Diff
Modified: trunk/Source/WebKit/ChangeLog (240472 => 240473)
--- trunk/Source/WebKit/ChangeLog 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/ChangeLog 2019-01-25 15:54:54 UTC (rev 240473)
@@ -1,3 +1,24 @@
+2019-01-25 Patrick Griffis <[email protected]>
+
+ [GTK][WPE] Add API to add paths to sandbox
+ https://bugs.webkit.org/show_bug.cgi?id=193571
+
+ This allows applications to add paths to the web process
+ if required by web extensions.
+
+ Reviewed by Michael Catanzaro.
+
+ * UIProcess/API/glib/WebKitWebContext.cpp:
+ (webkit_web_context_add_path_to_sandbox):
+ * UIProcess/API/gtk/WebKitWebContext.h:
+ * UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt:
+ * UIProcess/API/wpe/docs/wpe-0.1-sections.txt:
+ * UIProcess/Launcher/glib/BubblewrapLauncher.cpp:
+ (WebKit::bubblewrapSpawn):
+ * UIProcess/WebProcessPool.h:
+ * UIProcess/glib/WebProcessProxyGLib.cpp:
+ (WebKit::WebProcessProxy::platformGetLaunchOptions):
+
2019-01-24 Ryosuke Niwa <[email protected]>
iOS: Split keyboard should not shrink visualViewport.height
Modified: trunk/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp (240472 => 240473)
--- trunk/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp 2019-01-25 15:54:54 UTC (rev 240473)
@@ -1159,10 +1159,6 @@
*
* This is only implemented on Linux and is a no-op otherwise.
*
- * The web process is granted read-only access to the subdirectory matching g_get_prgname()
- * in `$XDG_CONFIG_HOME`, `$XDG_CACHE_HOME`, and `$XDG_DATA_HOME` if it exists before the
- * process is created. This behavior may change in the future.
- *
* Since: 2.24
*/
void webkit_web_context_set_sandbox_enabled(WebKitWebContext* context, gboolean enabled)
@@ -1176,6 +1172,32 @@
}
/**
+ * webkit_web_context_add_path_to_sandbox:
+ * @context: a #WebKitWebContext
+ * @path: (type filename): an absolute path to mount in the sandbox
+ * @read_only: if %TRUE the path will be read-only
+ *
+ * Adds a path to be mounted in the sandbox. @path must exist before any web process
+ * has been created otherwise it will be silently ignored. It is a fatal error to
+ * add paths after a web process has been spawned.
+ *
+ * See also webkit_web_context_set_sandbox_enabled()
+ *
+ * Since: 2.24
+ */
+void webkit_web_context_add_path_to_sandbox(WebKitWebContext* context, const char* path, gboolean readOnly)
+{
+ g_return_if_fail(WEBKIT_IS_WEB_CONTEXT(context));
+ g_return_if_fail(g_path_is_absolute(path));
+
+ if (context->priv->processPool->processes().size())
+ g_error("Sandbox paths cannot be changed after subprocesses were spawned.");
+
+ auto permission = readOnly ? SandboxPermission::ReadOnly : SandboxPermission::ReadWrite;
+ context->priv->processPool->addSandboxPath(path, permission);
+}
+
+/**
* webkit_web_context_get_sandbox_enabled:
* @context: a #WebKitWebContext
*
Modified: trunk/Source/WebKit/UIProcess/API/gtk/WebKitWebContext.h (240472 => 240473)
--- trunk/Source/WebKit/UIProcess/API/gtk/WebKitWebContext.h 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/UIProcess/API/gtk/WebKitWebContext.h 2019-01-25 15:54:54 UTC (rev 240473)
@@ -254,6 +254,11 @@
WEBKIT_API gboolean
webkit_web_context_get_sandbox_enabled (WebKitWebContext *context);
+WEBKIT_API void
+webkit_web_context_add_path_to_sandbox (WebKitWebContext *context,
+ const char *path,
+ gboolean read_only);
+
WEBKIT_API gboolean
webkit_web_context_get_spell_checking_enabled (WebKitWebContext *context);
Modified: trunk/Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt (240472 => 240473)
--- trunk/Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt 2019-01-25 15:54:54 UTC (rev 240473)
@@ -53,6 +53,7 @@
webkit_web_context_get_plugins_finish
webkit_web_context_get_sandbox_enabled
webkit_web_context_set_sandbox_enabled
+webkit_web_context_add_path_to_sandbox
webkit_web_context_get_spell_checking_enabled
webkit_web_context_set_spell_checking_enabled
webkit_web_context_get_spell_checking_languages
Modified: trunk/Source/WebKit/UIProcess/API/wpe/WebKitWebContext.h (240472 => 240473)
--- trunk/Source/WebKit/UIProcess/API/wpe/WebKitWebContext.h 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/UIProcess/API/wpe/WebKitWebContext.h 2019-01-25 15:54:54 UTC (rev 240473)
@@ -254,6 +254,11 @@
WEBKIT_API gboolean
webkit_web_context_get_sandbox_enabled (WebKitWebContext *context);
+WEBKIT_API void
+webkit_web_context_add_path_to_sandbox (WebKitWebContext *context,
+ const char *path,
+ gboolean read_only);
+
WEBKIT_API gboolean
webkit_web_context_get_spell_checking_enabled (WebKitWebContext *context);
