxExtension->revoke(); } +#endif // PLATFORM(MAC) } // namespace WebKit ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293578] trunk/Source/WTF
Title: [293578] trunk/Source/WTF Revision 293578 Author pvol...@apple.com Date 2022-04-28 10:40:36 -0700 (Thu, 28 Apr 2022) Log Message [iOS] Enable IOKit blocking in GPUP by default https://bugs.webkit.org/show_bug.cgi?id=239615 Reviewed by Darin Adler. * Scripts/Preferences/WebPreferencesInternal.yaml: Modified Paths trunk/Source/WTF/ChangeLog trunk/Source/WTF/Scripts/Preferences/WebPreferencesInternal.yaml Diff Modified: trunk/Source/WTF/ChangeLog (293577 => 293578) --- trunk/Source/WTF/ChangeLog 2022-04-28 17:23:49 UTC (rev 293577) +++ trunk/Source/WTF/ChangeLog 2022-04-28 17:40:36 UTC (rev 293578) @@ -1,3 +1,12 @@ +2022-04-28 Per Arne Vollan + +[iOS] Enable IOKit blocking in GPUP by default +https://bugs.webkit.org/show_bug.cgi?id=239615 + +Reviewed by Darin Adler. + +* Scripts/Preferences/WebPreferencesInternal.yaml: + 2022-04-26 Justin Michaud [PGO] Allow collecting other kinds of pgo profiles Modified: trunk/Source/WTF/Scripts/Preferences/WebPreferencesInternal.yaml (293577 => 293578) --- trunk/Source/WTF/Scripts/Preferences/WebPreferencesInternal.yaml 2022-04-28 17:23:49 UTC (rev 293577) +++ trunk/Source/WTF/Scripts/Preferences/WebPreferencesInternal.yaml 2022-04-28 17:40:36 UTC (rev 293578) @@ -119,7 +119,7 @@ exposed: [ WebKit ] defaultValue: WebKit: - default: false + default: true CSSDisplayContentsAXSupportEnabled: type: bool ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [293509] trunk/Source/WebKit
Title: [293509] trunk/Source/WebKit Revision 293509 Author pvol...@apple.com Date 2022-04-27 08:49:37 -0700 (Wed, 27 Apr 2022) Log Message [macOS] The function getpwnam can sometimes fail https://bugs.webkit.org/show_bug.cgi?id=239513 Reviewed by Darin Adler. The system function getpwnam is caching the results from the first invocation, and will return the cached values after the first call. It may happen that opendirectoryd will invalidate the cached values by posting notifications. If that happens, getpwnam will then fail, since there are no cached values and the WebContent process' sandbox is blocking access to opendirectoryd. This patch addresses this issue by observing these notifications in the UI process, and recreating the cached values for getpwnam, by calling the function in the WebContent process while holding a temporary sandbox extenstion to opendirectoryd. * GPUProcess/GPUProcess.h: * GPUProcess/GPUProcess.messages.in: * GPUProcess/mac/GPUProcessMac.mm: (WebKit::GPUProcess::openDirectoryCacheInvalidated): * GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: * Shared/AuxiliaryProcess.h: * Shared/mac/AuxiliaryProcessMac.mm: (WebKit::getHomeDirectory): (WebKit::populateSandboxInitializationParameters): (WebKit::AuxiliaryProcess::openDirectoryCacheInvalidated): * UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::registerNotificationObservers): (WebKit::WebProcessPool::unregisterNotificationObservers): * UIProcess/WebProcessPool.h: * WebProcess/WebProcess.h: * WebProcess/WebProcess.messages.in: * WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::openDirectoryCacheInvalidated): * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/GPUProcess/GPUProcess.h trunk/Source/WebKit/GPUProcess/GPUProcess.messages.in trunk/Source/WebKit/GPUProcess/mac/GPUProcessMac.mm trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in trunk/Source/WebKit/Shared/AuxiliaryProcess.h trunk/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm trunk/Source/WebKit/UIProcess/WebProcessPool.h trunk/Source/WebKit/WebProcess/WebProcess.h trunk/Source/WebKit/WebProcess/WebProcess.messages.in trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (293508 => 293509) --- trunk/Source/WebKit/ChangeLog 2022-04-27 14:11:34 UTC (rev 293508) +++ trunk/Source/WebKit/ChangeLog 2022-04-27 15:49:37 UTC (rev 293509) @@ -1,3 +1,39 @@ +2022-04-27 Per Arne Vollan + +[macOS] The function getpwnam can sometimes fail +https://bugs.webkit.org/show_bug.cgi?id=239513 + + +Reviewed by Darin Adler. + +The system function getpwnam is caching the results from the first invocation, and will return the cached +values after the first call. It may happen that opendirectoryd will invalidate the cached values by +posting notifications. If that happens, getpwnam will then fail, since there are no cached values and +the WebContent process' sandbox is blocking access to opendirectoryd. This patch addresses this issue +by observing these notifications in the UI process, and recreating the cached values for getpwnam, by +calling the function in the WebContent process while holding a temporary sandbox extenstion to +opendirectoryd. + +* GPUProcess/GPUProcess.h: +* GPUProcess/GPUProcess.messages.in: +* GPUProcess/mac/GPUProcessMac.mm: +(WebKit::GPUProcess::openDirectoryCacheInvalidated): +* GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: +* Shared/AuxiliaryProcess.h: +* Shared/mac/AuxiliaryProcessMac.mm: +(WebKit::getHomeDirectory): +(WebKit::populateSandboxInitializationParameters): +(WebKit::AuxiliaryProcess::openDirectoryCacheInvalidated): +* UIProcess/Cocoa/WebProcessPoolCocoa.mm: +(WebKit::WebProcessPool::registerNotificationObservers): +(WebKit::WebProcessPool::unregisterNotificationObservers): +* UIProcess/WebProcessPool.h: +* WebProcess/WebProcess.h: +* WebProcess/WebProcess.messages.in: +* WebProcess/cocoa/WebProcessCocoa.mm: +(WebKit::WebProcess::openDirectoryCacheInvalidated): +* WebProcess/com.apple.WebProcess.sb.in: + 2022-04-26 Michael Catanzaro [GLib] Make WebKitSettings XSS auditor functions no-op Modified: trunk/Source/WebKit/GPUProcess/GPUProcess.h (293508 => 293509) --- trunk/Source/WebKit/GPUProcess/GPUProcess.h 2022-04-27 14:11:34 UTC (rev 293508) +++ trunk/Source/WebKit/GPUProcess/GPUProcess.h 2022-04-27 15:49:37 UTC (rev 293509) @@ -202,6 +202,10 @@ void dispatchSimulatedNotificationsForPreferenceChange(const String& key) final; #endif +#if PLATFORM(MAC) +void
[webkit-changes] [292980] trunk/Source/WebKit
Title: [292980] trunk/Source/WebKit Revision 292980 Author pvol...@apple.com Date 2022-04-18 16:46:31 -0700 (Mon, 18 Apr 2022) Log Message Block system calls in the Network process https://bugs.webkit.org/show_bug.cgi?id=238935 Reviewed by Geoffrey Garen. Block unused system calls in the Network process on macOS and iOS. This is based on collected telemetry. * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (292979 => 292980) --- trunk/Source/WebKit/ChangeLog 2022-04-18 23:42:17 UTC (rev 292979) +++ trunk/Source/WebKit/ChangeLog 2022-04-18 23:46:31 UTC (rev 292980) @@ -1,5 +1,18 @@ 2022-04-18 Per Arne Vollan +Block system calls in the Network process +https://bugs.webkit.org/show_bug.cgi?id=238935 + + +Reviewed by Geoffrey Garen. + +Block unused system calls in the Network process on macOS and iOS. This is based on collected telemetry. + +* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: +* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in: + +2022-04-18 Per Arne Vollan + [iOS][WP] Add telemetry with backtrace for network related system calls https://bugs.webkit.org/show_bug.cgi?id=239465 Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (292979 => 292980) --- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-04-18 23:42:17 UTC (rev 292979) +++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-04-18 23:46:31 UTC (rev 292980) @@ -474,7 +474,7 @@ (prefix "/private/var/db/com.apple.networkextension.")) (when (defined? 'syscall-unix) -(allow syscall-unix (with telemetry)) +(deny syscall-unix (with telemetry)) (allow syscall-unix (syscall-number SYS___channel_get_info SYS___channel_open @@ -481,24 +481,35 @@ SYS___channel_sync SYS___disable_threadsignal SYS___mac_syscall +SYS___pthread_kill SYS___pthread_sigmask SYS___semwait_signal +SYS___semwait_signal_nocancel +SYS_abort_with_payload SYS_access SYS_bsdthread_create SYS_bsdthread_ctl SYS_bsdthread_terminate SYS_change_fdguard_np +SYS_close +SYS_close_nocancel +SYS_csops_audittoken SYS_csrctl SYS_dup SYS_exit SYS_fcntl SYS_fcntl_nocancel +SYS_ffsctl SYS_fgetattrlist +SYS_fgetxattr SYS_fileport_makeport +SYS_flistxattr SYS_flock +SYS_fsetattrlist SYS_fsgetpath SYS_fstat SYS_fstat64 +SYS_fstat64_extended SYS_fstatat SYS_fstatat64 SYS_fstatfs @@ -506,6 +517,7 @@ SYS_fsync SYS_ftruncate SYS_getattrlist +SYS_getattrlistbulk SYS_getaudit_addr SYS_getdirentries SYS_getdirentries64 @@ -516,6 +528,7 @@ SYS_getfsstat64 SYS_getgid SYS_getgroups +SYS_gethostuuid SYS_getpeername SYS_getrlimit SYS_getsockname @@ -530,6 +543,7 @@ SYS_guarded_pwrite_np SYS_iopolicysys SYS_issetugid +SYS_kdebug_trace SYS_kdebug_trace64 SYS_kdebug_trace_string SYS_kdebug_typefilter @@ -552,11 +566,16 @@ SYS_munmap SYS_necp_client_action SYS_necp_open +SYS_open SYS_open_dprotected_np +SYS_open_nocancel +SYS_openat +SYS_os_fault_with_payload SYS_pathconf SYS_pipe SYS_pread SYS_pread_nocancel +SYS_proc_info SYS_pselect SYS_psynch_cvbroad SYS_psynch_cvclrprepost @@ -585,7 +604,10 @@ SYS_setrlimit SYS_setsockopt SYS_shutdown +SYS_sigaction SYS_sigaltstack +SYS_sigprocmask +SYS_sigreturn SYS_socketpair SYS_stat SYS_stat64 @@ -592,10 +614,14 @@ SYS_stat64_extended SYS_statfs SYS_statfs64 +SYS_sysctl SYS_thread_selfid SYS_ulock_wait SYS_ulock_wake -SYS_workq_kernreturn))) +SYS_unlink +SYS_workq_kernreturn +SYS_write +SYS_write_nocancel))) (when (defined? 'SYS_map_with_linking_np) (allow syscall-unix (syscall-number SYS_map_with_linking_np))) @@ -607,7 +633,7 @@ (allow mach-message-send (with telemetry) (when (and (equal? (param "ENABLE_SANDBOX_MESSAGE_FILTER") "YES")
[webkit-changes] [292977] trunk/Source/WebKit
Title: [292977] trunk/Source/WebKit Revision 292977 Author pvol...@apple.com Date 2022-04-18 15:48:20 -0700 (Mon, 18 Apr 2022) Log Message [iOS][WP] Add telemetry with backtrace for network related system calls https://bugs.webkit.org/show_bug.cgi?id=239465 Reviewed by Darin Adler. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (292976 => 292977) --- trunk/Source/WebKit/ChangeLog 2022-04-18 22:24:22 UTC (rev 292976) +++ trunk/Source/WebKit/ChangeLog 2022-04-18 22:48:20 UTC (rev 292977) @@ -1,3 +1,12 @@ +2022-04-18 Per Arne Vollan + +[iOS][WP] Add telemetry with backtrace for network related system calls +https://bugs.webkit.org/show_bug.cgi?id=239465 + +Reviewed by Darin Adler. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: + 2022-04-18 Commit Queue Unreviewed, reverting r292957. Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (292976 => 292977) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-04-18 22:24:22 UTC (rev 292976) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-04-18 22:48:20 UTC (rev 292977) @@ -1299,8 +1299,6 @@ SYS_getgid SYS_getxattr SYS_mkdirat -SYS_necp_client_action -SYS_necp_open SYS_openat_nocancel SYS_pread_nocancel SYS_rmdir @@ -1311,7 +1309,6 @@ #if PLATFORM(WATCHOS) SYS_sigreturn #endif -SYS_socket SYS_thread_selfusage SYS_unlink SYS_write @@ -1324,8 +1321,11 @@ SYS___semwait_signal SYS_getattrlistbulk ;; xpc_realpath and directory enumeration SYS_iopolicysys +SYS_necp_client_action +SYS_necp_open SYS_open_dprotected_np SYS_psynch_rw_wrlock +SYS_socket SYS_umask SYS_work_interval_ctl)) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [292971] trunk/Source/WebKit
Title: [292971] trunk/Source/WebKit Revision 292971 Author pvol...@apple.com Date 2022-04-18 14:35:47 -0700 (Mon, 18 Apr 2022) Log Message Fix incorrect syscall name in sandboxes https://bugs.webkit.org/show_bug.cgi?id=239454 Reviewed by Darin Adler. * GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: * Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in: * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in: * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (292970 => 292971) --- trunk/Source/WebKit/ChangeLog 2022-04-18 21:20:22 UTC (rev 292970) +++ trunk/Source/WebKit/ChangeLog 2022-04-18 21:35:47 UTC (rev 292971) @@ -1,3 +1,17 @@ +2022-04-18 Per Arne Vollan + +Fix incorrect syscall name in sandboxes +https://bugs.webkit.org/show_bug.cgi?id=239454 + +Reviewed by Darin Adler. + +* GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: +* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: +* Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in: +* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in: +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: +* WebProcess/com.apple.WebProcess.sb.in: + 2022-04-18 Simon Fraser Allow C API clients to get the WKProcessTerminationReason in processDidCrash functions, and use in WebKitTestRunner Modified: trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in (292970 => 292971) --- trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-04-18 21:20:22 UTC (rev 292970) +++ trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in 2022-04-18 21:35:47 UTC (rev 292971) @@ -1032,5 +1032,5 @@ SYS_work_interval_ctl SYS_workq_kernreturn))) -(when (defined? 'SYS__map_with_linking_np) -(allow syscall-unix (syscall-number SYS__map_with_linking_np))) +(when (defined? 'SYS_map_with_linking_np) +(allow syscall-unix (syscall-number SYS_map_with_linking_np))) Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (292970 => 292971) --- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-04-18 21:20:22 UTC (rev 292970) +++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-04-18 21:35:47 UTC (rev 292971) @@ -623,8 +623,8 @@ SYS_write SYS_write_nocancel))) -(when (defined? 'SYS__map_with_linking_np) -(allow syscall-unix (syscall-number SYS__map_with_linking_np))) +(when (defined? 'SYS_map_with_linking_np) +(allow syscall-unix (syscall-number SYS_map_with_linking_np))) #if HAVE(SANDBOX_MESSAGE_FILTERING) (when (and (equal? (param "ENABLE_SANDBOX_MESSAGE_FILTER") "YES") (defined? 'mach-kernel-endpoint)) Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in (292970 => 292971) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-04-18 21:20:22 UTC (rev 292970) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in 2022-04-18 21:35:47 UTC (rev 292971) @@ -815,8 +815,8 @@ SYS_write_nocancel SYS_writev))) -(when (defined? 'SYS__map_with_linking_np) -(allow syscall-unix (syscall-number SYS__map_with_linking_np))) +(when (defined? 'SYS_map_with_linking_np) +(allow syscall-unix (syscall-number SYS_map_with_linking_np))) (when (defined? 'syscall-mach) (allow syscall-mach (with telemetry)) Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in (292970 => 292971) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in 2022-04-18 21:20:22 UTC (rev 292970) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in 2022-04-18 21:35:47 UTC (rev 292971) @@ -760,8 +760,8 @@ SYS_write_nocancel SYS_writev))) -(when (defined? 'SYS__map_with_linking_np) -(allow syscall-unix (syscall-number SYS__map_with_linking_np))) +(when (defined? 'SYS_map_with_linking_np) +(allow syscall-unix (syscall-number SYS_map_with_linking_np))) (when (defined? 'syscall-mach) (deny syscall-mach (with telemetry)) Modified:
[webkit-changes] [292957] trunk/Source/WebKit
Title: [292957] trunk/Source/WebKit Revision 292957 Author pvol...@apple.com Date 2022-04-18 09:46:04 -0700 (Mon, 18 Apr 2022) Log Message Block system calls in the Network process https://bugs.webkit.org/show_bug.cgi?id=238935 Reviewed by Geoffrey Garen. Block unused system calls in the Network process on macOS and iOS. This is based on collected telemetry. * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (292956 => 292957) --- trunk/Source/WebKit/ChangeLog 2022-04-18 16:30:48 UTC (rev 292956) +++ trunk/Source/WebKit/ChangeLog 2022-04-18 16:46:04 UTC (rev 292957) @@ -1,3 +1,16 @@ +2022-04-18 Per Arne Vollan + +Block system calls in the Network process +https://bugs.webkit.org/show_bug.cgi?id=238935 + + +Reviewed by Geoffrey Garen. + +Block unused system calls in the Network process on macOS and iOS. This is based on collected telemetry. + +* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: +* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in: + 2022-04-18 Wenson Hsieh Unreviewed, fix the internal watchOS engineering build Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (292956 => 292957) --- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-04-18 16:30:48 UTC (rev 292956) +++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-04-18 16:46:04 UTC (rev 292957) @@ -474,7 +474,7 @@ (prefix "/private/var/db/com.apple.networkextension.")) (when (defined? 'syscall-unix) -(allow syscall-unix (with telemetry)) +(deny syscall-unix (with telemetry)) (allow syscall-unix (syscall-number SYS___channel_get_info SYS___channel_open @@ -481,24 +481,35 @@ SYS___channel_sync SYS___disable_threadsignal SYS___mac_syscall +SYS___pthread_kill SYS___pthread_sigmask SYS___semwait_signal +SYS___semwait_signal_nocancel +SYS_abort_with_payload SYS_access SYS_bsdthread_create SYS_bsdthread_ctl SYS_bsdthread_terminate SYS_change_fdguard_np +SYS_close +SYS_close_nocancel +SYS_csops_audittoken SYS_csrctl SYS_dup SYS_exit SYS_fcntl SYS_fcntl_nocancel +SYS_ffsctl SYS_fgetattrlist +SYS_fgetxattr SYS_fileport_makeport +SYS_flistxattr SYS_flock +SYS_fsetattrlist SYS_fsgetpath SYS_fstat SYS_fstat64 +SYS_fstat64_extended SYS_fstatat SYS_fstatat64 SYS_fstatfs @@ -506,6 +517,7 @@ SYS_fsync SYS_ftruncate SYS_getattrlist +SYS_getattrlistbulk SYS_getaudit_addr SYS_getdirentries SYS_getdirentries64 @@ -516,6 +528,7 @@ SYS_getfsstat64 SYS_getgid SYS_getgroups +SYS_gethostuuid SYS_getpeername SYS_getrlimit SYS_getsockname @@ -530,6 +543,7 @@ SYS_guarded_pwrite_np SYS_iopolicysys SYS_issetugid +SYS_kdebug_trace SYS_kdebug_trace64 SYS_kdebug_trace_string SYS_kdebug_typefilter @@ -552,11 +566,16 @@ SYS_munmap SYS_necp_client_action SYS_necp_open +SYS_open SYS_open_dprotected_np +SYS_open_nocancel +SYS_openat +SYS_os_fault_with_payload SYS_pathconf SYS_pipe SYS_pread SYS_pread_nocancel +SYS_proc_info SYS_pselect SYS_psynch_cvbroad SYS_psynch_cvclrprepost @@ -585,7 +604,10 @@ SYS_setrlimit SYS_setsockopt SYS_shutdown +SYS_sigaction SYS_sigaltstack +SYS_sigprocmask +SYS_sigreturn SYS_socketpair SYS_stat SYS_stat64 @@ -592,10 +614,14 @@ SYS_stat64_extended SYS_statfs SYS_statfs64 +SYS_sysctl SYS_thread_selfid SYS_ulock_wait SYS_ulock_wake -SYS_workq_kernreturn))) +SYS_unlink +SYS_workq_kernreturn +SYS_write +SYS_write_nocancel))) (when (defined? 'SYS__map_with_linking_np) (allow syscall-unix (syscall-number SYS__map_with_linking_np))) @@ -607,7 +633,7 @@ (allow mach-message-send (with telemetry) (when (and (equal? (param "ENABLE_SANDBOX_MESSAGE_FILTER") "YES") (defined? 'syscall-mach)) -(allow syscall-mach (with report) (with
[webkit-changes] [292565] trunk/Source/WebKit
Title: [292565] trunk/Source/WebKit Revision 292565 Author pvol...@apple.com Date 2022-04-07 14:05:05 -0700 (Thu, 07 Apr 2022) Log Message [iOS][WP] Block kernel routines https://bugs.webkit.org/show_bug.cgi?id=238898 Reviewed by Geoffrey Garen. Block kernel routines only used during launch of the WebContent process on iOS. This is based on collected telemetry. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (292564 => 292565) --- trunk/Source/WebKit/ChangeLog 2022-04-07 21:03:10 UTC (rev 292564) +++ trunk/Source/WebKit/ChangeLog 2022-04-07 21:05:05 UTC (rev 292565) @@ -1,3 +1,14 @@ +2022-04-07 Per Arne Vollan + +[iOS][WP] Block kernel routines +https://bugs.webkit.org/show_bug.cgi?id=238898 + +Reviewed by Geoffrey Garen. + +Block kernel routines only used during launch of the WebContent process on iOS. This is based on collected telemetry. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: + 2022-04-07 Simon Fraser Have ImageBuffer store the RenderingPurpose, and send it to the GPU process Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (292564 => 292565) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-04-07 21:03:10 UTC (rev 292564) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-04-07 21:05:05 UTC (rev 292565) @@ -1645,8 +1645,7 @@ (allow mach-message-send (kernel-mig-routine-only-in-use-during-launch))) (with-filter (state-flag "WebContentProcessLaunched") -(allow mach-message-send -(with report) +(deny mach-message-send (with telemetry) (with message "kernel mig routine used after launch") (kernel-mig-routine-only-in-use-during-launch))) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [292488] trunk/Source/WebCore
Title: [292488] trunk/Source/WebCore Revision 292488 Author pvol...@apple.com Date 2022-04-06 12:06:37 -0700 (Wed, 06 Apr 2022) Log Message Avoid calling IOSurfaceAlignProperty in the WebContent process https://bugs.webkit.org/show_bug.cgi?id=238870 Reviewed by Geoffrey Garen. Use cached values for bytes per row alignment. * platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp: (WebCore::ImageBufferIOSurfaceBackend::calculateBytesPerRow): Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp Diff Modified: trunk/Source/WebCore/ChangeLog (292487 => 292488) --- trunk/Source/WebCore/ChangeLog 2022-04-06 19:05:23 UTC (rev 292487) +++ trunk/Source/WebCore/ChangeLog 2022-04-06 19:06:37 UTC (rev 292488) @@ -1,3 +1,16 @@ +2022-04-06 Per Arne Vollan + +Avoid calling IOSurfaceAlignProperty in the WebContent process +https://bugs.webkit.org/show_bug.cgi?id=238870 + + +Reviewed by Geoffrey Garen. + +Use cached values for bytes per row alignment. + +* platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp: +(WebCore::ImageBufferIOSurfaceBackend::calculateBytesPerRow): + 2022-04-06 Chris Dumez Start replacing String(const char*) constructor with a String::fromLatin1(const char*) function Modified: trunk/Source/WebCore/platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp (292487 => 292488) --- trunk/Source/WebCore/platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp 2022-04-06 19:05:23 UTC (rev 292487) +++ trunk/Source/WebCore/platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp 2022-04-06 19:06:37 UTC (rev 292488) @@ -29,6 +29,7 @@ #if HAVE(IOSURFACE) #include "GraphicsContextCG.h" +#include "IOSurface.h" #include "IOSurfacePool.h" #include "IntRect.h" #include "PixelBuffer.h" @@ -57,7 +58,8 @@ unsigned ImageBufferIOSurfaceBackend::calculateBytesPerRow(const IntSize& backendSize) { unsigned bytesPerRow = ImageBufferCGBackend::calculateBytesPerRow(backendSize); -return IOSurfaceAlignProperty(kIOSurfaceBytesPerRow, bytesPerRow); +size_t alignmentMask = IOSurface::bytesPerRowAlignment() - 1; +return (bytesPerRow + alignmentMask) & ~alignmentMask; } size_t ImageBufferIOSurfaceBackend::calculateMemoryCost(const Parameters& parameters) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [292146] trunk/Source
Title: [292146] trunk/Source Revision 292146 Author pvol...@apple.com Date 2022-03-31 01:40:01 -0700 (Thu, 31 Mar 2022) Log Message Add runtime flag for blocking IOKit resources in the WebContent process' sandbox https://bugs.webkit.org/show_bug.cgi?id=238528 Reviewed by Simon Fraser. Source/WebKit: This flag will trigger a set of sandbox rules in the WebContent process which will block graphics related IOKit classes and the Metal compiler service. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * WebProcess/WebPage/WebPage.cpp: Source/WTF: * Scripts/Preferences/WebPreferencesInternal.yaml: Modified Paths trunk/Source/WTF/ChangeLog trunk/Source/WTF/Scripts/Preferences/WebPreferencesInternal.yaml trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp Diff Modified: trunk/Source/WTF/ChangeLog (292145 => 292146) --- trunk/Source/WTF/ChangeLog 2022-03-31 08:26:58 UTC (rev 292145) +++ trunk/Source/WTF/ChangeLog 2022-03-31 08:40:01 UTC (rev 292146) @@ -1,3 +1,12 @@ +2022-03-31 Per Arne Vollan + +Add runtime flag for blocking IOKit resources in the WebContent process' sandbox +https://bugs.webkit.org/show_bug.cgi?id=238528 + +Reviewed by Simon Fraser. + +* Scripts/Preferences/WebPreferencesInternal.yaml: + 2022-03-30 Myles C. Maxfield [Cocoa] Link WebCore with WebGPU.framework  Modified: trunk/Source/WTF/Scripts/Preferences/WebPreferencesInternal.yaml (292145 => 292146) --- trunk/Source/WTF/Scripts/Preferences/WebPreferencesInternal.yaml 2022-03-31 08:26:58 UTC (rev 292145) +++ trunk/Source/WTF/Scripts/Preferences/WebPreferencesInternal.yaml 2022-03-31 08:40:01 UTC (rev 292146) @@ -122,6 +122,16 @@ WebCore: default: false +BlockIOKitInWebContentSandbox: + type: bool + humanReadableName: "IOKit blocking in the WebContent sandbox" + humanReadableDescription: "Block IOKit access in the WebContent sandbox" + webcoreBinding: none + exposed: [ WebKit ] + defaultValue: +WebKit: + default: false + CSSDisplayContentsAXSupportEnabled: type: bool humanReadableName: "Accessibility support for display: contents elements" Modified: trunk/Source/WebKit/ChangeLog (292145 => 292146) --- trunk/Source/WebKit/ChangeLog 2022-03-31 08:26:58 UTC (rev 292145) +++ trunk/Source/WebKit/ChangeLog 2022-03-31 08:40:01 UTC (rev 292146) @@ -1,3 +1,16 @@ +2022-03-31 Per Arne Vollan + +Add runtime flag for blocking IOKit resources in the WebContent process' sandbox +https://bugs.webkit.org/show_bug.cgi?id=238528 + +Reviewed by Simon Fraser. + +This flag will trigger a set of sandbox rules in the WebContent process which will block graphics +related IOKit classes and the Metal compiler service. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: +* WebProcess/WebPage/WebPage.cpp: + 2022-03-30 Simon Fraser Crash the WebContent process if the RemoteRenderingBackend::PrepareBuffersForDisplay IPC fails Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (292145 => 292146) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-31 08:26:58 UTC (rev 292145) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-31 08:40:01 UTC (rev 292146) @@ -1042,7 +1042,7 @@ (xpc-service-name "com.apple.audio.toolbox.reporting.service") ) -(allow iokit-open (with telemetry) +(allow iokit-open (with telemetry-backtrace) (require-all (require-not (extension "com.apple.webkit.extension.iokit")) (iokit-user-client-class @@ -1067,7 +1067,7 @@ ) ) -(allow iokit-open (with report) (with telemetry) +(allow iokit-open (with report) (with telemetry-backtrace) (require-all (require-not (extension "com.apple.webkit.extension.iokit")) (iokit-connection "IOGPU") @@ -1074,6 +1074,27 @@ ) ) +#if HAVE(SANDBOX_STATE_FLAGS) +;; This rule enables the WebContent process to enable the "BlockIOKitInWebContentSandbox" sandbox variable +;; by reading a preference from the domain "com.apple.WebKit.WebContent.BlockIOKitInWebContentSandbox". +(deny user-preference-read (with enable-state-flag "BlockIOKitInWebContentSandbox") +(preference-domain "com.apple.WebKit.WebContent.BlockIOKitInWebContentSandbox")) + +(with-filter (state-flag "BlockIOKitInWebContentSandbox") +(deny iokit-open (with telemetry-backtrace) +(require-all +(require-not (extension "com.apple.webkit.extension.iokit")) +(iokit-user-client-class "IOSurfaceRootUserClient"))) +(deny iokit-open (with telemetry-backtrace) +(require-all +(require-not (extension "com.apple.webkit.extension.iokit")) +(iokit-connection "IOGPU"))) +
[webkit-changes] [292003] trunk/Source/WebKit
Title: [292003] trunk/Source/WebKit Revision 292003 Author pvol...@apple.com Date 2022-03-28 16:03:52 -0700 (Mon, 28 Mar 2022) Log Message [macOS] Block access to IOKit class https://bugs.webkit.org/show_bug.cgi?id=238457 Reviewed by Geoffrey Garen. Block access to IOKit class AGPMClient on macOS. We already block all messages for this class. * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (292002 => 292003) --- trunk/Source/WebKit/ChangeLog 2022-03-28 22:52:49 UTC (rev 292002) +++ trunk/Source/WebKit/ChangeLog 2022-03-28 23:03:52 UTC (rev 292003) @@ -1,3 +1,14 @@ +2022-03-28 Per Arne Vollan + +[macOS] Block access to IOKit class +https://bugs.webkit.org/show_bug.cgi?id=238457 + +Reviewed by Geoffrey Garen. + +Block access to IOKit class AGPMClient on macOS. We already block all messages for this class. + +* WebProcess/com.apple.WebProcess.sb.in: + 2022-03-28 Fujii Hironori Unreviewed build fix after 291979 for WinCairo and PlayStation Debug builds Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (292002 => 292003) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-28 22:52:49 UTC (rev 292002) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-28 23:03:52 UTC (rev 292003) @@ -454,32 +454,20 @@ ) ;; QuartzCore +#if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED > 11 +(deny iokit-open (with no-log) +(iokit-registry-entry-class "AGPMClient")) +#else +(allow iokit-open +(require-all +(extension "com.apple.webkit.extension.iokit") +(iokit-registry-entry-class "AGPMClient"))) +#endif + (if (equal? (param "ENABLE_SANDBOX_MESSAGE_FILTER") "YES") (allow iokit-open (require-all (extension "com.apple.webkit.extension.iokit") -(iokit-registry-entry-class "AGPMClient") -) -(apply-message-filter -(deny (with telemetry) -iokit-async-external-method -iokit-external-trap -iokit-external-method -) -) -) -; else -(allow iokit-open -(require-all -(extension "com.apple.webkit.extension.iokit") -(iokit-registry-entry-class "AGPMClient") -) -) -) -(if (equal? (param "ENABLE_SANDBOX_MESSAGE_FILTER") "YES") -(allow iokit-open -(require-all -(extension "com.apple.webkit.extension.iokit") (iokit-registry-entry-class "AppleGraphicsControlClient") ) (apply-message-filter ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291982] trunk/Source/WebKit
Title: [291982] trunk/Source/WebKit Revision 291982 Author pvol...@apple.com Date 2022-03-28 12:33:54 -0700 (Mon, 28 Mar 2022) Log Message [iOS] Fix sandbox violation related to Network content filtering https://bugs.webkit.org/show_bug.cgi?id=238458 Reviewed by Brent Fulgham. After enabling Network content filtering in the Network process, a related sandbox rule should be moved to the Network process' sandbox. * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in: * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (291981 => 291982) --- trunk/Source/WebKit/ChangeLog 2022-03-28 18:45:53 UTC (rev 291981) +++ trunk/Source/WebKit/ChangeLog 2022-03-28 19:33:54 UTC (rev 291982) @@ -1,3 +1,17 @@ +2022-03-28 Per Arne Vollan + +[iOS] Fix sandbox violation related to Network content filtering +https://bugs.webkit.org/show_bug.cgi?id=238458 + + +Reviewed by Brent Fulgham. + +After enabling Network content filtering in the Network process, a related sandbox rule should +be moved to the Network process' sandbox. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in: +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: + 2022-03-28 Devin Rousso [iOS] Add `WKWebView` API to control CSS "small viewport" `sv*` and "large viewport" `lv*` units Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in (291981 => 291982) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in 2022-03-28 18:45:53 UTC (rev 291981) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in 2022-03-28 19:33:54 UTC (rev 291982) @@ -138,6 +138,10 @@ (prefix "/private/var/db/com.apple.networkextension.") ) +#if ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) +(allow file-read* (literal "/private/var/Managed Preferences/mobile/com.apple.webcontentfilter.plist")) +#endif + (allow mach-lookup (global-name "com.apple.AppSSO.service-xpc")) (deny ipc-posix-shm-read-data Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (291981 => 291982) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-28 18:45:53 UTC (rev 291981) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-28 19:33:54 UTC (rev 291982) @@ -1016,8 +1016,10 @@ ;; Allow loading injected bundles. (allow file-map-executable) +#if !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) ;; Allow ManagedPreference access (allow file-read* (literal "/private/var/Managed Preferences/mobile/com.apple.webcontentfilter.plist")) +#endif (allow file-read-data (literal "/usr/local/lib/log") ; ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291880] trunk/Source/WebKit
Title: [291880] trunk/Source/WebKit Revision 291880 Author pvol...@apple.com Date 2022-03-25 12:34:19 -0700 (Fri, 25 Mar 2022) Log Message [macOS][WP] Remove unused sandbox extension rule https://bugs.webkit.org/show_bug.cgi?id=238377 Reviewed by Geoffrey Garen. Remove unused sandbox extension rule for RootDomainUserClient. * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (291879 => 291880) --- trunk/Source/WebKit/ChangeLog 2022-03-25 19:20:26 UTC (rev 291879) +++ trunk/Source/WebKit/ChangeLog 2022-03-25 19:34:19 UTC (rev 291880) @@ -1,3 +1,14 @@ +2022-03-25 Per Arne Vollan + +[macOS][WP] Remove unused sandbox extension rule +https://bugs.webkit.org/show_bug.cgi?id=238377 + +Reviewed by Geoffrey Garen. + +Remove unused sandbox extension rule for RootDomainUserClient. + +* WebProcess/com.apple.WebProcess.sb.in: + 2022-03-25 Michael Saboff Unreviewed, fix the internal iOS build after r291814 Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (291879 => 291880) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-25 19:20:26 UTC (rev 291879) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-25 19:34:19 UTC (rev 291880) @@ -1192,38 +1192,6 @@ ) ) -(if (equal? (param "ENABLE_SANDBOX_MESSAGE_FILTER") "YES") -(allow iokit-open -(require-all -(extension "com.apple.webkit.extension.iokit") -(iokit-user-client-class "RootDomainUserClient") ;; Needed by Media playback -) -(apply-message-filter -(deny (with telemetry) (with message "RootDomainUserClient") -iokit-external-method -) -(allow iokit-external-method -#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 12 -(iokit-method-number -3 -) -#endif -) -(deny (with telemetry) -iokit-async-external-method -iokit-external-trap -) -) -) -; else -(allow iokit-open -(require-all -(extension "com.apple.webkit.extension.iokit") -(iokit-user-client-class "RootDomainUserClient") ;; Needed by Media playback -) -) -) - ;; && (if (equal? (param "ENABLE_SANDBOX_MESSAGE_FILTER") "YES") (allow iokit-open ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291821] trunk/Source/WebKit
Title: [291821] trunk/Source/WebKit Revision 291821 Author pvol...@apple.com Date 2022-03-24 16:14:15 -0700 (Thu, 24 Mar 2022) Log Message REGRESSION(r286590): Links with URL schemes are not clickable in Mail https://bugs.webkit.org/show_bug.cgi?id=238262 Reviewed by Geoffrey Garen. This feature requires access to the Launch Services daemon in Mail and other apps on iOS. This patch is a partial revert of r286590. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * Shared/WebProcessCreationParameters.cpp: (WebKit::WebProcessCreationParameters::encode const): (WebKit::WebProcessCreationParameters::decode): * Shared/WebProcessCreationParameters.h: * UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::nonBrowserServices): (WebKit::WebProcessPool::platformInitializeWebProcess): * WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::platformInitializeWebProcess): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp trunk/Source/WebKit/Shared/WebProcessCreationParameters.h trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Diff Modified: trunk/Source/WebKit/ChangeLog (291820 => 291821) --- trunk/Source/WebKit/ChangeLog 2022-03-24 23:09:10 UTC (rev 291820) +++ trunk/Source/WebKit/ChangeLog 2022-03-24 23:14:15 UTC (rev 291821) @@ -1,3 +1,25 @@ +2022-03-24 Per Arne Vollan + +REGRESSION(r286590): Links with URL schemes are not clickable in Mail +https://bugs.webkit.org/show_bug.cgi?id=238262 + + +Reviewed by Geoffrey Garen. + +This feature requires access to the Launch Services daemon in Mail and other apps on iOS. +This patch is a partial revert of r286590. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: +* Shared/WebProcessCreationParameters.cpp: +(WebKit::WebProcessCreationParameters::encode const): +(WebKit::WebProcessCreationParameters::decode): +* Shared/WebProcessCreationParameters.h: +* UIProcess/Cocoa/WebProcessPoolCocoa.mm: +(WebKit::nonBrowserServices): +(WebKit::WebProcessPool::platformInitializeWebProcess): +* WebProcess/cocoa/WebProcessCocoa.mm: +(WebKit::WebProcess::platformInitializeWebProcess): + 2022-03-24 Brent Fulgham Disable RTCRtpScriptTransform in CaptivePortal mode Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (291820 => 291821) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-24 23:09:10 UTC (rev 291820) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-24 23:14:15 UTC (rev 291821) @@ -1109,6 +1109,7 @@ (extension "com.apple.webkit.extension.mach") (global-name "com.apple.iconservices" +"com.apple.lsd.open" ) ) ) Modified: trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp (291820 => 291821) --- trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp 2022-03-24 23:09:10 UTC (rev 291820) +++ trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp 2022-03-24 23:14:15 UTC (rev 291821) @@ -172,6 +172,7 @@ #endif #if PLATFORM(IOS_FAMILY) +encoder << dynamicMachExtensionHandles; encoder << dynamicIOKitExtensionHandles; #endif @@ -481,6 +482,12 @@ #endif #if PLATFORM(IOS_FAMILY) +std::optional> dynamicMachExtensionHandles; +decoder >> dynamicMachExtensionHandles; +if (!dynamicMachExtensionHandles) +return false; +parameters.dynamicMachExtensionHandles = WTFMove(*dynamicMachExtensionHandles); + std::optional> dynamicIOKitExtensionHandles; decoder >> dynamicIOKitExtensionHandles; if (!dynamicIOKitExtensionHandles) Modified: trunk/Source/WebKit/Shared/WebProcessCreationParameters.h (291820 => 291821) --- trunk/Source/WebKit/Shared/WebProcessCreationParameters.h 2022-03-24 23:09:10 UTC (rev 291820) +++ trunk/Source/WebKit/Shared/WebProcessCreationParameters.h 2022-03-24 23:14:15 UTC (rev 291821) @@ -213,6 +213,7 @@ #endif #if PLATFORM(IOS_FAMILY) +Vector dynamicMachExtensionHandles; Vector dynamicIOKitExtensionHandles; #endif Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm (291820 => 291821) --- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2022-03-24 23:09:10 UTC (rev 291820) +++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2022-03-24 23:14:15 UTC (rev 291821) @@ -291,6 +291,17 @@ #endif } +#if PLATFORM(IOS_FAMILY) +static const Vector& nonBrowserServices() +{ +ASSERT(isMainRunLoop()); +static NeverDestroyed services = Vector { +"com.apple.lsd.open"_s, +}; +return services; +} +#endif + void
