Diff
Modified: trunk/Source/WTF/ChangeLog (222182 => 222183)
--- trunk/Source/WTF/ChangeLog 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WTF/ChangeLog 2017-09-18 22:35:38 UTC (rev 222183)
@@ -1,3 +1,12 @@
+2017-09-18 Andy Estes <[email protected]>
+
+ [Cocoa] Upstream sandbox-related WebKitSystemInterface functions
+ https://bugs.webkit.org/show_bug.cgi?id=177047
+
+ Reviewed by Daniel Bates.
+
+ * wtf/spi/darwin/SandboxSPI.h:
+
2017-09-18 Ryan Haddad <[email protected]>
Unreviewed, rolling out r222170.
Modified: trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h (222182 => 222183)
--- trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h 2017-09-18 22:35:38 UTC (rev 222183)
@@ -42,11 +42,18 @@
WTF_EXTERN_C_BEGIN
+extern const char *const APP_SANDBOX_READ;
+extern const char *const APP_SANDBOX_READ_WRITE;
extern const enum sandbox_filter_type SANDBOX_CHECK_NO_REPORT;
+
+char *sandbox_extension_issue_file(const char *extension_class, const char *path, uint32_t flags);
+char *sandbox_extension_issue_generic(const char *extension_class, uint32_t flags);
int sandbox_check(pid_t, const char *operation, enum sandbox_filter_type, ...);
int sandbox_check_by_audit_token(audit_token_t, const char *operation, enum sandbox_filter_type, ...);
int sandbox_container_path_for_pid(pid_t, char *buffer, size_t bufsize);
+int sandbox_extension_release(int64_t extension_handle);
int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);
+int64_t sandbox_extension_consume(const char *extension_token);
WTF_EXTERN_C_END
Modified: trunk/Source/WebKit/ChangeLog (222182 => 222183)
--- trunk/Source/WebKit/ChangeLog 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/ChangeLog 2017-09-18 22:35:38 UTC (rev 222183)
@@ -1,5 +1,64 @@
2017-09-18 Andy Estes <[email protected]>
+ [Cocoa] Upstream sandbox-related WebKitSystemInterface functions
+ https://bugs.webkit.org/show_bug.cgi?id=177047
+
+ Reviewed by Daniel Bates.
+
+ * NetworkProcess/NetworkResourceLoadParameters.cpp:
+ (WebKit::NetworkResourceLoadParameters::encode const):
+ * Platform/spi/mac/QuarantineSPI.h: Added.
+ * Shared/SandboxExtension.h:
+ (): Deleted.
+ * Shared/mac/ChildProcessMac.mm:
+ (WebKit::enableSandboxStyleFileQuarantine):
+ (WebKit::ChildProcess::initializeSandbox):
+ * Shared/mac/SandboxExtensionMac.mm:
+ (WebKit::SandboxExtensionImpl::create):
+ (WebKit::SandboxExtensionImpl::SandboxExtensionImpl):
+ (WebKit::SandboxExtensionImpl::~SandboxExtensionImpl):
+ (WebKit::SandboxExtensionImpl::consume):
+ (WebKit::SandboxExtensionImpl::invalidate):
+ (WebKit::SandboxExtensionImpl::getSerializedFormat):
+ (WebKit::SandboxExtension::Handle::Handle):
+ (WebKit::SandboxExtension::Handle::~Handle):
+ (WebKit::SandboxExtension::Handle::encode const):
+ (WebKit::SandboxExtension::Handle::decode):
+ (WebKit::SandboxExtension::createHandleWithoutResolvingPath):
+ (WebKit::SandboxExtension::createHandleForReadWriteDirectory):
+ (WebKit::SandboxExtension::createHandleForTemporaryFile):
+ (WebKit::SandboxExtension::createHandleForGenericExtension):
+ (WebKit::SandboxExtension::SandboxExtension):
+ (WebKit::SandboxExtension::~SandboxExtension):
+ (WebKit::SandboxExtension::revoke):
+ (WebKit::SandboxExtension::consume):
+ (WebKit::SandboxExtension::consumePermanently):
+ (WebKit::wkSandboxExtensionType): Deleted.
+ * UIProcess/Cocoa/WebPageProxyCocoa.mm:
+ (WebKit::WebPageProxy::createSandboxExtensionsIfNeeded):
+ * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
+ (WebKit::WebProcessPool::platformInitializeWebProcess):
+ * UIProcess/Downloads/DownloadProxy.cpp:
+ (WebKit::DownloadProxy::decideDestinationWithSuggestedFilenameAsync):
+ * UIProcess/Network/NetworkProcessProxy.cpp:
+ (WebKit::NetworkProcessProxy::grantSandboxExtensionsToStorageProcessForBlobs):
+ * UIProcess/Storage/StorageProcessProxy.cpp:
+ (WebKit::StorageProcessProxy::getSandboxExtensionsForBlobFiles):
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
+ (WebKit::WebPageProxy::loadFile):
+ (WebKit::WebPageProxy::didChooseFilesForOpenPanel):
+ * UIProcess/WebProcessPool.cpp:
+ (WebKit::WebProcessPool::createNewWebProcess):
+ (WebKit::WebProcessPool::processDidFinishLaunching):
+ (WebKit::WebProcessPool::resumeDownload):
+ (WebKit::WebProcessPool::startMemorySampler):
+ * WebKit.xcodeproj/project.pbxproj:
+ * WebProcess/FileAPI/BlobRegistryProxy.cpp:
+ (WebKit::BlobRegistryProxy::registerFileBlobURL):
+
+2017-09-18 Andy Estes <[email protected]>
+
[Cocoa] Upstream WKSetCrashReportApplicationSpecificInformation() from WebKitSystemInterface
https://bugs.webkit.org/show_bug.cgi?id=177048
Modified: trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp (222182 => 222183)
--- trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp 2017-09-18 22:35:38 UTC (rev 222183)
@@ -61,7 +61,7 @@
const FormDataElement& element = elements[i];
if (element.m_type == FormDataElement::Type::EncodedFile) {
const String& path = element.m_shouldGenerateFile ? element.m_generatedFilename : element.m_filename;
- SandboxExtension::createHandle(path, SandboxExtension::ReadOnly, requestBodySandboxExtensions[extensionIndex++]);
+ SandboxExtension::createHandle(path, SandboxExtension::Type::ReadOnly, requestBodySandboxExtensions[extensionIndex++]);
}
}
encoder << requestBodySandboxExtensions;
@@ -69,7 +69,7 @@
if (request.url().isLocalFile()) {
SandboxExtension::Handle requestSandboxExtension;
- SandboxExtension::createHandle(request.url().fileSystemPath(), SandboxExtension::ReadOnly, requestSandboxExtension);
+ SandboxExtension::createHandle(request.url().fileSystemPath(), SandboxExtension::Type::ReadOnly, requestSandboxExtension);
encoder << requestSandboxExtension;
}
Added: trunk/Source/WebKit/Platform/spi/mac/QuarantineSPI.h (0 => 222183)
--- trunk/Source/WebKit/Platform/spi/mac/QuarantineSPI.h (rev 0)
+++ trunk/Source/WebKit/Platform/spi/mac/QuarantineSPI.h 2017-09-18 22:35:38 UTC (rev 222183)
@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#if PLATFORM(MAC)
+
+#if USE(APPLE_INTERNAL_SDK)
+
+#include <quarantine.h>
+
+#else
+
+enum qtn_flags {
+ QTN_FLAG_SANDBOX = 0x0002,
+};
+
+#define qtn_proc_alloc _qtn_proc_alloc
+#define qtn_proc_apply_to_self _qtn_proc_apply_to_self
+#define qtn_proc_free _qtn_proc_free
+#define qtn_proc_init_with_self _qtn_proc_init_with_self
+#define qtn_proc_set_flags _qtn_proc_set_flags
+
+#endif
+
+typedef struct _qtn_proc *qtn_proc_t;
+
+WTF_EXTERN_C_BEGIN
+
+int qtn_proc_apply_to_self(qtn_proc_t);
+int qtn_proc_init_with_self(qtn_proc_t);
+int qtn_proc_set_flags(qtn_proc_t, uint32_t flags);
+qtn_proc_t qtn_proc_alloc();
+void qtn_proc_free(qtn_proc_t);
+
+WTF_EXTERN_C_END
+
+#endif // PLATFORM(MAC)
Modified: trunk/Source/WebKit/Shared/SandboxExtension.h (222182 => 222183)
--- trunk/Source/WebKit/Shared/SandboxExtension.h 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/Shared/SandboxExtension.h 2017-09-18 22:35:38 UTC (rev 222183)
@@ -32,10 +32,6 @@
#include <wtf/RefPtr.h>
#include <wtf/text/WTFString.h>
-#if ENABLE(SANDBOX_EXTENSIONS)
-typedef struct __WKSandboxExtension* WKSandboxExtensionRef;
-#endif
-
namespace IPC {
class Encoder;
class Decoder;
@@ -42,10 +38,12 @@
}
namespace WebKit {
+
+class SandboxExtensionImpl;
class SandboxExtension : public RefCounted<SandboxExtension> {
public:
- enum Type {
+ enum class Type {
ReadOnly,
ReadWrite,
Generic,
@@ -55,7 +53,11 @@
WTF_MAKE_NONCOPYABLE(Handle);
public:
Handle();
+#if ENABLE(SANDBOX_EXTENSIONS)
+ Handle(Handle&&);
+#else
Handle(Handle&&) = default;
+#endif
~Handle();
void encode(IPC::Encoder&) const;
@@ -64,7 +66,7 @@
private:
friend class SandboxExtension;
#if ENABLE(SANDBOX_EXTENSIONS)
- mutable WKSandboxExtensionRef m_sandboxExtension;
+ mutable std::unique_ptr<SandboxExtensionImpl> m_sandboxExtension;
#endif
};
@@ -108,7 +110,7 @@
explicit SandboxExtension(const Handle&);
#if ENABLE(SANDBOX_EXTENSIONS)
- mutable WKSandboxExtensionRef m_sandboxExtension;
+ mutable std::unique_ptr<SandboxExtensionImpl> m_sandboxExtension;
size_t m_useCount;
#endif
};
Modified: trunk/Source/WebKit/Shared/mac/ChildProcessMac.mm (222182 => 222183)
--- trunk/Source/WebKit/Shared/mac/ChildProcessMac.mm 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/Shared/mac/ChildProcessMac.mm 2017-09-18 22:35:38 UTC (rev 222183)
@@ -30,9 +30,11 @@
#import "CodeSigning.h"
#import "CookieStorageUtilsCF.h"
+#import "QuarantineSPI.h"
#import "SandboxInitializationParameters.h"
#import "WebKitSystemInterface.h"
#import <WebCore/FileSystem.h>
+#import <WebCore/ScopeGuard.h>
#import <WebCore/SystemVersion.h>
#import <mach/mach.h>
#import <mach/task.h>
@@ -79,6 +81,25 @@
[[NSFileManager defaultManager] changeCurrentDirectoryPath:[[NSBundle mainBundle] bundlePath]];
}
+static OSStatus enableSandboxStyleFileQuarantine()
+{
+ int error;
+ qtn_proc_t quarantineProperties = qtn_proc_alloc();
+ ScopeGuard quarantinePropertiesDeleter([quarantineProperties]() {
+ qtn_proc_free(quarantineProperties);
+ });
+
+ if ((error = qtn_proc_init_with_self(quarantineProperties)))
+ return error;
+
+ if ((error = qtn_proc_set_flags(quarantineProperties, QTN_FLAG_SANDBOX)))
+ return error;
+
+ // QTN_FLAG_SANDBOX is silently ignored if security.mac.qtn.sandbox_enforce sysctl is 0.
