Title: [266411] trunk/Source/WebKit
- Revision
- 266411
- Author
- [email protected]
- Date
- 2020-09-01 14:25:43 -0700 (Tue, 01 Sep 2020)
Log Message
[iOS] AGX compiler service sandbox violation
https://bugs.webkit.org/show_bug.cgi?id=216042
<rdar://problem/68111667>
Reviewed by Brent Fulgham.
For a set of devices, mach-lookup sandbox violations have been observed for an AGX compiler service. For these devices,
we currently issue an extension for one AGX compiler service, but this is not sufficient since there is a similar
service name that needs to be added as well.
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::agxCompilerServices):
(WebKit::WebProcessPool::platformInitializeWebProcess):
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (266410 => 266411)
--- trunk/Source/WebKit/ChangeLog 2020-09-01 20:45:38 UTC (rev 266410)
+++ trunk/Source/WebKit/ChangeLog 2020-09-01 21:25:43 UTC (rev 266411)
@@ -1,3 +1,25 @@
+2020-09-01 Per Arne Vollan <[email protected]>
+
+ [iOS] AGX compiler service sandbox violation
+ https://bugs.webkit.org/show_bug.cgi?id=216042
+ <rdar://problem/68111667>
+
+ Reviewed by Brent Fulgham.
+
+ For a set of devices, mach-lookup sandbox violations have been observed for an AGX compiler service. For these devices,
+ we currently issue an extension for one AGX compiler service, but this is not sufficient since there is a similar
+ service name that needs to be added as well.
+
+ * Shared/WebProcessCreationParameters.cpp:
+ (WebKit::WebProcessCreationParameters::encode const):
+ (WebKit::WebProcessCreationParameters::decode):
+ * Shared/WebProcessCreationParameters.h:
+ * UIProcess/Cocoa/WebProcessPoolCocoa.mm:
+ (WebKit::agxCompilerServices):
+ (WebKit::WebProcessPool::platformInitializeWebProcess):
+ * WebProcess/cocoa/WebProcessCocoa.mm:
+ (WebKit::WebProcess::platformInitializeWebProcess):
+
2020-09-01 Rob Buis <[email protected]>
Convert runtime flag to setting for lazy image loading
Modified: trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp (266410 => 266411)
--- trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp 2020-09-01 20:45:38 UTC (rev 266410)
+++ trunk/Source/WebKit/Shared/WebProcessCreationParameters.cpp 2020-09-01 21:25:43 UTC (rev 266411)
@@ -156,7 +156,7 @@
encoder << websiteDataStoreParameters;
#if PLATFORM(IOS)
- encoder << compilerServiceExtensionHandle;
+ encoder << compilerServiceExtensionHandles;
#endif
encoder << containerManagerExtensionHandle;
@@ -415,11 +415,11 @@
parameters.websiteDataStoreParameters = WTFMove(*websiteDataStoreParameters);
#if PLATFORM(IOS)
- Optional<Optional<SandboxExtension::Handle>> compilerServiceExtensionHandle;
- decoder >> compilerServiceExtensionHandle;
- if (!compilerServiceExtensionHandle)
+ Optional<SandboxExtension::HandleArray> compilerServiceExtensionHandles;
+ decoder >> compilerServiceExtensionHandles;
+ if (!compilerServiceExtensionHandles)
return false;
- parameters.compilerServiceExtensionHandle = WTFMove(*compilerServiceExtensionHandle);
+ parameters.compilerServiceExtensionHandles = WTFMove(*compilerServiceExtensionHandles);
#endif
Optional<Optional<SandboxExtension::Handle>> containerManagerExtensionHandle;
Modified: trunk/Source/WebKit/Shared/WebProcessCreationParameters.h (266410 => 266411)
--- trunk/Source/WebKit/Shared/WebProcessCreationParameters.h 2020-09-01 20:45:38 UTC (rev 266410)
+++ trunk/Source/WebKit/Shared/WebProcessCreationParameters.h 2020-09-01 21:25:43 UTC (rev 266411)
@@ -200,7 +200,7 @@
Optional<WebProcessDataStoreParameters> websiteDataStoreParameters;
#if PLATFORM(IOS)
- Optional<SandboxExtension::Handle> compilerServiceExtensionHandle;
+ SandboxExtension::HandleArray compilerServiceExtensionHandles;
#endif
Optional<SandboxExtension::Handle> containerManagerExtensionHandle;
Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm (266410 => 266411)
--- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2020-09-01 20:45:38 UTC (rev 266410)
+++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm 2020-09-01 21:25:43 UTC (rev 266411)
@@ -290,6 +290,18 @@
#endif
+#if PLATFORM(IOS)
+static const Vector<ASCIILiteral>& agxCompilerServices()
+{
+ ASSERT(isMainThread());
+ static const auto services = makeNeverDestroyed(Vector<ASCIILiteral> {
+ "com.apple.AGXCompilerService"_s,
+ "com.apple.AGXCompilerService-S2A8"_s
+ });
+ return services;
+}
+#endif
+
static bool requiresContainerManagerAccess()
{
#if PLATFORM(MAC)
@@ -402,11 +414,8 @@
#endif
#if PLATFORM(IOS)
- if (WebCore::deviceHasAGXCompilerService()) {
- SandboxExtension::Handle compilerServiceExtensionHandle;
- SandboxExtension::createHandleForMachLookup("com.apple.AGXCompilerService"_s, WTF::nullopt, compilerServiceExtensionHandle);
- parameters.compilerServiceExtensionHandle = WTFMove(compilerServiceExtensionHandle);
- }
+ if (WebCore::deviceHasAGXCompilerService())
+ parameters.compilerServiceExtensionHandles = SandboxExtension::createHandlesForMachLookup(agxCompilerServices(), WTF::nullopt);
#endif
#if PLATFORM(IOS_FAMILY)
Modified: trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm (266410 => 266411)
--- trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2020-09-01 20:45:38 UTC (rev 266410)
+++ trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm 2020-09-01 21:25:43 UTC (rev 266411)
@@ -291,8 +291,7 @@
#endif
#if PLATFORM(IOS)
- if (parameters.compilerServiceExtensionHandle)
- SandboxExtension::consumePermanently(*parameters.compilerServiceExtensionHandle);
+ SandboxExtension::consumePermanently(parameters.compilerServiceExtensionHandles);
#endif
if (parameters.containerManagerExtensionHandle)
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
