Skip to site navigation (Press enter)

[webkit-changes] [289055] trunk/Source/WebKit

pvollan Thu, 03 Feb 2022 07:24:28 -0800

Title: [289055] trunk/Source/WebKit

Revision: 289055
Author: [email protected]
Date: 2022-02-03 07:23:40 -0800 (Thu, 03 Feb 2022)

Log Message

[iOS][WP] Add file-ioctl telemetry
https://bugs.webkit.org/show_bug.cgi?id=236031
<rdar://88334007>


Reviewed by Darin Adler.

Add file-ioctl telemetry in the WebContent process on iOS.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:

Modified Paths

trunk/Source/WebKit/ChangeLog
trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in

Diff

Modified: trunk/Source/WebKit/ChangeLog (289054 => 289055)


--- trunk/Source/WebKit/ChangeLog	2022-02-03 15:21:42 UTC (rev 289054)
+++ trunk/Source/WebKit/ChangeLog	2022-02-03 15:23:40 UTC (rev 289055)
@@ -1,3 +1,15 @@
+2022-02-03  Per Arne Vollan  <[email protected]>
+
+        [iOS][WP] Add file-ioctl telemetry
+        https://bugs.webkit.org/show_bug.cgi?id=236031
+        <rdar://88334007>
+
+        Reviewed by Darin Adler.
+
+        Add file-ioctl telemetry in the WebContent process on iOS.
+
+        * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
+
 2022-02-03  Chris Dumez  <[email protected]>
 
         Start connecting SharedWorker to the WebKit2 layer

Modified: trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (289054 => 289055)


--- trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in	2022-02-03 15:21:42 UTC (rev 289054)
+++ trunk/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in	2022-02-03 15:23:40 UTC (rev 289055)
@@ -377,7 +377,7 @@
           (literal "/dev/random")
           (literal "/dev/urandom"))
 
-    (allow file-read* file-write-data file-ioctl
+    (allow file-read* file-write-data
            (literal "/dev/aes_0")))
 
 (define required-etc-files
@@ -1362,8 +1362,12 @@
 
 ;; restrict to the two ioctl's /dev/aes_0 needs
 (allow file-ioctl (with telemetry)
-   (ioctl-command (_IO "T" 101)) ;; IOAES_GET_INFO
-   (ioctl-command (_IO "T" 102))) ;; IOAES_ENCRYPT_DECRYPT
+    (require-all
+        (literal "/dev/aes_0")
+        (require-any
+            (ioctl-command (_IO "T" 101)) ;; IOAES_GET_INFO
+            (ioctl-command (_IO "T" 102)) ;; IOAES_ENCRYPT_DECRYPT
+)))
 
 (deny socket-ioctl (with telemetry))

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes