Title: [285546] trunk/Source/WebKit
- Revision
- 285546
- Author
- [email protected]
- Date
- 2021-11-09 17:03:51 -0800 (Tue, 09 Nov 2021)
Log Message
[iOS][GPUP] Add syscalls to sandbox
https://bugs.webkit.org/show_bug.cgi?id=232211
<rdar://problem/84584880>
Reviewed by Darin Adler.
Based on telemetry, add syscalls to the GPU process' sandbox on iOS.
* Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb:
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (285545 => 285546)
--- trunk/Source/WebKit/ChangeLog 2021-11-10 00:52:14 UTC (rev 285545)
+++ trunk/Source/WebKit/ChangeLog 2021-11-10 01:03:51 UTC (rev 285546)
@@ -1,5 +1,17 @@
2021-11-09 Per Arne <[email protected]>
+ [iOS][GPUP] Add syscalls to sandbox
+ https://bugs.webkit.org/show_bug.cgi?id=232211
+ <rdar://problem/84584880>
+
+ Reviewed by Darin Adler.
+
+ Based on telemetry, add syscalls to the GPU process' sandbox on iOS.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb:
+
+2021-11-09 Per Arne <[email protected]>
+
[iOS][GPUP] Remove sandbox access to mach services
https://bugs.webkit.org/show_bug.cgi?id=232209
<rdar://problem/84584739>
Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb (285545 => 285546)
--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb 2021-11-10 00:52:14 UTC (rev 285545)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb 2021-11-10 01:03:51 UTC (rev 285546)
@@ -949,8 +949,12 @@
SYS_connect
SYS_csops
SYS_csops_audittoken
+ SYS_dup
+ SYS_dup2
SYS_exit
SYS_fcntl
+ SYS_fcntl_nocancel
+ SYS_fileport_makefd
SYS_flock
SYS_fsetattrlist
SYS_fsetxattr
@@ -996,6 +1000,7 @@
SYS_pathconf
SYS_pread
SYS_proc_info
+ SYS_proc_info_extended_id
SYS_psynch_cvbroad
SYS_psynch_cvclrprepost
SYS_psynch_cvsignal
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
