Skip to content

Commit

Permalink
Use sandbox extension to enable Mach bootstrap'ing
Browse files Browse the repository at this point in the history 
https://bugs.webkit.org/show_bug.cgi?id=239722
rdar://92608084

Reviewed by Geoffrey Garen.

Instead of using a sandbox state variable to block launchd, use a generic sandbox extension instead. This
will enable us to re-block launchd after a temporary Mach sandbox extension has been granted, which was
not possible with the sandbox state variable. This means we need to create an extra sandbox extension
when we create a Mach sandbox extension for the WebContent process.

* Source/WTF/wtf/PlatformHave.h:
* Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
* Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm:
(WebKit::SandboxExtension::createHandleForMachBootstrapExtension):
(WebKit::SandboxExtension::createHandleForMachLookup):
(WebKit::SandboxExtension::createHandlesForMachLookup):
* Source/WebKit/Shared/SandboxExtension.h:
* Source/WebKit/Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):
* Source/WebKit/Shared/WebPageCreationParameters.h:
* Source/WebKit/Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):
* Source/WebKit/Shared/WebProcessCreationParameters.h:
* Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm:
(WebKit::WebPageProxy::createNetworkExtensionsSandboxExtensions):
(WebKit::WebPageProxy::grantAccessToAssetServices):
(WebKit::WebPageProxy::switchFromStaticFontRegistryToUserFontRegistry):
* Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::platformInitializeWebProcess):
(WebKit::WebProcessPool::registerNotificationObservers):
* Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm:
(WebKit::WebProcessProxy::fontdMachExtensionHandles const):
(WebKit::WebProcessProxy::fontdMachExtensionHandle const): Deleted.
* Source/WebKit/UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.cpp:
(WebKit::SpeechRecognitionRemoteRealtimeMediaSourceManager::addSource):
* Source/WebKit/UIProcess/UserMediaPermissionRequestManagerProxy.cpp:
(WebKit::UserMediaPermissionRequestManagerProxy::finishGrantingRequest):
* Source/WebKit/UIProcess/UserMediaProcessManager.cpp:
(WebKit::UserMediaProcessManager::willCreateMediaStream):
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didChooseFilesForOpenPanelWithDisplayStringAndIcon):
(WebKit::WebPageProxy::creationParameters):
* Source/WebKit/UIProcess/WebProcessProxy.h:
* Source/WebKit/WebProcess/MediaStream/MediaDeviceSandboxExtensions.cpp:
(WebKit::MediaDeviceSandboxExtensions::MediaDeviceSandboxExtensions):
(WebKit::MediaDeviceSandboxExtensions::encode const):
(WebKit::MediaDeviceSandboxExtensions::decode):
* Source/WebKit/WebProcess/MediaStream/MediaDeviceSandboxExtensions.h:
(WebKit::MediaDeviceSandboxExtensions::machBootstrapExtension):
* Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.cpp:
(WebKit::SpeechRecognitionRealtimeMediaSourceManager::grantSandboxExtensions):
(WebKit::SpeechRecognitionRealtimeMediaSourceManager::revokeSandboxExtensions):
* Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.h:
* Source/WebKit/WebProcess/Speech/SpeechRecognitionRealtimeMediaSourceManager.messages.in:
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::m_appHighlightsVisible):
(WebKit::WebPage::didChooseFilesForOpenPanelWithDisplayStringAndIcon):
(WebKit::WebPage::userMediaAccessWasGranted):
* Source/WebKit/WebProcess/WebPage/WebPage.h:
* Source/WebKit/WebProcess/WebPage/WebPage.messages.in:
* Source/WebKit/WebProcess/WebProcess.cpp:
(WebKit::WebProcess::grantUserMediaDeviceSandboxExtensions):
(WebKit::WebProcess::revokeUserMediaDeviceSandboxExtensions):
* Source/WebKit/WebProcess/WebProcess.h:
* Source/WebKit/WebProcess/WebProcess.messages.in:
* Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):
(WebKit::WebProcess::grantAccessToAssetServices):
(WebKit::WebProcess::revokeAccessToAssetServices):
(WebKit::WebProcess::switchFromStaticFontRegistryToUserFontRegistry):
(WebKit::WebProcess::openDirectoryCacheInvalidated):
* Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:
* Source/WebKit/WebProcess/glib/WebProcessGLib.cpp:
(WebKit::WebProcess::grantAccessToAssetServices):
(WebKit::WebProcess::switchFromStaticFontRegistryToUserFontRegistry):
* Source/WebKit/WebProcess/win/WebProcessWin.cpp:
(WebKit::WebProcess::grantAccessToAssetServices):
(WebKit::WebProcess::switchFromStaticFontRegistryToUserFontRegistry):

Canonical link: https://commits.webkit.org/257982@main
  • Loading branch information
@pvollan
pvollan committed Dec 16, 2022
1 parent 27e8306 commit 73fc4fd
Show file tree
Hide file tree
Showing 31 changed files with 200 additions and 133 deletions.
4 changes: 4 additions & 0 deletions Source/WTF/wtf/PlatformHave.h
View file
Expand Up @@ -1382,3 +1382,7 @@
|| PLATFORM(APPLETV)

This comment has been minimized.

Sign in to view

Copy link
@MC-MAGA

MC-MAGA Oct 31, 2023

BRW:}lSA@B
#define HAVE_MEDIAPLAYBACKD 1
#endif

#if (PLATFORM(IOS) || PLATFORM(WATCHOS) || PLATFORM(APPLETV))
#define HAVE_MACH_BOOTSTRAP_EXTENSION 1
#endif
24 changes: 9 additions & 15 deletions Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in
View file
Expand Up @@ -1279,22 +1279,16 @@
(allow mach-message-send
(mach-bootstrap-message-numbers)))))

(allow-mach-bootstrap-with-filter)

#if HAVE(SANDBOX_STATE_FLAGS)
(with-filter
(require-all
(require-ancestor-with-entitlement "com.apple.private.security.enable-state-flags")
(state-flag "WebContentProcessLaunched")
(require-not (state-flag "EnableMachBootstrap")))
(allow mach-bootstrap
(require-not (state-flag "EnableExperimentalSandbox"))
(apply-message-filter
(deny mach-message-send (with telemetry-backtrace))
(allow mach-message-send (with telemetry-backtrace)
(mach-bootstrap-message-numbers-post-launch))))
(deny mach-bootstrap (with telemetry-backtrace)
(state-flag "EnableExperimentalSandbox")))
(allow mach-bootstrap
(apply-message-filter
(deny mach-message-send)
(with-filter (require-not (state-flag "WebContentProcessLaunched"))
(allow mach-message-send (mach-bootstrap-message-numbers)))
(with-filter (extension "com.apple.webkit.mach-bootstrap")
(allow mach-message-send (mach-bootstrap-message-numbers-post-launch)))))
#else
(allow-mach-bootstrap-with-filter)
#endif

(define (syscall-mach-only-in-use-during-launch)
Expand Down
37 changes: 16 additions & 21 deletions Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm
View file
Expand Up @@ -39,10 +39,6 @@
#import <wtf/spi/darwin/SandboxSPI.h>
#import <wtf/text/CString.h>

#if HAVE(SANDBOX_STATE_FLAGS)
#include "SandboxStateVariables.h"
#endif

namespace WebKit {

class SandboxExtensionImpl {
Expand Down Expand Up @@ -321,9 +317,16 @@ String resolvePathForSandboxExtension(StringView path)
return WTFMove(handle);
}

auto SandboxExtension::createHandleForMachLookup(ASCIILiteral service, std::optional<audit_token_t> auditToken, MachBootstrapOptions machBootstrapOptions, OptionSet<Flags> flags) -> std::optional<Handle>
auto SandboxExtension::createHandleForMachBootstrapExtension() -> Handle
{
auto handle = SandboxExtension::createHandleForGenericExtension("com.apple.webkit.mach-bootstrap"_s);
if (handle)
return WTFMove(*handle);
return Handle();
}

auto SandboxExtension::createHandleForMachLookup(ASCIILiteral service, std::optional<audit_token_t> auditToken, OptionSet<Flags> flags) -> std::optional<Handle>
{
UNUSED_PARAM(machBootstrapOptions);
Handle handle;
ASSERT(!handle.m_sandboxExtension);

Expand All @@ -333,29 +336,21 @@ String resolvePathForSandboxExtension(StringView path)
return std::nullopt;
}

#if HAVE(SANDBOX_STATE_FLAGS)
// When launchd is blocked in the sandbox, we need to manually enable bootstrapping of new XPC connectons.
// This is done by unblocking launchd, since launchd access is required when creating Mach connections.
// Unblocking launchd is done by enabling a sandbox state variable.
if (machBootstrapOptions == MachBootstrapOptions::EnableMachBootstrap) {
if (auditToken) {
if (!sandbox_enable_state_flag(ENABLE_MACH_BOOTSTRAP, *auditToken))
RELEASE_LOG_FAULT(Sandbox, "Could not enable Mach bootstrap, errno = %d.", errno);
} else
RELEASE_LOG_FAULT(Sandbox, "Could not enable Mach bootstrap, no audit token provided.");
}
#endif

return WTFMove(handle);
}

auto SandboxExtension::createHandlesForMachLookup(Span<const ASCIILiteral> services, std::optional<audit_token_t> auditToken, MachBootstrapOptions machBootstrapOptions, OptionSet<Flags> flags) -> Vector<Handle>
{
return createHandlesForResources(services, [auditToken, machBootstrapOptions, flags] (ASCIILiteral service) -> std::optional<Handle> {
auto handle = createHandleForMachLookup(service, auditToken, machBootstrapOptions, flags);
auto handles = createHandlesForResources(services, [auditToken, flags] (ASCIILiteral service) -> std::optional<Handle> {
auto handle = createHandleForMachLookup(service, auditToken, flags);
ASSERT(handle);
return handle;
});

if (machBootstrapOptions == MachBootstrapOptions::EnableMachBootstrap)
handles.append(createHandleForMachBootstrapExtension());

return handles;
}

auto SandboxExtension::createHandlesForMachLookup(std::initializer_list<const ASCIILiteral> services, std::optional<audit_token_t> auditToken, MachBootstrapOptions machBootstrapOptions, OptionSet<Flags> flags) -> Vector<Handle>
Expand Down
3 changes: 2 additions & 1 deletion Source/WebKit/Shared/SandboxExtension.h
View file
Expand Up @@ -95,8 +95,9 @@ class SandboxExtension : public RefCounted<SandboxExtension> {
static std::optional<Handle> createHandleForReadWriteDirectory(StringView path); // Will attempt to create the directory.
static std::optional<std::pair<Handle, String>> createHandleForTemporaryFile(StringView prefix, Type);
static std::optional<Handle> createHandleForGenericExtension(ASCIILiteral extensionClass);
static Handle createHandleForMachBootstrapExtension();
#if HAVE(AUDIT_TOKEN)
static std::optional<Handle> createHandleForMachLookup(ASCIILiteral service, std::optional<audit_token_t>, MachBootstrapOptions = MachBootstrapOptions::DoNotEnableMachBootstrap, OptionSet<Flags> = Flags::Default);
static std::optional<Handle> createHandleForMachLookup(ASCIILiteral service, std::optional<audit_token_t>, OptionSet<Flags> = Flags::Default);
static Vector<Handle> createHandlesForMachLookup(Span<const ASCIILiteral> services, std::optional<audit_token_t>, MachBootstrapOptions = MachBootstrapOptions::DoNotEnableMachBootstrap, OptionSet<Flags> = Flags::Default);
static Vector<Handle> createHandlesForMachLookup(std::initializer_list<const ASCIILiteral> services, std::optional<audit_token_t>, MachBootstrapOptions = MachBootstrapOptions::DoNotEnableMachBootstrap, OptionSet<Flags> = Flags::Default);
static std::optional<Handle> createHandleForReadByAuditToken(StringView path, audit_token_t);
Expand Down
22 changes: 17 additions & 5 deletions Source/WebKit/Shared/WebPageCreationParameters.cpp
View file
Expand Up @@ -117,7 +117,7 @@ void WebPageCreationParameters::encode(IPC::Encoder& encoder) const
encoder << gpuMachExtensionHandles;
#endif
#if HAVE(STATIC_FONT_REGISTRY)
encoder << fontMachExtensionHandle;
encoder << fontMachExtensionHandles;
#endif
#if HAVE(APP_ACCENT_COLORS)
encoder << accentColor;
Expand Down Expand Up @@ -200,6 +200,10 @@ void WebPageCreationParameters::encode(IPC::Encoder& encoder) const

encoder << contentSecurityPolicyModeForExtension;
encoder << mainFrameIdentifier;

#if HAVE(MACH_BOOTSTRAP_EXTENSION)
encoder << machBootstrapHandle;
#endif
}

std::optional<WebPageCreationParameters> WebPageCreationParameters::decode(IPC::Decoder& decoder)
Expand Down Expand Up @@ -414,11 +418,11 @@ std::optional<WebPageCreationParameters> WebPageCreationParameters::decode(IPC::
#endif

#if HAVE(STATIC_FONT_REGISTRY)
std::optional<std::optional<SandboxExtension::Handle>> fontMachExtensionHandle;
decoder >> fontMachExtensionHandle;
if (!fontMachExtensionHandle)
std::optional<Vector<SandboxExtension::Handle>> fontMachExtensionHandles;
decoder >> fontMachExtensionHandles;
if (!fontMachExtensionHandles)
return std::nullopt;
parameters.fontMachExtensionHandle = WTFMove(*fontMachExtensionHandle);
parameters.fontMachExtensionHandles = WTFMove(*fontMachExtensionHandles);
#endif

#if HAVE(APP_ACCENT_COLORS)
Expand Down Expand Up @@ -635,6 +639,14 @@ std::optional<WebPageCreationParameters> WebPageCreationParameters::decode(IPC::
if (!decoder.decode(parameters.mainFrameIdentifier))
return std::nullopt;

#if HAVE(MACH_BOOTSTRAP_EXTENSION)
std::optional<SandboxExtension::Handle> machBootstrapHandle;
decoder >> machBootstrapHandle;
if (!machBootstrapHandle)
return std::nullopt;
parameters.machBootstrapHandle = WTFMove(*machBootstrapHandle);
#endif

return { WTFMove(parameters) };
}

Expand Down
6 changes: 5 additions & 1 deletion Source/WebKit/Shared/WebPageCreationParameters.h
View file
Expand Up @@ -183,7 +183,7 @@ struct WebPageCreationParameters {
Vector<SandboxExtension::Handle> gpuMachExtensionHandles;
#endif
#if HAVE(STATIC_FONT_REGISTRY)
std::optional<SandboxExtension::Handle> fontMachExtensionHandle;
Vector<SandboxExtension::Handle> fontMachExtensionHandles;
#endif
#if HAVE(APP_ACCENT_COLORS)
WebCore::Color accentColor;
Expand Down Expand Up @@ -280,6 +280,10 @@ struct WebPageCreationParameters {
WebCore::ContentSecurityPolicyModeForExtension contentSecurityPolicyModeForExtension { WebCore::ContentSecurityPolicyModeForExtension::None };

std::optional<WebCore::FrameIdentifier> mainFrameIdentifier;

#if HAVE(MACH_BOOTSTRAP_EXTENSION)
SandboxExtension::Handle machBootstrapHandle;
#endif
};

} // namespace WebKit
10 changes: 5 additions & 5 deletions Source/WebKit/Shared/WebProcessCreationParameters.cpp
View file
Expand Up @@ -53,7 +53,7 @@ void WebProcessCreationParameters::encode(IPC::Encoder& encoder) const
encoder << additionalSandboxExtensionHandles;
encoder << initializationUserData;
#if PLATFORM(COCOA) && ENABLE(REMOTE_INSPECTOR)
encoder << enableRemoteWebInspectorExtensionHandle;
encoder << enableRemoteWebInspectorExtensionHandles;
#endif
#if ENABLE(MEDIA_STREAM)
encoder << audioCaptureExtensionHandle;
Expand Down Expand Up @@ -245,11 +245,11 @@ bool WebProcessCreationParameters::decode(IPC::Decoder& decoder, WebProcessCreat
if (!decoder.decode(parameters.initializationUserData))
return false;
#if PLATFORM(COCOA) && ENABLE(REMOTE_INSPECTOR)
std::optional<SandboxExtension::Handle> enableRemoteWebInspectorExtensionHandle;
decoder >> enableRemoteWebInspectorExtensionHandle;
if (!enableRemoteWebInspectorExtensionHandle)
std::optional<Vector<SandboxExtension::Handle>> enableRemoteWebInspectorExtensionHandles;
decoder >> enableRemoteWebInspectorExtensionHandles;
if (!enableRemoteWebInspectorExtensionHandles)
return false;
parameters.enableRemoteWebInspectorExtensionHandle = WTFMove(*enableRemoteWebInspectorExtensionHandle);
parameters.enableRemoteWebInspectorExtensionHandles = WTFMove(*enableRemoteWebInspectorExtensionHandles);
#endif
#if ENABLE(MEDIA_STREAM)
std::optional<SandboxExtension::Handle> audioCaptureExtensionHandle;
Expand Down
2 changes: 1 addition & 1 deletion Source/WebKit/Shared/WebProcessCreationParameters.h
View file
Expand Up @@ -86,7 +86,7 @@ struct WebProcessCreationParameters {
UserData initializationUserData;

#if PLATFORM(COCOA) && ENABLE(REMOTE_INSPECTOR)
SandboxExtension::Handle enableRemoteWebInspectorExtensionHandle;
Vector<SandboxExtension::Handle> enableRemoteWebInspectorExtensionHandles;
#endif
#if ENABLE(MEDIA_STREAM)
SandboxExtension::Handle audioCaptureExtensionHandle;
Expand Down
11 changes: 5 additions & 6 deletions Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm
View file
Expand Up @@ -820,7 +820,8 @@
process.markHasNetworkExtensionSandboxAccess();
constexpr ASCIILiteral neHelperService { "com.apple.nehelper"_s };
constexpr ASCIILiteral neSessionManagerService { "com.apple.nesessionmanager.content-filter"_s };
return SandboxExtension::createHandlesForMachLookup({ neHelperService, neSessionManagerService }, std::nullopt);
auto auditToken = process.hasConnection() ? process.connection()->getAuditToken();
return SandboxExtension::createHandlesForMachLookup({ neHelperService, neSessionManagerService }, auditToken, );
}
#endif
return { };
Expand Down Expand Up @@ -867,10 +868,8 @@

void WebPageProxy::grantAccessToAssetServices()
{
SandboxExtension::Handle mobileAssetHandleV2;
if (auto handle = SandboxExtension::createHandleForMachLookup("com.apple.mobileassetd.v2"_s, process().auditToken(), SandboxExtension::MachBootstrapOptions::EnableMachBootstrap))
mobileAssetHandleV2 = WTFMove(*handle);
process().send(Messages::WebProcess::GrantAccessToAssetServices(mobileAssetHandleV2), 0);
auto handles = SandboxExtension::createHandlesForMachLookup({ "com.apple.mobileassetd.v2"_s }, process().auditToken(), SandboxExtension::MachBootstrapOptions::EnableMachBootstrap);
process().send(Messages::WebProcess::GrantAccessToAssetServices(handles), 0);
}

void WebPageProxy::revokeAccessToAssetServices()
Expand All @@ -885,7 +884,7 @@

void WebPageProxy::switchFromStaticFontRegistryToUserFontRegistry()
{
process().send(Messages::WebProcess::SwitchFromStaticFontRegistryToUserFontRegistry(process().fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions::EnableMachBootstrap)), 0);
process().send(Messages::WebProcess::SwitchFromStaticFontRegistryToUserFontRegistry(process().fontdMachExtensionHandles(SandboxExtension::MachBootstrapOptions::EnableMachBootstrap)), 0);
}

NSDictionary *WebPageProxy::contentsOfUserInterfaceItem(NSString *userInterfaceItem)
Expand Down
9 changes: 5 additions & 4 deletions Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm
View file
Expand Up @@ -417,8 +417,8 @@ static bool determineIfWeShouldCrashWhenCreatingWebProcess()

#if PLATFORM(COCOA) && ENABLE(REMOTE_INSPECTOR)
if (WebProcessProxy::shouldEnableRemoteInspector()) {
if (auto handle = SandboxExtension::createHandleForMachLookup("com.apple.webinspector"_s, process.auditToken(), SandboxExtension::MachBootstrapOptions::EnableMachBootstrap))
parameters.enableRemoteWebInspectorExtensionHandle = WTFMove(*handle);
auto handles = SandboxExtension::createHandlesForMachLookup({ "com.apple.webinspector"_s }, process.auditToken());
parameters.enableRemoteWebInspectorExtensionHandles = WTFMove(handles);
}
#endif

Expand Down Expand Up @@ -779,10 +779,11 @@ static bool determineIfWeShouldCrashWhenCreatingWebProcess()
for (auto& process : m_processes) {
if (!process->canSendMessage())
continue;
auto handle = SandboxExtension::createHandleForMachLookup("com.apple.system.opendirectoryd.libinfo"_s, process->auditToken(), SandboxExtension::MachBootstrapOptions::EnableMachBootstrap);
auto handle = SandboxExtension::createHandleForMachLookup("com.apple.system.opendirectoryd.libinfo"_s, std::nullopt);
if (!handle)
continue;
process->send(Messages::WebProcess::OpenDirectoryCacheInvalidated(*handle), 0);
auto bootstrapHandle = SandboxExtension::createHandleForMachBootstrapExtension();
process->send(Messages::WebProcess::OpenDirectoryCacheInvalidated(*handle, bootstrapHandle), 0);
}
});
m_openDirectoryNotifyTokens.append(notifyToken);
Expand Down
4 changes: 2 additions & 2 deletions Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm
View file
Expand Up @@ -331,9 +331,9 @@ bool shouldTransformObject(id object) const override
return connection()->getAuditToken();
}

SandboxExtension::Handle WebProcessProxy::fontdMachExtensionHandle(SandboxExtension::MachBootstrapOptions machBootstrapOptions) const
Vector<SandboxExtension::Handle> WebProcessProxy::fontdMachExtensionHandles(SandboxExtension::MachBootstrapOptions machBootstrapOptions) const
{
return SandboxExtension::createHandleForMachLookup("com.apple.fonts"_s, auditToken(), machBootstrapOptions).value_or(SandboxExtension::Handle { });
return SandboxExtension::createHandlesForMachLookup({ "com.apple.fonts"_s }, auditToken(), machBootstrapOptions);
}


Expand Down
5 changes: 3 additions & 2 deletions Source/WebKit/UIProcess/SpeechRecognitionRemoteRealtimeMediaSourceManager.cpp
View file
Expand Up @@ -48,13 +48,14 @@ void SpeechRecognitionRemoteRealtimeMediaSourceManager::addSource(SpeechRecognit
if (!captureDevice.isMockDevice()) {
m_sourcesNeedingSandboxExtension.add(identifier);
if (m_sourcesNeedingSandboxExtension.size() == 1) {
auto machBootstrapHandle = SandboxExtension::createHandleForMachBootstrapExtension();
SandboxExtension::Handle handleForTCCD;
if (auto handle = SandboxExtension::createHandleForMachLookup("com.apple.tccd"_s, m_connection->getAuditToken(), SandboxExtension::MachBootstrapOptions::EnableMachBootstrap))
if (auto handle = SandboxExtension::createHandleForMachLookup("com.apple.tccd"_s, m_connection->getAuditToken()))
handleForTCCD = WTFMove(*handle);
SandboxExtension::Handle handleForMicrophone;
if (auto handle = SandboxExtension::createHandleForGenericExtension("com.apple.webkit.microphone"_s))
handleForMicrophone = WTFMove(*handle);
send(Messages::SpeechRecognitionRealtimeMediaSourceManager::GrantSandboxExtensions(handleForTCCD, handleForMicrophone));
send(Messages::SpeechRecognitionRealtimeMediaSourceManager::GrantSandboxExtensions(machBootstrapHandle, handleForTCCD, handleForMicrophone));
}
}
#endif
Expand Down
7 changes: 3 additions & 4 deletions Source/WebKit/UIProcess/UserMediaPermissionRequestManagerProxy.cpp
View file
Expand Up @@ -290,17 +290,16 @@ void UserMediaPermissionRequestManagerProxy::finishGrantingRequest(UserMediaPerm

++m_hasPendingCapture;

SandboxExtension::Handle handle;
Vector<SandboxExtension::Handle> handles;
#if PLATFORM(COCOA)
if (!m_hasCreatedSandboxExtensionForTCCD && doesPageNeedTCCD(m_page)) {
if (auto createdHandle = SandboxExtension::createHandleForMachLookup("com.apple.tccd"_s, m_page.process().auditToken(), SandboxExtension::MachBootstrapOptions::EnableMachBootstrap))
handle = WTFMove(*createdHandle);
handles = SandboxExtension::createHandlesForMachLookup({ "com.apple.tccd"_s }, m_page.process().auditToken(), SandboxExtension::MachBootstrapOptions::EnableMachBootstrap);
m_hasCreatedSandboxExtensionForTCCD = true;
}
#endif

auto& request = strongRequest.get();
m_page.sendWithAsyncReply(Messages::WebPage::UserMediaAccessWasGranted { request.userMediaID(), request.audioDevice(), request.videoDevice(), request.deviceIdentifierHashSalts(), handle }, [this, weakThis = WTFMove(weakThis)] {
m_page.sendWithAsyncReply(Messages::WebPage::UserMediaAccessWasGranted { request.userMediaID(), request.audioDevice(), request.videoDevice(), request.deviceIdentifierHashSalts(), handles }, [this, weakThis = WTFMove(weakThis)] {
if (!weakThis)
return;
if (!--m_hasPendingCapture)
Expand Down
8 changes: 5 additions & 3 deletions Source/WebKit/UIProcess/UserMediaProcessManager.cpp
View file
Expand Up @@ -95,6 +95,7 @@ bool UserMediaProcessManager::willCreateMediaStream(UserMediaPermissionRequestMa
if (extensionCount) {
Vector<SandboxExtension::Handle> handles;
Vector<String> ids;
SandboxExtension::Handle machBootstrapExtension;

if (!proxy.page().preferences().mockCaptureDevicesEnabled()) {
handles.resize(extensionCount);
Expand All @@ -116,12 +117,13 @@ bool UserMediaProcessManager::willCreateMediaStream(UserMediaPermissionRequestMa

auto auditToken = process.auditToken();
if (needsAppleCameraSandboxExtension) {
if (auto handle = SandboxExtension::createHandleForMachLookup(appleCameraServicePath, auditToken, SandboxExtension::MachBootstrapOptions::EnableMachBootstrap)) {
machBootstrapExtension = SandboxExtension::createHandleForMachBootstrapExtension();
if (auto handle = SandboxExtension::createHandleForMachLookup(appleCameraServicePath, auditToken)) {
handles[--extensionCount] = WTFMove(*handle);
ids.uncheckedAppend(appleCameraServicePath);
}
#if HAVE(ADDITIONAL_APPLE_CAMERA_SERVICE)
if (auto handle = SandboxExtension::createHandleForMachLookup(additionalAppleCameraServicePath, auditToken, SandboxExtension::MachBootstrapOptions::EnableMachBootstrap)) {
if (auto handle = SandboxExtension::createHandleForMachLookup(additionalAppleCameraServicePath, auditToken)) {
handles[--extensionCount] = WTFMove(*handle);
ids.uncheckedAppend(additionalAppleCameraServicePath);
}
Expand All @@ -143,7 +145,7 @@ bool UserMediaProcessManager::willCreateMediaStream(UserMediaPermissionRequestMa
process.grantAudioCaptureExtension();
if (needsVideoSandboxExtension)
process.grantVideoCaptureExtension();
process.send(Messages::WebProcess::GrantUserMediaDeviceSandboxExtensions(MediaDeviceSandboxExtensions(ids, WTFMove(handles))), 0);
process.send(Messages::WebProcess::GrantUserMediaDeviceSandboxExtensions(MediaDeviceSandboxExtensions(ids, WTFMove(handles), WTFMove(machBootstrapExtension))), 0);
}
#else
UNUSED_PARAM(proxy);
Expand Down

1 comment on commit 73fc4fd

@MC-MAGA
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good 👍 Now, Ready 👍

Please sign in to comment.