Modified: trunk/Source/WebKit/UIProcess/API/wpe/docs/wpe-0.1-sections.txt (240472 => 240473)
--- trunk/Source/WebKit/UIProcess/API/wpe/docs/wpe-0.1-sections.txt 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/UIProcess/API/wpe/docs/wpe-0.1-sections.txt 2019-01-25 15:54:54 UTC (rev 240473)
@@ -31,6 +31,7 @@
webkit_web_context_get_plugins_finish
webkit_web_context_get_sandbox_enabled
webkit_web_context_set_sandbox_enabled
+webkit_web_context_add_path_to_sandbox
webkit_web_context_get_spell_checking_enabled
webkit_web_context_set_spell_checking_enabled
webkit_web_context_get_spell_checking_languages
Modified: trunk/Source/WebKit/UIProcess/Launcher/ProcessLauncher.h (240472 => 240473)
--- trunk/Source/WebKit/UIProcess/Launcher/ProcessLauncher.h 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/UIProcess/Launcher/ProcessLauncher.h 2019-01-25 15:54:54 UTC (rev 240473)
@@ -41,6 +41,13 @@
namespace WebKit {
+#if PLATFORM(GTK) || PLATFORM(WPE)
+enum class SandboxPermission {
+ ReadOnly,
+ ReadWrite,
+};
+#endif
+
class ProcessLauncher : public ThreadSafeRefCounted<ProcessLauncher>, public CanMakeWeakPtr<ProcessLauncher> {
public:
class Client {
@@ -68,9 +75,12 @@
bool shouldMakeProcessLaunchFailForTesting { false };
CString customWebContentServiceBundleIdentifier;
-#if ENABLE(DEVELOPER_MODE) && (PLATFORM(GTK) || PLATFORM(WPE))
+#if PLATFORM(GTK) || PLATFORM(WPE)
+ HashMap<CString, SandboxPermission> extraWebProcessSandboxPaths;
+#if ENABLE(DEVELOPER_MODE)
String processCmdPrefix;
#endif
+#endif
};
static Ref<ProcessLauncher> create(Client* client, const LaunchOptions& launchOptions)
Modified: trunk/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp (240472 => 240473)
--- trunk/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp 2019-01-25 15:54:54 UTC (rev 240473)
@@ -759,18 +759,13 @@
#endif
bindX11(sandboxArgs);
- // NOTE: This is not a great solution but we just assume that applications create this directory
- // ahead of time if they require it.
- GUniquePtr<char> configDir(g_build_filename(g_get_user_config_dir(), g_get_prgname(), nullptr));
- GUniquePtr<char> cacheDir(g_build_filename(g_get_user_cache_dir(), g_get_prgname(), nullptr));
- GUniquePtr<char> dataDir(g_build_filename(g_get_user_data_dir(), g_get_prgname(), nullptr));
+ for (const auto& pathAndPermission : launchOptions.extraWebProcessSandboxPaths) {
+ sandboxArgs.appendVector(Vector<CString>({
+ pathAndPermission.value == SandboxPermission::ReadOnly ? "--ro-bind-try": "--bind-try",
+ pathAndPermission.key, pathAndPermission.key
+ }));
+ }
- sandboxArgs.appendVector(Vector<CString>({
- "--ro-bind-try", cacheDir.get(), cacheDir.get(),
- "--ro-bind-try", configDir.get(), configDir.get(),
- "--ro-bind-try", dataDir.get(), dataDir.get(),
- }));
-
Vector<String> extraPaths = { "applicationCacheDirectory", "waylandSocket"};
for (const auto& path : extraPaths) {
String extraPath = launchOptions.extraInitializationData.get(path);
Modified: trunk/Source/WebKit/UIProcess/WebProcessPool.h (240472 => 240473)
--- trunk/Source/WebKit/UIProcess/WebProcessPool.h 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/UIProcess/WebProcessPool.h 2019-01-25 15:54:54 UTC (rev 240473)
@@ -469,6 +469,8 @@
#if PLATFORM(GTK) || PLATFORM(WPE)
void setSandboxEnabled(bool enabled) { m_sandboxEnabled = enabled; };
+ void addSandboxPath(const CString& path, SandboxPermission permission) { m_extraSandboxPaths.add(path, permission); };
+ const HashMap<CString, SandboxPermission>& sandboxPaths() const { return m_extraSandboxPaths; };
bool sandboxEnabled() const { return m_sandboxEnabled; };
#endif
@@ -728,6 +730,7 @@
#if PLATFORM(GTK) || PLATFORM(WPE)
bool m_sandboxEnabled { false };
+ HashMap<CString, SandboxPermission> m_extraSandboxPaths;
#endif
};
Modified: trunk/Source/WebKit/UIProcess/glib/WebProcessProxyGLib.cpp (240472 => 240473)
--- trunk/Source/WebKit/UIProcess/glib/WebProcessProxyGLib.cpp 2019-01-25 11:36:57 UTC (rev 240472)
+++ trunk/Source/WebKit/UIProcess/glib/WebProcessProxyGLib.cpp 2019-01-25 15:54:54 UTC (rev 240473)
@@ -44,6 +44,8 @@
websiteDataStore().resolveDirectoriesIfNecessary();
launchOptions.extraInitializationData.set("applicationCacheDirectory", websiteDataStore().resolvedApplicationCacheDirectory());
+ launchOptions.extraWebProcessSandboxPaths = m_processPool->sandboxPaths();
+
#if PLATFORM(WAYLAND) && USE(EGL)
if (PlatformDisplay::sharedDisplay().type() == PlatformDisplay::Type::Wayland) {
String displayName = WaylandCompositor::singleton().displayName();
