Skip to site navigation (Press enter)

[webkit-changes] [277338] trunk/Source/WebKit

nham Tue, 11 May 2021 13:46:13 -0700

Title: [277338] trunk/Source/WebKit

Revision: 277338
Author: [email protected]
Date: 2021-05-11 13:45:18 -0700 (Tue, 11 May 2021)

Log Message

Failing sandbox check for media permissions should not generate a violation report
https://bugs.webkit.org/show_bug.cgi?id=225662


Reviewed by Geoffrey Garen.

We sandbox_check the UIProcess for camera and video permissions. But if the process doesn't
have those permissions, sandbox_check fails and generates an expensive violation report that
task_suspends the process. We need to suppress the reporting with SANDBOX_CHECK_NO_REPORT.

* UIProcess/Cocoa/MediaPermissionUtilities.mm:
(WebKit::checkSandboxRequirementForType):

Modified Paths

trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/UIProcess/Cocoa/MediaPermissionUtilities.mm

Diff

Modified: trunk/Source/WebKit/ChangeLog (277337 => 277338)


--- trunk/Source/WebKit/ChangeLog	2021-05-11 19:48:21 UTC (rev 277337)
+++ trunk/Source/WebKit/ChangeLog	2021-05-11 20:45:18 UTC (rev 277338)
@@ -1,3 +1,17 @@
+2021-05-11  Ben Nham  <[email protected]>
+
+        Failing sandbox check for media permissions should not generate a violation report
+        https://bugs.webkit.org/show_bug.cgi?id=225662
+
+        Reviewed by Geoffrey Garen.
+
+        We sandbox_check the UIProcess for camera and video permissions. But if the process doesn't
+        have those permissions, sandbox_check fails and generates an expensive violation report that
+        task_suspends the process. We need to suppress the reporting with SANDBOX_CHECK_NO_REPORT.
+
+        * UIProcess/Cocoa/MediaPermissionUtilities.mm:
+        (WebKit::checkSandboxRequirementForType):
+
 2021-05-11  Alex Christensen  <[email protected]>
 
         Add SPI to restrict networking to a set of hosts

Modified: trunk/Source/WebKit/UIProcess/Cocoa/MediaPermissionUtilities.mm (277337 => 277338)


--- trunk/Source/WebKit/UIProcess/Cocoa/MediaPermissionUtilities.mm	2021-05-11 19:48:21 UTC (rev 277337)
+++ trunk/Source/WebKit/UIProcess/Cocoa/MediaPermissionUtilities.mm	2021-05-11 20:45:18 UTC (rev 277338)
@@ -61,7 +61,7 @@
         if (!currentProcessIsSandboxed())
             return;
 
-        int result = sandbox_check(getpid(), operation, SANDBOX_FILTER_NONE);
+        int result = sandbox_check(getpid(), operation, static_cast<enum sandbox_filter_type>(SANDBOX_CHECK_NO_REPORT | SANDBOX_FILTER_NONE));
         if (result == -1)
             WTFLogAlways("Error checking '%s' sandbox access, errno=%ld", operation, (long)errno);
         *entitled = !result;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes