[webkit-changes] [272333] trunk/Source/WebKit

Wed, 03 Feb 2021 12:16:55 -0800

Title: [272333] trunk/Source/WebKit
Revision
272333
Author
[email protected]
Date
2021-02-03 12:16:38 -0800 (Wed, 03 Feb 2021)

Log Message

[macOS] Remove access to graphics related user clients
https://bugs.webkit.org/show_bug.cgi?id=221327
<rdar://problem/70496539>

Reviewed by Brent Fulgham.

Remove access to graphics related IOKit classes in the WebContent process on macOS when the GPU process is enabled.

* WebProcess/com.apple.WebProcess.sb.in:

Modified Paths

Diff

Modified: trunk/Source/WebKit/ChangeLog (272332 => 272333)


--- trunk/Source/WebKit/ChangeLog	2021-02-03 19:48:24 UTC (rev 272332)
+++ trunk/Source/WebKit/ChangeLog	2021-02-03 20:16:38 UTC (rev 272333)
@@ -1,5 +1,17 @@
 2021-02-03  Per Arne Vollan  <[email protected]>
 
+        [macOS] Remove access to graphics related user clients
+        https://bugs.webkit.org/show_bug.cgi?id=221327
+        <rdar://problem/70496539>
+
+        Reviewed by Brent Fulgham.
+
+        Remove access to graphics related IOKit classes in the WebContent process on macOS when the GPU process is enabled.
+
+        * WebProcess/com.apple.WebProcess.sb.in:
+
+2021-02-03  Per Arne Vollan  <[email protected]>
+
         [macOS] Remove access to com.apple.cvmsServ
         https://bugs.webkit.org/show_bug.cgi?id=221336
         <rdar://problem/70495789>

Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (272332 => 272333)


--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2021-02-03 19:48:24 UTC (rev 272332)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2021-02-03 20:16:38 UTC (rev 272333)
@@ -1800,11 +1800,7 @@
     (require-all
         (require-not (extension "com.apple.webkit.extension.iokit"))
         (iokit-registry-entry-class
-            "AGPMClient"
-            "AppleGraphicsControlClient"
-            "AppleGraphicsPolicyClient"
             "AppleIntelMEUserClient"
-            "AppleMGPUPowerControlClient"
             "AppleSNBFBUserClient"
             "IOAccelerationUserClient"
             "IOSurfaceRootUserClient"
@@ -1857,6 +1853,21 @@
 #endif
     (require-all
         (require-not (extension "com.apple.webkit.extension.iokit"))
+        (iokit-registry-entry-class
+            "AGPMClient"
+            "AppleGraphicsControlClient"
+            "AppleGraphicsPolicyClient"
+            "AppleMGPUPowerControlClient"
+        )
+    )
+)
+
+(deny iokit-open
+#if __MAC_OS_X_VERSION_MIN_REQUIRED > 110000
+    (with telemetry-backtrace)
+#endif
+    (require-all
+        (require-not (extension "com.apple.webkit.extension.iokit"))
         (iokit-user-client-class
             "RootDomainUserClient"
         )

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to