+ // In that case, quarantine falls back to advisory QTN_FLAG_DOWNLOAD.
+ return qtn_proc_apply_to_self(quarantineProperties);
+}
+
void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters)
{
NSBundle *webkit2Bundle = [NSBundle bundleForClass:NSClassFromString(@"WKView")];
@@ -171,7 +192,7 @@
}
// This will override LSFileQuarantineEnabled from Info.plist unless sandbox quarantine is globally disabled.
- OSStatus error = WKEnableSandboxStyleFileQuarantine();
+ OSStatus error = enableSandboxStyleFileQuarantine();
if (error) {
WTFLogAlways("%s: Couldn't enable sandbox style file quarantine: %ld\n", getprogname(), static_cast<long>(error));
exit(EX_NOPERM);
Modified: trunk/Source/WebKit/Shared/mac/SandboxExtensionMac.mm (222182 => 222183)
--- trunk/Source/WebKit/Shared/mac/SandboxExtensionMac.mm 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/Shared/mac/SandboxExtensionMac.mm 2017-09-18 22:35:38 UTC (rev 222183)
@@ -34,6 +34,7 @@
#import "WebKitSystemInterface.h"
#import <WebCore/FileSystem.h>
#import <sys/stat.h>
+#import <wtf/spi/darwin/SandboxSPI.h>
#import <wtf/text/CString.h>
using namespace WebCore;
@@ -40,17 +41,79 @@
namespace WebKit {
+class SandboxExtensionImpl {
+public:
+ static std::unique_ptr<SandboxExtensionImpl> create(const char* path, SandboxExtension::Type type)
+ {
+ std::unique_ptr<SandboxExtensionImpl> impl { new SandboxExtensionImpl(path, type) };
+ if (!impl->m_token)
+ return nullptr;
+ return impl;
+ }
+
+ SandboxExtensionImpl(const char* serializedFormat, size_t length)
+ : m_token { strndup(serializedFormat, length) }
+ {
+ }
+
+ ~SandboxExtensionImpl()
+ {
+ free(m_token);
+ }
+
+ bool consume() WARN_UNUSED_RETURN
+ {
+ m_handle = sandbox_extension_consume(m_token);
+#if PLATFORM(IOS_SIMULATOR)
+ return !sandbox_check(getpid(), 0, SANDBOX_FILTER_NONE);
+#else
+ return m_handle;
+#endif
+ }
+
+ bool invalidate()
+ {
+ return !sandbox_extension_release(std::exchange(m_handle, 0));
+ }
+
+ const char* getSerializedFormat(size_t& length) WARN_UNUSED_RETURN
+ {
+ length = strlen(m_token);
+ return m_token;
+ }
+
+private:
+ char* sandboxExtensionForType(const char* path, SandboxExtension::Type type)
+ {
+ switch (type) {
+ case SandboxExtension::Type::ReadOnly:
+ return sandbox_extension_issue_file(APP_SANDBOX_READ, path, 0);
+ case SandboxExtension::Type::ReadWrite:
+ return sandbox_extension_issue_file(APP_SANDBOX_READ_WRITE, path, 0);
+ case SandboxExtension::Type::Generic:
+ return sandbox_extension_issue_generic(path, 0);
+ }
+ }
+
+ SandboxExtensionImpl(const char* path, SandboxExtension::Type type)
+ : m_token { sandboxExtensionForType(path, type) }
+ {
+ }
+
+ char* m_token;
+ int64_t m_handle { 0 };
+};
+
SandboxExtension::Handle::Handle()
- : m_sandboxExtension(0)
{
}
-
+
+SandboxExtension::Handle::Handle(Handle&&) = default;
+
SandboxExtension::Handle::~Handle()
{
- if (m_sandboxExtension) {
- WKSandboxExtensionInvalidate(m_sandboxExtension);
- WKSandboxExtensionDestroy(m_sandboxExtension);
- }
+ if (m_sandboxExtension)
+ m_sandboxExtension->invalidate();
}
void SandboxExtension::Handle::encode(IPC::Encoder& encoder) const
@@ -61,13 +124,12 @@
}
size_t length = 0;
- const char *serializedFormat = WKSandboxExtensionGetSerializedFormat(m_sandboxExtension, &length);
+ const char* serializedFormat = m_sandboxExtension->getSerializedFormat(length);
ASSERT(serializedFormat);
encoder << IPC::DataReference(reinterpret_cast<const uint8_t*>(serializedFormat), length);
// Encoding will destroy the sandbox extension locally.
- WKSandboxExtensionDestroy(m_sandboxExtension);
m_sandboxExtension = 0;
}
@@ -82,7 +144,7 @@
if (dataReference.isEmpty())
return true;
- result.m_sandboxExtension = WKSandboxExtensionCreateFromSerializedFormat(reinterpret_cast<const char*>(dataReference.data()), dataReference.size());
+ result.m_sandboxExtension = std::make_unique<SandboxExtensionImpl>(reinterpret_cast<const char*>(dataReference.data()), dataReference.size());
return true;
}
@@ -152,21 +214,6 @@
return adoptRef(new SandboxExtension(handle));
}
-static WKSandboxExtensionType wkSandboxExtensionType(SandboxExtension::Type type)
-{
- switch (type) {
- case SandboxExtension::ReadOnly:
- return WKSandboxExtensionTypeReadOnly;
- case SandboxExtension::ReadWrite:
- return WKSandboxExtensionTypeReadWrite;
- case SandboxExtension::Generic:
- return WKSandboxExtensionTypeGeneric;
-
- }
-
- CRASH();
-}
-
static CString resolveSymlinksInPath(const CString& path)
{
struct stat statBuf;
@@ -245,7 +292,7 @@
{
ASSERT(!handle.m_sandboxExtension);
- handle.m_sandboxExtension = WKSandboxExtensionCreate(path.utf8().data(), wkSandboxExtensionType(type));
+ handle.m_sandboxExtension = SandboxExtensionImpl::create(path.utf8().data(), type);
if (!handle.m_sandboxExtension) {
LOG_ERROR("Could not create a sandbox extension for '%s'", path.utf8().data());
return false;
@@ -266,7 +313,7 @@
if (resolvedPath.isNull())
return false;
- return SandboxExtension::createHandleWithoutResolvingPath(resolvedPath, SandboxExtension::ReadWrite, handle);
+ return SandboxExtension::createHandleWithoutResolvingPath(resolvedPath, SandboxExtension::Type::ReadWrite, handle);
}
String SandboxExtension::createHandleForTemporaryFile(const String& prefix, Type type, Handle& handle)
@@ -289,7 +336,7 @@
path.append(prefix.utf8().data(), prefix.length());
path.append('\0');
- handle.m_sandboxExtension = WKSandboxExtensionCreate(fileSystemRepresentation(path.data()).data(), wkSandboxExtensionType(type));
+ handle.m_sandboxExtension = SandboxExtensionImpl::create(fileSystemRepresentation(path.data()).data(), type);
if (!handle.m_sandboxExtension) {
WTFLogAlways("Could not create a sandbox extension for temporary file '%s'", path.data());
@@ -302,7 +349,7 @@
{
ASSERT(!handle.m_sandboxExtension);
- handle.m_sandboxExtension = WKSandboxExtensionCreate(extensionClass.utf8().data(), wkSandboxExtensionType(Type::Generic));
+ handle.m_sandboxExtension = SandboxExtensionImpl::create(extensionClass.utf8().data(), Type::Generic);
if (!handle.m_sandboxExtension) {
WTFLogAlways("Could not create a '%s' sandbox extension", extensionClass.utf8().data());
return false;
@@ -312,10 +359,9 @@
}
SandboxExtension::SandboxExtension(const Handle& handle)
- : m_sandboxExtension(handle.m_sandboxExtension)
+ : m_sandboxExtension(WTFMove(handle.m_sandboxExtension))
, m_useCount(0)
{
- handle.m_sandboxExtension = 0;
}
SandboxExtension::~SandboxExtension()
@@ -324,7 +370,6 @@
return;
ASSERT(!m_useCount);
- WKSandboxExtensionDestroy(m_sandboxExtension);
}
bool SandboxExtension::revoke()
@@ -335,7 +380,7 @@
if (--m_useCount)
return true;
- return WKSandboxExtensionInvalidate(m_sandboxExtension);
+ return m_sandboxExtension->invalidate();
}
bool SandboxExtension::consume()
@@ -345,7 +390,7 @@
if (m_useCount++)
return true;
- return WKSandboxExtensionConsume(m_sandboxExtension);
+ return m_sandboxExtension->consume();
}
bool SandboxExtension::consumePermanently()
@@ -352,11 +397,10 @@
{
ASSERT(m_sandboxExtension);
- bool result = WKSandboxExtensionConsume(m_sandboxExtension);
+ bool result = m_sandboxExtension->consume();
// Destroy the extension without invalidating it.
- WKSandboxExtensionDestroy(m_sandboxExtension);
- m_sandboxExtension = 0;
+ m_sandboxExtension = nullptr;
return result;
}
@@ -366,11 +410,10 @@
if (!handle.m_sandboxExtension)
return false;
- bool result = WKSandboxExtensionConsume(handle.m_sandboxExtension);
+ bool result = handle.m_sandboxExtension->consume();
// Destroy the extension without invalidating it.
- WKSandboxExtensionDestroy(handle.m_sandboxExtension);
- handle.m_sandboxExtension = 0;
+ handle.m_sandboxExtension = nullptr;
return result;
}
Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm (222182 => 222183)
--- trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm 2017-09-18 22:35:38 UTC (rev 222183)
@@ -89,7 +89,7 @@
if (files.size() == 1) {
BOOL isDirectory;
if ([[NSFileManager defaultManager] fileExistsAtPath:files[0] isDirectory:&isDirectory] && !isDirectory) {
- SandboxExtension::createHandle("/", SandboxExtension::ReadOnly, fileReadHandle);
+ SandboxExtension::createHandle("/", SandboxExtension::Type::ReadOnly, fileReadHandle);
process().willAcquireUniversalFileReadSandboxExtension();
}
}
@@ -99,7 +99,7 @@
NSString *file = files[i];
if (![[NSFileManager defaultManager] fileExistsAtPath:file])
continue;
- SandboxExtension::createHandle(file, SandboxExtension::ReadOnly, fileUploadHandles[i]);
+ SandboxExtension::createHandle(file, SandboxExtension::Type::ReadOnly, fileUploadHandles[i]);
}
}
Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm (222182 => 222183)
--- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2017-09-18 22:35:38 UTC (rev 222183)
@@ -201,19 +201,19 @@
// FIXME: This should really be configurable; we shouldn't just blindly allow read access to the UI process bundle.
parameters.uiProcessBundleResourcePath = m_resolvedPaths.uiProcessBundleResourcePath;
- SandboxExtension::createHandleWithoutResolvingPath(parameters.uiProcessBundleResourcePath, SandboxExtension::ReadOnly, parameters.uiProcessBundleResourcePathExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(parameters.uiProcessBundleResourcePath, SandboxExtension::Type::ReadOnly, parameters.uiProcessBundleResourcePathExtensionHandle);
parameters.uiProcessBundleIdentifier = String([[NSBundle mainBundle] bundleIdentifier]);
#if PLATFORM(IOS)
if (!m_resolvedPaths.cookieStorageDirectory.isEmpty())
- SandboxExtension::createHandleWithoutResolvingPath(m_resolvedPaths.cookieStorageDirectory, SandboxExtension::ReadWrite, parameters.cookieStorageDirectoryExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(m_resolvedPaths.cookieStorageDirectory, SandboxExtension::Type::ReadWrite, parameters.cookieStorageDirectoryExtensionHandle);
if (!m_resolvedPaths.containerCachesDirectory.isEmpty())
- SandboxExtension::createHandleWithoutResolvingPath(m_resolvedPaths.containerCachesDirectory, SandboxExtension::ReadWrite, parameters.containerCachesDirectoryExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(m_resolvedPaths.containerCachesDirectory, SandboxExtension::Type::ReadWrite, parameters.containerCachesDirectoryExtensionHandle);
if (!m_resolvedPaths.containerTemporaryDirectory.isEmpty())
- SandboxExtension::createHandleWithoutResolvingPath(m_resolvedPaths.containerTemporaryDirectory, SandboxExtension::ReadWrite, parameters.containerTemporaryDirectoryExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(m_resolvedPaths.containerTemporaryDirectory, SandboxExtension::Type::ReadWrite, parameters.containerTemporaryDirectoryExtensionHandle);
#endif
parameters.fontWhitelist = m_fontWhitelist;
Modified: trunk/Source/WebKit/UIProcess/Downloads/DownloadProxy.cpp (222182 => 222183)
--- trunk/Source/WebKit/UIProcess/Downloads/DownloadProxy.cpp 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/UIProcess/Downloads/DownloadProxy.cpp 2017-09-18 22:35:38 UTC (rev 222183)
@@ -205,7 +205,7 @@
SandboxExtension::Handle sandboxExtensionHandle;
if (!destination.isNull())
- SandboxExtension::createHandle(destination, SandboxExtension::ReadWrite, sandboxExtensionHandle);
+ SandboxExtension::createHandle(destination, SandboxExtension::Type::ReadWrite, sandboxExtensionHandle);
if (NetworkProcessProxy* networkProcess = m_processPool->networkProcess())
networkProcess->send(Messages::NetworkProcess::ContinueDecidePendingDownloadDestination(downloadID, destination, sandboxExtensionHandle, allowOverwrite), 0);
@@ -224,7 +224,7 @@
destination = m_processPool->downloadClient().decideDestinationWithSuggestedFilename(m_processPool.get(), this, suggestedFilename, allowOverwrite);
if (!destination.isNull())
- SandboxExtension::createHandle(destination, SandboxExtension::ReadWrite, sandboxExtensionHandle);
+ SandboxExtension::createHandle(destination, SandboxExtension::Type::ReadWrite, sandboxExtensionHandle);
}
#endif
Modified: trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp (222182 => 222183)
--- trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp 2017-09-18 22:35:38 UTC (rev 222183)
@@ -296,7 +296,7 @@
extensions.allocate(paths.size());
for (size_t i = 0; i < paths.size(); ++i) {
// ReadWrite is required for creating hard links as well as deleting the temporary file, which the StorageProcess will do.
- SandboxExtension::createHandle(paths[i], SandboxExtension::ReadWrite, extensions[i]);
+ SandboxExtension::createHandle(paths[i], SandboxExtension::Type::ReadWrite, extensions[i]);
}
m_processPool.sendToStorageProcessRelaunchingIfNecessary(Messages::StorageProcess::GrantSandboxExtensionsForBlobs(paths, extensions));
Modified: trunk/Source/WebKit/UIProcess/Storage/StorageProcessProxy.cpp (222182 => 222183)
--- trunk/Source/WebKit/UIProcess/Storage/StorageProcessProxy.cpp 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/UIProcess/Storage/StorageProcessProxy.cpp 2017-09-18 22:35:38 UTC (rev 222183)
@@ -198,7 +198,7 @@
extensions.allocate(paths.size());
for (size_t i = 0; i < paths.size(); ++i) {
// ReadWrite is required for creating hard links, which is something that might be done with these extensions.
- SandboxExtension::createHandle(paths[i], SandboxExtension::ReadWrite, extensions[i]);
+ SandboxExtension::createHandle(paths[i], SandboxExtension::Type::ReadWrite, extensions[i]);
}
send(Messages::StorageProcess::DidGetSandboxExtensionsForBlobFiles(requestID, extensions), 0);
Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (222182 => 222183)
--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp 2017-09-18 22:35:38 UTC (rev 222183)
@@ -816,7 +816,7 @@
// Inspector resources are in a directory with assumed access.
ASSERT_WITH_SECURITY_IMPLICATION(!WebKit::isInspectorPage(*this));
- SandboxExtension::createHandle("/", SandboxExtension::ReadOnly, sandboxExtensionHandle);
+ SandboxExtension::createHandle("/", SandboxExtension::Type::ReadOnly, sandboxExtensionHandle);
return true;
}
@@ -891,7 +891,7 @@
loadParameters.request = fileURL;
loadParameters.shouldOpenExternalURLsPolicy = (uint64_t)ShouldOpenExternalURLsPolicy::ShouldNotAllow;
loadParameters.userData = UserData(process().transformObjectsToHandles(userData).get());
- SandboxExtension::createHandle(resourceDirectoryPath, SandboxExtension::ReadOnly, loadParameters.sandboxExtensionHandle);
+ SandboxExtension::createHandle(resourceDirectoryPath, SandboxExtension::Type::ReadOnly, loadParameters.sandboxExtensionHandle);
addPlatformLoadParameters(loadParameters);
m_process->assumeReadAccessToBaseURL(resourceDirectoryURL);
@@ -4750,7 +4750,7 @@
SandboxExtension::HandleArray sandboxExtensionHandles;
sandboxExtensionHandles.allocate(fileURLs.size());
for (size_t i = 0; i < fileURLs.size(); ++i)
- SandboxExtension::createHandle(fileURLs[i], SandboxExtension::ReadOnly, sandboxExtensionHandles[i]);
+ SandboxExtension::createHandle(fileURLs[i], SandboxExtension::Type::ReadOnly, sandboxExtensionHandles[i]);
m_process->send(Messages::WebPage::ExtendSandboxForFilesFromOpenPanel(sandboxExtensionHandles), m_pageID);
#endif
@@ -4771,7 +4771,7 @@
SandboxExtension::HandleArray sandboxExtensionHandles;
sandboxExtensionHandles.allocate(fileURLs.size());
for (size_t i = 0; i < fileURLs.size(); ++i) {
- bool createdExtension = SandboxExtension::createHandle(fileURLs[i], SandboxExtension::ReadOnly, sandboxExtensionHandles[i]);
+ bool createdExtension = SandboxExtension::createHandle(fileURLs[i], SandboxExtension::Type::ReadOnly, sandboxExtensionHandles[i]);
if (!createdExtension) {
// This can legitimately fail if a directory containing the file is deleted after the file was chosen.
// We also have reports of cases where this likely fails for some unknown reason, <rdar://problem/10156710>.
Modified: trunk/Source/WebKit/UIProcess/WebProcessPool.cpp (222182 => 222183)
--- trunk/Source/WebKit/UIProcess/WebProcessPool.cpp 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/UIProcess/WebProcessPool.cpp 2017-09-18 22:35:38 UTC (rev 222183)
@@ -456,7 +456,7 @@
String parentBundleDirectory = this->parentBundleDirectory();
if (!parentBundleDirectory.isEmpty())
- SandboxExtension::createHandle(parentBundleDirectory, SandboxExtension::ReadOnly, parameters.parentBundleDirectoryExtensionHandle);
+ SandboxExtension::createHandle(parentBundleDirectory, SandboxExtension::Type::ReadOnly, parameters.parentBundleDirectoryExtensionHandle);
#endif
#if OS(LINUX)
@@ -661,17 +661,17 @@
parameters.injectedBundlePath = m_resolvedPaths.injectedBundlePath;
if (!parameters.injectedBundlePath.isEmpty())
- SandboxExtension::createHandleWithoutResolvingPath(parameters.injectedBundlePath, SandboxExtension::ReadOnly, parameters.injectedBundlePathExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(parameters.injectedBundlePath, SandboxExtension::Type::ReadOnly, parameters.injectedBundlePathExtensionHandle);
parameters.additionalSandboxExtensionHandles.allocate(m_resolvedPaths.additionalWebProcessSandboxExtensionPaths.size());
for (size_t i = 0, size = m_resolvedPaths.additionalWebProcessSandboxExtensionPaths.size(); i < size; ++i)
- SandboxExtension::createHandleWithoutResolvingPath(m_resolvedPaths.additionalWebProcessSandboxExtensionPaths[i], SandboxExtension::ReadOnly, parameters.additionalSandboxExtensionHandles[i]);
+ SandboxExtension::createHandleWithoutResolvingPath(m_resolvedPaths.additionalWebProcessSandboxExtensionPaths[i], SandboxExtension::Type::ReadOnly, parameters.additionalSandboxExtensionHandles[i]);
parameters.applicationCacheDirectory = websiteDataStore.resolvedApplicationCacheDirectory();
if (parameters.applicationCacheDirectory.isEmpty())
parameters.applicationCacheDirectory = m_resolvedPaths.applicationCacheDirectory;
if (!parameters.applicationCacheDirectory.isEmpty())
- SandboxExtension::createHandleWithoutResolvingPath(parameters.applicationCacheDirectory, SandboxExtension::ReadWrite, parameters.applicationCacheDirectoryExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(parameters.applicationCacheDirectory, SandboxExtension::Type::ReadWrite, parameters.applicationCacheDirectoryExtensionHandle);
parameters.applicationCacheFlatFileSubdirectoryName = m_configuration->applicationCacheFlatFileSubdirectoryName();
@@ -679,19 +679,19 @@
if (parameters.webSQLDatabaseDirectory.isEmpty())
parameters.webSQLDatabaseDirectory = m_resolvedPaths.webSQLDatabaseDirectory;
if (!parameters.webSQLDatabaseDirectory.isEmpty())
- SandboxExtension::createHandleWithoutResolvingPath(parameters.webSQLDatabaseDirectory, SandboxExtension::ReadWrite, parameters.webSQLDatabaseDirectoryExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(parameters.webSQLDatabaseDirectory, SandboxExtension::Type::ReadWrite, parameters.webSQLDatabaseDirectoryExtensionHandle);
parameters.mediaCacheDirectory = websiteDataStore.resolvedMediaCacheDirectory();
if (parameters.mediaCacheDirectory.isEmpty())
parameters.mediaCacheDirectory = m_resolvedPaths.mediaCacheDirectory;
if (!parameters.mediaCacheDirectory.isEmpty())
- SandboxExtension::createHandleWithoutResolvingPath(parameters.mediaCacheDirectory, SandboxExtension::ReadWrite, parameters.mediaCacheDirectoryExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(parameters.mediaCacheDirectory, SandboxExtension::Type::ReadWrite, parameters.mediaCacheDirectoryExtensionHandle);
parameters.mediaKeyStorageDirectory = websiteDataStore.resolvedMediaKeysDirectory();
if (parameters.mediaKeyStorageDirectory.isEmpty())
parameters.mediaKeyStorageDirectory = m_resolvedPaths.mediaKeyStorageDirectory;
if (!parameters.mediaKeyStorageDirectory.isEmpty())
- SandboxExtension::createHandleWithoutResolvingPath(parameters.mediaKeyStorageDirectory, SandboxExtension::ReadWrite, parameters.mediaKeyStorageDirectoryExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(parameters.mediaKeyStorageDirectory, SandboxExtension::Type::ReadWrite, parameters.mediaKeyStorageDirectoryExtensionHandle);
#if PLATFORM(IOS)
setJavaScriptConfigurationFileEnabledFromDefaults();
@@ -700,7 +700,7 @@
if (_javascript_ConfigurationFileEnabled()) {
parameters._javascript_ConfigurationDirectory = websiteDataStore.resolvedJavaScriptConfigurationDirectory();
if (!parameters._javascript_ConfigurationDirectory.isEmpty())
- SandboxExtension::createHandleWithoutResolvingPath(parameters._javascript_ConfigurationDirectory, SandboxExtension::ReadWrite, parameters._javascript_ConfigurationDirectoryExtensionHandle);
+ SandboxExtension::createHandleWithoutResolvingPath(parameters._javascript_ConfigurationDirectory, SandboxExtension::Type::ReadWrite, parameters._javascript_ConfigurationDirectoryExtensionHandle);
}
parameters.shouldUseTestingNetworkSession = m_shouldUseTestingNetworkSession;
@@ -854,7 +854,7 @@
SandboxExtension::Handle sampleLogSandboxHandle;
double now = WTF::currentTime();
String sampleLogFilePath = String::format("WebProcess%llupid%d", static_cast<unsigned long long>(now), process->processIdentifier());
- sampleLogFilePath = SandboxExtension::createHandleForTemporaryFile(sampleLogFilePath, SandboxExtension::ReadWrite, sampleLogSandboxHandle);
+ sampleLogFilePath = SandboxExtension::createHandleForTemporaryFile(sampleLogFilePath, SandboxExtension::Type::ReadWrite, sampleLogSandboxHandle);
process->send(Messages::WebProcess::StartMemorySampler(sampleLogSandboxHandle, sampleLogFilePath, m_memorySamplerInterval), 0);
}
@@ -1035,7 +1035,7 @@
SandboxExtension::Handle sandboxExtensionHandle;
if (!path.isEmpty())
- SandboxExtension::createHandle(path, SandboxExtension::ReadWrite, sandboxExtensionHandle);
+ SandboxExtension::createHandle(path, SandboxExtension::Type::ReadWrite, sandboxExtensionHandle);
if (networkProcess()) {
// FIXME: If we started a download in an ephemeral session and that session still exists, we should find a way to use that same session.
@@ -1276,7 +1276,7 @@
SandboxExtension::Handle sampleLogSandboxHandle;
double now = WTF::currentTime();
String sampleLogFilePath = String::format("WebProcess%llu", static_cast<unsigned long long>(now));
- sampleLogFilePath = SandboxExtension::createHandleForTemporaryFile(sampleLogFilePath, SandboxExtension::ReadWrite, sampleLogSandboxHandle);
+ sampleLogFilePath = SandboxExtension::createHandleForTemporaryFile(sampleLogFilePath, SandboxExtension::Type::ReadWrite, sampleLogSandboxHandle);
sendToAllProcesses(Messages::WebProcess::StartMemorySampler(sampleLogSandboxHandle, sampleLogFilePath, interval));
}
Modified: trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj (222182 => 222183)
--- trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj 2017-09-18 22:35:38 UTC (rev 222183)
@@ -1492,6 +1492,7 @@
A1D420471DB5578500BB6B0D /* WKContextMenuListener.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A1EA02351DABFF7E0096021F /* WKContextMenuListener.cpp */; };
A1DF631218E0B7C8003A3E2A /* DownloadClient.mm in Sources */ = {isa = PBXBuildFile; fileRef = A1DF631018E0B7C8003A3E2A /* DownloadClient.mm */; };
A1DF631318E0B7C8003A3E2A /* DownloadClient.h in Headers */ = {isa = PBXBuildFile; fileRef = A1DF631118E0B7C8003A3E2A /* DownloadClient.h */; };
+ A1E688701F6E2BAB007006A6 /* QuarantineSPI.h in Headers */ = {isa = PBXBuildFile; fileRef = A1E6886F1F6E2BAB007006A6 /* QuarantineSPI.h */; };
A1EA02381DABFF7E0096021F /* WKContextMenuListener.h in Headers */ = {isa = PBXBuildFile; fileRef = A1EA02361DABFF7E0096021F /* WKContextMenuListener.h */; settings = {ATTRIBUTES = (Private, ); }; };
A1EA023F1DAC31DB0096021F /* WebContextMenuListenerProxy.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A1EA023D1DAC31DB0096021F /* WebContextMenuListenerProxy.cpp */; };
A1EA02401DAC31DB0096021F /* WebContextMenuListenerProxy.h in Headers */ = {isa = PBXBuildFile; fileRef = A1EA023E1DAC31DB0096021F /* WebContextMenuListenerProxy.h */; };
@@ -3846,6 +3847,7 @@
A1C512C7190656E500448914 /* WebPreviewLoaderClient.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = WebPreviewLoaderClient.h; path = ios/WebPreviewLoaderClient.h; sourceTree = "<group>"; };
A1DF631018E0B7C8003A3E2A /* DownloadClient.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = DownloadClient.mm; sourceTree = "<group>"; };
A1DF631118E0B7C8003A3E2A /* DownloadClient.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DownloadClient.h; sourceTree = "<group>"; };
+ A1E6886F1F6E2BAB007006A6 /* QuarantineSPI.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = QuarantineSPI.h; sourceTree = "<group>"; };
A1EA02351DABFF7E0096021F /* WKContextMenuListener.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WKContextMenuListener.cpp; sourceTree = "<group>"; };
A1EA02361DABFF7E0096021F /* WKContextMenuListener.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKContextMenuListener.h; sourceTree = "<group>"; };
A1EA023D1DAC31DB0096021F /* WebContextMenuListenerProxy.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WebContextMenuListenerProxy.cpp; sourceTree = "<group>"; };
@@ -6674,6 +6676,14 @@
path = ios;
sourceTree = "<group>";
};
+ A1E6886E1F6E2B82007006A6 /* mac */ = {
+ isa = PBXGroup;
+ children = (
+ A1E6886F1F6E2BAB007006A6 /* QuarantineSPI.h */,
+ );
+ path = mac;
+ sourceTree = "<group>";
+ };
A78CCDD5193AC9E3005ECC25 /* SandboxProfiles */ = {
isa = PBXGroup;
children = (
@@ -8151,6 +8161,7 @@
children = (
3754D5411B3A2998003A4C7F /* Cocoa */,
CE1A0BCB1A48E6C60054EF74 /* ios */,
+ A1E6886E1F6E2B82007006A6 /* mac */,
);
path = spi;
sourceTree = "<group>";
@@ -8704,6 +8715,7 @@
463FD4821EB94EC000A2982C /* ProcessTerminationReason.h in Headers */,
86E67A251910B9D100004AB7 /* ProcessThrottler.h in Headers */,
83048AE61ACA45DC0082C832 /* ProcessThrottlerClient.h in Headers */,
+ A1E688701F6E2BAB007006A6 /* QuarantineSPI.h in Headers */,
A118A9EF1907AD6F00F7C92B /* QuickLookDocumentData.h in Headers */,
2D47B56D1810714E003A3AEE /* RemoteLayerBackingStore.h in Headers */,
2DDF731518E95060004F5A66 /* RemoteLayerBackingStoreCollection.h in Headers */,
Modified: trunk/Source/WebKit/WebProcess/FileAPI/BlobRegistryProxy.cpp (222182 => 222183)
--- trunk/Source/WebKit/WebProcess/FileAPI/BlobRegistryProxy.cpp 2017-09-18 22:27:05 UTC (rev 222182)
+++ trunk/Source/WebKit/WebProcess/FileAPI/BlobRegistryProxy.cpp 2017-09-18 22:35:38 UTC (rev 222183)
@@ -42,7 +42,7 @@
// File path can be empty when submitting a form file input without a file, see bug 111778.
if (!file->path().isEmpty())
- SandboxExtension::createHandle(file->path(), SandboxExtension::ReadOnly, extensionHandle);
+ SandboxExtension::createHandle(file->path(), SandboxExtension::Type::ReadOnly, extensionHandle);
WebProcess::singleton().networkConnection().connection().send(Messages::NetworkConnectionToWebProcess::RegisterFileBlobURL(url, file->path(), extensionHandle, contentType), 0);
}