[webkit-changes] [291810] trunk/Source/WebKit
Title: [291810] trunk/Source/WebKit Revision 291810 Author pvol...@apple.com Date 2022-03-24 12:36:17 -0700 (Thu, 24 Mar 2022) Log Message [iOS] Disable unneeded code when content filtering is running in the Network process https://bugs.webkit.org/show_bug.cgi?id=238332 Reviewed by Geoffrey Garen. * Shared/Cocoa/LoadParametersCocoa.mm: (WebKit::LoadParameters::platformEncode const): (WebKit::LoadParameters::platformDecode): * Shared/LoadParameters.h: * UIProcess/Cocoa/WebPageProxyCocoa.mm: (WebKit::WebPageProxy::addPlatformLoadParameters): * UIProcess/WebProcessProxy.h: * WebProcess/WebPage/Cocoa/WebPageCocoa.mm: (WebKit::WebPage::platformDidReceiveLoadParameters): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Shared/Cocoa/LoadParametersCocoa.mm trunk/Source/WebKit/Shared/LoadParameters.h trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm trunk/Source/WebKit/UIProcess/WebProcessProxy.h trunk/Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm Diff Modified: trunk/Source/WebKit/ChangeLog (291809 => 291810) --- trunk/Source/WebKit/ChangeLog 2022-03-24 18:52:26 UTC (rev 291809) +++ trunk/Source/WebKit/ChangeLog 2022-03-24 19:36:17 UTC (rev 291810) @@ -1,3 +1,20 @@ +2022-03-24 Per Arne Vollan + +[iOS] Disable unneeded code when content filtering is running in the Network process +https://bugs.webkit.org/show_bug.cgi?id=238332 + +Reviewed by Geoffrey Garen. + +* Shared/Cocoa/LoadParametersCocoa.mm: +(WebKit::LoadParameters::platformEncode const): +(WebKit::LoadParameters::platformDecode): +* Shared/LoadParameters.h: +* UIProcess/Cocoa/WebPageProxyCocoa.mm: +(WebKit::WebPageProxy::addPlatformLoadParameters): +* UIProcess/WebProcessProxy.h: +* WebProcess/WebPage/Cocoa/WebPageCocoa.mm: +(WebKit::WebPage::platformDidReceiveLoadParameters): + 2022-03-24 Elliott Williams [XCBuild] WebKit: Use native headers + build rules for migrated headers Modified: trunk/Source/WebKit/Shared/Cocoa/LoadParametersCocoa.mm (291809 => 291810) --- trunk/Source/WebKit/Shared/Cocoa/LoadParametersCocoa.mm 2022-03-24 18:52:26 UTC (rev 291809) +++ trunk/Source/WebKit/Shared/Cocoa/LoadParametersCocoa.mm 2022-03-24 19:36:17 UTC (rev 291810) @@ -39,11 +39,11 @@ #if !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) encoder << networkExtensionSandboxExtensionHandles; -#endif #if PLATFORM(IOS) encoder << contentFilterExtensionHandle; encoder << frontboardServiceExtensionHandle; #endif +#endif } bool LoadParameters::platformDecode(IPC::Decoder& decoder, LoadParameters& parameters) @@ -57,8 +57,6 @@ if (!networkExtensionSandboxExtensionHandles) return false; parameters.networkExtensionSandboxExtensionHandles = WTFMove(*networkExtensionSandboxExtensionHandles); -#endif - #if PLATFORM(IOS) std::optional> contentFilterExtensionHandle; decoder >> contentFilterExtensionHandle; @@ -71,7 +69,8 @@ if (!frontboardServiceExtensionHandle) return false; parameters.frontboardServiceExtensionHandle = WTFMove(*frontboardServiceExtensionHandle); -#endif +#endif // PLATFORM(IOS) +#endif // !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) return true; } Modified: trunk/Source/WebKit/Shared/LoadParameters.h (291809 => 291810) --- trunk/Source/WebKit/Shared/LoadParameters.h 2022-03-24 18:52:26 UTC (rev 291809) +++ trunk/Source/WebKit/Shared/LoadParameters.h 2022-03-24 19:36:17 UTC (rev 291810) @@ -87,11 +87,11 @@ RetainPtr dataDetectionContext; #if !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) Vector networkExtensionSandboxExtensionHandles; -#endif -#endif #if PLATFORM(IOS) std::optional contentFilterExtensionHandle; std::optional frontboardServiceExtensionHandle; +#endif // PLATFORM(IOS) +#endif // !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) #endif }; Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm (291809 => 291810) --- trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm 2022-03-24 18:52:26 UTC (rev 291809) +++ trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm 2022-03-24 19:36:17 UTC (rev 291810) @@ -200,7 +200,6 @@ #if !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) loadParameters.networkExtensionSandboxExtensionHandles = createNetworkExtensionsSandboxExtensions(process); -#endif #if PLATFORM(IOS) if (!process.hasManagedSessionSandboxAccess() && [getWebFilterEvaluatorClass() isManagedSession]) { if (auto handle = SandboxExtension::createHandleForMachLookup("com.apple.uikit.viewservice.com.apple.WebContentFilter.remoteUI"_s, std::nullopt)) @@ -211,7 +210,8 @@ process.markHasManagedSessionSandboxAccess(); } -#endif +#endif // PLATFORM(IOS) +#endif // !ENABLE(CONTENT_FILTERING_IN_NETWORKING_PROCESS) } void WebPageProxy::createSandboxExtensionsIfNeeded(const Vector& files, SandboxExtension::Handle& fileReadHandle,
[webkit-changes] [291806] trunk/Source/WebKit
Title: [291806] trunk/Source/WebKit Revision 291806 Author pvol...@apple.com Date 2022-03-24 11:15:40 -0700 (Thu, 24 Mar 2022) Log Message [macOS] Remove reports for some sandbox violations on process launch https://bugs.webkit.org/show_bug.cgi?id=238324 Reviewed by Geoffrey Garen. Remove reports for some sandbox violations on process launch on macOS. These violations are not critical, and are slowing down process launch. This patch also adds access to a mach syscall observed being in use. * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (291805 => 291806) --- trunk/Source/WebKit/ChangeLog 2022-03-24 18:08:02 UTC (rev 291805) +++ trunk/Source/WebKit/ChangeLog 2022-03-24 18:15:40 UTC (rev 291806) @@ -1,3 +1,16 @@ +2022-03-24 Per Arne Vollan + +[macOS] Remove reports for some sandbox violations on process launch +https://bugs.webkit.org/show_bug.cgi?id=238324 + +Reviewed by Geoffrey Garen. + +Remove reports for some sandbox violations on process launch on macOS. These violations are not critical, +and are slowing down process launch. This patch also adds access to a mach syscall observed being in use. + +* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: +* WebProcess/com.apple.WebProcess.sb.in: + 2022-03-24 Chris Dumez String's find() / reverseFind() / replace() should take in a StringView instead of a String Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (291805 => 291806) --- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-03-24 18:08:02 UTC (rev 291805) +++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-03-24 18:15:40 UTC (rev 291806) @@ -306,11 +306,11 @@ (allow mach-lookup (global-name "com.apple.webkit.webpushd.service")) (allow mach-lookup (global-name "org.webkit.webpushtestdaemon.service")) +(deny mach-lookup (with no-log) +(global-name "com.apple.DiskArbitration.diskarbitrationd")) (with-filter (uid 0) (allow mach-lookup -(global-name "com.apple.DiskArbitration.diskarbitrationd") -) -) +(global-name "com.apple.DiskArbitration.diskarbitrationd"))) (deny mach-lookup (global-name "com.apple.ctkd.token-client") @@ -450,6 +450,11 @@ (allow mach-lookup (global-name "com.apple.tccd")) +(deny mach-lookup (with no-log) +(global-name "com.apple.tccd.system") +(global-name "com.apple.CoreServices.coreservicesd") +(global-name-prefix "com.apple.distributed_notifications")) + ;; (allow mach-lookup (global-name "com.apple.networkserviceproxy.fetch-token")) @@ -604,6 +609,7 @@ MSC__kernelrpc_mach_port_extract_member_trap MSC__kernelrpc_mach_port_guard_trap MSC__kernelrpc_mach_port_insert_member_trap +MSC__kernelrpc_mach_port_insert_right_trap MSC__kernelrpc_mach_port_mod_refs_trap MSC__kernelrpc_mach_port_request_notification_trap MSC__kernelrpc_mach_port_type_trap Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (291805 => 291806) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-24 18:08:02 UTC (rev 291805) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-24 18:15:40 UTC (rev 291806) @@ -961,8 +961,10 @@ #if __MAC_OS_X_VERSION_MIN_REQUIRED <= 11 (allow mach-lookup -(xpc-service-name "com.apple.audio.SandboxHelper") -) +(xpc-service-name "com.apple.audio.SandboxHelper")) +#else +(deny mach-lookup (with no-log) +(xpc-service-name "com.apple.audio.SandboxHelper")) #endif #if __MAC_OS_X_VERSION_MIN_REQUIRED < 11 @@ -1390,8 +1392,10 @@ #if __MAC_OS_X_VERSION_MIN_REQUIRED < 12 (allow mach-lookup -(global-name "com.apple.tccd.system") -) +(global-name "com.apple.tccd.system")) +#else +(deny mach-lookup (with no-log) +(global-name "com.apple.tccd.system")) #endif #if __MAC_OS_X_VERSION_MIN_REQUIRED <= 11 @@ -1510,13 +1514,11 @@ #endif #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 12 -(deny mach-lookup -(global-name-prefix "com.apple.distributed_notifications") -) +(deny mach-lookup (with no-log) +(global-name-prefix "com.apple.distributed_notifications")) #else (allow mach-lookup -(global-name-prefix "com.apple.distributed_notifications") -) +(global-name-prefix "com.apple.distributed_notifications")) #endif (allow file-read-data @@ -1788,6 +1790,9 @@ (require-all (require-not (extension "com.apple.webkit.extension.mach")) (global-name "com.apple.audio.AudioComponentRegistrar"))) +#else +(deny mach-lookup (with
[webkit-changes] [291677] trunk
Title: [291677] trunk Revision 291677 Author pvol...@apple.com Date 2022-03-22 11:17:48 -0700 (Tue, 22 Mar 2022) Log Message REGRESSION(r291587): Unintentionally removed contributors change https://bugs.webkit.org/show_bug.cgi?id=238204 Unreviewed, partial revert of r291587. * metadata/contributors.json: Modified Paths trunk/ChangeLog trunk/metadata/contributors.json Diff Modified: trunk/ChangeLog (291676 => 291677) --- trunk/ChangeLog 2022-03-22 17:57:27 UTC (rev 291676) +++ trunk/ChangeLog 2022-03-22 18:17:48 UTC (rev 291677) @@ -1,3 +1,12 @@ +2022-03-22 Per Arne Vollan + +REGRESSION(r291587): Unintentionally removed contributors change +https://bugs.webkit.org/show_bug.cgi?id=238204 + +Unreviewed, partial revert of r291587. + +* metadata/contributors.json: + 2022-03-22 Carlos Garcia Campos [GTK][WPE] Remove the ATK implementation Modified: trunk/metadata/contributors.json (291676 => 291677) --- trunk/metadata/contributors.json 2022-03-22 17:57:27 UTC (rev 291676) +++ trunk/metadata/contributors.json 2022-03-22 18:17:48 UTC (rev 291677) @@ -4727,6 +4727,17 @@ }, { "emails" : [ + "matteo_flo...@apple.com" + ], + "github" : "Smackteo", + "name" : "Matteo Flores", + "nicks" : [ + "MatteoF" + ], + "status" : "committer" + }, + { + "emails" : [ "mmir...@apple.com" ], "expertise" : "_javascript_/ECMAScript", ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291630] trunk/Source
Title: [291630] trunk/Source Revision 291630 Author pvol...@apple.com Date 2022-03-22 10:43:51 -0700 (Tue, 22 Mar 2022) Log Message Enable content filtering in the Network process https://bugs.webkit.org/show_bug.cgi?id=238156 Reviewed by Geoffrey Garen. Source/WebCore: There is no need for sandbox extensions in the WebContent process when content filtering is taking place in the Network process. * platform/cocoa/NetworkExtensionContentFilter.h: * platform/cocoa/NetworkExtensionContentFilter.mm: (WebCore::NetworkExtensionContentFilter::enabled): Source/WebKit: Remove code associated with Network extension sandbox extensions. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * Shared/Cocoa/LoadParametersCocoa.mm: (WebKit::LoadParameters::platformEncode const): (WebKit::LoadParameters::platformDecode): * Shared/LoadParameters.h: * UIProcess/Cocoa/WebPageProxyCocoa.mm: (WebKit::WebPageProxy::addPlatformLoadParameters): * UIProcess/Network/NetworkProcessProxy.cpp: (WebKit::NetworkProcessProxy::reloadAfterUnblockedContentFilter): Deleted. * UIProcess/Network/NetworkProcessProxy.h: * UIProcess/Network/NetworkProcessProxy.messages.in: * UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::decidePolicyForNavigationActionAsyncShared): (WebKit::WebPageProxy::decidePolicyForNewWindowAction): (WebKit::WebPageProxy::decidePolicyForResponseShared): * UIProcess/WebPageProxy.h: * WebProcess/Network/WebResourceLoader.cpp: (WebKit::WebResourceLoader::contentFilterDidBlockLoad): (WebKit::WebResourceLoader::cancelMainResourceLoadForContentFilter): Deleted. * WebProcess/Network/WebResourceLoader.h: * WebProcess/Network/WebResourceLoader.messages.in: * WebProcess/WebPage/Cocoa/WebPageCocoa.mm: (WebKit::WebPage::platformDidReceiveLoadParameters): * WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::didReceivePolicyDecision): * WebProcess/WebPage/WebPage.h: * WebProcess/WebPage/WebPage.messages.in: * WebProcess/com.apple.WebProcess.sb.in: Source/WTF: Set the feature flag. * wtf/PlatformEnableCocoa.h: Modified Paths trunk/Source/WTF/ChangeLog trunk/Source/WTF/wtf/PlatformEnableCocoa.h trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/platform/cocoa/NetworkExtensionContentFilter.h trunk/Source/WebCore/platform/cocoa/NetworkExtensionContentFilter.mm trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/Shared/Cocoa/LoadParametersCocoa.mm trunk/Source/WebKit/Shared/LoadParameters.h trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.messages.in trunk/Source/WebKit/UIProcess/WebPageProxy.cpp trunk/Source/WebKit/UIProcess/WebPageProxy.h trunk/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp trunk/Source/WebKit/WebProcess/Network/WebResourceLoader.h trunk/Source/WebKit/WebProcess/Network/WebResourceLoader.messages.in trunk/Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp trunk/Source/WebKit/WebProcess/WebPage/WebPage.h trunk/Source/WebKit/WebProcess/WebPage/WebPage.messages.in trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WTF/ChangeLog (291629 => 291630) --- trunk/Source/WTF/ChangeLog 2022-03-22 17:42:01 UTC (rev 291629) +++ trunk/Source/WTF/ChangeLog 2022-03-22 17:43:51 UTC (rev 291630) @@ -1,3 +1,14 @@ +2022-03-22 Per Arne Vollan + +Enable content filtering in the Network process +https://bugs.webkit.org/show_bug.cgi?id=238156 + +Reviewed by Geoffrey Garen. + +Set the feature flag. + +* wtf/PlatformEnableCocoa.h: + 2022-03-19 Chris Dumez Vector move constructor and move assignment operator are suboptimal when the vector has an inline buffer Modified: trunk/Source/WTF/wtf/PlatformEnableCocoa.h (291629 => 291630) --- trunk/Source/WTF/wtf/PlatformEnableCocoa.h 2022-03-22 17:42:01 UTC (rev 291629) +++ trunk/Source/WTF/wtf/PlatformEnableCocoa.h 2022-03-22 17:43:51 UTC (rev 291630) @@ -167,6 +167,10 @@ #define ENABLE_CONTENT_FILTERING 1 #endif +#if defined(ENABLE_CONTENT_FILTERING) && ENABLE_CONTENT_FILTERING +#define ENABLE_CONTENT_FILTERING_IN_NETWORKING_PROCESS 1 +#endif + #if !defined(ENABLE_CONTEXT_MENUS) && PLATFORM(IOS_FAMILY) #define ENABLE_CONTEXT_MENUS 0 #endif Modified: trunk/Source/WebCore/ChangeLog (291629 => 291630) --- trunk/Source/WebCore/ChangeLog 2022-03-22 17:42:01 UTC (rev 291629) +++ trunk/Source/WebCore/ChangeLog 2022-03-22 17:43:51 UTC (rev 291630) @@ -1,3 +1,17 @@ +2022-03-22 Per Arne Vollan + +Enable content filtering in the Network process +https://bugs.webkit.org/show_bug.cgi?id=238156 + +Reviewed by Geoffrey Garen. + +There is no need for sandbox extensions in the WebContent process when content
[webkit-changes] [291626] trunk/Source/WebKit
Title: [291626] trunk/Source/WebKit Revision 291626 Author pvol...@apple.com Date 2022-03-22 10:19:45 -0700 (Tue, 22 Mar 2022) Log Message [macOS][WP] Add telemetry for syscalls used during launch https://bugs.webkit.org/show_bug.cgi?id=235865 Reviewed by Brent Fulgham. Add telemetry in the WebContent process' sandbox on macOS to determine which syscalls are used only during launch. * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (291625 => 291626) --- trunk/Source/WebKit/ChangeLog 2022-03-22 17:12:15 UTC (rev 291625) +++ trunk/Source/WebKit/ChangeLog 2022-03-22 17:19:45 UTC (rev 291626) @@ -1,3 +1,15 @@ +2022-03-22 Per Arne Vollan + +[macOS][WP] Add telemetry for syscalls used during launch +https://bugs.webkit.org/show_bug.cgi?id=235865 + + +Reviewed by Brent Fulgham. + +Add telemetry in the WebContent process' sandbox on macOS to determine which syscalls are used only during launch. + +* WebProcess/com.apple.WebProcess.sb.in: + 2022-03-22 J Pascoe [WebAuthn] Pass along timeout to ASA and ignore timeout for conditional mediation requests Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (291625 => 291626) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-22 17:12:15 UTC (rev 291625) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-22 17:19:45 UTC (rev 291626) @@ -1876,8 +1876,25 @@ (disable-syscall-inference) #endif -(define (syscall-unix-common) +#if HAVE(SANDBOX_STATE_FLAGS) +(deny user-preference-read (with enable-state-flag "WebContentProcessLaunched") +(preference-domain "com.apple.WebKit.WebContent.Launch")) +#endif + +(define (syscall-unix-only-in-use-during-launch) (syscall-number +SYS_csops +SYS_csrctl +SYS_fsgetpath +SYS_getaudit_addr +SYS_getfsstat64 +SYS_getrlimit +SYS_kdebug_trace +SYS_pathconf +SYS_statfs64)) + +(define (syscall-unix-in-use-after-launch) +(syscall-number SYS___disable_threadsignal SYS___mac_syscall SYS___pthread_sigmask @@ -1888,9 +1905,7 @@ SYS_bsdthread_terminate SYS_close SYS_close_nocancel -SYS_csops SYS_csops_audittoken -SYS_csrctl SYS_exit SYS_faccessat ;; SYS_fcntl @@ -1899,7 +1914,6 @@ SYS_fileport_makefd SYS_flock SYS_fsetxattr ;; -SYS_fsgetpath SYS_fstat64 SYS_fstatat64 SYS_fstatfs64 @@ -1906,14 +1920,11 @@ SYS_ftruncate SYS_getattrlist SYS_getattrlistbulk -SYS_getaudit_addr SYS_getdirentries64 SYS_getentropy SYS_geteuid -SYS_getfsstat64 SYS_getgid SYS_gethostuuid -SYS_getrlimit SYS_getrusage SYS_gettimeofday SYS_getuid @@ -1920,7 +1931,6 @@ SYS_getxattr SYS_ioctl SYS_issetugid -SYS_kdebug_trace SYS_kdebug_trace64 SYS_kdebug_trace_string ;; Needed for performance sampling, see . SYS_kevent_id @@ -1943,7 +1953,6 @@ SYS_open SYS_open_nocancel SYS_openat -SYS_pathconf SYS_pread SYS_proc_info SYS_psynch_cvbroad @@ -1961,9 +1970,8 @@ SYS_sendto SYS_sigaltstack SYS_sigprocmask +SYS_socket SYS_stat64 -SYS_statfs64 -SYS_socket SYS_sysctlbyname SYS_thread_selfid #if !PLATFORM(MAC) @@ -2029,10 +2037,22 @@ )) (when (defined? 'syscall-unix) -(deny syscall-unix (with send-signal SIGKILL)) +(deny syscall-unix (with telemetry) (with send-signal SIGKILL)) (allow syscall-unix -(syscall-unix-common)) +(syscall-unix-in-use-after-launch) +(syscall-unix-only-in-use-during-launch)) +#if HAVE(SANDBOX_STATE_FLAGS) +(with-filter (state-flag "WebContentProcessLaunched") +(deny syscall-unix +(syscall-unix-only-in-use-during-launch)) +(allow syscall-unix +(with report) +(with telemetry) +(with message "Unix syscall used after launch") +(syscall-unix-only-in-use-during-launch))) +#endif + (if (equal? (param "CPU") "arm64") (begin (allow syscall-unix ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291620] trunk/Source/WebKit
Title: [291620] trunk/Source/WebKit Revision 291620 Author pvol...@apple.com Date 2022-03-22 08:30:27 -0700 (Tue, 22 Mar 2022) Log Message Ensure there is a Network process after launching the WebContent process https://bugs.webkit.org/show_bug.cgi?id=238080 Reviewed by Chris Dumez. After the WebContent process has finished launching, ensure there is a Network process which will provide the WebContent process with the Launch Services database. * UIProcess/WebProcessProxy.cpp: (WebKit::WebProcessProxy::didFinishLaunching): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp Diff Modified: trunk/Source/WebKit/ChangeLog (291619 => 291620) --- trunk/Source/WebKit/ChangeLog 2022-03-22 15:25:30 UTC (rev 291619) +++ trunk/Source/WebKit/ChangeLog 2022-03-22 15:30:27 UTC (rev 291620) @@ -1,3 +1,17 @@ +2022-03-22 Per Arne Vollan + +Ensure there is a Network process after launching the WebContent process +https://bugs.webkit.org/show_bug.cgi?id=238080 + + +Reviewed by Chris Dumez. + +After the WebContent process has finished launching, ensure there is a Network process +which will provide the WebContent process with the Launch Services database. + +* UIProcess/WebProcessProxy.cpp: +(WebKit::WebProcessProxy::didFinishLaunching): + 2022-03-22 Wenson Hsieh -[WKWebView _spellCheckerDocumentTag] is inconsistent with the document tag passed into NSSpellChecker Modified: trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp (291619 => 291620) --- trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp 2022-03-22 15:25:30 UTC (rev 291619) +++ trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp 2022-03-22 15:30:27 UTC (rev 291620) @@ -1046,6 +1046,13 @@ #if PLATFORM(COCOA) if (auto networkProcess = NetworkProcessProxy::defaultNetworkProcess()) networkProcess->sendXPCEndpointToProcess(*this); +else { +RunLoop::main().dispatch([weakThis = WeakPtr { *this }] { +if (!weakThis) +return; +NetworkProcessProxy::ensureDefaultNetworkProcess()->sendXPCEndpointToProcess(*weakThis); +}); +} #endif RELEASE_ASSERT(!m_webConnection); ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291573] trunk/Source/WebKit
Title: [291573] trunk/Source/WebKit Revision 291573 Author pvol...@apple.com Date 2022-03-21 12:11:22 -0700 (Mon, 21 Mar 2022) Log Message [watchOS] Add required syscall https://bugs.webkit.org/show_bug.cgi?id=238117 Reviewed by Brent Fulgham. Add rarely used syscall on watchOS. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (291572 => 291573) --- trunk/Source/WebKit/ChangeLog 2022-03-21 19:00:18 UTC (rev 291572) +++ trunk/Source/WebKit/ChangeLog 2022-03-21 19:11:22 UTC (rev 291573) @@ -1,3 +1,15 @@ +2022-03-21 Per Arne Vollan + +[watchOS] Add required syscall +https://bugs.webkit.org/show_bug.cgi?id=238117 + + +Reviewed by Brent Fulgham. + +Add rarely used syscall on watchOS. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: + 2022-03-21 Youenn Fablet Remove unneeded quotes in capture attribution string Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (291572 => 291573) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-21 19:00:18 UTC (rev 291572) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-21 19:11:22 UTC (rev 291573) @@ -1278,6 +1278,9 @@ SYS_setrlimit SYS_sigaltstack SYS_sigprocmask +#if PLATFORM(WATCHOS) +SYS_sigreturn +#endif SYS_socket SYS_thread_selfusage SYS_unlink ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291499] trunk
Title: [291499] trunk Revision 291499 Author pvol...@apple.com Date 2022-03-18 15:12:12 -0700 (Fri, 18 Mar 2022) Log Message Fix test failures when enabling content filtering in the Network process https://bugs.webkit.org/show_bug.cgi?id=237217 Reviewed by Brent Fulgham. Source/WebCore: This patch addresses test failures when enabling content filtering in the Network process. When content filtering is running in the Network process, we need to send the mock content filter and settings to the Network process to support testing. The mock content filter is moved from the WebCore test support library target to the WebCore framework, since WebKit now also will reference the mock content filter when sending it to the Network process. Previously a compile time guard was used to disable the content filtering code in the document loader. However, we still need to support content filtering in the document loader for WK1, so this patch changes that to use a runtime check instead. The rest of this patch addresses test failures seen when running the layout and API tests. This patch does not enable the feature. No new tests, covered by existing tests. * WebCore.xcodeproj/project.pbxproj: * loader/ContentFilter.cpp: (WebCore::ContentFilter::startFilteringMainResource): (WebCore::ContentFilter::continueAfterDataReceived): (WebCore::ContentFilter::continueAfterNotifyFinished): (WebCore::ContentFilter::deliverResourceData): (WebCore::ContentFilter::url): (WebCore::ContentFilter::continueAfterSubstituteDataRequest): * loader/ContentFilter.h: (WebCore::ContentFilter::setBlockedError): * loader/ContentFilterClient.h: * loader/DocumentLoader.cpp: (WebCore::contentFilterInDocumentLoader): (WebCore::DocumentLoader::notifyFinished): (WebCore::DocumentLoader::willSendRequest): (WebCore::DocumentLoader::responseReceived): (WebCore::DocumentLoader::dataReceived): (WebCore::DocumentLoader::detachFromFrame): (WebCore::DocumentLoader::startLoadingMainResource): (WebCore::DocumentLoader::clearMainResource): (WebCore::DocumentLoader::becomeMainResourceClient): (WebCore::DocumentLoader::dataReceivedThroughContentFilter): (WebCore::DocumentLoader::contentFilterWillHandleProvisionalLoadFailure): (WebCore::DocumentLoader::contentFilterHandleProvisionalLoadFailure): * loader/DocumentLoader.h: (WebCore::DocumentLoader::setBlockedPageURL): (WebCore::DocumentLoader::setSubstituteDataFromContentFilter): * loader/PolicyChecker.cpp: (WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy): * platform/ContentFilterUnblockHandler.h: * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm: (WebCore::ContentFilterUnblockHandler::encode const): (WebCore::ContentFilterUnblockHandler::decode): (WebCore::ContentFilterUnblockHandler::canHandleRequest const): (WebCore::ContentFilterUnblockHandler::requestUnblockAsync const): (WebCore::ContentFilterUnblockHandler::setUnblockedAfterRequest): * testing/MockContentFilterManager.cpp: Added. (WebCore::MockContentFilterManager::singleton): (WebCore::MockContentFilterManager::setClient): (WebCore::MockContentFilterManager::notifySettingsChanged const): * testing/MockContentFilterManager.h: Added. * testing/MockContentFilterSettings.cpp: (WebCore::MockContentFilterSettings::reset): (WebCore::MockContentFilterSettings::setEnabled): (WebCore::MockContentFilterSettings::setBlockedString): (WebCore::MockContentFilterSettings::setDecisionPoint): (WebCore::MockContentFilterSettings::setDecision): (WebCore::MockContentFilterSettings::setUnblockRequestDecision): (WebCore::MockContentFilterSettings::setModifiedRequestURL): * testing/MockContentFilterSettings.h: (WebCore::MockContentFilterSettings::encode const): (WebCore::MockContentFilterSettings::decode): (WebCore::MockContentFilterSettings::setBlockedString): Deleted. (WebCore::MockContentFilterSettings::setDecisionPoint): Deleted. (WebCore::MockContentFilterSettings::setDecision): Deleted. (WebCore::MockContentFilterSettings::setUnblockRequestDecision): Deleted. (WebCore::MockContentFilterSettings::setModifiedRequestURL): Deleted. * testing/MockContentFilterSettingsClient.h: Added. (WebCore::MockContentFilterSettingsClient::~MockContentFilterSettingsClient): Source/WebKit: Add a WebMockContentFilterManager in the WebContent process, which will be notified when mock content filter settings are changed from _javascript_, and then send the new settings to the Network process and install the mock content filter. The other changes are addressing layout and API test failures. * NetworkProcess/NetworkConnectionToWebProcess.cpp: (WebKit::NetworkConnectionToWebProcess::installMockContentFilter): * NetworkProcess/NetworkConnectionToWebProcess.h: * NetworkProcess/NetworkConnectionToWebProcess.messages.in: * NetworkProcess/NetworkResourceLoader.cpp: (WebKit::NetworkResourceLoader::start): (WebKit::NetworkResourceLoader::startContentFiltering): (WebKit::NetworkResourceLoader::didFinishLoading): (WebKit::NetworkResourceLoader::willSendRedirectedRequestInternal):
[webkit-changes] [291352] trunk/Source/WebKit
Title: [291352] trunk/Source/WebKit Revision 291352 Author pvol...@apple.com Date 2022-03-16 08:20:35 -0700 (Wed, 16 Mar 2022) Log Message Incorrect header name used in __has_include https://bugs.webkit.org/show_bug.cgi?id=237914 Reviewed by Geoffrey Garen. * Configurations/WebKit.xcconfig: * UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitializeWebProcess): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Configurations/WebKit.xcconfig trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm Diff Modified: trunk/Source/WebKit/ChangeLog (291351 => 291352) --- trunk/Source/WebKit/ChangeLog 2022-03-16 15:17:52 UTC (rev 291351) +++ trunk/Source/WebKit/ChangeLog 2022-03-16 15:20:35 UTC (rev 291352) @@ -1,3 +1,15 @@ +2022-03-16 Per Arne Vollan + +Incorrect header name used in __has_include +https://bugs.webkit.org/show_bug.cgi?id=237914 + + +Reviewed by Geoffrey Garen. + +* Configurations/WebKit.xcconfig: +* UIProcess/Cocoa/WebProcessPoolCocoa.mm: +(WebKit::WebProcessPool::platformInitializeWebProcess): + 2022-03-16 Wenson Hsieh [iOS] Refactor some position information hit-testing logic related to data detectors in Live Text Modified: trunk/Source/WebKit/Configurations/WebKit.xcconfig (291351 => 291352) --- trunk/Source/WebKit/Configurations/WebKit.xcconfig 2022-03-16 15:17:52 UTC (rev 291351) +++ trunk/Source/WebKit/Configurations/WebKit.xcconfig 2022-03-16 15:20:35 UTC (rev 291352) @@ -152,7 +152,7 @@ WK_LIBNETWORKEXTENSION_LDFLAGS_macosx = -weak_library /usr/lib/libnetworkextension.dylib; WK_LIBNETWORKEXTENSION_LDFLAGS_tvos = ; -WK_AVKIT_LDFLAGS = $(WK_AVKIT_LDFLAGS$(WK_PLATFORM_NAME)); +WK_AVKIT_LDFLAGS = $(WK_AVKIT_LDFLAGS_$(WK_PLATFORM_NAME)); WK_AVKIT_LDFLAGS_iphoneos = -framework AVKit; WK_AVKIT_LDFLAGS_iphonesimulator = -framework AVKit; WK_AVKIT_LDFLAGS_maccatalyst = -framework AVKit; Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm (291351 => 291352) --- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2022-03-16 15:17:52 UTC (rev 291351) +++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2022-03-16 15:20:35 UTC (rev 291352) @@ -113,8 +113,8 @@ #import "WKStylusDeviceObserver.h" #endif -#if __has_include() -#import +#if __has_include() +#import #endif #if HAVE(MEDIA_ACCESSIBILITY_FRAMEWORK) @@ -420,7 +420,7 @@ #if PLATFORM(IOS_FAMILY) parameters.currentUserInterfaceIdiomIsSmallScreen = currentUserInterfaceIdiomIsSmallScreen(); -#if ENABLE(VIDEO_PRESENTATION_MODE) && __has_include() +#if ENABLE(VIDEO_PRESENTATION_MODE) && !PLATFORM(WATCHOS) && __has_include() parameters.supportsPictureInPicture = [AVPictureInPictureController isPictureInPictureSupported]; #else parameters.supportsPictureInPicture = false; ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291324] trunk/Source/WebCore
Title: [291324] trunk/Source/WebCore Revision 291324 Author pvol...@apple.com Date 2022-03-15 17:51:40 -0700 (Tue, 15 Mar 2022) Log Message Crash under HTMLDocumentParser::didBeginYieldingParser() https://bugs.webkit.org/show_bug.cgi?id=237930 Reviewed by Geoffrey Garen. Add null pointer check. No new tests, unable to reproduce. * html/parser/HTMLDocumentParser.cpp: (WebCore::HTMLDocumentParser::didBeginYieldingParser): (WebCore::HTMLDocumentParser::didEndYieldingParser): Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp Diff Modified: trunk/Source/WebCore/ChangeLog (291323 => 291324) --- trunk/Source/WebCore/ChangeLog 2022-03-15 23:44:09 UTC (rev 291323) +++ trunk/Source/WebCore/ChangeLog 2022-03-16 00:51:40 UTC (rev 291324) @@ -1,3 +1,19 @@ +2022-03-15 Per Arne Vollan + +Crash under HTMLDocumentParser::didBeginYieldingParser() +https://bugs.webkit.org/show_bug.cgi?id=237930 + + +Reviewed by Geoffrey Garen. + +Add null pointer check. + +No new tests, unable to reproduce. + +* html/parser/HTMLDocumentParser.cpp: +(WebCore::HTMLDocumentParser::didBeginYieldingParser): +(WebCore::HTMLDocumentParser::didEndYieldingParser): + 2022-03-15 Sihui Liu Add RELEASE_LOG_FAULT to ApplicationCache entry function Modified: trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp (291323 => 291324) --- trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp 2022-03-15 23:44:09 UTC (rev 291323) +++ trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp 2022-03-16 00:51:40 UTC (rev 291324) @@ -161,12 +161,14 @@ void HTMLDocumentParser::didBeginYieldingParser() { -m_parserScheduler->didBeginYieldingParser(); +if (m_parserScheduler) +m_parserScheduler->didBeginYieldingParser(); } void HTMLDocumentParser::didEndYieldingParser() { -m_parserScheduler->didEndYieldingParser(); +if (m_parserScheduler) +m_parserScheduler->didEndYieldingParser(); } bool HTMLDocumentParser::isParsingFragment() const ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291297] trunk/Source/WebKit
Title: [291297] trunk/Source/WebKit Revision 291297 Author pvol...@apple.com Date 2022-03-15 09:52:02 -0700 (Tue, 15 Mar 2022) Log Message [macOS][WP] Add required syscall https://bugs.webkit.org/show_bug.cgi?id=237846 Reviewed by Brent Fulgham. Add required syscall to the WebContent process' sandbox on macOS. * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (291296 => 291297) --- trunk/Source/WebKit/ChangeLog 2022-03-15 16:40:55 UTC (rev 291296) +++ trunk/Source/WebKit/ChangeLog 2022-03-15 16:52:02 UTC (rev 291297) @@ -1,3 +1,15 @@ +2022-03-15 Per Arne Vollan + +[macOS][WP] Add required syscall +https://bugs.webkit.org/show_bug.cgi?id=237846 + + +Reviewed by Brent Fulgham. + +Add required syscall to the WebContent process' sandbox on macOS. + +* WebProcess/com.apple.WebProcess.sb.in: + 2022-03-15 Jer Noble [Cocoa] Adopt AVAssetPrefersSandboxedParsingOptionKey Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (291296 => 291297) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-15 16:40:55 UTC (rev 291296) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-15 16:52:02 UTC (rev 291297) @@ -2009,6 +2009,8 @@ #if !PLATFORM(MAC) || __MAC_OS_X_VERSION_MIN_REQUIRED < 12 SYS_rmdir #endif +;; FIXME: SYS_setsockopt can be removed when contentfiltering has moved to the Network process +SYS_setsockopt ;; SYS_shm_open SYS_sigaction SYS_sysctl ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291204] trunk/Source/WebCore
Title: [291204] trunk/Source/WebCore Revision 291204 Author pvol...@apple.com Date 2022-03-11 19:15:58 -0800 (Fri, 11 Mar 2022) Log Message [macOS] Image decoders should be restricted for Mail https://bugs.webkit.org/show_bug.cgi?id=237717 Reviewed by Geoffrey Garen. Use correct prefix for static member. * platform/graphics/cg/ImageDecoderCG.cpp: (WebCore::ImageDecoderCG::enableRestrictedDecoding): (WebCore::ImageDecoderCG::restrictedDecodingEnabled): * platform/graphics/cg/ImageDecoderCG.h: Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.h Diff Modified: trunk/Source/WebCore/ChangeLog (291203 => 291204) --- trunk/Source/WebCore/ChangeLog 2022-03-12 02:33:04 UTC (rev 291203) +++ trunk/Source/WebCore/ChangeLog 2022-03-12 03:15:58 UTC (rev 291204) @@ -1,3 +1,18 @@ +2022-03-11 Per Arne Vollan + +[macOS] Image decoders should be restricted for Mail +https://bugs.webkit.org/show_bug.cgi?id=237717 + + +Reviewed by Geoffrey Garen. + +Use correct prefix for static member. + +* platform/graphics/cg/ImageDecoderCG.cpp: +(WebCore::ImageDecoderCG::enableRestrictedDecoding): +(WebCore::ImageDecoderCG::restrictedDecodingEnabled): +* platform/graphics/cg/ImageDecoderCG.h: + 2022-03-11 Wenson Hsieh Refactor the filter block in DocumentMarkerController::filterMarkers() to return an enum type Modified: trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp (291203 => 291204) --- trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp 2022-03-12 02:33:04 UTC (rev 291203) +++ trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp 2022-03-12 03:15:58 UTC (rev 291204) @@ -255,7 +255,7 @@ } #endif -bool ImageDecoderCG::m_enableRestrictedDecoding = false; +bool ImageDecoderCG::s_enableRestrictedDecoding = false; ImageDecoderCG::ImageDecoderCG(FragmentedSharedBuffer& data, AlphaOption, GammaAndColorProfileOption) { @@ -599,12 +599,12 @@ void ImageDecoderCG::enableRestrictedDecoding() { -m_enableRestrictedDecoding = true; +s_enableRestrictedDecoding = true; } bool ImageDecoderCG::restrictedDecodingEnabled() { -return m_enableRestrictedDecoding; +return s_enableRestrictedDecoding; } } Modified: trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.h (291203 => 291204) --- trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.h 2022-03-12 02:33:04 UTC (rev 291203) +++ trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.h 2022-03-12 03:15:58 UTC (rev 291204) @@ -75,7 +75,7 @@ bool m_isAllDataReceived { false }; mutable EncodedDataStatus m_encodedDataStatus { EncodedDataStatus::Unknown }; RetainPtr m_nativeDecoder; -static bool m_enableRestrictedDecoding; +static bool s_enableRestrictedDecoding; }; } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291190] trunk/Source
Title: [291190] trunk/Source Revision 291190 Author pvol...@apple.com Date 2022-03-11 14:13:34 -0800 (Fri, 11 Mar 2022) Log Message [macOS] Image decoders should be restricted for Mail https://bugs.webkit.org/show_bug.cgi?id=237717 Reviewed by Geoffrey Garen. Source/WebCore: Only add restricted decoding flag when it is explicitly requested. * WebCore.xcodeproj/project.pbxproj: * platform/graphics/cg/ImageDecoderCG.cpp: (WebCore::createImageSourceOptions): (WebCore::ImageDecoderCG::enableRestrictedDecoding): (WebCore::ImageDecoderCG::restrictedDecodingEnabled): * platform/graphics/cg/ImageDecoderCG.h: Source/WebKit: We already restrict image decoders for Mail on iOS. We should do so on macOS too. * Shared/WebProcessCreationParameters.cpp: (WebKit::WebProcessCreationParameters::encode const): (WebKit::WebProcessCreationParameters::decode): * Shared/WebProcessCreationParameters.h: * UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitializeWebProcess): * WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::platformInitializeWebProcess): * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.h trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp trunk/Source/WebKit/Shared/WebProcessCreationParameters.h trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebCore/ChangeLog (291189 => 291190) --- trunk/Source/WebCore/ChangeLog 2022-03-11 21:55:33 UTC (rev 291189) +++ trunk/Source/WebCore/ChangeLog 2022-03-11 22:13:34 UTC (rev 291190) @@ -1,3 +1,20 @@ +2022-03-11 Per Arne Vollan + +[macOS] Image decoders should be restricted for Mail +https://bugs.webkit.org/show_bug.cgi?id=237717 + + +Reviewed by Geoffrey Garen. + +Only add restricted decoding flag when it is explicitly requested. + +* WebCore.xcodeproj/project.pbxproj: +* platform/graphics/cg/ImageDecoderCG.cpp: +(WebCore::createImageSourceOptions): +(WebCore::ImageDecoderCG::enableRestrictedDecoding): +(WebCore::ImageDecoderCG::restrictedDecodingEnabled): +* platform/graphics/cg/ImageDecoderCG.h: + 2022-03-11 Wenson Hsieh [iOS] Add support for -[UITextInput removeEmojiAlternatives] on WKContentView Modified: trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj (291189 => 291190) --- trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2022-03-11 21:55:33 UTC (rev 291189) +++ trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj 2022-03-11 22:13:34 UTC (rev 291190) @@ -1903,7 +1903,7 @@ 5546757B1FD212A9003B10B0 /* ImageSource.h in Headers */ = {isa = PBXBuildFile; fileRef = 554675781FD1FC1A003B10B0 /* ImageSource.h */; settings = {ATTRIBUTES = (Private, ); }; }; 5550CB421E955E3C00111AA0 /* ImageTypes.h in Headers */ = {isa = PBXBuildFile; fileRef = 5550CB411E955E3C00111AA0 /* ImageTypes.h */; settings = {ATTRIBUTES = (Private, ); }; }; 555130011E7B00A69E38 /* DecodingOptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 555130001E7A00A69E38 /* DecodingOptions.h */; settings = {ATTRIBUTES = (Private, ); }; }; - 555B87ED1CAAF0AB00349425 /* ImageDecoderCG.h in Headers */ = {isa = PBXBuildFile; fileRef = 555B87EB1CAAF0AB00349425 /* ImageDecoderCG.h */; }; + 555B87ED1CAAF0AB00349425 /* ImageDecoderCG.h in Headers */ = {isa = PBXBuildFile; fileRef = 555B87EB1CAAF0AB00349425 /* ImageDecoderCG.h */; settings = {ATTRIBUTES = (Private, ); }; }; 556C7C4B22123997009B06CA /* RenderingUpdateScheduler.h in Headers */ = {isa = PBXBuildFile; fileRef = 556C7C4722123942009B06CA /* RenderingUpdateScheduler.h */; settings = {ATTRIBUTES = (Private, ); }; }; 5576A5651D88A70800CCC04C /* ImageFrame.h in Headers */ = {isa = PBXBuildFile; fileRef = 5576A5631D88A70800CCC04C /* ImageFrame.h */; settings = {ATTRIBUTES = (Private, ); }; }; 5584765A2453F334009F550C /* ReducedResolutionSeconds.h in Headers */ = {isa = PBXBuildFile; fileRef = 558476582453ABC2009F550C /* ReducedResolutionSeconds.h */; settings = {ATTRIBUTES = (Private, ); }; }; Modified: trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp (291189 => 291190) --- trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp 2022-03-11 21:55:33 UTC (rev 291189) +++ trunk/Source/WebCore/platform/graphics/cg/ImageDecoderCG.cpp 2022-03-11 22:13:34 UTC (rev 291190) @@ -67,7 +67,8 @@ CFDictionarySetValue(options.get(), kCGImageSourceShouldPreferRGB32, kCFBooleanTrue); CFDictionarySetValue(options.get(), kCGImageSourceSkipMetadata, kCFBooleanTrue); #if HAVE(IMAGE_RESTRICTED_DECODING) && USE(APPLE_INTERNAL_SDK) -
[webkit-changes] [291168] trunk/Source/WebKit
Title: [291168] trunk/Source/WebKit Revision 291168 Author pvol...@apple.com Date 2022-03-11 08:05:37 -0800 (Fri, 11 Mar 2022) Log Message [macOS][WP] Add required sys call to sandbox https://bugs.webkit.org/show_bug.cgi?id=237739 Reviewed by Chris Dumez. Add a rarely used, but required syscall, to the WebContent process sandbox on macOS. * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (291167 => 291168) --- trunk/Source/WebKit/ChangeLog 2022-03-11 15:33:07 UTC (rev 291167) +++ trunk/Source/WebKit/ChangeLog 2022-03-11 16:05:37 UTC (rev 291168) @@ -1,3 +1,14 @@ +2022-03-11 Per Arne Vollan + +[macOS][WP] Add required sys call to sandbox +https://bugs.webkit.org/show_bug.cgi?id=237739 + +Reviewed by Chris Dumez. + +Add a rarely used, but required syscall, to the WebContent process sandbox on macOS. + +* WebProcess/com.apple.WebProcess.sb.in: + 2022-03-11 Youenn Fablet Do capture video frame downsampling in GPUProcess Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (291167 => 291168) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-11 15:33:07 UTC (rev 291167) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-03-11 16:05:37 UTC (rev 291168) @@ -2000,6 +2000,7 @@ SYS_necp_open SYS_openat_nocancel SYS_proc_rlimit_control +SYS_psynch_rw_rdlock #if !PLATFORM(MAC) || __MAC_OS_X_VERSION_MIN_REQUIRED < 12 SYS_rmdir #endif @@ -2015,7 +2016,6 @@ SYS_kqueue SYS_mkdirat SYS_open_dprotected_np -SYS_psynch_rw_rdlock SYS_setrlimit SYS_ulock_wait2 #endif ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291062] trunk/Source/WebKit
Title: [291062] trunk/Source/WebKit Revision 291062 Author pvol...@apple.com Date 2022-03-09 12:59:08 -0800 (Wed, 09 Mar 2022) Log Message The accessibility library should be soft linked optionally https://bugs.webkit.org/show_bug.cgi?id=236513 Reviewed by Geoffrey Garen. The accessibility library should be soft linked optionally, since it is not always present. * Shared/Cocoa/AuxiliaryProcessCocoa.mm: (WebKit::handleAXPreferenceChange): (WebKit::AuxiliaryProcess::handlePreferenceChange): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm Diff Modified: trunk/Source/WebKit/ChangeLog (291061 => 291062) --- trunk/Source/WebKit/ChangeLog 2022-03-09 20:44:41 UTC (rev 291061) +++ trunk/Source/WebKit/ChangeLog 2022-03-09 20:59:08 UTC (rev 291062) @@ -1,3 +1,16 @@ +2022-03-09 Per Arne Vollan + +The accessibility library should be soft linked optionally +https://bugs.webkit.org/show_bug.cgi?id=236513 + +Reviewed by Geoffrey Garen. + +The accessibility library should be soft linked optionally, since it is not always present. + +* Shared/Cocoa/AuxiliaryProcessCocoa.mm: +(WebKit::handleAXPreferenceChange): +(WebKit::AuxiliaryProcess::handlePreferenceChange): + 2022-03-09 Don Olmstead [CMake] Associate platform specific configuration with WinCairo Modified: trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm (291061 => 291062) --- trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm 2022-03-09 20:44:41 UTC (rev 291061) +++ trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm 2022-03-09 20:59:08 UTC (rev 291062) @@ -46,7 +46,7 @@ #endif #if HAVE(UPDATE_WEB_ACCESSIBILITY_SETTINGS) && ENABLE(CFPREFS_DIRECT_MODE) -SOFT_LINK_LIBRARY(libAccessibility) +SOFT_LINK_LIBRARY_OPTIONAL(libAccessibility) SOFT_LINK_OPTIONAL(libAccessibility, _AXSUpdateWebAccessibilitySettings, void, (), ()); #endif @@ -197,8 +197,13 @@ } #endif -void AuxiliaryProcess::handlePreferenceChange(const String& domain, const String& key, id value) +static void handleAXPreferenceChange(const String& domain, const String& key, id value) { +#if HAVE(UPDATE_WEB_ACCESSIBILITY_SETTINGS) +if (!libAccessibilityLibrary()) +return; +#endif + if (domain == String(kAXSAccessibilityPreferenceDomain)) { #if HAVE(UPDATE_WEB_ACCESSIBILITY_SETTINGS) if (_AXSUpdateWebAccessibilitySettingsPtr()) @@ -212,7 +217,11 @@ _AXSSetDarkenSystemColors([(NSNumber *)value boolValue]); #endif } +} +void AuxiliaryProcess::handlePreferenceChange(const String& domain, const String& key, id value) +{ +handleAXPreferenceChange(domain, key, value); dispatchSimulatedNotificationsForPreferenceChange(key); } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [291006] trunk/Source/WebKit
Title: [291006] trunk/Source/WebKit Revision 291006 Author pvol...@apple.com Date 2022-03-08 12:46:24 -0800 (Tue, 08 Mar 2022) Log Message The accessibility library should be soft linked optionally https://bugs.webkit.org/show_bug.cgi?id=236513 Reviewed by Geoffrey Garen. The accessibility library should be soft linked optionally, since it is not always present. * Shared/Cocoa/AuxiliaryProcessCocoa.mm: (WebKit::handleAXPreferenceChange): (WebKit::AuxiliaryProcess::handlePreferenceChange): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm Diff Modified: trunk/Source/WebKit/ChangeLog (291005 => 291006) --- trunk/Source/WebKit/ChangeLog 2022-03-08 20:41:12 UTC (rev 291005) +++ trunk/Source/WebKit/ChangeLog 2022-03-08 20:46:24 UTC (rev 291006) @@ -1,3 +1,16 @@ +2022-03-08 Per Arne Vollan + +The accessibility library should be soft linked optionally +https://bugs.webkit.org/show_bug.cgi?id=236513 + +Reviewed by Geoffrey Garen. + +The accessibility library should be soft linked optionally, since it is not always present. + +* Shared/Cocoa/AuxiliaryProcessCocoa.mm: +(WebKit::handleAXPreferenceChange): +(WebKit::AuxiliaryProcess::handlePreferenceChange): + 2022-03-08 Chris Dumez Optimize further the passing of data across threads Modified: trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm (291005 => 291006) --- trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm 2022-03-08 20:41:12 UTC (rev 291005) +++ trunk/Source/WebKit/Shared/Cocoa/AuxiliaryProcessCocoa.mm 2022-03-08 20:46:24 UTC (rev 291006) @@ -46,7 +46,7 @@ #endif #if HAVE(UPDATE_WEB_ACCESSIBILITY_SETTINGS) && ENABLE(CFPREFS_DIRECT_MODE) -SOFT_LINK_LIBRARY(libAccessibility) +SOFT_LINK_LIBRARY_OPTIONAL(libAccessibility) SOFT_LINK_OPTIONAL(libAccessibility, _AXSUpdateWebAccessibilitySettings, void, (), ()); #endif @@ -197,8 +197,13 @@ } #endif -void AuxiliaryProcess::handlePreferenceChange(const String& domain, const String& key, id value) +static void handleAXPreferenceChange(const String& domain, const String& key, id value) { +#if HAVE(UPDATE_WEB_ACCESSIBILITY_SETTINGS) +if (!liblibAccessibility()) +return; +#endif + if (domain == String(kAXSAccessibilityPreferenceDomain)) { #if HAVE(UPDATE_WEB_ACCESSIBILITY_SETTINGS) if (_AXSUpdateWebAccessibilitySettingsPtr()) @@ -212,7 +217,11 @@ _AXSSetDarkenSystemColors([(NSNumber *)value boolValue]); #endif } +} +void AuxiliaryProcess::handlePreferenceChange(const String& domain, const String& key, id value) +{ +handleAXPreferenceChange(domain, key, value); dispatchSimulatedNotificationsForPreferenceChange(key); } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290969] trunk/Source
Title: [290969] trunk/Source Revision 290969 Author pvol...@apple.com Date 2022-03-07 18:12:38 -0800 (Mon, 07 Mar 2022) Log Message Preconnecting after process swap is a page load time improvement on some devices https://bugs.webkit.org/show_bug.cgi?id=237055 Reviewed by Geoffrey Garen. Source/WebCore: Export method. * platform/network/NetworkLoadMetrics.h: Source/WebKit: On some devices we see that doing a second preconnect on HTTP/1.1 is a significant page load time improvement. This is due to the fact that most page loads on HTTP/1.1 will open several connections, and having two preconnected connections instead of one, will speed up page load time. This patch implements this by starting a second preconnect after the first has finished. It is important to wait until the first preconnect has finished, otherwise the second preconnect will go to waste, since the underlying network layer does not yet know if this is HTTP/1.1 or not. Since we do not see page load time improvement on iOS with this behavior, it is currently only enabled for macOS. The next step is to investigate why it does not seem to be a page load time improvement on iOS. We probably need to make sure the main resource load has started before we start the second preconect. This will avoid that the second preconnect returns immediately. * NetworkProcess/NetworkConnectionToWebProcess.cpp: (WebKit::NetworkConnectionToWebProcess::sendH2Ping): (WebKit::NetworkConnectionToWebProcess::preconnectTo): * NetworkProcess/NetworkProcess.cpp: (WebKit::NetworkProcess::preconnectTo): * NetworkProcess/PreconnectTask.cpp: (WebKit::PreconnectTask::PreconnectTask): (WebKit::PreconnectTask::didFinishLoading): (WebKit::PreconnectTask::didFailLoading): (WebKit::PreconnectTask::didFinish): * NetworkProcess/PreconnectTask.h: * NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp: (WebKit::NetworkCache::SpeculativeLoadManager::preconnectForSubresource): Source/WTF: Add ENABLE guard for this behavior. * wtf/PlatformEnableCocoa.h: Modified Paths trunk/Source/WTF/ChangeLog trunk/Source/WTF/wtf/PlatformEnableCocoa.h trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/platform/network/NetworkLoadMetrics.h trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp trunk/Source/WebKit/NetworkProcess/PreconnectTask.cpp trunk/Source/WebKit/NetworkProcess/PreconnectTask.h trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp Diff Modified: trunk/Source/WTF/ChangeLog (290968 => 290969) --- trunk/Source/WTF/ChangeLog 2022-03-08 01:39:15 UTC (rev 290968) +++ trunk/Source/WTF/ChangeLog 2022-03-08 02:12:38 UTC (rev 290969) @@ -1,3 +1,15 @@ +2022-03-07 Per Arne Vollan + +Preconnecting after process swap is a page load time improvement on some devices +https://bugs.webkit.org/show_bug.cgi?id=237055 + + +Reviewed by Geoffrey Garen. + +Add ENABLE guard for this behavior. + +* wtf/PlatformEnableCocoa.h: + 2022-03-07 Chris Dumez Optimize the passing of data across threads Modified: trunk/Source/WTF/wtf/PlatformEnableCocoa.h (290968 => 290969) --- trunk/Source/WTF/wtf/PlatformEnableCocoa.h 2022-03-08 01:39:15 UTC (rev 290968) +++ trunk/Source/WTF/wtf/PlatformEnableCocoa.h 2022-03-08 02:12:38 UTC (rev 290969) @@ -758,3 +758,7 @@ #define ENABLE_ARKIT_INLINE_PREVIEW_ANIMATIONS_CONTROL 1 #define ENABLE_ARKIT_INLINE_PREVIEW_AUDIO_CONTROL 1 #endif + +#if !defined(ENABLE_ADDITIONAL_PRECONNECT_ON_HTTP_1X) && PLATFORM(MAC) +#define ENABLE_ADDITIONAL_PRECONNECT_ON_HTTP_1X 1 +#endif Modified: trunk/Source/WebCore/ChangeLog (290968 => 290969) --- trunk/Source/WebCore/ChangeLog 2022-03-08 01:39:15 UTC (rev 290968) +++ trunk/Source/WebCore/ChangeLog 2022-03-08 02:12:38 UTC (rev 290969) @@ -1,3 +1,15 @@ +2022-03-07 Per Arne Vollan + +Preconnecting after process swap is a page load time improvement on some devices +https://bugs.webkit.org/show_bug.cgi?id=237055 + + +Reviewed by Geoffrey Garen. + +Export method. + +* platform/network/NetworkLoadMetrics.h: + 2022-03-07 Jean-Yves Avenard Add ability to convert FragmentedSharedBuffer to CMBlockBuffer Modified: trunk/Source/WebCore/platform/network/NetworkLoadMetrics.h (290968 => 290969) --- trunk/Source/WebCore/platform/network/NetworkLoadMetrics.h 2022-03-08 01:39:15 UTC (rev 290968) +++ trunk/Source/WebCore/platform/network/NetworkLoadMetrics.h 2022-03-08 02:12:38 UTC (rev 290969) @@ -65,7 +65,7 @@ public: WEBCORE_EXPORT NetworkLoadMetrics(); -static const NetworkLoadMetrics& emptyMetrics(); +WEBCORE_EXPORT static const NetworkLoadMetrics& emptyMetrics(); WEBCORE_EXPORT NetworkLoadMetrics isolatedCopy() const; Modified: trunk/Source/WebKit/ChangeLog (290968 => 290969) --- trunk/Source/WebKit/ChangeLog 2022-03-08 01:39:15 UTC (rev
[webkit-changes] [290835] trunk/Source/WebKit
