[webkit-changes] [254867] trunk/Source/WebKit

[youenn]

Title: [254867] trunk/Source/WebKit

Revision

254867

Author

you...@apple.com

Date

2020-01-21 11:36:52 -0800 (Tue, 21 Jan 2020)

Log Message

Provide camera/microphone sandbox extensions to GPUProcess
https://bugs.webkit.org/show_bug.cgi?id=206531

Reviewed by Eric Carlson.

Send at creation of GPUProcess sandbox extensions to camera and microphone.
This is currently gated by the UIProcess application being Safari.
This should be changed to checks based on camera/microphone entitlements.

Extensions are provided at creation of the GPUProcess as it is as trusted as the UIProcess.
We do not make it conditional to getUserMedia being enabled as GPUProcess may be created for more than one configuration.

Relax the GPUProcess sandbox on MacOS to allow microphone access until we can use microphone sandbox extension for that purpose.

Manually tested by capturing audio/video with real devices.

* GPUProcess/GPUProcess.cpp:
(WebKit::GPUProcess::initializeGPUProcess):
* GPUProcess/GPUProcessCreationParameters.cpp:
(WebKit::GPUProcessCreationParameters::encode const):
(WebKit::GPUProcessCreationParameters::decode):
* GPUProcess/GPUProcessCreationParameters.h:
* GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:
* UIProcess/GPU/GPUProcessProxy.cpp:
(WebKit::isSafari):
(WebKit::shouldCreateCameraSandboxExtension):
(WebKit::shouldCreateMicrophoneSandboxExtension):
(WebKit::GPUProcessProxy::singleton):

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/GPUProcess/GPUProcess.cpp
• trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp
• trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h
• trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in
• trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp

Diff

Modified: trunk/Source/WebKit/ChangeLog (254866 => 254867)

--- trunk/Source/WebKit/ChangeLog	2020-01-21 19:36:05 UTC (rev 254866)
+++ trunk/Source/WebKit/ChangeLog	2020-01-21 19:36:52 UTC (rev 254867)
@@ -1,3 +1,34 @@
+2020-01-21  youenn fablet  <you...@apple.com>
+
+        Provide camera/microphone sandbox extensions to GPUProcess
+        https://bugs.webkit.org/show_bug.cgi?id=206531
+
+        Reviewed by Eric Carlson.
+
+        Send at creation of GPUProcess sandbox extensions to camera and microphone.
+        This is currently gated by the UIProcess application being Safari.
+        This should be changed to checks based on camera/microphone entitlements.
+
+        Extensions are provided at creation of the GPUProcess as it is as trusted as the UIProcess.
+        We do not make it conditional to getUserMedia being enabled as GPUProcess may be created for more than one configuration.
+
+        Relax the GPUProcess sandbox on MacOS to allow microphone access until we can use microphone sandbox extension for that purpose.
+
+        Manually tested by capturing audio/video with real devices.
+
+        * GPUProcess/GPUProcess.cpp:
+        (WebKit::GPUProcess::initializeGPUProcess):
+        * GPUProcess/GPUProcessCreationParameters.cpp:
+        (WebKit::GPUProcessCreationParameters::encode const):
+        (WebKit::GPUProcessCreationParameters::decode):
+        * GPUProcess/GPUProcessCreationParameters.h:
+        * GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:
+        * UIProcess/GPU/GPUProcessProxy.cpp:
+        (WebKit::isSafari):
+        (WebKit::shouldCreateCameraSandboxExtension):
+        (WebKit::shouldCreateMicrophoneSandboxExtension):
+        (WebKit::GPUProcessProxy::singleton):
+
 2020-01-21  Brady Eidson  <beid...@apple.com>
 
         API::(User)ContentWorld cleanup

Modified: trunk/Source/WebKit/GPUProcess/GPUProcess.cpp (254866 => 254867)

--- trunk/Source/WebKit/GPUProcess/GPUProcess.cpp	2020-01-21 19:36:05 UTC (rev 254866)
+++ trunk/Source/WebKit/GPUProcess/GPUProcess.cpp	2020-01-21 19:36:52 UTC (rev 254867)
@@ -107,7 +107,14 @@
     WTF::Thread::setCurrentThreadIsUserInitiated();
     AtomString::init();
 
+#if ENABLE(MEDIA_STREAM)
     setMockCaptureDevicesEnabled(parameters.useMockCaptureDevices);
+    SandboxExtension::consumePermanently(parameters.cameraSandboxExtensionHandle);
+    SandboxExtension::consumePermanently(parameters.microphoneSandboxExtensionHandle);
+#if PLATFORM(IOS)
+    SandboxExtension::consumePermanently(parameters.tccSandboxExtensionHandle);
+#endif
+#endif
 }
 
 void GPUProcess::prepareToSuspend(bool isSuspensionImminent, CompletionHandler<void()>&& completionHandler)

Modified: trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp (254866 => 254867)

--- trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp	2020-01-21 19:36:05 UTC (rev 254866)
+++ trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.cpp	2020-01-21 19:36:52 UTC (rev 254867)
@@ -41,13 +41,30 @@
 
 void GPUProcessCreationParameters::encode(IPC::Encoder& encoder) const
 {
+#if ENABLE(MEDIA_STREAM)
     encoder << useMockCaptureDevices;
+    encoder << cameraSandboxExtensionHandle;
+    encoder << microphoneSandboxExtensionHandle;
+#if PLATFORM(IOS)
+    encoder << tccSandboxExtensionHandle;
+#endif
+#endif
 }
 
 bool GPUProcessCreationParameters::decode(IPC::Decoder& decoder, GPUProcessCreationParameters& result)
 {
+#if ENABLE(MEDIA_STREAM)
     if (!decoder.decode(result.useMockCaptureDevices))
         return false;
+    if (!decoder.decode(result.cameraSandboxExtensionHandle))
+        return false;
+    if (!decoder.decode(result.microphoneSandboxExtensionHandle))
+        return false;
+#if PLATFORM(IOS)
+    if (!decoder.decode(result.tccSandboxExtensionHandle))
+        return false;
+#endif
+#endif
     return true;
 }
 

Modified: trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h (254866 => 254867)

--- trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h	2020-01-21 19:36:05 UTC (rev 254866)
+++ trunk/Source/WebKit/GPUProcess/GPUProcessCreationParameters.h	2020-01-21 19:36:52 UTC (rev 254867)
@@ -27,6 +27,8 @@
 
 #if ENABLE(GPU_PROCESS)
 
+#include "SandboxExtension.h"
+
 namespace IPC {
 class Decoder;
 class Encoder;
@@ -37,7 +39,14 @@
 struct GPUProcessCreationParameters {
     GPUProcessCreationParameters();
 
+#if ENABLE(MEDIA_STREAM)
     bool useMockCaptureDevices { false };
+    SandboxExtension::Handle cameraSandboxExtensionHandle;
+    SandboxExtension::Handle microphoneSandboxExtensionHandle;
+#if PLATFORM(IOS)
+    SandboxExtension::Handle tccSandboxExtensionHandle;
+#endif
+#endif
 
     void encode(IPC::Encoder&) const;
     static bool decode(IPC::Decoder&, GPUProcessCreationParameters&);

Modified: trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in (254866 => 254867)

--- trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in	2020-01-21 19:36:05 UTC (rev 254866)
+++ trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in	2020-01-21 19:36:52 UTC (rev 254867)
@@ -805,8 +805,8 @@
             domains))
 
 ;; Media capture, microphone access
-(with-filter (extension "com.apple.webkit.microphone")
-    (allow device-microphone))
+;; FIXME: make device-microphone access gated by the "com.apple.webkit.microphone" extension.
+(allow device-microphone)
 
 ;; Media capture, camera access
 (with-filter (extension "com.apple.webkit.camera")

Modified: trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp (254866 => 254867)

--- trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp	2020-01-21 19:36:05 UTC (rev 254866)
+++ trunk/Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp	2020-01-21 19:36:52 UTC (rev 254867)
@@ -41,6 +41,7 @@
 #include "WebProcessProxy.h"
 #include "WebProcessProxyMessages.h"
 #include <WebCore/MockRealtimeMediaSourceCenter.h>
+#include <WebCore/RuntimeApplicationChecks.h>
 #include <wtf/CompletionHandler.h>
 
 #if PLATFORM(IOS_FAMILY)
@@ -52,6 +53,35 @@
 namespace WebKit {
 using namespace WebCore;
 
+static inline bool isSafari()
+{
+    bool isSafari = false;
+#if PLATFORM(IOS_FAMILY)
+    if (IOSApplication::isMobileSafari())
+        isSafari = true;
+#elif PLATFORM(MAC)
+    if (MacApplication::isSafari())
+        isSafari = true;
+#endif
+    return isSafari;
+}
+
+static inline bool shouldCreateCameraSandboxExtension()
+{
+    // FIXME: We should check for "com.apple.security.device.camera" entitlement.
+    if (!isSafari())
+        return false;
+    return true;
+}
+
+static inline bool shouldCreateMicrophoneSandboxExtension()
+{
+    // FIXME: We should check for "com.apple.security.device.microphone" entitlement.
+    if (!isSafari())
+        return false;
+    return true;
+}
+
 GPUProcessProxy& GPUProcessProxy::singleton()
 {
     ASSERT(RunLoop::isMain());
@@ -65,7 +95,18 @@
         GPUProcessCreationParameters parameters;
 #if ENABLE(MEDIA_STREAM)
         parameters.useMockCaptureDevices = gpuProcess->m_useMockCaptureDevices;
+
+        bool needsCameraSandboxExtension = shouldCreateCameraSandboxExtension();
+        bool needsMicrophoneSandboxExtension = shouldCreateMicrophoneSandboxExtension();
+        if (needsCameraSandboxExtension)
+            SandboxExtension::createHandleForGenericExtension("com.apple.webkit.camera", parameters.cameraSandboxExtensionHandle);
+        if (needsMicrophoneSandboxExtension)
+            SandboxExtension::createHandleForGenericExtension("com.apple.webkit.microphone", parameters.microphoneSandboxExtensionHandle);
+#if PLATFORM(IOS)
+        if (needsCameraSandboxExtension || needsMicrophoneSandboxExtension)
+            SandboxExtension::createHandleForGenericExtension("com.apple.tccd", parameters.tccSandboxExtensionHandle);
 #endif
+#endif
         // Initialize the GPU process.
         gpuProcess->send(Messages::GPUProcess::InitializeGPUProcess(parameters), 0);
         gpuProcess->updateProcessAssertion();

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes