- Revision
- 251825
- Author
- pvol...@apple.com
- Date
- 2019-10-30 17:33:49 -0700 (Wed, 30 Oct 2019)
Log Message
It should be possible to create a mach sandbox extension for the WebContent process before the audit token is known
https://bugs.webkit.org/show_bug.cgi?id=203618
Reviewed by Brent Fulgham.
Source/WebKit:
Currently, we are only able to create a mach sandbox extension for the WebContent process if we know its
audit token. It should be possible to create a mach extension without the audit token, since this is
needed when we want to create extensions before the PID or audit token is known. These extensions are
typically sent in the WebProcess creation parameters.
No new tests, this is not a behavior change, but a patch in preparation for future patches.
* Shared/Cocoa/SandboxExtensionCocoa.mm:
(WebKit::SandboxExtensionImpl::sandboxExtensionForType):
(WebKit::SandboxExtension::createHandleForMachLookup):
(WebKit::SandboxExtension::createHandleForMachLookupByAuditToken): Deleted.
* Shared/SandboxExtension.h:
* UIProcess/ios/WebProcessProxyIOS.mm:
(WebKit::WebProcessProxy::unblockAccessibilityServerIfNeeded):
Source/WTF:
Added SPI to create mach extension without PID or audit token.
* wtf/spi/darwin/SandboxSPI.h:
Modified Paths
Diff
Modified: trunk/Source/WTF/ChangeLog (251824 => 251825)
--- trunk/Source/WTF/ChangeLog 2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WTF/ChangeLog 2019-10-31 00:33:49 UTC (rev 251825)
@@ -1,3 +1,14 @@
+2019-10-30 Per Arne Vollan <pvol...@apple.com>
+
+ It should be possible to create a mach sandbox extension for the WebContent process before the audit token is known
+ https://bugs.webkit.org/show_bug.cgi?id=203618
+
+ Reviewed by Brent Fulgham.
+
+ Added SPI to create mach extension without PID or audit token.
+
+ * wtf/spi/darwin/SandboxSPI.h:
+
2019-10-30 Daniel Bates <daba...@apple.com>
Add pretty printer for CompactPointerTuple
Modified: trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h (251824 => 251825)
--- trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h 2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h 2019-10-31 00:33:49 UTC (rev 251825)
@@ -66,6 +66,7 @@
#if HAVE(SANDBOX_ISSUE_MACH_EXTENSION_TO_PROCESS_BY_AUDIT_TOKEN)
char *sandbox_extension_issue_mach_to_process(const char *extension_class, const char *name, uint32_t flags, audit_token_t);
#endif
+char *sandbox_extension_issue_mach(const char *extension_class, const char *name, uint32_t flags);
int sandbox_check(pid_t, const char *operation, enum sandbox_filter_type, ...);
int sandbox_check_by_audit_token(audit_token_t, const char *operation, enum sandbox_filter_type, ...);
int sandbox_container_path_for_pid(pid_t, char *buffer, size_t bufsize);
Modified: trunk/Source/WebKit/ChangeLog (251824 => 251825)
--- trunk/Source/WebKit/ChangeLog 2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WebKit/ChangeLog 2019-10-31 00:33:49 UTC (rev 251825)
@@ -1,5 +1,27 @@
2019-10-30 Per Arne Vollan <pvol...@apple.com>
+ It should be possible to create a mach sandbox extension for the WebContent process before the audit token is known
+ https://bugs.webkit.org/show_bug.cgi?id=203618
+
+ Reviewed by Brent Fulgham.
+
+ Currently, we are only able to create a mach sandbox extension for the WebContent process if we know its
+ audit token. It should be possible to create a mach extension without the audit token, since this is
+ needed when we want to create extensions before the PID or audit token is known. These extensions are
+ typically sent in the WebProcess creation parameters.
+
+ No new tests, this is not a behavior change, but a patch in preparation for future patches.
+
+ * Shared/Cocoa/SandboxExtensionCocoa.mm:
+ (WebKit::SandboxExtensionImpl::sandboxExtensionForType):
+ (WebKit::SandboxExtension::createHandleForMachLookup):
+ (WebKit::SandboxExtension::createHandleForMachLookupByAuditToken): Deleted.
+ * Shared/SandboxExtension.h:
+ * UIProcess/ios/WebProcessProxyIOS.mm:
+ (WebKit::WebProcessProxy::unblockAccessibilityServerIfNeeded):
+
+2019-10-30 Per Arne Vollan <pvol...@apple.com>
+
Fix some sysctl read violations in the WebContent process
https://bugs.webkit.org/show_bug.cgi?id=203632
Modified: trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm (251824 => 251825)
--- trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm 2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm 2019-10-31 00:33:49 UTC (rev 251825)
@@ -92,9 +92,9 @@
case SandboxExtension::Type::ReadWrite:
return sandbox_extension_issue_file(APP_SANDBOX_READ_WRITE, path, 0);
case SandboxExtension::Type::Mach:
+ if (!auditToken)
+ return sandbox_extension_issue_mach("com.apple.webkit.extension.mach"_s, path, 0);
#if HAVE(SANDBOX_ISSUE_MACH_EXTENSION_TO_PROCESS_BY_AUDIT_TOKEN)
- if (!auditToken)
- return nullptr;
return sandbox_extension_issue_mach_to_process("com.apple.webkit.extension.mach"_s, path, 0, *auditToken);
#else
UNUSED_PARAM(auditToken);
@@ -336,7 +336,7 @@
return true;
}
-bool SandboxExtension::createHandleForMachLookupByAuditToken(const String& service, audit_token_t auditToken, Handle& handle)
+bool SandboxExtension::createHandleForMachLookup(const String& service, Optional<audit_token_t> auditToken, Handle& handle)
{
ASSERT(!handle.m_sandboxExtension);
Modified: trunk/Source/WebKit/Shared/SandboxExtension.h (251824 => 251825)
--- trunk/Source/WebKit/Shared/SandboxExtension.h 2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WebKit/Shared/SandboxExtension.h 2019-10-31 00:33:49 UTC (rev 251825)
@@ -105,7 +105,7 @@
static String createHandleForTemporaryFile(const String& prefix, Type, Handle&);
static bool createHandleForGenericExtension(const String& extensionClass, Handle&);
#if HAVE(AUDIT_TOKEN)
- static bool createHandleForMachLookupByAuditToken(const String& service, audit_token_t, Handle&);
+ static bool createHandleForMachLookup(const String& service, Optional<audit_token_t>, Handle&);
static bool createHandleForReadByAuditToken(const String& path, audit_token_t, Handle&);
#endif
~SandboxExtension();
Modified: trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm (251824 => 251825)
--- trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm 2019-10-31 00:14:44 UTC (rev 251824)
+++ trunk/Source/WebKit/UIProcess/ios/WebProcessProxyIOS.mm 2019-10-31 00:33:49 UTC (rev 251825)
@@ -54,14 +54,8 @@
if (!canSendMessage())
return;
- ASSERT(connection() && connection()->getAuditToken());
- if (!connection() || !connection()->getAuditToken()) {
- WTFLogAlways("Unable to get audit token.");
- return;
- }
-
SandboxExtension::Handle handle;
- if (!SandboxExtension::createHandleForMachLookupByAuditToken("com.apple.iphone.axserver-systemwide", *(connection()->getAuditToken()), handle))
+ if (!SandboxExtension::createHandleForMachLookup("com.apple.iphone.axserver-systemwide", connection() ? connection()->getAuditToken() : WTF::nullopt, handle))
return;
send(Messages::WebProcess::UnblockAccessibilityServer(handle), 0);