Title: [290835] trunk/Source/WebKit Revision 290835 Author pvol...@apple.com Date 2022-03-04 09:44:58 -0800 (Fri, 04 Mar 2022) Log Message [iOS] Hard link AVPictureInPictureController https://bugs.webkit.org/show_bug.cgi?id=237227 Reviewed by Brent Fulgham. Hard linking instead of soft linking should be a small performance improvement. * Configurations/WebKit.xcconfig: * UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitializeWebProcess): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Configurations/WebKit.xcconfig trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm Diff Modified: trunk/Source/WebKit/ChangeLog (290834 => 290835) --- trunk/Source/WebKit/ChangeLog 2022-03-04 17:16:56 UTC (rev 290834) +++ trunk/Source/WebKit/ChangeLog 2022-03-04 17:44:58 UTC (rev 290835) @@ -1,3 +1,16 @@ +2022-03-04 Per Arne Vollan + +[iOS] Hard link AVPictureInPictureController +https://bugs.webkit.org/show_bug.cgi?id=237227 + +Reviewed by Brent Fulgham. + +Hard linking instead of soft linking should be a small performance improvement. + +* Configurations/WebKit.xcconfig: +* UIProcess/Cocoa/WebProcessPoolCocoa.mm: +(WebKit::WebProcessPool::platformInitializeWebProcess): + 2022-03-04 Youenn Fablet LibWebRTCCodecs::setEncodeRates should send LibWebRTCCodecsProxy::SetEncodeRates only when the encoder is live Modified: trunk/Source/WebKit/Configurations/WebKit.xcconfig (290834 => 290835) --- trunk/Source/WebKit/Configurations/WebKit.xcconfig 2022-03-04 17:16:56 UTC (rev 290834) +++ trunk/Source/WebKit/Configurations/WebKit.xcconfig 2022-03-04 17:44:58 UTC (rev 290835) @@ -152,11 +152,17 @@ WK_LIBNETWORKEXTENSION_LDFLAGS_macosx = -weak_library /usr/lib/libnetworkextension.dylib; WK_LIBNETWORKEXTENSION_LDFLAGS_tvos = ; +WK_AVKIT_LDFLAGS = $(WK_AVKIT_LDFLAGS$(WK_PLATFORM_NAME)); +WK_AVKIT_LDFLAGS_iphoneos = -framework AVKit; +WK_AVKIT_LDFLAGS_iphonesimulator = -framework AVKit; +WK_AVKIT_LDFLAGS_maccatalyst = -framework AVKit; +WK_AVKIT_LDFLAGS_tvos = -framework AVKit; + WK_INSTALL_COORDINATION_LDFLAGS = $(WK_INSTALL_COORDINATION_LDFLAGS_$(WK_PLATFORM_NAME)); WK_INSTALL_COORDINATION_LDFLAGS_iphoneos = -framework InstallCoordination; WK_INSTALL_COORDINATION_LDFLAGS_iphonesimulator = $(WK_INSTALL_COORDINATION_LDFLAGS_iphoneos) -FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework IOSurface -framework WebKitLegacy -lnetwork -framework Metal $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_BACKBOARD_SERVICES_LDFLAGS) $(WK_RUNNINGBOARD_SERVICES_LDFLAGS) $(WK_AUTHKIT_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CONTACTS_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_LIBNETWORKEXTENSION_LDFLAGS) $(WK_LIBSANDBOX_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_PROTOTYPE_TOOLS_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_SECURITY_INTERFACE_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_UNIFORM_TYPE_IDENTIFIERS_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS) $(WK_WEBINSPECTORUI_LDFLAGS) $(WK_COORDINATOR_LDFLAGS) $(WK_INSTALL_COORDINATION_LD FLAGS); +FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework IOSurface -framework WebKitLegacy -lnetwork -framework Metal $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_BACKBOARD_SERVICES_LDFLAGS) $(WK_RUNNINGBOARD_SERVICES_LDFLAGS) $(WK_AUTHKIT_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CONTACTS_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_LIBNETWORKEXTENSION_LDFLAGS) $(WK_LIBSANDBOX_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_PROTOTYPE_TOOLS_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_SECURITY_INTERFACE_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_UNIFORM_TYPE_IDENTIFIERS_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS) $(WK_WEBINSPECTORUI_LDFLAGS) $(WK_COORDINATOR_LDFLAGS) $(WK_INSTALL_COORDINATION_LDF LAGS) $(WK_AVKIT_LDFLAGS); // Prevent C++ standard library basic_stringstream, operator new, delete and their related exception types from being exported as weak symbols. UNEXPORTED_SYMBOL_LDFLAGS = -Wl,-unexported_symbol -Wl,__ZTISt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTISt9exception -Wl,-unexported_symbol -Wl,__ZTSSt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTSSt9exception -Wl,-unexported_symbol -Wl,__ZdlPvS_ -Wl,-unexported_symbol -Wl,__ZnwmPv -Wl,-unexported_symbol -Wl,__Znwm -Wl,-unexported_symbol -Wl,__ZTVNSt3__117bad_function_callE -Wl,-unexported_symbol
[webkit-changes] [290754] trunk/Source/WebKit
Title: [290754] trunk/Source/WebKit Revision 290754 Author pvol...@apple.com Date 2022-03-02 13:25:49 -0800 (Wed, 02 Mar 2022) Log Message [iOS] Seatbelt sandbox profile entitlement is deprecated https://bugs.webkit.org/show_bug.cgi?id=237374 Reviewed by Brent Fulgham. Replace with new entitlement. * Scripts/process-entitlements.sh: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Scripts/process-entitlements.sh Diff Modified: trunk/Source/WebKit/ChangeLog (290753 => 290754) --- trunk/Source/WebKit/ChangeLog 2022-03-02 21:12:26 UTC (rev 290753) +++ trunk/Source/WebKit/ChangeLog 2022-03-02 21:25:49 UTC (rev 290754) @@ -1,5 +1,16 @@ 2022-03-02 Per Arne Vollan +[iOS] Seatbelt sandbox profile entitlement is deprecated +https://bugs.webkit.org/show_bug.cgi?id=237374 + +Reviewed by Brent Fulgham. + +Replace with new entitlement. + +* Scripts/process-entitlements.sh: + +2022-03-02 Per Arne Vollan + [iOS] Hard link AVPictureInPictureController https://bugs.webkit.org/show_bug.cgi?id=237227 Modified: trunk/Source/WebKit/Scripts/process-entitlements.sh (290753 => 290754) --- trunk/Source/WebKit/Scripts/process-entitlements.sh 2022-03-02 21:12:26 UTC (rev 290753) +++ trunk/Source/WebKit/Scripts/process-entitlements.sh 2022-03-02 21:25:49 UTC (rev 290754) @@ -391,8 +391,7 @@ plistbuddy Add :com.apple.tcc.delegated-services:0 string kTCCServiceCamera plistbuddy Add :com.apple.tcc.delegated-services:1 string kTCCServiceMicrophone -plistbuddy Add :seatbelt-profiles array -plistbuddy Add :seatbelt-profiles:0 string com.apple.WebKit.WebContent +plistbuddy Add :com.apple.private.sandbox.profile string com.apple.WebKit.WebContent } function ios_family_process_webcontent_captiveportal_entitlements() @@ -427,8 +426,7 @@ plistbuddy Add :com.apple.tcc.delegated-services:0 string kTCCServiceCamera plistbuddy Add :com.apple.tcc.delegated-services:1 string kTCCServiceMicrophone -plistbuddy Add :seatbelt-profiles array -plistbuddy Add :seatbelt-profiles:0 string com.apple.WebKit.WebContent +plistbuddy Add :com.apple.private.sandbox.profile string com.apple.WebKit.WebContent } function ios_family_process_gpu_entitlements() @@ -455,8 +453,7 @@ plistbuddy Add :com.apple.tcc.delegated-services:0 string kTCCServiceCamera plistbuddy Add :com.apple.tcc.delegated-services:1 string kTCCServiceMicrophone -plistbuddy Add :seatbelt-profiles array -plistbuddy Add :seatbelt-profiles:0 string com.apple.WebKit.GPU +plistbuddy Add :com.apple.private.sandbox.profile string com.apple.WebKit.GPU plistbuddy Add :com.apple.systemstatus.activityattribution bool YES plistbuddy Add :com.apple.security.exception.mach-lookup.global-name array @@ -503,14 +500,12 @@ plistbuddy Add :com.apple.springboard.remote-alert bool YES plistbuddy Add :com.apple.frontboard.launchapplications bool YES -plistbuddy Add :seatbelt-profiles array -plistbuddy Add :seatbelt-profiles:0 string com.apple.WebKit.WebAuthn +plistbuddy Add :com.apple.private.sandbox.profile string com.apple.WebKit.WebAuthn } function ios_family_process_adattributiond_entitlements() { -plistbuddy Add :seatbelt-profiles array -plistbuddy Add :seatbelt-profiles:0 string com.apple.WebKit.adattributiond +plistbuddy Add :com.apple.private.sandbox.profile string com.apple.WebKit.adattributiond } function ios_family_process_webpushd_entitlements() @@ -537,8 +532,7 @@ plistbuddy Add :com.apple.private.tcc.manager.check-by-audit-token array plistbuddy Add :com.apple.private.tcc.manager.check-by-audit-token:0 string kTCCServiceWebKitIntelligentTrackingPrevention -plistbuddy Add :seatbelt-profiles array -plistbuddy Add :seatbelt-profiles:0 string com.apple.WebKit.Networking +plistbuddy Add :com.apple.private.sandbox.profile string com.apple.WebKit.Networking plistbuddy Add :com.apple.symptom_analytics.configure bool YES } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290752] trunk/Source/WebKit
Title: [290752] trunk/Source/WebKit Revision 290752 Author pvol...@apple.com Date 2022-03-02 13:10:45 -0800 (Wed, 02 Mar 2022) Log Message [iOS] Hard link AVPictureInPictureController https://bugs.webkit.org/show_bug.cgi?id=237227 Reviewed by Brent Fulgham. Hard linking instead of soft linking should be a small performance improvement. * Configurations/WebKit.xcconfig: * UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitializeWebProcess): Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Configurations/WebKit.xcconfig trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm Diff Modified: trunk/Source/WebKit/ChangeLog (290751 => 290752) --- trunk/Source/WebKit/ChangeLog 2022-03-02 21:04:20 UTC (rev 290751) +++ trunk/Source/WebKit/ChangeLog 2022-03-02 21:10:45 UTC (rev 290752) @@ -1,3 +1,16 @@ +2022-03-02 Per Arne Vollan + +[iOS] Hard link AVPictureInPictureController +https://bugs.webkit.org/show_bug.cgi?id=237227 + +Reviewed by Brent Fulgham. + +Hard linking instead of soft linking should be a small performance improvement. + +* Configurations/WebKit.xcconfig: +* UIProcess/Cocoa/WebProcessPoolCocoa.mm: +(WebKit::WebProcessPool::platformInitializeWebProcess): + 2022-03-02 Wenson Hsieh [iOS] Copy context menu action should be titled "Copy Link" when long pressing a non-image link Modified: trunk/Source/WebKit/Configurations/WebKit.xcconfig (290751 => 290752) --- trunk/Source/WebKit/Configurations/WebKit.xcconfig 2022-03-02 21:04:20 UTC (rev 290751) +++ trunk/Source/WebKit/Configurations/WebKit.xcconfig 2022-03-02 21:10:45 UTC (rev 290752) @@ -152,11 +152,17 @@ WK_LIBNETWORKEXTENSION_LDFLAGS_macosx = -weak_library /usr/lib/libnetworkextension.dylib; WK_LIBNETWORKEXTENSION_LDFLAGS_tvos = ; +WK_AVKIT_LDFLAGS = $(WK_AVKIT_LDFLAGS$(WK_PLATFORM_NAME)); +WK_AVKIT_LDFLAGS_iphoneos = -framework AVKit; +WK_AVKIT_LDFLAGS_iphonesimulator = -framework AVKit; +WK_AVKIT_LDFLAGS_maccatalyst = -framework AVKit; +WK_AVKIT_LDFLAGS_tvos = -framework AVKit; + WK_INSTALL_COORDINATION_LDFLAGS = $(WK_INSTALL_COORDINATION_LDFLAGS_$(WK_PLATFORM_NAME)); WK_INSTALL_COORDINATION_LDFLAGS_iphoneos = -framework InstallCoordination; WK_INSTALL_COORDINATION_LDFLAGS_iphonesimulator = $(WK_INSTALL_COORDINATION_LDFLAGS_iphoneos) -FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework IOSurface -framework WebKitLegacy -lnetwork -framework Metal $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_BACKBOARD_SERVICES_LDFLAGS) $(WK_RUNNINGBOARD_SERVICES_LDFLAGS) $(WK_AUTHKIT_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CONTACTS_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_LIBNETWORKEXTENSION_LDFLAGS) $(WK_LIBSANDBOX_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_PROTOTYPE_TOOLS_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_SECURITY_INTERFACE_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_UNIFORM_TYPE_IDENTIFIERS_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS) $(WK_WEBINSPECTORUI_LDFLAGS) $(WK_COORDINATOR_LDFLAGS) $(WK_INSTALL_COORDINATION_LD FLAGS); +FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework IOSurface -framework WebKitLegacy -lnetwork -framework Metal $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_BACKBOARD_SERVICES_LDFLAGS) $(WK_RUNNINGBOARD_SERVICES_LDFLAGS) $(WK_AUTHKIT_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CONTACTS_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_LIBNETWORKEXTENSION_LDFLAGS) $(WK_LIBSANDBOX_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_PROTOTYPE_TOOLS_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_SECURITY_INTERFACE_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_UNIFORM_TYPE_IDENTIFIERS_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS) $(WK_WEBINSPECTORUI_LDFLAGS) $(WK_COORDINATOR_LDFLAGS) $(WK_INSTALL_COORDINATION_LDF LAGS) $(WK_AVKIT_LDFLAGS); // Prevent C++ standard library basic_stringstream, operator new, delete and their related exception types from being exported as weak symbols. UNEXPORTED_SYMBOL_LDFLAGS = -Wl,-unexported_symbol -Wl,__ZTISt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTISt9exception -Wl,-unexported_symbol -Wl,__ZTSSt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTSSt9exception -Wl,-unexported_symbol -Wl,__ZdlPvS_ -Wl,-unexported_symbol -Wl,__ZnwmPv -Wl,-unexported_symbol -Wl,__Znwm -Wl,-unexported_symbol -Wl,__ZTVNSt3__117bad_function_callE -Wl,-unexported_symbol
[webkit-changes] [290731] trunk/Source/WebKit
Title: [290731] trunk/Source/WebKit Revision 290731 Author pvol...@apple.com Date 2022-03-02 08:45:29 -0800 (Wed, 02 Mar 2022) Log Message [iOS][WP] Stop generating certain sandbox violation reports https://bugs.webkit.org/show_bug.cgi?id=237364 Reviewed by Chris Dumez. Stop generating certain common sandbox violation reports in the WebContent process on iOS, since that can improve performance. We will still get telemetry for these violations. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (290730 => 290731) --- trunk/Source/WebKit/ChangeLog 2022-03-02 15:27:56 UTC (rev 290730) +++ trunk/Source/WebKit/ChangeLog 2022-03-02 16:45:29 UTC (rev 290731) @@ -1,3 +1,15 @@ +2022-03-02 Per Arne Vollan + +[iOS][WP] Stop generating certain sandbox violation reports +https://bugs.webkit.org/show_bug.cgi?id=237364 + +Reviewed by Chris Dumez. + +Stop generating certain common sandbox violation reports in the WebContent process on iOS, since that +can improve performance. We will still get telemetry for these violations. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: + 2022-03-02 Michael Catanzaro [GTK] setDragImage ignores offset Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (290730 => 290731) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-02 15:27:56 UTC (rev 290730) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-03-02 16:45:29 UTC (rev 290731) @@ -1028,7 +1028,7 @@ (home-subpath "/Library/Preferences/") (with no-log)) -(deny mach-lookup (with telemetry) +(deny mach-lookup (with no-log) (with telemetry) (global-name "com.apple.containermanagerd") ) @@ -1631,7 +1631,7 @@ ) ) -(deny darwin-notification-post (with telemetry)) +(deny darwin-notification-post (with no-log) (with telemetry)) (allow darwin-notification-post (notification-name "_AXNotification_AXSClassicInvertColorsPreference" ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290675] trunk/Source/WebCore
Title: [290675] trunk/Source/WebCore Revision 290675 Author pvol...@apple.com Date 2022-03-01 14:06:34 -0800 (Tue, 01 Mar 2022) Log Message Remove release assert when UI process is blocking IOSurface IOKit access https://bugs.webkit.org/show_bug.cgi?id=237278 Unreviewed, address review comments. Log error instead of creating CrashTracer reports. * platform/graphics/cocoa/IOSurface.mm: (WebCore::IOSurface::bytesPerRowAlignment): Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm Diff Modified: trunk/Source/WebCore/ChangeLog (290674 => 290675) --- trunk/Source/WebCore/ChangeLog 2022-03-01 21:57:06 UTC (rev 290674) +++ trunk/Source/WebCore/ChangeLog 2022-03-01 22:06:34 UTC (rev 290675) @@ -1,3 +1,16 @@ +2022-03-01 Per Arne Vollan + +Remove release assert when UI process is blocking IOSurface IOKit access +https://bugs.webkit.org/show_bug.cgi?id=237278 + + +Unreviewed, address review comments. + +Log error instead of creating CrashTracer reports. + +* platform/graphics/cocoa/IOSurface.mm: +(WebCore::IOSurface::bytesPerRowAlignment): + 2022-03-01 Matt Woodrow Use static position relative to parent for abs-pos items within nested grids. Modified: trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm (290674 => 290675) --- trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm 2022-03-01 21:57:06 UTC (rev 290674) +++ trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm 2022-03-01 22:06:34 UTC (rev 290675) @@ -293,7 +293,7 @@ // This likely means that the sandbox is blocking access to the IOSurface IOKit class, // and that IOSurface::bytesPerRowAlignment() has been called before IOSurface::setBytesPerRowAlignment. if (alignment <= 1) { -RELEASE_LOG_FAULT(Layers, "Sandbox does not allow IOSurface IOKit access."); +RELEASE_LOG_ERROR(Layers, "Sandbox does not allow IOSurface IOKit access."); // 64 bytes is currently the alignment on all platforms. alignment = 64; } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290619] trunk/Source/WebCore
Title: [290619] trunk/Source/WebCore Revision 290619 Author pvol...@apple.com Date 2022-02-28 15:48:00 -0800 (Mon, 28 Feb 2022) Log Message [iOS] Weak link AVPictureInPictureController https://bugs.webkit.org/show_bug.cgi?id=237227 Reviewed by Brent Fulgham. Weak linking instead of soft linking should be a small performance improvement. * Configurations/WebCore.xcconfig: * platform/ios/VideoFullscreenInterfaceAVKit.mm: (WebCore::supportsPictureInPicture): Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Configurations/WebCore.xcconfig trunk/Source/WebCore/platform/ios/VideoFullscreenInterfaceAVKit.mm Diff Modified: trunk/Source/WebCore/ChangeLog (290618 => 290619) --- trunk/Source/WebCore/ChangeLog 2022-02-28 23:26:38 UTC (rev 290618) +++ trunk/Source/WebCore/ChangeLog 2022-02-28 23:48:00 UTC (rev 290619) @@ -1,5 +1,19 @@ 2022-02-28 Per Arne Vollan +[iOS] Weak link AVPictureInPictureController +https://bugs.webkit.org/show_bug.cgi?id=237227 + + +Reviewed by Brent Fulgham. + +Weak linking instead of soft linking should be a small performance improvement. + +* Configurations/WebCore.xcconfig: +* platform/ios/VideoFullscreenInterfaceAVKit.mm: +(WebCore::supportsPictureInPicture): + +2022-02-28 Per Arne Vollan + Remove release assert when UI process is blocking IOSurface IOKit access https://bugs.webkit.org/show_bug.cgi?id=237278 Modified: trunk/Source/WebCore/Configurations/WebCore.xcconfig (290618 => 290619) --- trunk/Source/WebCore/Configurations/WebCore.xcconfig 2022-02-28 23:26:38 UTC (rev 290618) +++ trunk/Source/WebCore/Configurations/WebCore.xcconfig 2022-02-28 23:48:00 UTC (rev 290619) @@ -144,8 +144,12 @@ WK_SCENEKIT_LDFLAGS = $(WK_SCENEKIT_LDFLAGS_$(WK_PLATFORM_NAME)); WK_SCENEKIT_LDFLAGS_macosx = -weak_framework SceneKit; +WK_AVKIT_LDFLAGS = $(WK_AVKIT_LDFLAGS_$(WK_PLATFORM_NAME)); +WK_AVKIT_LDFLAGS_iphoneos = -weak_framework AVKit; +WK_AVKIT_LDFLAGS_iphonesimulator = -weak_framework AVKit; + // FIXME: Reduce the number of allowable_clients -OTHER_LDFLAGS = $(inherited) $(WK_RELOCATABLE_FRAMEWORK_LDFLAGS) -lsqlite3 -lobjc -allowable_client WebCoreTestSupport -allowable_client WebKitLegacy -force_load $(BUILT_PRODUCTS_DIR)/libPAL.a -framework CFNetwork -framework CoreAudio -framework CoreGraphics -framework CoreText -framework Foundation -framework IOSurface -framework ImageIO -framework Metal $(OTHER_LDFLAGS_PLATFORM_$(WK_COCOA_TOUCH)) $(OTHER_LDFLAGS_PLATFORM_$(WK_PLATFORM_NAME)) $(WK_ANGLE_LDFLAGS) $(WK_WEBGPU_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_APPSUPPORT_LDFLAGS) $(WK_AUDIO_UNIT_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_UI_LDFLAGS) $(WK_DATA_DETECTORS_CORE_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_ACCELERATOR_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_NETWORK_EXTENSION_LD_FLAGS) $(WK_SYSTEM_CONFIGURATION_LDFLAGS) $(WK_CORE_IMAGE_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS) $(WK_SCENEKIT_LDFLAGS) $(SOURCE_VERSION_LDFLAGS); +OTHER_LDFLAGS = $(inherited) $(WK_RELOCATABLE_FRAMEWORK_LDFLAGS) -lsqlite3 -lobjc -allowable_client WebCoreTestSupport -allowable_client WebKitLegacy -force_load $(BUILT_PRODUCTS_DIR)/libPAL.a -framework CFNetwork -framework CoreAudio -framework CoreGraphics -framework CoreText -framework Foundation -framework IOSurface -framework ImageIO -framework Metal $(OTHER_LDFLAGS_PLATFORM_$(WK_COCOA_TOUCH)) $(OTHER_LDFLAGS_PLATFORM_$(WK_PLATFORM_NAME)) $(WK_ANGLE_LDFLAGS) $(WK_WEBGPU_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_APPSUPPORT_LDFLAGS) $(WK_AUDIO_UNIT_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_UI_LDFLAGS) $(WK_DATA_DETECTORS_CORE_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_ACCELERATOR_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_NETWORK_EXTENSION_LD_FLAGS) $(WK_SYSTEM_CONFIGURATION_LDFLAGS) $(WK_CORE_IMAGE_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS) $(WK_SCENEKIT_LDFLAGS) $(SOURCE_VERSION_LDFLAGS) $(WK_AVKIT_LDFLAGS); OTHER_LDFLAGS_PLATFORM_cocoatouch = -allowable_client WebKit -allowable_client iTunesU -allowable_client Casablanca -allowable_client Remote -allowable_client TVBooks -allowable_client DumpRenderTree -allowable_client WebKitTestRunner -allowable_client TestWebKitAPI; OTHER_LDFLAGS_PLATFORM_macosx = -sub_library libobjc -umbrella WebKit; Modified: trunk/Source/WebCore/platform/ios/VideoFullscreenInterfaceAVKit.mm (290618 => 290619) --- trunk/Source/WebCore/platform/ios/VideoFullscreenInterfaceAVKit.mm 2022-02-28 23:26:38 UTC (rev 290618) +++ trunk/Source/WebCore/platform/ios/VideoFullscreenInterfaceAVKit.mm 2022-02-28 23:48:00 UTC (rev 290619) @@ -38,6 +38,7 @@ #import "VideoFullscreenModel.h" #import "WebAVPlayerController.h" #import +#import #import #import #import @@ -60,7 +61,6 @@ #if HAVE(AVOBSERVATIONCONTROLLER) SOFT_LINK_CLASS_OPTIONAL(AVKit, AVObservationController) #endif
