[webkit-changes] [254381] trunk/Source/WebKit

[bfulgham]

Title: [254381] trunk/Source/WebKit

Revision

254381

Author

bfulg...@apple.com

Date

2020-01-10 16:45:19 -0800 (Fri, 10 Jan 2020)

Log Message

[iOS] Remove reporting for some well-understood sandbox rules
https://bugs.webkit.org/show_bug.cgi?id=206111

Reviewed by Per Arne Vollan.

Remove sandbox rules designed to generate reporting about resource use for some well-understood
items that are frequently hit in WebKit use.

No new tests. No change in behavior.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb

Diff

Modified: trunk/Source/WebKit/ChangeLog (254380 => 254381)

--- trunk/Source/WebKit/ChangeLog	2020-01-11 00:32:16 UTC (rev 254380)
+++ trunk/Source/WebKit/ChangeLog	2020-01-11 00:45:19 UTC (rev 254381)
@@ -1,5 +1,19 @@
 2020-01-10  Brent Fulgham  <bfulg...@apple.com>
 
+        [iOS] Remove reporting for some well-understood sandbox rules
+        https://bugs.webkit.org/show_bug.cgi?id=206111
+
+        Reviewed by Per Arne Vollan.
+
+        Remove sandbox rules designed to generate reporting about resource use for some well-understood
+        items that are frequently hit in WebKit use.
+
+        No new tests. No change in behavior.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
+
+2020-01-10  Brent Fulgham  <bfulg...@apple.com>
+
         [iOS] Remove used media-related mach services from the WebContent process sandbox
         https://bugs.webkit.org/show_bug.cgi?id=206089
         <rdar://problem/58489478>

Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb (254380 => 254381)

--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb	2020-01-11 00:32:16 UTC (rev 254380)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb	2020-01-11 00:45:19 UTC (rev 254381)
@@ -451,10 +451,9 @@
     (allow iokit-open
         (iokit-user-client-class "AppleJPEGDriverUserClient")
         (iokit-user-client-class "IOSurfaceAcceleratorClient")
-        (iokit-user-client-class "IOSurfaceSendRight"))
-    (allow iokit-open (with report) (with telemetry)
-        ;; Requires by UIView -> UITextMagnifierRenderer -> UIWindow
-        (iokit-user-client-class "IOSurfaceRootUserClient"))
+        (iokit-user-client-class "IOSurfaceSendRight")
+        (iokit-user-client-class "IOSurfaceRootUserClient") ;; Needed by Tiled Grid code.
+    )
 
     ;; Silence sandbox violations from apps trying to create the empty plist if it doesn't exist.
     ;; <rdar://problem/13796537>
@@ -647,8 +646,9 @@
     (deny ipc-posix-sem-create ipc-posix-sem-post ipc-posix-sem-unlink ipc-posix-sem-wait)
     (allow ipc-posix-sem-open))
 
-(allow mach-lookup (with report) (with telemetry)
-    (global-name "com.apple.runningboard"))
+(allow mach-lookup (with telemetry)
+    (global-name "com.apple.runningboard") ;; Needed by process assertion code (ProcessTaskStateObserver).
+)
 
 (allow system-sched
        (require-entitlement "com.apple.private.kernel.override-cpumon"))

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes