[webkit-changes] [271860] trunk/Source/WebKit

[pvollan]

Title: [271860] trunk/Source/WebKit

Revision

271860

Author

pvol...@apple.com

Date

2021-01-25 14:39:36 -0800 (Mon, 25 Jan 2021)

Log Message

[macOS] Create extension to Metal compiler service based on GPUP flags
https://bugs.webkit.org/show_bug.cgi?id=220931
<rdar://problem/73574476>

Reviewed by Brent Fulgham.

Depending on which GPUP settings are enabled, an extension to the Metal compiler service should be created.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
* Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):
* Shared/WebPageCreationParameters.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::gpuMachServices):
(WebKit::WebPageProxy::creationParameters):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::m_limitsNavigationsToAppBoundDomains):
* WebProcess/com.apple.WebProcess.sb.in:

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb
• trunk/Source/WebKit/Shared/WebPageCreationParameters.cpp
• trunk/Source/WebKit/Shared/WebPageCreationParameters.h
• trunk/Source/WebKit/UIProcess/WebPageProxy.cpp
• trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp
• trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in

Diff

Modified: trunk/Source/WebKit/ChangeLog (271859 => 271860)

--- trunk/Source/WebKit/ChangeLog	2021-01-25 22:24:16 UTC (rev 271859)
+++ trunk/Source/WebKit/ChangeLog	2021-01-25 22:39:36 UTC (rev 271860)
@@ -1,3 +1,25 @@
+2021-01-25  Per Arne  <pvol...@apple.com>
+
+        [macOS] Create extension to Metal compiler service based on GPUP flags
+        https://bugs.webkit.org/show_bug.cgi?id=220931
+        <rdar://problem/73574476>
+
+        Reviewed by Brent Fulgham.
+
+        Depending on which GPUP settings are enabled, an extension to the Metal compiler service should be created.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+        * Shared/WebPageCreationParameters.cpp:
+        (WebKit::WebPageCreationParameters::encode const):
+        (WebKit::WebPageCreationParameters::decode):
+        * Shared/WebPageCreationParameters.h:
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::gpuMachServices):
+        (WebKit::WebPageProxy::creationParameters):
+        * WebProcess/WebPage/WebPage.cpp:
+        (WebKit::m_limitsNavigationsToAppBoundDomains):
+        * WebProcess/com.apple.WebProcess.sb.in:
+
 2021-01-25  Per Arne Vollan  <pvol...@apple.com>
 
         [macOS] Restrict access to dtracehelper

Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (271859 => 271860)

--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb	2021-01-25 22:24:16 UTC (rev 271859)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb	2021-01-25 22:39:36 UTC (rev 271860)
@@ -265,10 +265,22 @@
     (allow sysctl-read
            (sysctl-name #"kern.bootsessionuuid"))
 
+    ;; <rdar://problem/47268166>
     (allow mach-lookup
-       ;; <rdar://problem/47268166>
-       (xpc-service-name "com.apple.MTLCompilerService"))
-    
+        (require-all
+            (extension "com.apple.webkit.extension.mach")
+            (xpc-service-name "com.apple.MTLCompilerService")
+        )
+    )
+    ;; This is just for logging. Remove when GPU process is enabled by default.
+    (allow mach-lookup
+        (with telemetry)
+        (require-all
+            (require-not (extension "com.apple.webkit.extension.mach"))
+            (xpc-service-name "com.apple.MTLCompilerService")
+        )
+    )
+
     (mobile-preferences-read
         "com.apple.Metal" ;; <rdar://problem/25535471>
         "com.apple.opengl" ;; <rdar://problem/23321675>

Modified: trunk/Source/WebKit/Shared/WebPageCreationParameters.cpp (271859 => 271860)

--- trunk/Source/WebKit/Shared/WebPageCreationParameters.cpp	2021-01-25 22:24:16 UTC (rev 271859)
+++ trunk/Source/WebKit/Shared/WebPageCreationParameters.cpp	2021-01-25 22:39:36 UTC (rev 271860)
@@ -118,6 +118,7 @@
     encoder << mediaExtensionHandles;
     encoder << mediaIOKitExtensionHandles;
     encoder << gpuIOKitExtensionHandles;
+    encoder << gpuMachExtensionHandles;
 #endif
 #if HAVE(APP_ACCENT_COLORS)
     encoder << accentColor;
@@ -390,6 +391,12 @@
     if (!gpuIOKitExtensionHandles)
         return WTF::nullopt;
     parameters.gpuIOKitExtensionHandles = WTFMove(*gpuIOKitExtensionHandles);
+
+    Optional<SandboxExtension::HandleArray> gpuMachExtensionHandles;
+    decoder >> gpuMachExtensionHandles;
+    if (!gpuMachExtensionHandles)
+        return WTF::nullopt;
+    parameters.gpuMachExtensionHandles = WTFMove(*gpuMachExtensionHandles);
 #endif
 
 #if HAVE(APP_ACCENT_COLORS)

Modified: trunk/Source/WebKit/Shared/WebPageCreationParameters.h (271859 => 271860)

--- trunk/Source/WebKit/Shared/WebPageCreationParameters.h	2021-01-25 22:24:16 UTC (rev 271859)
+++ trunk/Source/WebKit/Shared/WebPageCreationParameters.h	2021-01-25 22:39:36 UTC (rev 271860)
@@ -177,6 +177,7 @@
     SandboxExtension::HandleArray mediaExtensionHandles; // FIXME(207716): Remove when GPU process is complete.
     SandboxExtension::HandleArray mediaIOKitExtensionHandles;
     SandboxExtension::HandleArray gpuIOKitExtensionHandles;
+    SandboxExtension::HandleArray gpuMachExtensionHandles;
 #endif
 #if HAVE(APP_ACCENT_COLORS)
     WebCore::Color accentColor;

Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (271859 => 271860)

--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp	2021-01-25 22:24:16 UTC (rev 271859)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp	2021-01-25 22:39:36 UTC (rev 271860)
@@ -7785,6 +7785,18 @@
     return services;
 }
 
+static const Vector<ASCIILiteral>& gpuMachServices()
+{
+    ASSERT(isMainThread());
+    static const auto services = makeNeverDestroyed(Vector<ASCIILiteral> {
+        "com.apple.MTLCompilerService"_s,
+#if PLATFORM(MAC) || PLATFORM(MACCATALYST)
+        "com.apple.cvmsServ"_s,
+#endif
+    });
+    return services;
+}
+
 // FIXME(207716): The following should be removed when the GPU process is complete.
 static const Vector<ASCIILiteral>& mediaRelatedMachServices()
 {
@@ -7935,8 +7947,10 @@
         || (!preferences().captureVideoInGPUProcessEnabled() && !preferences().captureVideoInUIProcessEnabled())
         || (!preferences().captureAudioInGPUProcessEnabled() && !preferences().captureAudioInUIProcessEnabled())
         || !preferences().useGPUProcessForCanvasRenderingEnabled()
-        || !preferences().useGPUProcessForWebGLEnabled())
+        || !preferences().useGPUProcessForWebGLEnabled()) {
         parameters.gpuIOKitExtensionHandles = SandboxExtension::createHandlesForIOKitClassExtensions(gpuIOKitClasses(), WTF::nullopt);
+        parameters.gpuMachExtensionHandles = SandboxExtension::createHandlesForMachLookup(gpuMachServices(), WTF::nullopt);
+    }
 #endif
 #if HAVE(APP_ACCENT_COLORS)
     parameters.accentColor = pageClient().accentColor();

Modified: trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp (271859 => 271860)

--- trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp	2021-01-25 22:24:16 UTC (rev 271859)
+++ trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp	2021-01-25 22:39:36 UTC (rev 271860)
@@ -593,10 +593,11 @@
         SandboxExtension::consumePermanently(parameters.mediaIOKitExtensionHandles);
         hasConsumedMediaExtensionHandles = true;
     }
-    static bool hasConsumedGPUIOKitExtensionHandles = false;
-    if (!hasConsumedGPUIOKitExtensionHandles && parameters.gpuIOKitExtensionHandles.size()) {
+    static bool hasConsumedGPUExtensionHandles = false;
+    if (!hasConsumedGPUExtensionHandles) {
         SandboxExtension::consumePermanently(parameters.gpuIOKitExtensionHandles);
-        hasConsumedGPUIOKitExtensionHandles = true;
+        SandboxExtension::consumePermanently(parameters.gpuMachExtensionHandles);
+        hasConsumedGPUExtensionHandles = true;
     }
 #endif
 

Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (271859 => 271860)

--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2021-01-25 22:24:16 UTC (rev 271859)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2021-01-25 22:39:36 UTC (rev 271860)
@@ -106,10 +106,21 @@
         (preference-domain "com.nvidia.OpenGL"))
     ;; CVMS
     (allow mach-lookup
+        (require-all
+            (extension "com.apple.webkit.extension.mach")
+            (global-name "com.apple.cvmsServ")
+        )
+    )
+    ;; This is just for logging. Remove when the GPU process is enabled by default.
+    (allow mach-lookup
 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 110000
         (with telemetry-backtrace)
 #endif
-        (global-name "com.apple.cvmsServ"))
+        (require-all
+            (require-not (extension "com.apple.webkit.extension.mach"))
+            (global-name "com.apple.cvmsServ")
+        )
+    )
 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101400 || PLATFORM(MACCATALYST)
     (allow file-read*
         (prefix "/private/var/db/CVMS/cvmsCodeSignObj"))
@@ -1145,10 +1156,21 @@
 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101400 || PLATFORM(MACCATALYST)
 ;; <rdar://problem/47268166>
 (allow mach-lookup
+    (require-all
+        (extension "com.apple.webkit.extension.mach")
+        (xpc-service-name "com.apple.MTLCompilerService")
+    )
+)
+;; This is just for logging. Remove when GPU process is enabled by default.
+(allow mach-lookup
 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 110000
     (with telemetry-backtrace)
 #endif
-    (xpc-service-name "com.apple.MTLCompilerService"))
+    (require-all
+        (require-not (extension "com.apple.webkit.extension.mach"))
+        (xpc-service-name "com.apple.MTLCompilerService")
+    )
+)
 #endif
 
 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101400 || PLATFORM(MACCATALYST)

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes