Skip to content
Permalink
Browse files
Add an entitlement check to only allow AdAttributionDaemon to be conn…
…ected to by the network process

https://bugs.webkit.org/show_bug.cgi?id=231248

Patch by Alex Christensen <achristensen@webkit.org> on 2021-10-05
Reviewed by Alexey Proskuryakov.

Source/WebKit:

Adding a restricted entitlement on macOS when using a non-internal SDK causes the network process to not start,
so in open source builds (in which the daemon is only used for unit tests) just skip the entitlement check.

* Scripts/process-entitlements.sh:
* Shared/EntryPointUtilities/Cocoa/Daemon/PCMDaemonEntryPoint.mm:
(WebKit::startListeningForMachServiceConnections):

Tools:

Also add a system call to "launchctl unload" to clear any residual state in launchd before starting the unit test.
Otherwise we could get into a state where the plist is registered with launchd from an old test that registered it
but didn't start the daemon, causing the test to time out until you reboot the machine.  This makes it recover nicely.

* TestWebKitAPI/Tests/WebKitCocoa/EventAttribution.mm:
(TestWebKitAPI::attemptConnectionInProcessWithoutEntitlement):
(TestWebKitAPI::setInjectedBundleClient): Deleted.
(TestWebKitAPI::webViewWithOpenInspector): Deleted.

Canonical link: https://commits.webkit.org/242544@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283586 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
Alex Christensen authored and webkit-commit-queue committed Oct 5, 2021
1 parent d786f1f commit bb4992df17f569dfd94e267bf0fdb833e4196894
Showing 5 changed files with 59 additions and 4 deletions.
@@ -1,3 +1,17 @@
2021-10-05 Alex Christensen <achristensen@webkit.org>

Add an entitlement check to only allow AdAttributionDaemon to be connected to by the network process
https://bugs.webkit.org/show_bug.cgi?id=231248

Reviewed by Alexey Proskuryakov.

Adding a restricted entitlement on macOS when using a non-internal SDK causes the network process to not start,
so in open source builds (in which the daemon is only used for unit tests) just skip the entitlement check.

* Scripts/process-entitlements.sh:
* Shared/EntryPointUtilities/Cocoa/Daemon/PCMDaemonEntryPoint.mm:
(WebKit::startListeningForMachServiceConnections):

2021-10-05 Chris Dumez <cdumez@apple.com>

Authorization header lost on 30x redirects
@@ -118,6 +118,7 @@ function mac_process_network_entitlements()
plistbuddy Add :com.apple.private.webkit.use-xpc-endpoint bool YES
plistbuddy Add :com.apple.rootless.storage.WebKitNetworkingSandbox bool YES
plistbuddy Add :com.apple.symptom_analytics.configure bool YES
plistbuddy Add :com.apple.private.webkit.adattributiondaemon bool YES
fi
}

@@ -369,6 +370,7 @@ function ios_family_process_webauthn_entitlements()

function ios_family_process_network_entitlements()
{
plistbuddy Add :com.apple.private.webkit.adattributiondaemon bool YES
plistbuddy Add :com.apple.multitasking.systemappassertions bool YES
plistbuddy Add :com.apple.payment.all-access bool YES
plistbuddy Add :com.apple.private.accounts.bundleidspoofing bool YES
@@ -61,7 +61,7 @@ static void connectionEventHandler(xpc_object_t request)
if (xpc_get_type(request) != XPC_TYPE_DICTIONARY)
return;
if (xpc_dictionary_get_uint64(request, PCM::protocolVersionKey) != PCM::protocolVersionValue) {
NSLog(@"received request that was not the current protocol version");
NSLog(@"Received request that was not the current protocol version");
return;
}

@@ -79,13 +79,19 @@ static void startListeningForMachServiceConnections(const char* serviceName)
if (xpc_get_type(peer) != XPC_TYPE_CONNECTION)
return;

// FIXME: Add an entitlement check here so that only the network process can successfully connect.
#if USE(APPLE_INTERNAL_SDK)
if (!WTF::hasEntitlement(peer, "com.apple.private.webkit.adattributiondaemon")) {
NSLog(@"Connection attempted without required entitlement");
xpc_connection_cancel(peer);
return;
}
#endif

xpc_connection_set_event_handler(peer, ^(xpc_object_t event) {
if (event == XPC_ERROR_CONNECTION_INVALID)
NSLog(@"Failed to start listening for connections to mach service %s, likely because it is not registered with launchd", serviceName);
if (event == XPC_ERROR_CONNECTION_INTERRUPTED) {
NSLog(@"removing peer connection %p", peer);
NSLog(@"Removing peer connection %p", peer);
PCM::DaemonConnectionSet::singleton().remove(peer);
return;
}
@@ -94,7 +100,7 @@ static void startListeningForMachServiceConnections(const char* serviceName)
xpc_connection_set_target_queue(peer, dispatch_get_main_queue());
xpc_connection_activate(peer);

NSLog(@"adding peer connection %p", peer);
NSLog(@"Adding peer connection %p", peer);
PCM::DaemonConnectionSet::singleton().add(peer);
});
xpc_connection_activate(listener.get().get());
@@ -1,3 +1,19 @@
2021-10-05 Alex Christensen <achristensen@webkit.org>

Add an entitlement check to only allow AdAttributionDaemon to be connected to by the network process
https://bugs.webkit.org/show_bug.cgi?id=231248

Reviewed by Alexey Proskuryakov.

Also add a system call to "launchctl unload" to clear any residual state in launchd before starting the unit test.
Otherwise we could get into a state where the plist is registered with launchd from an old test that registered it
but didn't start the daemon, causing the test to time out until you reboot the machine. This makes it recover nicely.

* TestWebKitAPI/Tests/WebKitCocoa/EventAttribution.mm:
(TestWebKitAPI::attemptConnectionInProcessWithoutEntitlement):
(TestWebKitAPI::setInjectedBundleClient): Deleted.
(TestWebKitAPI::webViewWithOpenInspector): Deleted.

2021-10-05 Alex Christensen <achristensen@webkit.org>

TestWebKitAPI.PrivateClickMeasurement.DaemonBasicFunctionality is timing out
@@ -502,9 +502,26 @@ static void cleanUpDaemon(NSURL *tempDir)
EXPECT_NULL(error);
}

static void attemptConnectionInProcessWithoutEntitlement()
{
#if USE(APPLE_INTERNAL_SDK)
__block bool done = false;
auto connection = adoptNS(xpc_connection_create_mach_service("org.webkit.pcmtestdaemon.service", dispatch_get_main_queue(), 0));
xpc_connection_set_event_handler(connection.get(), ^(xpc_object_t event) {
EXPECT_EQ(event, XPC_ERROR_CONNECTION_INTERRUPTED);
done = true;
});
xpc_connection_activate(connection.get());
auto dictionary = adoptNS(xpc_dictionary_create(nullptr, nullptr, 0));
xpc_connection_send_message(connection.get(), dictionary.get());
TestWebKitAPI::Util::run(&done);
#endif
}

TEST(PrivateClickMeasurement, DaemonBasicFunctionality)
{
auto [tempDir, configuration] = setUpDaemon(adoptNS([WKWebViewConfiguration new]).autorelease());
attemptConnectionInProcessWithoutEntitlement();
runBasicPCMTest(configuration, [](WKWebView *webView, const HTTPServer& server) {
[webView _addEventAttributionWithSourceID:42 destinationURL:exampleURL() sourceDescription:@"test source description" purchaser:@"test purchaser" reportEndpoint:server.request().URL optionalNonce:nil applicationBundleID:@"test.bundle.id"];
});

0 comments on commit bb4992d

Please sign in to comment.