[webkit-changes] [284252] trunk/Source/WebKit

[bfulgham]

Title: [284252] trunk/Source/WebKit

Revision

284252

Author

bfulg...@apple.com

Date

2021-10-15 10:33:58 -0700 (Fri, 15 Oct 2021)

Log Message

[macOS] Update sandboxes to support finer-grained XPC services in the media stack
https://bugs.webkit.org/show_bug.cgi?id=231782
<rdar://problem/84275671>

Reviewed by Eric Carlson.

CoreMedia is refactoring to limit the features accessible through a given XPC service.
We need to add an additional service name. This new name just exposes features already
exposed through other XPC endpoints we already allow.

* GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: Always allow access to the new service.
* UIProcess/WebPageProxy.cpp:
(WebKit::mediaRelatedMachServices): Updated for new service name.
* WebProcess/com.apple.WebProcess.sb.in: Conditionally consume the new extension
if the GPU process is turned off.

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in
• trunk/Source/WebKit/UIProcess/WebPageProxy.cpp
• trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in

Diff

Modified: trunk/Source/WebKit/ChangeLog (284251 => 284252)

--- trunk/Source/WebKit/ChangeLog	2021-10-15 16:43:34 UTC (rev 284251)
+++ trunk/Source/WebKit/ChangeLog	2021-10-15 17:33:58 UTC (rev 284252)
@@ -1,3 +1,21 @@
+2021-10-15  Brent Fulgham  <bfulg...@apple.com>
+
+        [macOS] Update sandboxes to support finer-grained XPC services in the media stack
+        https://bugs.webkit.org/show_bug.cgi?id=231782
+        <rdar://problem/84275671>
+
+        Reviewed by Eric Carlson.
+
+        CoreMedia is refactoring to limit the features accessible through a given XPC service.
+        We need to add an additional service name. This new name just exposes features already
+        exposed through other XPC endpoints we already allow.
+
+        * GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: Always allow access to the new service.
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::mediaRelatedMachServices): Updated for new service name.
+        * WebProcess/com.apple.WebProcess.sb.in: Conditionally consume the new extension
+        if the GPU process is turned off.
+
 2021-10-15  Kate Cheney  <katherine_che...@apple.com>
 
         Unreviewed maccatalyst build fix.

Modified: trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in (284251 => 284252)

--- trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in	2021-10-15 16:43:34 UTC (rev 284251)
+++ trunk/Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in	2021-10-15 17:33:58 UTC (rev 284252)
@@ -879,6 +879,9 @@
     ; <rdar://problem/35509194>
     (global-name "com.apple.coremedia.endpointremotecontrolsession.xpc")
     (global-name "com.apple.coremedia.routediscoverer.xpc")
+#if __MAC_OS_X_VERSION_MIN_REQUIRED > 120000
+    (global-name "com.apple.coremedia.samplebufferconsumer.xpc")
+#endif
     (global-name "com.apple.coremedia.volumecontroller.xpc")
 )
 

Modified: trunk/Source/WebKit/UIProcess/WebPageProxy.cpp (284251 => 284252)

--- trunk/Source/WebKit/UIProcess/WebPageProxy.cpp	2021-10-15 16:43:34 UTC (rev 284251)
+++ trunk/Source/WebKit/UIProcess/WebPageProxy.cpp	2021-10-15 17:33:58 UTC (rev 284252)
@@ -8120,7 +8120,10 @@
         "com.apple.audio.audiohald"_s, "com.apple.audio.SandboxHelper"_s, "com.apple.coremedia.endpointstream.xpc"_s, "com.apple.coremedia.endpointplaybacksession.xpc"_s,
         "com.apple.coremedia.endpointremotecontrolsession.xpc"_s, "com.apple.coremedia.videodecoder"_s,
         "com.apple.coremedia.videoencoder"_s, "com.apple.lskdd"_s, "com.apple.trustd.agent"_s,
+#if __MAC_OS_X_VERSION_MIN_REQUIRED > 120000
+        "com.apple.coremedia.samplebufferconsumer.xpc"_s,
 #endif
+#endif
     });
     return services;
 }

Modified: trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in (284251 => 284252)

--- trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2021-10-15 16:43:34 UTC (rev 284251)
+++ trunk/Source/WebKit/WebProcess/com.apple.WebProcess.sb.in	2021-10-15 17:33:58 UTC (rev 284252)
@@ -1764,6 +1764,9 @@
             "com.apple.audio.AudioComponentRegistrar" "com.apple.audio.audiohald" "com.apple.coremedia.endpoint.xpc" "com.apple.coremedia.endpointstream.xpc"
             "com.apple.coremedia.endpointplaybacksession.xpc" "com.apple.coremedia.endpointremotecontrolsession.xpc" "com.apple.coremedia.routediscoverer.xpc"
             "com.apple.coremedia.routingcontext.xpc" "com.apple.coremedia.volumecontroller.xpc" "com.apple.lskdd" "com.apple.mediaremoted.xpc" "com.apple.trustd.agent"
+#if __MAC_OS_X_VERSION_MIN_REQUIRED > 120000
+            "com.apple.coremedia.samplebufferconsumer.xpc"
+#endif
             ;;; FIXME(207716): End services to remove.
         )
     )

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes