Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 6390f36dce317d5c780235d26d8f97f3826f4b48
https://github.com/WebKit/WebKit/commit/6390f36dce317d5c780235d26d8f97f3826f4b48
Author: Marcus Plutowski <[email protected]>
Date: 2025-10-22 (Wed, 22 Oct 2025)
Changed paths:
M Source/bmalloc/libpas/src/libpas/pas_mte_config.c
M Source/bmalloc/libpas/src/libpas/pas_mte_config.h
Log Message:
-----------
[libpas] MTE-tag WebContent.EnhancedSecurity processes
https://bugs.webkit.org/show_bug.cgi?id=300638
rdar://162538653
Reviewed by Mark Lam.
Such processes are considered 'hardened' a la Lockdown Mode processes,
at least with regards to MTE tagging and the enablement of MTE hardening
features like adjacent-tag-exclusion.
This patch ensures that they are treated as such, including full tagging
of all non-compact medium-and-small objects allocated through libpas.
Specifically, the processes which this will affect are:
- com.apple.WebKit.WebContent.EnhancedSecurity
- com.apple.WebKit.WebContent.EnhancedSecurity.Development
We need to switch to getprogname() instead of pbi_name/pbi_comm because
pbi_name is size-limited to the first 32B of the process name.
Canonical link: https://commits.webkit.org/301970@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
