Title: [224837] trunk/Source/WebKit
- Revision
- 224837
- Author
- [email protected]
- Date
- 2017-11-14 13:14:57 -0800 (Tue, 14 Nov 2017)
Log Message
Whitelist some IOKIt properties to avoid sandbox violations on YouTube
https://bugs.webkit.org/show_bug.cgi?id=179683
<rdar://problem/35415368>
Reviewed by Dean Jackson.
YouTube video playback on some hardware (and some video encodings) generates sandbox violations. Add
whitelist entries for the relevant IOKit properties needed to support these activities.
* WebProcess/com.apple.WebProcess.sb.in:
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (224836 => 224837)
--- trunk/Source/WebKit/ChangeLog 2017-11-14 21:11:18 UTC (rev 224836)
+++ trunk/Source/WebKit/ChangeLog 2017-11-14 21:14:57 UTC (rev 224837)
@@ -1,3 +1,16 @@
+2017-11-14 Brent Fulgham <[email protected]>
+
+ Whitelist some IOKIt properties to avoid sandbox violations on YouTube
+ https://bugs.webkit.org/show_bug.cgi?id=179683
+ <rdar://problem/35415368>
+
+ Reviewed by Dean Jackson.
+
+ YouTube video playback on some hardware (and some video encodings) generates sandbox violations. Add
+ whitelist entries for the relevant IOKit properties needed to support these activities.
+
+ * WebProcess/com.apple.WebProcess.sb.in:
+
2017-11-14 Daniel Bates <[email protected]>
Mark WebChromeClient::requestStorageAccess() as final
Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (224836 => 224837)
--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2017-11-14 21:11:18 UTC (rev 224836)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in 2017-11-14 21:14:57 UTC (rev 224837)
@@ -208,15 +208,16 @@
(iokit-property "AllowDisplaySleep")
(iokit-property "AlwaysNeedsVelocityCalculated")
(iokit-property "AppleIntelMEVABundleName")
- (iokit-property-regex #"^AAPL,(DisplayPipe|OpenCLdisabled|alias-policy|boot-display|display-alias|mux-switch-state|ndrv-dev|primary-display|slot-name)")
+ (iokit-property-regex #"^AAPL,(DisplayPipe|OpenCLdisabled|IOGraphics_LER(|_RegTag_1|_RegTag_0|_Busy_2)|alias-policy|boot-display|display-alias|mux-switch-state|ndrv-dev|primary-display|slot-name)")
(iokit-property-regex #"^ATY,fb_(linebytes|offset|size)")
(iokit-property "BacklightHandle")
+ (iokit-property "BlockSize")
(iokit-property-regex #"^CEA(ModeID|PixelRepetition)")
(iokit-property "CFBundleIdentifier")
(iokit-property "CapsLockDelay")
(iokit-property "ConfigState")
- (iokit-property "Device Characteristics")
- (iokit-property "DeviceEqID")
+ (iokit-property "Description")
+ (iokit-property-regex #"^Device( Characteristics|EqID)")
(iokit-property "DisplayRouting")
(iokit-property "Driver is Ready")
(iokit-property "EnableLPVP")
@@ -223,6 +224,7 @@
(iokit-property "Endianness")
(iokit-property "Family ID")
(iokit-property "ForceSupported")
+ (iokit-property "Formats")
(iokit-property "HIDPointerAccelerationType")
(iokit-property-regex #"^IOAccel(DisplayPipeCapabilities|Index|Types|Revision)")
(iokit-property-regex #"^IO(Class|MatchCategory|NameMatch)")
@@ -265,7 +267,7 @@
(iokit-property-regex #"^IOName(|Match(|ed))")
(iokit-property "IOPMStrictTreeOrder")
(iokit-property "IOParentMatch")
- (iokit-property-regex #"^IOPCI(Express(Capabilities|Link(Status|Capabilities))|MSIMode|Resourced)")
+ (iokit-property-regex #"^IOPCI(Express(Capabilities|Link(Status|Capabilities))|MSIMode|Resourced|Tunnelled)")
(iokit-property "IOPMIsPowerManaged")
(iokit-property-regex #"^IOPlatform(SerialNumber|UUID)")
(iokit-property "IOPowerManagement")
@@ -294,8 +296,10 @@
(iokit-property "NXSystemInfo")
(iokit-property-regex #"^VRAM,(memvendorID|total(MB|size))")
(iokit-property "NoAutoRoute")
+ (iokit-property-regex #"^Num(Blocks|Streams)")
(iokit-property-regex #"^PerformanceStatistics(|Accum)")
(iokit-property "Protocol Characteristics")
+ (iokit-property "SampleRates")
(iokit-property "Serial Number")
(iokit-property "StartupDisplay")
(iokit-property-regex #"^Support(AudioAUUC|sSilentClick|TapToWake)")
@@ -305,6 +309,7 @@
(iokit-property "SurfaceList")
(iokit-property "TimeStampFiltering")
(iokit-property "Transport")
+ (iokit-property "UserClientEnabled")
(iokit-property "WANTS_FRAMES_IGNORED")
(iokit-property-regex #"^acpi-(device|path)")
(iokit-property "assigned-addresses")
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
