Diff
Modified: trunk/Source/WebKit2/ChangeLog (174368 => 174369)
--- trunk/Source/WebKit2/ChangeLog 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/ChangeLog 2014-10-06 22:07:24 UTC (rev 174369)
@@ -1,3 +1,59 @@
+2014-10-06 Chris Dumez <[email protected]>
+
+ [Mac] We are spending too much time serializing ProtectionSpace objects
+ https://bugs.webkit.org/show_bug.cgi?id=137367
+
+ Reviewed by Dan Bernstein.
+
+ When profiling the load of nytimes.com, I noticed that we were spending
+ a lot of CPU time serializing ProtectionSpace objects (in particular
+ the NSURLProtectionSpace platform data):
+ - 5.6% of CPU time for Network Process
+ - 2.5% of CPU time for WebProcess
+
+ Serializing an NSURLProtectionSpace seems to be costly due to server
+ trust verification. We do this for every sub-resource load over HTTPS
+ due to the canAuthenticateAgainstProtectionSpace() callback for server
+ trust validation, from the NetworkProcess to the WebProcess and then to
+ the UIProcess.
+
+ This patch adds a WKContextSetCanHandleHTTPSServerTrustEvaluation(bool)
+ WK2 private API that the client can call to indicate that it cannot
+ handle HTTPS server trust evaluation and that it is thus unnecessary to
+ call the canAuthenticateAgainstProtectionSpace() callback for such
+ evaluations. This reduces the amount of IPC between the process and
+ thus the number of times we have to serialize the ProtectionSpace.
+
+ In the case of the nytimes.com load, there is no longer any
+ ProtectionSpace serialization happening as
+ canAuthenticateAgainstProtectionSpace() was only called for HTTPS
+ server trust evaluation.
+
+ * NetworkProcess/NetworkProcess.cpp:
+ (WebKit::NetworkProcess::NetworkProcess):
+ (WebKit::NetworkProcess::initializeNetworkProcess):
+ (WebKit::NetworkProcess::setCanHandleHTTPSServerTrustEvaluation):
+ * NetworkProcess/NetworkProcess.h:
+ (WebKit::NetworkProcess::canHandleHTTPSServerTrustEvaluation):
+ * NetworkProcess/NetworkProcess.messages.in:
+ * NetworkProcess/NetworkResourceLoader.cpp:
+ (WebKit::NetworkResourceLoader::canAuthenticateAgainstProtectionSpaceAsync):
+ * Shared/Network/NetworkProcessCreationParameters.cpp:
+ (WebKit::NetworkProcessCreationParameters::encode):
+ (WebKit::NetworkProcessCreationParameters::decode):
+ * Shared/Network/NetworkProcessCreationParameters.h:
+ * UIProcess/API/C/WKContext.cpp:
+ (WKContextSetCanHandleHTTPSServerTrustEvaluation):
+ * UIProcess/API/C/WKContextPrivate.h:
+ * UIProcess/API/Cocoa/WKProcessPool.mm:
+ (-[WKProcessPool _setCanHandleHTTPSServerTrustEvaluation:]):
+ * UIProcess/API/Cocoa/WKProcessPoolPrivate.h:
+ * UIProcess/WebContext.cpp:
+ (WebKit::WebContext::WebContext):
+ (WebKit::WebContext::ensureNetworkProcess):
+ (WebKit::WebContext::setCanHandleHTTPSServerTrustEvaluation):
+ * UIProcess/WebContext.h:
+
2014-10-06 Simon Fraser <[email protected]>
Don't attempt to paint into zero-sized backing store
Modified: trunk/Source/WebKit2/NetworkProcess/NetworkProcess.cpp (174368 => 174369)
--- trunk/Source/WebKit2/NetworkProcess/NetworkProcess.cpp 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkProcess.cpp 2014-10-06 22:07:24 UTC (rev 174369)
@@ -67,6 +67,7 @@
NetworkProcess::NetworkProcess()
: m_hasSetCacheModel(false)
, m_cacheModel(CacheModelDocumentViewer)
+ , m_canHandleHTTPSServerTrustEvaluation(true)
#if PLATFORM(COCOA)
, m_clearCacheDispatchGroup(0)
#endif
@@ -163,6 +164,7 @@
memoryPressureHandler().install();
setCacheModel(static_cast<uint32_t>(parameters.cacheModel));
+ setCanHandleHTTPSServerTrustEvaluation(parameters.canHandleHTTPSServerTrustEvaluation);
#if PLATFORM(MAC) || USE(CFNETWORK)
SessionTracker::setIdentifierBase(parameters.uiProcessBundleIdentifier);
@@ -252,6 +254,11 @@
}
}
+void NetworkProcess::setCanHandleHTTPSServerTrustEvaluation(bool value)
+{
+ m_canHandleHTTPSServerTrustEvaluation = value;
+}
+
void NetworkProcess::getNetworkProcessStatistics(uint64_t callbackID)
{
NetworkResourceLoadScheduler& scheduler = NetworkProcess::shared().networkResourceLoadScheduler();
Modified: trunk/Source/WebKit2/NetworkProcess/NetworkProcess.h (174368 => 174369)
--- trunk/Source/WebKit2/NetworkProcess/NetworkProcess.h 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkProcess.h 2014-10-06 22:07:24 UTC (rev 174369)
@@ -73,6 +73,7 @@
AuthenticationManager& authenticationManager();
DownloadManager& downloadManager();
+ bool canHandleHTTPSServerTrustEvaluation() const { return m_canHandleHTTPSServerTrustEvaluation; }
private:
NetworkProcess();
@@ -115,6 +116,7 @@
void cancelDownload(uint64_t downloadID);
void setCacheModel(uint32_t);
void allowSpecificHTTPSCertificateForHost(const WebCore::CertificateInfo&, const String& host);
+ void setCanHandleHTTPSServerTrustEvaluation(bool);
void getNetworkProcessStatistics(uint64_t callbackID);
void clearCacheForAllOrigins(uint32_t cachesToClear);
@@ -134,6 +136,7 @@
String m_diskCacheDirectory;
bool m_hasSetCacheModel;
CacheModel m_cacheModel;
+ bool m_canHandleHTTPSServerTrustEvaluation;
typedef HashMap<const char*, std::unique_ptr<NetworkProcessSupplement>, PtrHash<const char*>> NetworkProcessSupplementMap;
NetworkProcessSupplementMap m_supplements;
Modified: trunk/Source/WebKit2/NetworkProcess/NetworkProcess.messages.in (174368 => 174369)
--- trunk/Source/WebKit2/NetworkProcess/NetworkProcess.messages.in 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkProcess.messages.in 2014-10-06 22:07:24 UTC (rev 174369)
@@ -46,6 +46,7 @@
#endif
AllowSpecificHTTPSCertificateForHost(WebCore::CertificateInfo certificate, String host)
+ SetCanHandleHTTPSServerTrustEvaluation(bool value)
GetNetworkProcessStatistics(uint64_t callbackID)
Modified: trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp (174368 => 174369)
--- trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkResourceLoader.cpp 2014-10-06 22:07:24 UTC (rev 174369)
@@ -475,6 +475,13 @@
ASSERT(RunLoop::isMain());
ASSERT_UNUSED(handle, handle == m_handle);
+ // Handle server trust evaluation at platform-level if requested, for performance reasons.
+ if (protectionSpace.authenticationScheme() == ProtectionSpaceAuthenticationSchemeServerTrustEvaluationRequested
+ && !NetworkProcess::shared().canHandleHTTPSServerTrustEvaluation()) {
+ continueCanAuthenticateAgainstProtectionSpace(false);
+ return;
+ }
+
if (isSynchronous()) {
// FIXME: We should ask the WebProcess like the asynchronous case below does.
// This is currently impossible as the WebProcess is blocked waiting on this synchronous load.
Modified: trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.cpp (174368 => 174369)
--- trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.cpp 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.cpp 2014-10-06 22:07:24 UTC (rev 174369)
@@ -40,6 +40,7 @@
{
encoder << privateBrowsingEnabled;
encoder.encodeEnum(cacheModel);
+ encoder << canHandleHTTPSServerTrustEvaluation;
encoder << diskCacheDirectory;
encoder << diskCacheDirectoryExtensionHandle;
encoder << cookieStorageDirectory;
@@ -75,6 +76,8 @@
return false;
if (!decoder.decodeEnum(result.cacheModel))
return false;
+ if (!decoder.decode(result.canHandleHTTPSServerTrustEvaluation))
+ return false;
if (!decoder.decode(result.diskCacheDirectory))
return false;
if (!decoder.decode(result.diskCacheDirectoryExtensionHandle))
Modified: trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.h (174368 => 174369)
--- trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.h 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/Shared/Network/NetworkProcessCreationParameters.h 2014-10-06 22:07:24 UTC (rev 174369)
@@ -52,6 +52,7 @@
bool privateBrowsingEnabled;
CacheModel cacheModel;
+ bool canHandleHTTPSServerTrustEvaluation;
String diskCacheDirectory;
SandboxExtension::Handle diskCacheDirectoryExtensionHandle;
Modified: trunk/Source/WebKit2/UIProcess/API/C/WKContext.cpp (174368 => 174369)
--- trunk/Source/WebKit2/UIProcess/API/C/WKContext.cpp 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/UIProcess/API/C/WKContext.cpp 2014-10-06 22:07:24 UTC (rev 174369)
@@ -385,6 +385,11 @@
toImpl(contextRef)->setDomainRelaxationForbiddenForURLScheme(toImpl(urlScheme)->string());
}
+void WKContextSetCanHandleHTTPSServerTrustEvaluation(WKContextRef contextRef, bool value)
+{
+ toImpl(contextRef)->setCanHandleHTTPSServerTrustEvaluation(value);
+}
+
WKCookieManagerRef WKContextGetCookieManager(WKContextRef contextRef)
{
return toAPI(toImpl(contextRef)->supplement<WebCookieManagerProxy>());
Modified: trunk/Source/WebKit2/UIProcess/API/C/WKContextPrivate.h (174368 => 174369)
--- trunk/Source/WebKit2/UIProcess/API/C/WKContextPrivate.h 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/UIProcess/API/C/WKContextPrivate.h 2014-10-06 22:07:24 UTC (rev 174369)
@@ -56,6 +56,8 @@
WK_EXPORT void WKContextSetDomainRelaxationForbiddenForURLScheme(WKContextRef context, WKStringRef urlScheme);
+WK_EXPORT void WKContextSetCanHandleHTTPSServerTrustEvaluation(WKContextRef context, bool value);
+
WK_EXPORT void WKContextSetIconDatabasePath(WKContextRef context, WKStringRef iconDatabasePath);
WK_EXPORT void WKContextAllowSpecificHTTPSCertificateForHost(WKContextRef context, WKCertificateInfoRef certificate, WKStringRef host);
Modified: trunk/Source/WebKit2/UIProcess/API/Cocoa/WKProcessPool.mm (174368 => 174369)
--- trunk/Source/WebKit2/UIProcess/API/Cocoa/WKProcessPool.mm 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/UIProcess/API/Cocoa/WKProcessPool.mm 2014-10-06 22:07:24 UTC (rev 174369)
@@ -197,6 +197,11 @@
_context->allowSpecificHTTPSCertificateForHost(WebKit::WebCertificateInfo::create(WebCore::CertificateInfo((CFArrayRef)certificateChain)).get(), host);
}
+- (void)_setCanHandleHTTPSServerTrustEvaluation:(BOOL)value
+{
+ _context->setCanHandleHTTPSServerTrustEvaluation(value);
+}
+
static WebKit::HTTPCookieAcceptPolicy toHTTPCookieAcceptPolicy(NSHTTPCookieAcceptPolicy policy)
{
switch (static_cast<NSUInteger>(policy)) {
Modified: trunk/Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h (174368 => 174369)
--- trunk/Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h 2014-10-06 22:07:24 UTC (rev 174369)
@@ -37,6 +37,7 @@
@property (nonatomic, readonly) _WKProcessPoolConfiguration *_configuration;
- (void)_setAllowsSpecificHTTPSCertificate:(NSArray *)certificateChain forHost:(NSString *)host;
+- (void)_setCanHandleHTTPSServerTrustEvaluation:(BOOL)value;
- (void)_setCookieAcceptPolicy:(NSHTTPCookieAcceptPolicy)policy;
- (id)_objectForBundleParameter:(NSString *)parameter;
Modified: trunk/Source/WebKit2/UIProcess/WebContext.cpp (174368 => 174369)
--- trunk/Source/WebKit2/UIProcess/WebContext.cpp 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/UIProcess/WebContext.cpp 2014-10-06 22:07:24 UTC (rev 174369)
@@ -180,6 +180,7 @@
, m_shouldUseTestingNetworkSession(false)
, m_processTerminationEnabled(true)
#if ENABLE(NETWORK_PROCESS)
+ , m_canHandleHTTPSServerTrustEvaluation(true)
, m_usesNetworkProcess(false)
#endif
#if USE(SOUP)
@@ -415,6 +416,7 @@
parameters.privateBrowsingEnabled = WebPreferences::anyPagesAreUsingPrivateBrowsing();
parameters.cacheModel = m_cacheModel;
+ parameters.canHandleHTTPSServerTrustEvaluation = m_canHandleHTTPSServerTrustEvaluation;
parameters.diskCacheDirectory = stringByResolvingSymlinksInPath(diskCacheDirectory());
if (!parameters.diskCacheDirectory.isEmpty())
@@ -980,6 +982,19 @@
sendToAllProcesses(Messages::WebProcess::SetDomainRelaxationForbiddenForURLScheme(urlScheme));
}
+void WebContext::setCanHandleHTTPSServerTrustEvaluation(bool value)
+{
+#if ENABLE(NETWORK_PROCESS)
+ m_canHandleHTTPSServerTrustEvaluation = value;
+ if (m_usesNetworkProcess && m_networkProcess) {
+ m_networkProcess->send(Messages::NetworkProcess::SetCanHandleHTTPSServerTrustEvaluation(value), 0);
+ return;
+ }
+#else
+ UNUSED_PARAM(value);
+#endif
+}
+
void WebContext::registerURLSchemeAsLocal(const String& urlScheme)
{
m_schemesToRegisterAsLocal.add(urlScheme);
Modified: trunk/Source/WebKit2/UIProcess/WebContext.h (174368 => 174369)
--- trunk/Source/WebKit2/UIProcess/WebContext.h 2014-10-06 21:53:21 UTC (rev 174368)
+++ trunk/Source/WebKit2/UIProcess/WebContext.h 2014-10-06 22:07:24 UTC (rev 174369)
@@ -202,6 +202,7 @@
void registerURLSchemeAsEmptyDocument(const String&);
void registerURLSchemeAsSecure(const String&);
void setDomainRelaxationForbiddenForURLScheme(const String&);
+ void setCanHandleHTTPSServerTrustEvaluation(bool);
void registerURLSchemeAsLocal(const String&);
void registerURLSchemeAsNoAccess(const String&);
void registerURLSchemeAsDisplayIsolated(const String&);
@@ -535,6 +536,7 @@
bool m_processTerminationEnabled;
#if ENABLE(NETWORK_PROCESS)
+ bool m_canHandleHTTPSServerTrustEvaluation;
bool m_usesNetworkProcess;
RefPtr<NetworkProcessProxy> m_networkProcess;
#endif
