[webkit-changes] [251825] trunk/Source

Wed, 30 Oct 2019 17:34:10 -0700

Title: [251825] trunk/Source
Revision
251825
Author
pvol...@apple.com
Date
2019-10-30 17:33:49 -0700 (Wed, 30 Oct 2019)

Log Message

It should be possible to create a mach sandbox extension for the WebContent process before the audit token is known
https://bugs.webkit.org/show_bug.cgi?id=203618

Reviewed by Brent Fulgham.

Source/WebKit:

Currently, we are only able to create a mach sandbox extension for the WebContent process if we know its
audit token. It should be possible to create a mach extension without the audit token, since this is
needed when we want to create extensions before the PID or audit token is known. These extensions are
typically sent in the WebProcess creation parameters.

No new tests, this is not a behavior change, but a patch in preparation for future patches.

* Shared/Cocoa/SandboxExtensionCocoa.mm:
(WebKit::SandboxExtensionImpl::sandboxExtensionForType):
(WebKit::SandboxExtension::createHandleForMachLookup):
(WebKit::SandboxExtension::createHandleForMachLookupByAuditToken): Deleted.
* Shared/SandboxExtension.h:
* UIProcess/ios/WebProcessProxyIOS.mm:
(WebKit::WebProcessProxy::unblockAccessibilityServerIfNeeded):

Source/WTF:

Added SPI to create mach extension without PID or audit token.

* wtf/spi/darwin/SandboxSPI.h:

Modified Paths

Diff

Modified: trunk/Source/WTF/ChangeLog (251824 => 251825)


--- trunk/Source/WTF/ChangeLog	2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WTF/ChangeLog	2019-10-31 00:33:49 UTC (rev 251825)
@@ -1,3 +1,14 @@
+2019-10-30  Per Arne Vollan  <pvol...@apple.com>
+
+        It should be possible to create a mach sandbox extension for the WebContent process before the audit token is known
+        https://bugs.webkit.org/show_bug.cgi?id=203618
+
+        Reviewed by Brent Fulgham.
+
+        Added SPI to create mach extension without PID or audit token.
+
+        * wtf/spi/darwin/SandboxSPI.h:
+
 2019-10-30  Daniel Bates  <daba...@apple.com>
 
         Add pretty printer for CompactPointerTuple

Modified: trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h (251824 => 251825)


--- trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h	2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h	2019-10-31 00:33:49 UTC (rev 251825)
@@ -66,6 +66,7 @@
 #if HAVE(SANDBOX_ISSUE_MACH_EXTENSION_TO_PROCESS_BY_AUDIT_TOKEN)
 char *sandbox_extension_issue_mach_to_process(const char *extension_class, const char *name, uint32_t flags, audit_token_t);
 #endif
+char *sandbox_extension_issue_mach(const char *extension_class, const char *name, uint32_t flags);
 int sandbox_check(pid_t, const char *operation, enum sandbox_filter_type, ...);
 int sandbox_check_by_audit_token(audit_token_t, const char *operation, enum sandbox_filter_type, ...);
 int sandbox_container_path_for_pid(pid_t, char *buffer, size_t bufsize);

Modified: trunk/Source/WebKit/ChangeLog (251824 => 251825)


--- trunk/Source/WebKit/ChangeLog	2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WebKit/ChangeLog	2019-10-31 00:33:49 UTC (rev 251825)
@@ -1,5 +1,27 @@
 2019-10-30  Per Arne Vollan  <pvol...@apple.com>
 
+        It should be possible to create a mach sandbox extension for the WebContent process before the audit token is known
+        https://bugs.webkit.org/show_bug.cgi?id=203618
+
+        Reviewed by Brent Fulgham.
+
+        Currently, we are only able to create a mach sandbox extension for the WebContent process if we know its
+        audit token. It should be possible to create a mach extension without the audit token, since this is
+        needed when we want to create extensions before the PID or audit token is known. These extensions are
+        typically sent in the WebProcess creation parameters.
+        
+        No new tests, this is not a behavior change, but a patch in preparation for future patches.
+
+        * Shared/Cocoa/SandboxExtensionCocoa.mm:
+        (WebKit::SandboxExtensionImpl::sandboxExtensionForType):
+        (WebKit::SandboxExtension::createHandleForMachLookup):
+        (WebKit::SandboxExtension::createHandleForMachLookupByAuditToken): Deleted.
+        * Shared/SandboxExtension.h:
+        * UIProcess/ios/WebProcessProxyIOS.mm:
+        (WebKit::WebProcessProxy::unblockAccessibilityServerIfNeeded):
+
+2019-10-30  Per Arne Vollan  <pvol...@apple.com>
+
         Fix some sysctl read violations in the WebContent process
         https://bugs.webkit.org/show_bug.cgi?id=203632

Modified: trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm (251824 => 251825)


--- trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm	2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm	2019-10-31 00:33:49 UTC (rev 251825)
@@ -92,9 +92,9 @@
         case SandboxExtension::Type::ReadWrite:
             return sandbox_extension_issue_file(APP_SANDBOX_READ_WRITE, path, 0);
         case SandboxExtension::Type::Mach:
+            if (!auditToken)
+                return sandbox_extension_issue_mach("com.apple.webkit.extension.mach"_s, path, 0);
 #if HAVE(SANDBOX_ISSUE_MACH_EXTENSION_TO_PROCESS_BY_AUDIT_TOKEN)
-            if (!auditToken)
-                return nullptr;
             return sandbox_extension_issue_mach_to_process("com.apple.webkit.extension.mach"_s, path, 0, *auditToken);
 #else
             UNUSED_PARAM(auditToken);
@@ -336,7 +336,7 @@
     return true;
 }
 
-bool SandboxExtension::createHandleForMachLookupByAuditToken(const String& service, audit_token_t auditToken, Handle& handle)
+bool SandboxExtension::createHandleForMachLookup(const String& service, Optional<audit_token_t> auditToken, Handle& handle)
 {
     ASSERT(!handle.m_sandboxExtension);

Modified: trunk/Source/WebKit/Shared/SandboxExtension.h (251824 => 251825)


--- trunk/Source/WebKit/Shared/SandboxExtension.h	2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WebKit/Shared/SandboxExtension.h	2019-10-31 00:33:49 UTC (rev 251825)
@@ -105,7 +105,7 @@
     static String createHandleForTemporaryFile(const String& prefix, Type, Handle&);
     static bool createHandleForGenericExtension(const String& extensionClass, Handle&);
 #if HAVE(AUDIT_TOKEN)
-    static bool createHandleForMachLookupByAuditToken(const String& service, audit_token_t, Handle&);
+    static bool createHandleForMachLookup(const String& service, Optional<audit_token_t>, Handle&);
     static bool createHandleForReadByAuditToken(const String& path, audit_token_t, Handle&);
 #endif
     ~SandboxExtension();

Modified: trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm (251824 => 251825)


--- trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm	2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm	2019-10-31 00:33:49 UTC (rev 251825)
@@ -54,14 +54,8 @@
     if (!canSendMessage())
         return;
 
-    ASSERT(connection() && connection()->getAuditToken());
-    if (!connection() || !connection()->getAuditToken()) {
-        WTFLogAlways("Unable to get audit token.");
-        return;
-    }
-    
     SandboxExtension::Handle handle;
-    if (!SandboxExtension::createHandleForMachLookupByAuditToken("com.apple.iphone.axserver-systemwide", *(connection()->getAuditToken()), handle))
+    if (!SandboxExtension::createHandleForMachLookup("com.apple.iphone.axserver-systemwide", connection() ? connection()->getAuditToken() : WTF::nullopt, handle))
         return;
 
     send(Messages::WebProcess::UnblockAccessibilityServer(handle), 0);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to