[webkit-changes] [271830] branches/safari-611-branch/Source

Mon, 25 Jan 2021 14:12:19 -0800

Title: [271830] branches/safari-611-branch/Source
Revision
271830
Author
[email protected]
Date
2021-01-25 14:11:41 -0800 (Mon, 25 Jan 2021)

Log Message

Cherry-pick r271417. rdar://problem/73376369

    [macOS] Reset user directory suffix before getting sandbox directory
    https://bugs.webkit.org/show_bug.cgi?id=220358
    <rdar://problem/57616019>

    Reviewed by Alexey Proskuryakov.

    Source/WebCore/PAL:

    Declare functions to get and set user directory suffix.

    * pal/spi/cocoa/CoreServicesSPI.h:

    Source/WebKit:

    Reset the user directory suffix before getting the sandbox data vault directory with confstr. We do not want to include the user
    directory suffix, since the sandbox data vault will then end up inside the host process' cache folder, which is undesirable.
    Also, creating the data vault directory with confstr can fail under some circumstances if the user directory suffix is not empty.
    This patch also changes how we next set the user directory suffix for the process. Instead of setting the environment variable
    DIRHELPER_USER_DIR_SUFFIX, we can use the SPI _set_user_dir_suffix. The behavior should be identical, but I believe it is better
    to use SPI for this.

    * Shared/mac/AuxiliaryProcessMac.mm:
    (WebKit::initializeSandboxParameters):
    (WebKit::AuxiliaryProcess::initializeSandbox):

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@271417 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

Diff

Modified: branches/safari-611-branch/Source/WebCore/PAL/ChangeLog (271829 => 271830)


--- branches/safari-611-branch/Source/WebCore/PAL/ChangeLog	2021-01-25 22:11:37 UTC (rev 271829)
+++ branches/safari-611-branch/Source/WebCore/PAL/ChangeLog	2021-01-25 22:11:41 UTC (rev 271830)
@@ -1,5 +1,49 @@
 2021-01-25  Alan Coon  <[email protected]>
 
+        Cherry-pick r271417. rdar://problem/73376369
+
+    [macOS] Reset user directory suffix before getting sandbox directory
+    https://bugs.webkit.org/show_bug.cgi?id=220358
+    <rdar://problem/57616019>
+    
+    Reviewed by Alexey Proskuryakov.
+    
+    Source/WebCore/PAL:
+    
+    Declare functions to get and set user directory suffix.
+    
+    * pal/spi/cocoa/CoreServicesSPI.h:
+    
+    Source/WebKit:
+    
+    Reset the user directory suffix before getting the sandbox data vault directory with confstr. We do not want to include the user
+    directory suffix, since the sandbox data vault will then end up inside the host process' cache folder, which is undesirable.
+    Also, creating the data vault directory with confstr can fail under some circumstances if the user directory suffix is not empty.
+    This patch also changes how we next set the user directory suffix for the process. Instead of setting the environment variable
+    DIRHELPER_USER_DIR_SUFFIX, we can use the SPI _set_user_dir_suffix. The behavior should be identical, but I believe it is better
+    to use SPI for this.
+    
+    * Shared/mac/AuxiliaryProcessMac.mm:
+    (WebKit::initializeSandboxParameters):
+    (WebKit::AuxiliaryProcess::initializeSandbox):
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@271417 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2021-01-12  Per Arne Vollan  <[email protected]>
+
+            [macOS] Reset user directory suffix before getting sandbox directory
+            https://bugs.webkit.org/show_bug.cgi?id=220358
+            <rdar://problem/57616019>
+
+            Reviewed by Alexey Proskuryakov.
+
+            Declare functions to get and set user directory suffix.
+
+            * pal/spi/cocoa/CoreServicesSPI.h:
+
+2021-01-25  Alan Coon  <[email protected]>
+
         Cherry-pick r271497. rdar://problem/73469623
 
     Exceptions thrown when invoking a <select> on an iPhone-idiom app running on macOS

Modified: branches/safari-611-branch/Source/WebCore/PAL/pal/spi/cocoa/CoreServicesSPI.h (271829 => 271830)


--- branches/safari-611-branch/Source/WebCore/PAL/pal/spi/cocoa/CoreServicesSPI.h	2021-01-25 22:11:37 UTC (rev 271829)
+++ branches/safari-611-branch/Source/WebCore/PAL/pal/spi/cocoa/CoreServicesSPI.h	2021-01-25 22:11:41 UTC (rev 271830)
@@ -25,6 +25,12 @@
 
 #pragma once
 
-extern "C" void _CSCheckFixDisable();
-extern "C" CFArrayRef _UTCopyDeclaredTypeIdentifiers(void);
+WTF_EXTERN_C_BEGIN
 
+void _CSCheckFixDisable();
+CFArrayRef _UTCopyDeclaredTypeIdentifiers(void);
+
+char *_get_user_dir_suffix();
+bool _set_user_dir_suffix(const char *user_dir_suffix);
+
+WTF_EXTERN_C_END

Modified: branches/safari-611-branch/Source/WebKit/ChangeLog (271829 => 271830)


--- branches/safari-611-branch/Source/WebKit/ChangeLog	2021-01-25 22:11:37 UTC (rev 271829)
+++ branches/safari-611-branch/Source/WebKit/ChangeLog	2021-01-25 22:11:41 UTC (rev 271830)
@@ -1,5 +1,56 @@
 2021-01-25  Alan Coon  <[email protected]>
 
+        Cherry-pick r271417. rdar://problem/73376369
+
+    [macOS] Reset user directory suffix before getting sandbox directory
+    https://bugs.webkit.org/show_bug.cgi?id=220358
+    <rdar://problem/57616019>
+    
+    Reviewed by Alexey Proskuryakov.
+    
+    Source/WebCore/PAL:
+    
+    Declare functions to get and set user directory suffix.
+    
+    * pal/spi/cocoa/CoreServicesSPI.h:
+    
+    Source/WebKit:
+    
+    Reset the user directory suffix before getting the sandbox data vault directory with confstr. We do not want to include the user
+    directory suffix, since the sandbox data vault will then end up inside the host process' cache folder, which is undesirable.
+    Also, creating the data vault directory with confstr can fail under some circumstances if the user directory suffix is not empty.
+    This patch also changes how we next set the user directory suffix for the process. Instead of setting the environment variable
+    DIRHELPER_USER_DIR_SUFFIX, we can use the SPI _set_user_dir_suffix. The behavior should be identical, but I believe it is better
+    to use SPI for this.
+    
+    * Shared/mac/AuxiliaryProcessMac.mm:
+    (WebKit::initializeSandboxParameters):
+    (WebKit::AuxiliaryProcess::initializeSandbox):
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@271417 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2021-01-12  Per Arne Vollan  <[email protected]>
+
+            [macOS] Reset user directory suffix before getting sandbox directory
+            https://bugs.webkit.org/show_bug.cgi?id=220358
+            <rdar://problem/57616019>
+
+            Reviewed by Alexey Proskuryakov.
+
+            Reset the user directory suffix before getting the sandbox data vault directory with confstr. We do not want to include the user
+            directory suffix, since the sandbox data vault will then end up inside the host process' cache folder, which is undesirable.
+            Also, creating the data vault directory with confstr can fail under some circumstances if the user directory suffix is not empty.
+            This patch also changes how we next set the user directory suffix for the process. Instead of setting the environment variable
+            DIRHELPER_USER_DIR_SUFFIX, we can use the SPI _set_user_dir_suffix. The behavior should be identical, but I believe it is better
+            to use SPI for this.
+
+            * Shared/mac/AuxiliaryProcessMac.mm:
+            (WebKit::initializeSandboxParameters):
+            (WebKit::AuxiliaryProcess::initializeSandbox):
+
+2021-01-25  Alan Coon  <[email protected]>
+
         Cherry-pick r271543. rdar://problem/73469576
 
     [iOS] Emoji keyboard covers text field on twitter.com/messages

Modified: branches/safari-611-branch/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm (271829 => 271830)


--- branches/safari-611-branch/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm	2021-01-25 22:11:37 UTC (rev 271829)
+++ branches/safari-611-branch/Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm	2021-01-25 22:11:41 UTC (rev 271830)
@@ -655,7 +655,7 @@
     sandboxParameters.addParameter("_OS_VERSION", osVersion.utf8().data());
 
     // Use private temporary and cache directories.
-    setenv("DIRHELPER_USER_DIR_SUFFIX", FileSystem::fileSystemRepresentation(sandboxParameters.userDirectorySuffix()).data(), 1);
+    _set_user_dir_suffix(FileSystem::fileSystemRepresentation(sandboxParameters.userDirectorySuffix()).data());
     char temporaryDirectory[PATH_MAX];
     if (!confstr(_CS_DARWIN_USER_TEMP_DIR, temporaryDirectory, sizeof(temporaryDirectory))) {
         WTFLogAlways("%s: couldn't retrieve private temporary directory path: %d\n", getprogname(), errno);
@@ -699,6 +699,10 @@
 #if USE(CACHE_COMPILED_SANDBOX)
     // This must be called before initializeSandboxParameters so that the path does not include the user directory suffix.
     // We don't want the user directory suffix because we want all processes of the same type to use the same cache directory.
+    // First, make sure the user directory suffix is empty at this point. This is normally already the case, but some host
+    // processes are setting the user directory suffix, which we will inherit, and our sandbox datavault will then end up
+    // inside the host process' cache folder, which is undesirable.
+    _set_user_dir_suffix(nullptr);
     String dataVaultParentDirectory { sandboxDataVaultParentDirectory() };
 #else
     String dataVaultParentDirectory;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to