[webkit-changes] [290618] trunk/Source/WebCore
Title: [290618] trunk/Source/WebCore Revision 290618 Author pvol...@apple.com Date 2022-02-28 15:26:38 -0800 (Mon, 28 Feb 2022) Log Message Remove release assert when UI process is blocking IOSurface IOKit access https://bugs.webkit.org/show_bug.cgi?id=237278 Reviewed by Darin Adler. Remove release assert in IOSurface::bytesPerRowAlignment() when UI process is blocking IOSurface IOKit access. Instead, log this event, and return an appropriate value. * platform/graphics/cocoa/IOSurface.mm: (WebCore::IOSurface::bytesPerRowAlignment): Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm Diff Modified: trunk/Source/WebCore/ChangeLog (290617 => 290618) --- trunk/Source/WebCore/ChangeLog 2022-02-28 23:24:21 UTC (rev 290617) +++ trunk/Source/WebCore/ChangeLog 2022-02-28 23:26:38 UTC (rev 290618) @@ -1,3 +1,16 @@ +2022-02-28 Per Arne Vollan + +Remove release assert when UI process is blocking IOSurface IOKit access +https://bugs.webkit.org/show_bug.cgi?id=237278 + +Reviewed by Darin Adler. + +Remove release assert in IOSurface::bytesPerRowAlignment() when UI process is blocking IOSurface IOKit access. +Instead, log this event, and return an appropriate value. + +* platform/graphics/cocoa/IOSurface.mm: +(WebCore::IOSurface::bytesPerRowAlignment): + 2022-02-28 Chris Dumez Unreviewed, address feedback from Darin regarding r290610. Modified: trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm (290617 => 290618) --- trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm 2022-02-28 23:24:21 UTC (rev 290617) +++ trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm 2022-02-28 23:26:38 UTC (rev 290618) @@ -293,7 +293,11 @@ // See https://developer.apple.com/documentation/iosurface/1419453-iosurfacegetpropertyalignment?language=objc // This likely means that the sandbox is blocking access to the IOSurface IOKit class, // and that IOSurface::bytesPerRowAlignment() has been called before IOSurface::setBytesPerRowAlignment. -RELEASE_ASSERT(alignment > 1); +if (alignment <= 1) { +RELEASE_LOG_FAULT(Layers, "Sandbox does not allow IOSurface IOKit access."); +// 64 bytes is currently the alignment on all platforms. +alignment = 64; +} } return alignment; } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290535] trunk/Source/WebKit
Title: [290535] trunk/Source/WebKit Revision 290535 Author pvol...@apple.com Date 2022-02-25 16:04:52 -0800 (Fri, 25 Feb 2022) Log Message [macOS] Add access to required mach service in the Network process https://bugs.webkit.org/show_bug.cgi?id=237216 Reviewed by Brent Fulgham. * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (290534 => 290535) --- trunk/Source/WebKit/ChangeLog 2022-02-26 00:02:09 UTC (rev 290534) +++ trunk/Source/WebKit/ChangeLog 2022-02-26 00:04:52 UTC (rev 290535) @@ -1,3 +1,13 @@ +2022-02-25 Per Arne Vollan + +[macOS] Add access to required mach service in the Network process +https://bugs.webkit.org/show_bug.cgi?id=237216 + + +Reviewed by Brent Fulgham. + +* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: + 2022-02-25 Brent Fulgham WebKit continues to render PDF images in Captive Portal mode Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (290534 => 290535) --- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-02-26 00:02:09 UTC (rev 290534) +++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-02-26 00:04:52 UTC (rev 290535) @@ -450,6 +450,10 @@ (allow mach-lookup (global-name "com.apple.tccd")) +;; +(allow mach-lookup +(global-name "com.apple.networkserviceproxy.fetch-token")) + (allow file-read* file-write* (home-subpath "/Library/HTTPStorages")) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290521] trunk/Source/WebKit
Title: [290521] trunk/Source/WebKit Revision 290521 Author pvol...@apple.com Date 2022-02-25 12:08:55 -0800 (Fri, 25 Feb 2022) Log Message Make sure there is a default Networking process to provide the Launch Services database https://bugs.webkit.org/show_bug.cgi?id=236629 Reviewed by Brent Fulgham. The WebContent processes relies on getting the Launch Services database from the Networking process. It is possible to enter a state where there is no default Network process, but a Network process is running because a Website data store is holding a reference to it. This patch addresses this issue by removing Network process references in all remaining Website data stores when the last process pool is being deleted. * UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::~WebProcessPool): * UIProcess/WebsiteData/WebsiteDataStore.cpp: (WebKit::WebsiteDataStore::removeNetworkProcessReference): * UIProcess/WebsiteData/WebsiteDataStore.h: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/UIProcess/WebProcessPool.cpp trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h Diff Modified: trunk/Source/WebKit/ChangeLog (290520 => 290521) --- trunk/Source/WebKit/ChangeLog 2022-02-25 19:42:15 UTC (rev 290520) +++ trunk/Source/WebKit/ChangeLog 2022-02-25 20:08:55 UTC (rev 290521) @@ -1,3 +1,22 @@ +2022-02-25 Per Arne Vollan + +Make sure there is a default Networking process to provide the Launch Services database +https://bugs.webkit.org/show_bug.cgi?id=236629 + +Reviewed by Brent Fulgham. + +The WebContent processes relies on getting the Launch Services database from the Networking process. +It is possible to enter a state where there is no default Network process, but a Network process is +running because a Website data store is holding a reference to it. This patch addresses this issue +by removing Network process references in all remaining Website data stores when the last process +pool is being deleted. + +* UIProcess/WebProcessPool.cpp: +(WebKit::WebProcessPool::~WebProcessPool): +* UIProcess/WebsiteData/WebsiteDataStore.cpp: +(WebKit::WebsiteDataStore::removeNetworkProcessReference): +* UIProcess/WebsiteData/WebsiteDataStore.h: + 2022-02-25 Youenn Fablet Better isolate RemoteVideoFrameObjectHeap clients from ThreadSafeObjectHeap implementation details Modified: trunk/Source/WebKit/UIProcess/WebProcessPool.cpp (290520 => 290521) --- trunk/Source/WebKit/UIProcess/WebProcessPool.cpp 2022-02-25 19:42:15 UTC (rev 290520) +++ trunk/Source/WebKit/UIProcess/WebProcessPool.cpp 2022-02-25 20:08:55 UTC (rev 290521) @@ -329,8 +329,15 @@ process->shutDown(); } -if (processPools().isEmpty() && !!NetworkProcessProxy::defaultNetworkProcess()) -NetworkProcessProxy::defaultNetworkProcess() = nullptr; +if (processPools().isEmpty()) { +WebsiteDataStore::forEachWebsiteDataStore([](auto& websiteDataStore) { +websiteDataStore.removeNetworkProcessReference(); +}); +if (auto& networkProcess = NetworkProcessProxy::defaultNetworkProcess()) { +ASSERT(networkProcess->hasOneRef()); +networkProcess = nullptr; +} +} } void WebProcessPool::initializeClient(const WKContextClientBase* client) Modified: trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp (290520 => 290521) --- trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp 2022-02-25 19:42:15 UTC (rev 290520) +++ trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp 2022-02-25 20:08:55 UTC (rev 290521) @@ -226,6 +226,11 @@ return const_cast(*this).networkProcess(); } +void WebsiteDataStore::removeNetworkProcessReference() +{ +m_networkProcess = nullptr; +} + void WebsiteDataStore::registerProcess(WebProcessProxy& process) { ASSERT(process.pageCount() || process.provisionalPageCount()); Modified: trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h (290520 => 290521) --- trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h 2022-02-25 19:42:15 UTC (rev 290520) +++ trunk/Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.h 2022-02-25 20:08:55 UTC (rev 290521) @@ -125,7 +125,8 @@ NetworkProcessProxy& networkProcess() const; NetworkProcessProxy& networkProcess(); NetworkProcessProxy* networkProcessIfExists() { return m_networkProcess.get(); } - +void removeNetworkProcessReference(); + static WebsiteDataStore* existingDataStoreForSessionID(PAL::SessionID); bool isPersistent() const { return !m_sessionID.isEphemeral(); } ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290509] trunk/Source/WebKit
Title: [290509] trunk/Source/WebKit Revision 290509 Author pvol...@apple.com Date 2022-02-25 08:23:12 -0800 (Fri, 25 Feb 2022) Log Message Remove unused soft linking declarations https://bugs.webkit.org/show_bug.cgi?id=237209 Reviewed by Brent Fulgham. * WebProcess/cocoa/WebProcessCocoa.mm: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm Diff Modified: trunk/Source/WebKit/ChangeLog (290508 => 290509) --- trunk/Source/WebKit/ChangeLog 2022-02-25 16:04:56 UTC (rev 290508) +++ trunk/Source/WebKit/ChangeLog 2022-02-25 16:23:12 UTC (rev 290509) @@ -1,3 +1,12 @@ +2022-02-25 Per Arne Vollan + +Remove unused soft linking declarations +https://bugs.webkit.org/show_bug.cgi?id=237209 + +Reviewed by Brent Fulgham. + +* WebProcess/cocoa/WebProcessCocoa.mm: + 2022-02-25 Kimmo Kinnunen REGRESSION(r289580): [ iOS macOS ] TestWebKitAPI.IPCTestingAPI.CanReceiveSharedMemory is a constant timeout Modified: trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm (290508 => 290509) --- trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2022-02-25 16:04:56 UTC (rev 290508) +++ trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2022-02-25 16:23:12 UTC (rev 290509) @@ -170,15 +170,6 @@ SOFT_LINK_FUNCTION_MAY_FAIL_FOR_SOURCE(WebKit, UIKit, _UIApplicationCatalystRequestViewServiceIdiomAndScaleFactor, void, (UIUserInterfaceIdiom idiom, CGFloat scaleFactor), (idiom, scaleFactor)) #endif -SOFT_LINK_FRAMEWORK(CoreServices) -SOFT_LINK_CLASS(CoreServices, _LSDService) -SOFT_LINK_CLASS(CoreServices, _LSDOpenService) - -#if HAVE(CMPHOTO_TILE_DECODER_AVAILABLE) -SOFT_LINK_PRIVATE_FRAMEWORK_OPTIONAL(CMPhoto) -SOFT_LINK_FUNCTION_MAY_FAIL_FOR_SOURCE(WebKit, CMPhoto, CMPhotoIsTileDecoderAvailable, Boolean, (CMVideoCodecType decoder), (decoder)) -#endif - #define RELEASE_LOG_SESSION_ID (m_sessionID ? m_sessionID->toUInt64() : 0) #define WEBPROCESS_RELEASE_LOG(channel, fmt, ...) RELEASE_LOG(channel, "%p - [sessionID=%" PRIu64 "] WebProcess::" fmt, this, RELEASE_LOG_SESSION_ID, ##__VA_ARGS__) #define WEBPROCESS_RELEASE_LOG_ERROR(channel, fmt, ...) RELEASE_LOG_ERROR(channel, "%p - [sessionID=%" PRIu64 "] WebProcess::" fmt, this, RELEASE_LOG_SESSION_ID, ##__VA_ARGS__) ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290250] trunk/Source/WebKit
Title: [290250] trunk/Source/WebKit Revision 290250 Author pvol...@apple.com Date 2022-02-21 10:10:40 -0800 (Mon, 21 Feb 2022) Log Message [macOS] Remove resource access in sandbox for older OS versions https://bugs.webkit.org/show_bug.cgi?id=236975 Reviewed by Brent Fulgham. Remove access to some resources in sandbox for older OS versions. Access to these resources were initially added in https://trac.webkit.org/changeset/290180/webkit and https://trac.webkit.org/changeset/290066/webkit, and was only intended to land on a branch. * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (290249 => 290250) --- trunk/Source/WebKit/ChangeLog 2022-02-21 18:07:18 UTC (rev 290249) +++ trunk/Source/WebKit/ChangeLog 2022-02-21 18:10:40 UTC (rev 290250) @@ -1,3 +1,17 @@ +2022-02-21 Per Arne Vollan + +[macOS] Remove resource access in sandbox for older OS versions +https://bugs.webkit.org/show_bug.cgi?id=236975 + +Reviewed by Brent Fulgham. + +Remove access to some resources in sandbox for older OS versions. Access to these resources were initially +added in https://trac.webkit.org/changeset/290180/webkit and https://trac.webkit.org/changeset/290066/webkit, +and was only intended to land on a branch. + +* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in: +* WebProcess/com.apple.WebProcess.sb.in: + 2022-02-21 Simon Lewis Change IPC encoding of boolean type to use one bit Modified: trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (290249 => 290250) --- trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-02-21 18:07:18 UTC (rev 290249) +++ trunk/Source/WebKit/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in 2022-02-21 18:10:40 UTC (rev 290250) @@ -114,20 +114,6 @@ (allow mach-lookup (global-name "com.apple.coreservices.launchservicesd")) #endif -#if !PLATFORM(MAC) || __MAC_OS_X_VERSION_MIN_REQUIRED < 13 -(allow mach-lookup -(global-name -"com.apple.analyticsd.messagetracer" -"com.apple.appsleep" -"com.apple.bsd.dirhelper" -"com.apple.espd" -"com.apple.secinitd" -"com.apple.system.DirectoryService.libinfo_v1" -"com.apple.system.logger" -"com.apple.system.opendirectoryd.membership" -"com.apple.xpc.activity.unmanaged")) -#endif - #if !ENABLE(CFPREFS_DIRECT_MODE) (allow mach-lookup (global-name "com.apple.cfprefsd.agent") Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (290249 => 290250) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-02-21 18:07:18 UTC (rev 290249) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-02-21 18:10:40 UTC (rev 290250) @@ -1872,57 +1872,6 @@ (disable-syscall-inference) #endif -#if !PLATFORM(MAC) || __MAC_OS_X_VERSION_MIN_REQUIRED < 13 -(define (syscall-unix-older-macOS) -(syscall-number -SYS___pthread_markcancel -SYS_abort_with_payload -SYS_chmod_extended -SYS_connect_nocancel -SYS_connectx -SYS_fgetattrlist ;; -SYS_fileport_makeport -SYS_fstat64_extended ;; -SYS_getpeername -SYS_getsockopt -SYS_guarded_write_np -SYS_lstat64_extended -SYS_lstat_extended -SYS_memorystatus_control ;; Needed for memory measurement infrastructure, see -SYS_mkdirat -SYS_open_dprotected_np ;; -SYS_pipe -SYS_process_policy -SYS_psynch_rw_rdlock ;; -SYS_pwrite -SYS_quotactl ;; -SYS_recvfrom -SYS_recvfrom_nocancel -SYS_rmdir -SYS_select -SYS_select_nocancel -SYS_sem_post -SYS_sem_wait -SYS_sendmsg_nocancel -SYS_sendto_nocancel -#if __MAC_OS_X_VERSION_MIN_REQUIRED < 12 -SYS_setattrlist ;; rdar://problem/74162777 -#endif -SYS_setpriority -SYS_setrlimit -SYS_setsockopt -SYS_shutdown -SYS_sigreturn -SYS_socketpair -SYS_stat64_extended ;; -SYS_terminate_with_payload ;; -SYS_thread_selfusage -#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 11 -SYS_ulock_wait2 ;; -#endif -)) -#endif - (define (syscall-unix-common) (syscall-number SYS___disable_threadsignal @@ -1970,7 +1919,6 @@ SYS_kdebug_trace SYS_kdebug_trace64 SYS_kdebug_trace_string ;; Needed for performance sampling, see . -SYS_kevent ;; SYS_kevent_id SYS_kevent_qos SYS_kqueue ;; See . Remove after is resolved. @@ -2046,6 +1994,7 @@ SYS_guarded_open_np
[webkit-changes] [290189] trunk/Source
Title: [290189] trunk/Source Revision 290189 Author pvol...@apple.com Date 2022-02-18 17:02:27 -0800 (Fri, 18 Feb 2022) Log Message Move content filtering to Networking process https://bugs.webkit.org/show_bug.cgi?id=233760 Reviewed by Brent Fulgham. Source/WebCore: Remove content filtering from DocumentLoader when the feature is enabled, since this takes place in the WebContent process. Modify the ContentFilter class by removing use of the types CachedResoure and CachedRawResource, since objects of these types are not available in the Networking process. Parameters with these types are replaced with URL parameters. The new behavior is behind a feature flag, which is not enabled in this patch. * WebCore.xcodeproj/project.pbxproj: * loader/ContentFilter.cpp: (WebCore::ContentFilter::startFilteringMainResource): (WebCore::ContentFilter::stopFilteringMainResource): (WebCore::ContentFilter::continueAfterResponseReceived): (WebCore::ContentFilter::continueAfterDataReceived): (WebCore::ContentFilter::continueAfterNotifyFinished): (WebCore::ContentFilter::didDecide): (WebCore::ContentFilter::deliverResourceData): (WebCore::ContentFilter::url): (WebCore::ContentFilter::deliverStoredResourceData): * loader/ContentFilter.h: (WebCore::ContentFilter::blockedError const): (WebCore::ContentFilter::isAllowed const): (WebCore::ContentFilter::responseReceived const): * loader/ContentFilterClient.h: * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::notifyFinished): (WebCore::DocumentLoader::willSendRequest): (WebCore::DocumentLoader::responseReceived): (WebCore::DocumentLoader::dataReceived): (WebCore::DocumentLoader::detachFromFrame): (WebCore::DocumentLoader::startLoadingMainResource): (WebCore::DocumentLoader::clearMainResource): (WebCore::DocumentLoader::becomeMainResourceClient): (WebCore::DocumentLoader::contentFilterDidBlock): (WebCore::DocumentLoader::handleContentFilterDidBlock): (WebCore::DocumentLoader::handleContentFilterProvisionalLoadFailure): (WebCore::DocumentLoader::contentFilterWillHandleProvisionalLoadFailure): (WebCore::DocumentLoader::contentFilterHandleProvisionalLoadFailure): * loader/DocumentLoader.h: * loader/FrameLoader.cpp: (WebCore::FrameLoader::dispatchDidFailProvisionalLoad): * loader/PolicyChecker.cpp: (WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy): * loader/SubstituteData.h: (WebCore::SubstituteData::encode const): (WebCore::SubstituteData::decode): * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm: (WebCore::ContentFilterUnblockHandler::canHandleRequest const): Source/WebKit: Move content filtering from the DocumentLoader class in the WebProcess to the NetworkResourceLoader class in the Networking process. The NetworkResourceLoader is now a client of the content filter, and will send messages to the DocumentLoader in the WebProcess to cancel the load when the content filter decided to block the load. If the content filter is providing replacement data, this will also be sent over IPC to the WebProcess. Data is not being sent to the WebProcess until the content filter has decided to allow the load, if content filtering is enabled. * NetworkProcess/NetworkResourceLoader.cpp: (WebKit::NetworkResourceLoader::start): (WebKit::NetworkResourceLoader::startContentFiltering): (WebKit::NetworkResourceLoader::didReceiveResponse): (WebKit::NetworkResourceLoader::didFinishLoading): (WebKit::NetworkResourceLoader::willSendRedirectedRequest): (WebKit::NetworkResourceLoader::bufferingTimerFired): (WebKit::NetworkResourceLoader::sendBuffer): (WebKit::NetworkResourceLoader::didRetrieveCacheEntry): (WebKit::NetworkResourceLoader::sendResultForCacheEntry): (WebKit::NetworkResourceLoader::dataReceivedThroughContentFilter): (WebKit::NetworkResourceLoader::contentFilterDidBlock): (WebKit::NetworkResourceLoader::cancelMainResourceLoadForContentFilter): (WebKit::NetworkResourceLoader::handleProvisionalLoadFailureFromContentFilter): * NetworkProcess/NetworkResourceLoader.h: * UIProcess/Network/NetworkProcessProxy.cpp: (WebKit::NetworkProcessProxy::reloadAfterUnblockedContentFilter): * UIProcess/Network/NetworkProcessProxy.h: * UIProcess/Network/NetworkProcessProxy.messages.in: * WebProcess/Network/WebResourceLoader.cpp: (WebKit::WebResourceLoader::contentFilterDidBlockLoad): (WebKit::WebResourceLoader::cancelMainResourceLoadForContentFilter): (WebKit::WebResourceLoader::handleProvisionalLoadFailureFromContentFilter): (WebKit::WebResourceLoader::reload): * WebProcess/Network/WebResourceLoader.h: * WebProcess/Network/WebResourceLoader.messages.in: Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj trunk/Source/WebCore/loader/ContentFilter.cpp trunk/Source/WebCore/loader/ContentFilter.h trunk/Source/WebCore/loader/ContentFilterClient.h trunk/Source/WebCore/loader/DocumentLoader.cpp trunk/Source/WebCore/loader/DocumentLoader.h trunk/Source/WebCore/loader/FrameLoader.cpp trunk/Source/WebCore/loader/PolicyChecker.cpp
[webkit-changes] [290187] trunk/Source/WebKit
Title: [290187] trunk/Source/WebKit Revision 290187 Author pvol...@apple.com Date 2022-02-18 16:52:16 -0800 (Fri, 18 Feb 2022) Log Message [iOS] Add required Mach service to the sandbox of the GPU process https://bugs.webkit.org/show_bug.cgi?id=236860 Reviewed by Darin Adler. * Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb Diff Modified: trunk/Source/WebKit/ChangeLog (290186 => 290187) --- trunk/Source/WebKit/ChangeLog 2022-02-19 00:44:12 UTC (rev 290186) +++ trunk/Source/WebKit/ChangeLog 2022-02-19 00:52:16 UTC (rev 290187) @@ -1,3 +1,12 @@ +2022-02-18 Per Arne Vollan + +[iOS] Add required Mach service to the sandbox of the GPU process +https://bugs.webkit.org/show_bug.cgi?id=236860 + +Reviewed by Darin Adler. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb: + 2022-02-18 Devin Rousso [iOS] Safari can sometimes hang while printing due to sync IPC Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb (290186 => 290187) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb 2022-02-19 00:44:12 UTC (rev 290186) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb 2022-02-19 00:52:16 UTC (rev 290187) @@ -100,6 +100,7 @@ (global-name "com.apple.coremedia.cpe.xpc") ; Needed for HDR playback. (global-name "com.apple.coremedia.customurlloader.xpc") ; Needed for custom media loading (global-name "com.apple.coremedia.formatreader.xpc") + (global-name "com.apple.coremedia.mediaparserd.formatreader.xpc") (global-name "com.apple.coremedia.player.xpc") (global-name "com.apple.coremedia.remaker") (global-name "com.apple.coremedia.remotequeue") ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290183] trunk/Source/WebKit
Title: [290183] trunk/Source/WebKit Revision 290183 Author pvol...@apple.com Date 2022-02-18 16:27:04 -0800 (Fri, 18 Feb 2022) Log Message Remove unneeded sandbox extension code https://bugs.webkit.org/show_bug.cgi?id=228777 Reviewed by Brent Fulgham. Since the GPU process is now enabled by default, some related sandbox extension code can be removed. * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: * Shared/WebPageCreationParameters.cpp: (WebKit::WebPageCreationParameters::encode const): (WebKit::WebPageCreationParameters::decode): * Shared/WebPageCreationParameters.h: * UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::creationParameters): (WebKit::mediaRelatedMachServices): Deleted. (WebKit::mediaRelatedIOKitClasses): Deleted. * WebProcess/WebPage/WebPage.cpp: (WebKit::m_appHighlightsVisible): * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in trunk/Source/WebKit/Shared/WebPageCreationParameters.cpp trunk/Source/WebKit/Shared/WebPageCreationParameters.h trunk/Source/WebKit/UIProcess/WebPageProxy.cpp trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (290182 => 290183) --- trunk/Source/WebKit/ChangeLog 2022-02-19 00:22:29 UTC (rev 290182) +++ trunk/Source/WebKit/ChangeLog 2022-02-19 00:27:04 UTC (rev 290183) @@ -1,5 +1,28 @@ 2022-02-18 Per Arne Vollan +Remove unneeded sandbox extension code +https://bugs.webkit.org/show_bug.cgi?id=228777 + + +Reviewed by Brent Fulgham. + +Since the GPU process is now enabled by default, some related sandbox extension code can be removed. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in: +* Shared/WebPageCreationParameters.cpp: +(WebKit::WebPageCreationParameters::encode const): +(WebKit::WebPageCreationParameters::decode): +* Shared/WebPageCreationParameters.h: +* UIProcess/WebPageProxy.cpp: +(WebKit::WebPageProxy::creationParameters): +(WebKit::mediaRelatedMachServices): Deleted. +(WebKit::mediaRelatedIOKitClasses): Deleted. +* WebProcess/WebPage/WebPage.cpp: +(WebKit::m_appHighlightsVisible): +* WebProcess/com.apple.WebProcess.sb.in: + +2022-02-18 Per Arne Vollan + [iOS] Add access to required Mach service in the Network process https://bugs.webkit.org/show_bug.cgi?id=236853 Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (290182 => 290183) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-02-19 00:22:29 UTC (rev 290182) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2022-02-19 00:27:04 UTC (rev 290183) @@ -1091,20 +1091,6 @@ "com.apple.tccd" "com.apple.uikit.viewservice.com.apple.WebContentFilter.remoteUI" "com.apple.webinspector" - -;;; FIXME(207716): The following should be removed when the GPU process is complete -"com.apple.airplay.apsynccontroller.xpc" "com.apple.audio.AURemoteIOServer" "com.apple.audio.AudioComponentPrefs" "com.apple.audio.AudioComponentRegistrar" -"com.apple.audio.AudioQueueServer" "com.apple.audio.AudioSession" "com.apple.coremedia.admin" "com.apple.coremedia.asset.xpc" -"com.apple.coremedia.assetimagegenerator.xpc" "com.apple.coremedia.audiodeviceclock.xpc" "com.apple.coremedia.audioprocessingtap.xpc" -"com.apple.coremedia.capturesession" "com.apple.coremedia.capturesource" "com.apple.coremedia.compressionsession" "com.apple.coremedia.cpe.xpc" -"com.apple.coremedia.cpeprotector.xpc" "com.apple.coremedia.customurlloader.xpc" "com.apple.coremedia.decompressionsession" -"com.apple.coremedia.endpoint.xpc" "com.apple.coremedia.figcontentkeysession.xpc" "com.apple.coremedia.figcpecryptor" -"com.apple.coremedia.formatreader.xpc" "com.apple.coremedia.player.xpc" "com.apple.coremedia.remaker" "com.apple.coremedia.remotequeue" -"com.apple.coremedia.routediscoverer.xpc" "com.apple.coremedia.routingcontext.xpc" "com.apple.coremedia.routingsessionmanager.xpc" -"com.apple.coremedia.samplebufferaudiorenderer.xpc" "com.apple.coremedia.samplebufferrendersynchronizer.xpc" "com.apple.coremedia.sandboxserver.xpc" -"com.apple.coremedia.sts" "com.apple.coremedia.systemcontroller.xpc" "com.apple.coremedia.videoqueue" "com.apple.coremedia.volumecontroller.xpc" -"com.apple.coremedia.visualcontext.xpc" "com.apple.mediaremoted.xpc" "com.apple.accessibility.mediaaccessibilityd" -;;; FIXME(207716): End services to remove. ))) ;; Silence warnings about these connections if we have decided not to
[webkit-changes] [290180] trunk/Source/WebKit
Title: [290180] trunk/Source/WebKit Revision 290180 Author pvol...@apple.com Date 2022-02-18 16:18:58 -0800 (Fri, 18 Feb 2022) Log Message [iOS] Add access to required Mach service in the Network process https://bugs.webkit.org/show_bug.cgi?id=236853 Reviewed by Darin Adler. * Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb Diff Modified: trunk/Source/WebKit/ChangeLog (290179 => 290180) --- trunk/Source/WebKit/ChangeLog 2022-02-19 00:03:05 UTC (rev 290179) +++ trunk/Source/WebKit/ChangeLog 2022-02-19 00:18:58 UTC (rev 290180) @@ -1,3 +1,13 @@ +2022-02-18 Per Arne Vollan + +[iOS] Add access to required Mach service in the Network process +https://bugs.webkit.org/show_bug.cgi?id=236853 + + +Reviewed by Darin Adler. + +* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb: + 2022-02-18 Robert Jenner Unreviewed, reverting r290149. Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb (290179 => 290180) --- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb 2022-02-19 00:03:05 UTC (rev 290179) +++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb 2022-02-19 00:18:58 UTC (rev 290180) @@ -215,6 +215,10 @@ (allow mach-lookup (global-name "com.apple.nehelper")) +;; +(allow mach-lookup +(global-name "com.apple.networkserviceproxy.fetch-token")) + (allow-well-known-system-group-container-literal-read "/systemgroup.com.apple.nsurlstoragedresources/Library/dafsaData.bin") ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [290066] trunk/Source/WebKit
Title: [290066] trunk/Source/WebKit Revision 290066 Author pvol...@apple.com Date 2022-02-17 13:27:37 -0800 (Thu, 17 Feb 2022) Log Message [macOS][WP] Add required syscall to sandbox https://bugs.webkit.org/show_bug.cgi?id=236781 Reviewed by Chris Dumez. Add required syscall to the WebContent process' sandbox on macOS. This patch also adds back a set of syscalls that were removed in https://commits.webkit.org/r286778 for current and previous versions of macOS. These syscalls will be denied going forward. * WebProcess/com.apple.WebProcess.sb.in: Modified Paths trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in Diff Modified: trunk/Source/WebKit/ChangeLog (290065 => 290066) --- trunk/Source/WebKit/ChangeLog 2022-02-17 21:19:01 UTC (rev 290065) +++ trunk/Source/WebKit/ChangeLog 2022-02-17 21:27:37 UTC (rev 290066) @@ -1,3 +1,17 @@ +2022-02-17 Per Arne Vollan + +[macOS][WP] Add required syscall to sandbox +https://bugs.webkit.org/show_bug.cgi?id=236781 + + +Reviewed by Chris Dumez. + +Add required syscall to the WebContent process' sandbox on macOS. This patch also adds back a set of +syscalls that were removed in https://commits.webkit.org/r286778 for current and previous versions +of macOS. These syscalls will be denied going forward. + +* WebProcess/com.apple.WebProcess.sb.in: + 2022-02-17 Kimmo Kinnunen ASSERTION FAILED: Thread::current().uid() == threadAssertion.m_uid for RemoteVideoFrameObjectHeap Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (290065 => 290066) --- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-02-17 21:19:01 UTC (rev 290065) +++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2022-02-17 21:27:37 UTC (rev 290066) @@ -1895,6 +1895,57 @@ (disable-syscall-inference) #endif +#if !PLATFORM(MAC) || __MAC_OS_X_VERSION_MIN_REQUIRED < 13 +(define (syscall-unix-older-macOS) +(syscall-number +SYS___pthread_markcancel +SYS_abort_with_payload +SYS_chmod_extended +SYS_connect_nocancel +SYS_connectx +SYS_fgetattrlist ;; +SYS_fileport_makeport +SYS_fstat64_extended ;; +SYS_getpeername +SYS_getsockopt +SYS_guarded_write_np +SYS_lstat64_extended +SYS_lstat_extended +SYS_memorystatus_control ;; Needed for memory measurement infrastructure, see +SYS_mkdirat +SYS_open_dprotected_np ;; +SYS_pipe +SYS_process_policy +SYS_psynch_rw_rdlock ;; +SYS_pwrite +SYS_quotactl ;; +SYS_recvfrom +SYS_recvfrom_nocancel +SYS_rmdir +SYS_select +SYS_select_nocancel +SYS_sem_post +SYS_sem_wait +SYS_sendmsg_nocancel +SYS_sendto_nocancel +#if __MAC_OS_X_VERSION_MIN_REQUIRED < 12 +SYS_setattrlist ;; rdar://problem/74162777 +#endif +SYS_setpriority +SYS_setrlimit +SYS_setsockopt +SYS_shutdown +SYS_sigreturn +SYS_socketpair +SYS_stat64_extended ;; +SYS_terminate_with_payload ;; +SYS_thread_selfusage +#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 11 +SYS_ulock_wait2 ;; +#endif +)) +#endif + (define (syscall-unix-common) (syscall-number SYS___disable_threadsignal @@ -1942,6 +1993,7 @@ SYS_kdebug_trace SYS_kdebug_trace64 SYS_kdebug_trace_string ;; Needed for performance sampling, see . +SYS_kevent ;; SYS_kevent_id SYS_kevent_qos SYS_kqueue ;; See . Remove after is resolved. @@ -2049,6 +2101,11 @@ (allow syscall-unix (syscall-unix-common)) +#if !PLATFORM(MAC) || __MAC_OS_X_VERSION_MIN_REQUIRED < 13 +(allow syscall-unix +(syscall-unix-older-macOS)) +#endif + (if (equal? (param "CPU") "arm64") (begin (allow syscall-unix ___ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes
[webkit-changes] [289994] trunk/Source
Title: [289994] trunk/Source Revision 289994 Author pvol...@apple.com Date 2022-02-16 19:46:45 -0800 (Wed, 16 Feb 2022) Log Message Send icons to the WebContent process for rendering of the attachment element https://bugs.webkit.org/show_bug.cgi?id=236386 Reviewed by Darin Adler. In order to avoid connecting to the Icon Services daemon in the WebContent process, we should send the icons for the attachment Source/WebCore: element to the WebContent process from the UI process. When the icon is being painted in the WebContent process, it is getting the icon from the HTML attachment element, instead of creating it by connecting to Icon Services. The icon in the attachment element is received from the UI process. A new AttachmentElementClient class is created to forward the messages to the UI process. * WebCore.xcodeproj/project.pbxproj: * html/HTMLAttachmentElement.cpp: (WebCore::HTMLAttachmentElement::updateIcon): (WebCore::HTMLAttachmentElement::icon const): (WebCore::HTMLAttachmentElement::iconSize const): * html/HTMLAttachmentElement.h: * loader/EmptyClients.cpp: (WebCore::pageConfigurationWithEmptyClients): * page/AttachmentElementClient.h: Added. (WebCore::AttachmentElementClient::~AttachmentElementClient): * page/EmptyAttachmentElementClient.h: Added. * page/Page.cpp: (WebCore::m_attachmentElementClient): (WebCore::m_modelPlayerProvider): Deleted. * page/Page.h: (WebCore::Page::attachmentElementClient): * page/PageConfiguration.cpp: (WebCore::PageConfiguration::PageConfiguration): * page/PageConfiguration.h: * platform/graphics/Icon.h: (WebCore::Icon::nsImage const): * rendering/RenderThemeIOS.h: * rendering/RenderThemeIOS.mm: (WebCore::RenderThemeIOS::iconForAttachment): (WebCore::RenderAttachmentInfo::RenderAttachmentInfo): (WebCore::paintAttachmentIcon): (WebCore::iconForAttachment): Deleted. * rendering/RenderThemeMac.h: * rendering/RenderThemeMac.mm: (WebCore::RenderThemeMac::iconForAttachment): (WebCore::paintAttachmentIcon): (WebCore::iconForAttachment): Deleted. Source/WebKit: element to the WebContent process from the UI process. The icon will be sent to the WebContent process when the attachment attributes are updated, or the WebContent process has requested the icon. The new client class WebAttachmentElementClient is responsible for requesting icons from the UI process. * Sources.txt: * UIProcess/Cocoa/WebPageProxyCocoa.mm: (WebKit::convertPlatformImageToBitmap): (WebKit::WebPageProxy::iconForAttachment): (WebKit::WebPageProxy::requestThumbnailWithOperation): * UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::requestAttachmentIcon): (WebKit::WebPageProxy::updateAttachmentAttributes): (WebKit::WebPageProxy::updateAttachmentThumbnail): (WebKit::WebPageProxy::updateAttachmentIcon): Deleted. * UIProcess/WebPageProxy.h: * UIProcess/WebPageProxy.messages.in: * WebKit.xcodeproj/project.pbxproj: * WebProcess/WebCoreSupport/WebAttachmentElementClient.cpp: Added. (WebKit::WebAttachmentElementClient::WebAttachmentElementClient): (WebKit::WebAttachmentElementClient::requestAttachmentIcon): * WebProcess/WebCoreSupport/WebAttachmentElementClient.h: Added. * WebProcess/WebCoreSupport/WebEditorClient.cpp: (WebKit::WebEditorClient::didInsertAttachmentWithIdentifier): * WebProcess/WebPage/WebPage.cpp: (WebKit::m_appHighlightsVisible): (WebKit::WebPage::updateAttachmentThumbnail): (WebKit::WebPage::updateAttachmentIcon): (WebKit::WebPage::requestAttachmentIcon): * WebProcess/WebPage/WebPage.h: * WebProcess/WebPage/WebPage.messages.in: Modified Paths trunk/Source/WebCore/ChangeLog trunk/Source/WebCore/Headers.cmake trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj trunk/Source/WebCore/html/HTMLAttachmentElement.cpp trunk/Source/WebCore/html/HTMLAttachmentElement.h trunk/Source/WebCore/loader/EmptyClients.cpp trunk/Source/WebCore/page/Page.cpp trunk/Source/WebCore/page/Page.h trunk/Source/WebCore/page/PageConfiguration.cpp trunk/Source/WebCore/page/PageConfiguration.h trunk/Source/WebCore/platform/graphics/Icon.h trunk/Source/WebCore/rendering/RenderThemeIOS.h trunk/Source/WebCore/rendering/RenderThemeIOS.mm trunk/Source/WebCore/rendering/RenderThemeMac.h trunk/Source/WebCore/rendering/RenderThemeMac.mm trunk/Source/WebKit/ChangeLog trunk/Source/WebKit/Sources.txt trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm trunk/Source/WebKit/UIProcess/WebPageProxy.cpp trunk/Source/WebKit/UIProcess/WebPageProxy.h trunk/Source/WebKit/UIProcess/WebPageProxy.messages.in trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp trunk/Source/WebKit/WebProcess/WebPage/WebPage.h trunk/Source/WebKit/WebProcess/WebPage/WebPage.messages.in Added Paths trunk/Source/WebCore/page/AttachmentElementClient.h trunk/Source/WebCore/page/EmptyAttachmentElementClient.h trunk/Source/WebKit/WebProcess/WebCoreSupport/WebAttachmentElementClient.cpp trunk/Source/WebKit/WebProcess/WebCoreSupport/WebAttachmentElementClient.h Diff Modified: