WebKit Bugzilla
Attachment 342768 Details for
Bug 184991
: We should cache the compiled sandbox profile in a data vault
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
add sandbox file caching
WIP.patch (text/plain), 182.76 KB, created by
Ben Richards
on 2018-06-14 15:40:29 PDT
(
hide
)
Description:
add sandbox file caching
Filename:
MIME Type:
Creator:
Ben Richards
Created:
2018-06-14 15:40:29 PDT
Size:
182.76 KB
patch
obsolete
>Subversion Revision: 232757 >diff --git a/Source/WTF/ChangeLog b/Source/WTF/ChangeLog >index c2c83cfbe4108647f6a4147c6c78e57d3c82fad0..911eefc557b45cff3d5fe656db4881fc3a5817e2 100644 >--- a/Source/WTF/ChangeLog >+++ b/Source/WTF/ChangeLog >@@ -1,3 +1,12 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added custom sign posts for sandbox initialization >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * wtf/SystemTracing.h: >+ > 2018-06-11 Saam Barati <sbarati@apple.com> > > The NaturalLoops algorithm only works when the list of blocks in a loop is de-duplicated >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 517b87c29b3dd61271bfcf3ef1e959a2518a551d..b2e04b7aa46186334d07533f24e8effc09f7069f 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,32 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added support for compiled sandbox file caching >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * Configurations/Network-OSX.entitlements: Copied from Source/WebKit/Configurations/WebContent-OSX.entitlements. >+ * Configurations/NetworkService.xcconfig: >+ * Configurations/PluginService.entitlements: >+ * Configurations/Storage-OSX.entitlements: Copied from Source/WebKit/Configurations/WebContent-OSX.entitlements. >+ * Configurations/StorageService.xcconfig: >+ * Configurations/WebContent-OSX.entitlements: >+ * Configurations/WebKit.xcconfig: >+ * NetworkProcess/NetworkProcess.h: >+ * PluginProcess/PluginProcess.h: >+ * Shared/ChildProcess.h: >+ * Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h: >+ (WebKit::XPCServiceInitializer): >+ * Shared/mac/ChildProcessMac.mm: >+ (WebKit::verboseLog): >+ (WebKit::ChildProcess::initializeSandbox): >+ * StorageProcess/StorageProcess.h: >+ * UIProcess/Launcher/mac/ProcessLauncherMac.mm: >+ (WebKit::ProcessLauncher::launchProcess): >+ (WebKit::ProcessLauncher::terminateProcess): >+ * WebKit.xcodeproj/project.pbxproj: >+ * WebProcess/WebProcess.h: >+ > 2018-06-11 Carlos Garcia Campos <cgarcia@igalia.com> > > Unreviewed. Update OptionsGTK.cmake and NEWS for 2.21.4 release. >diff --git a/Source/WTF/wtf/SystemTracing.h b/Source/WTF/wtf/SystemTracing.h >index b52be8d38682fa59bbd6619573b77ec0bd34f112..105196ec48735fab52b3931511e00ed0c14fe15f 100644 >--- a/Source/WTF/wtf/SystemTracing.h >+++ b/Source/WTF/wtf/SystemTracing.h >@@ -96,6 +96,8 @@ enum TracePointCode { > CommitLayerTreeEnd, > ProcessLaunchStart, > ProcessLaunchEnd, >+ InitializeSandboxStart, >+ InitializeSandboxEnd, > }; > > #ifdef __cplusplus >diff --git a/Source/WebKit/Configurations/Network-OSX.entitlements b/Source/WebKit/Configurations/Network-OSX.entitlements >new file mode 100644 >index 0000000000000000000000000000000000000000..03270566fc5437bd7d8911179dd517c5febd42ab >--- /dev/null >+++ b/Source/WebKit/Configurations/Network-OSX.entitlements >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> >+<plist version="1.0"> >+<dict> >+ <key>com.apple.rootless.storage.WebKitNetworkingSandbox</key> >+ <true/> >+</dict> >+</plist> >diff --git a/Source/WebKit/Configurations/NetworkService.xcconfig b/Source/WebKit/Configurations/NetworkService.xcconfig >index 5b602d60d8d486ca1a34b3d68752a329aa42b7a3..907a787c86644b6cd732e5243e487f4429950510 100644 >--- a/Source/WebKit/Configurations/NetworkService.xcconfig >+++ b/Source/WebKit/Configurations/NetworkService.xcconfig >@@ -32,6 +32,7 @@ WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_appletvos = Network-iOS; > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_appletvsimulator = Network-iOS; > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_iphoneminimalsimulator = Network-iOS-minimalsimulator; > >+CODE_SIGN_ENTITLEMENTS_COCOA_TOUCH_NO = Configurations/Network-OSX.entitlements; > OTHER_CODE_SIGN_FLAGS = $(WK_LIBRARY_VALIDATION_CODE_SIGN_FLAGS); > > PRODUCT_NAME = com.apple.WebKit.Networking; >diff --git a/Source/WebKit/Configurations/PluginService.entitlements b/Source/WebKit/Configurations/PluginService.entitlements >index 25e58ca5e26a0354714f719efa86ac676534a39d..1a3367050648f4190313726b42121092e680ee18 100644 >--- a/Source/WebKit/Configurations/PluginService.entitlements >+++ b/Source/WebKit/Configurations/PluginService.entitlements >@@ -10,5 +10,7 @@ > <true/> > <key>com.apple.security.cs.disable-library-validation</key> > <true/> >+ <key>com.apple.rootless.storage.WebKitPluginSandbox</key> >+ <true/> > </dict> > </plist> >diff --git a/Source/WebKit/Configurations/Storage-OSX.entitlements b/Source/WebKit/Configurations/Storage-OSX.entitlements >new file mode 100644 >index 0000000000000000000000000000000000000000..bbb392e80f95671e8f90889e0c869e1686347998 >--- /dev/null >+++ b/Source/WebKit/Configurations/Storage-OSX.entitlements >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> >+<plist version="1.0"> >+<dict> >+ <key>com.apple.rootless.storage.WebKitStorageSandbox</key> >+ <true/> >+</dict> >+</plist> >diff --git a/Source/WebKit/Configurations/StorageService.xcconfig b/Source/WebKit/Configurations/StorageService.xcconfig >index 75761d808af04253a6dd7d3fadad1835ba8af5e3..c857586f77301ce175708c6e074aa290e6e644b4 100644 >--- a/Source/WebKit/Configurations/StorageService.xcconfig >+++ b/Source/WebKit/Configurations/StorageService.xcconfig >@@ -25,6 +25,7 @@ > > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = Databases-iOS; > >+CODE_SIGN_ENTITLEMENTS_COCOA_TOUCH_NO = Configurations/Storage-OSX.entitlements; > OTHER_CODE_SIGN_FLAGS = $(WK_LIBRARY_VALIDATION_CODE_SIGN_FLAGS); > > PRODUCT_NAME = $(WK_STORAGE_SERVICE_PRODUCT_NAME); >diff --git a/Source/WebKit/Configurations/WebContent-OSX.entitlements b/Source/WebKit/Configurations/WebContent-OSX.entitlements >index d35e43ae588cdfe5570930260829dcd145c4d1e2..c2354c41a37e294c41ad95472b734ff929d34d05 100644 >--- a/Source/WebKit/Configurations/WebContent-OSX.entitlements >+++ b/Source/WebKit/Configurations/WebContent-OSX.entitlements >@@ -4,5 +4,7 @@ > <dict> > <key>com.apple.security.cs.allow-jit</key> > <true/> >+ <key>com.apple.rootless.storage.WebKitWebContentSandbox</key> >+ <true/> > </dict> > </plist> >diff --git a/Source/WebKit/Configurations/WebKit.xcconfig b/Source/WebKit/Configurations/WebKit.xcconfig >index 79f44e0517b88e91f9a1e7c2147d27476c90adfc..6d250e4fa34f8d01b0ffbf2005a445e078c7e033 100644 >--- a/Source/WebKit/Configurations/WebKit.xcconfig >+++ b/Source/WebKit/Configurations/WebKit.xcconfig >@@ -82,6 +82,9 @@ WK_MOBILE_CORE_SERVICES_LDFLAGS_cocoatouch = -framework MobileCoreServices; > WK_MOBILE_GESTALT_LDFLAGS = $(WK_MOBILE_GESTALT_LDFLAGS_$(WK_COCOA_TOUCH)); > WK_MOBILE_GESTALT_LDFLAGS_cocoatouch = -lMobileGestalt; > >+WK_LIBSANDBOX_LDFLAGS = $(WK_LIBSANDBOX_LDFLAGS_$(WK_PLATFORM_NAME)); >+WK_LIBSANDBOX_LDFLAGS_macosx = -lsandbox; >+ > WK_OPENGL_LDFLAGS = $(WK_OPENGL_LDFLAGS_$(WK_PLATFORM_NAME)); > WK_OPENGL_LDFLAGS_iphoneos = -framework OpenGLES; > WK_OPENGL_LDFLAGS_iphoneminimalsimulator = -framework OpenGL; >@@ -112,7 +115,7 @@ WK_UIKIT_LDFLAGS_cocoatouch = -framework UIKit; > WK_URL_FORMATTING_LDFLAGS = $(WK_URL_FORMATTING_LDFLAGS_$(WK_HAVE_URL_FORMATTING)); > WK_URL_FORMATTING_LDFLAGS_YES = -framework URLFormatting; > >-FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework WebKitLegacy -lnetwork $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_ASSERTION_SERVICES_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_PDF_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_OPENGL_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS); >+FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework WebKitLegacy -lnetwork $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_ASSERTION_SERVICES_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_PDF_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_LDFLAGS) $(WK_LIBSANDBOX_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_OPENGL_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS); > > // Prevent C++ standard library operator new, delete and their related exception types from being exported as weak symbols. > UNEXPORTED_SYMBOL_LDFLAGS = -Wl,-unexported_symbol -Wl,__ZTISt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTISt9exception -Wl,-unexported_symbol -Wl,__ZTSSt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTSSt9exception -Wl,-unexported_symbol -Wl,__ZdlPvS_ -Wl,-unexported_symbol -Wl,__ZnwmPv -Wl,-unexported_symbol -Wl,__Znwm -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC2EOS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC1EOS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEaSEDn -Wl,-unexported_symbol, -Wl,__ZNKSt3__18functionIFvN7WebCore12PolicyActionEEEclES2_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEE4swapERS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC1ERKS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC2ERKS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEED1Ev -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEED2Ev -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEaSERKS4_ -Wl,-unexported_symbol, -Wl,__ZTVNSt3__117bad_function_callE; >diff --git a/Source/WebKit/NetworkProcess/NetworkProcess.h b/Source/WebKit/NetworkProcess/NetworkProcess.h >index 08e24dce6108247297305b86adcebe2844747681..f6a0ed2186c7957733ac4cd9e50c80d895027866 100644 >--- a/Source/WebKit/NetworkProcess/NetworkProcess.h >+++ b/Source/WebKit/NetworkProcess/NetworkProcess.h >@@ -80,6 +80,7 @@ class NetworkProcess : public ChildProcess, private DownloadManager::Client { > friend NeverDestroyed<DownloadManager>; > public: > static NetworkProcess& singleton(); >+ static const ChildProcess::ProcessType processType = NetworkType; > > template <typename T> > T* supplement() >diff --git a/Source/WebKit/PluginProcess/PluginProcess.h b/Source/WebKit/PluginProcess/PluginProcess.h >index d5081b061cdf7936a06c94039dd92623843ccf95..1b7a6461209b8f98feb6f9d7fb6704141643f81c 100644 >--- a/Source/WebKit/PluginProcess/PluginProcess.h >+++ b/Source/WebKit/PluginProcess/PluginProcess.h >@@ -49,6 +49,7 @@ class PluginProcess : public ChildProcess > > public: > static PluginProcess& singleton(); >+ static const ChildProcess::ProcessType processType = PluginType; > > void removeWebProcessConnection(WebProcessConnection*); > >diff --git a/Source/WebKit/Shared/ChildProcess.h b/Source/WebKit/Shared/ChildProcess.h >index b35c9f2e3f3fa87e2dfbee1b0afc979b98a2f8f1..809ec4343135fd55e055daad9c98dda7b53d2267 100644 >--- a/Source/WebKit/Shared/ChildProcess.h >+++ b/Source/WebKit/Shared/ChildProcess.h >@@ -39,22 +39,19 @@ > namespace WebKit { > > class SandboxInitializationParameters; >- >-struct ChildProcessInitializationParameters { >- String uiProcessName; >- String clientIdentifier; >- std::optional<WebCore::ProcessIdentifier> processIdentifier; >- IPC::Connection::Identifier connectionIdentifier; >- HashMap<String, String> extraInitializationData; >-#if PLATFORM(COCOA) >- OSObjectPtr<xpc_object_t> priorityBoostMessage; >-#endif >-}; >+struct ChildProcessInitializationParameters; > > class ChildProcess : protected IPC::Connection::Client, public IPC::MessageSender { > WTF_MAKE_NONCOPYABLE(ChildProcess); > > public: >+ enum ProcessType { >+ WebContentType, >+ NetworkType, >+ StorageType, >+ PluginType >+ }; >+ > void initialize(const ChildProcessInitializationParameters&); > > // disable and enable termination of the process. when disableTermination is called, the >@@ -146,6 +143,18 @@ private: > OSObjectPtr<xpc_object_t> m_priorityBoostMessage; > #endif > }; >+ >+struct ChildProcessInitializationParameters { >+ String uiProcessName; >+ String clientIdentifier; >+ std::optional<WebCore::ProcessIdentifier> processIdentifier; >+ IPC::Connection::Identifier connectionIdentifier; >+ HashMap<String, String> extraInitializationData; >+ ChildProcess::ProcessType processType; >+#if PLATFORM(COCOA) >+ OSObjectPtr<xpc_object_t> priorityBoostMessage; >+#endif >+}; > > } // namespace WebKit > >diff --git a/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h b/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >index 209e20a75493410ee8f967b45bfdd42f57b2fdef..47414e3863f4a7a4c707e001c6d82eef2f65b7a1 100644 >--- a/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >+++ b/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >@@ -111,6 +111,8 @@ void XPCServiceInitializer(OSObjectPtr<xpc_connection_t> connection, xpc_object_ > if (parameters.extraInitializationData.contains(ASCIILiteral("always-runs-at-background-priority"))) > Thread::setGlobalMaxQOSClass(QOS_CLASS_UTILITY); > #endif >+ >+ parameters.processType = XPCServiceType::processType; > > XPCServiceType::singleton().initialize(parameters); > } >diff --git a/Source/WebKit/Shared/mac/ChildProcessMac.mm b/Source/WebKit/Shared/mac/ChildProcessMac.mm >index aed5b9fd70960fe170d5026cc20e267a516f0204..46830ea1b04a69e91e8ded3a86673915ecabb723 100644 >--- a/Source/WebKit/Shared/mac/ChildProcessMac.mm >+++ b/Source/WebKit/Shared/mac/ChildProcessMac.mm >@@ -31,16 +31,25 @@ > #import "CodeSigning.h" > #import "QuarantineSPI.h" > #import "SandboxInitializationParameters.h" >+#import "SandboxUtilities.h" > #import "WKFoundation.h" > #import "XPCServiceEntryPoint.h" > #import <WebCore/FileSystem.h> > #import <WebCore/SystemVersion.h> > #import <mach/mach.h> > #import <mach/task.h> >+#import <pal/crypto/CryptoDigest.h> > #import <pwd.h> >+#import <rootless.h> >+extern "C" { >+#import <sandbox/libsandbox.h> >+} > #import <stdlib.h> > #import <sysexits.h> >+#import <wtf/DataLog.h> > #import <wtf/Scope.h> >+#import <wtf/SystemTracing.h> >+#import <wtf/WallTime.h> > #import <wtf/spi/darwin/SandboxSPI.h> > > #if USE(APPLE_INTERNAL_SDK) >@@ -110,8 +119,19 @@ static OSStatus enableSandboxStyleFileQuarantine() > #endif > } > >+static bool verbose = false; >+template<typename... Types> >+void verboseLog(const Types&... values) >+{ >+ dataLogLnIf(verbose, values...); >+} >+ > void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters) > { >+ tracePoint(static_cast<TracePointCode>(InitializeSandboxStart)); >+ auto stopTraceOnExit = makeScopeExit([] { >+ tracePoint(static_cast<TracePointCode>(InitializeSandboxEnd)); >+ }); > #if WK_API_ENABLED > NSBundle *webKit2Bundle = [NSBundle bundleForClass:NSClassFromString(@"WKWebView")]; > #else >@@ -131,7 +151,7 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > sandboxParameters.setUserDirectorySuffix(defaultUserDirectorySuffix); > } > } >- >+ > Vector<String> osVersionParts; > String osSystemMarketingVersion = systemMarketingVersion(); > osSystemMarketingVersion.split('.', false, osVersionParts); >@@ -142,6 +162,17 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > String osVersion = osVersionParts[0] + '.' + osVersionParts[1]; > sandboxParameters.addParameter("_OS_VERSION", osVersion.utf8().data()); > >+ char darwinUserCacheDir[PATH_MAX]; >+ { >+ char temp[PATH_MAX]; >+ if (!confstr(_CS_DARWIN_USER_CACHE_DIR, temp, sizeof(temp))) { >+ WTFLogAlways("%s: couldn't retrieve private cache directory path: %d\n", getprogname(), errno); >+ exit(EX_NOPERM); >+ } >+ if (!realpath(temp, darwinUserCacheDir)) >+ CRASH(); >+ } >+ > // Use private temporary and cache directories. > setenv("DIRHELPER_USER_DIR_SUFFIX", FileSystem::fileSystemRepresentation(sandboxParameters.userDirectorySuffix()).data(), 1); > char temporaryDirectory[PATH_MAX]; >@@ -169,46 +200,431 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > String path = String::fromUTF8(pwd.pw_dir); > path.append("/Library"); > >+ String libraryPath = path; >+ > sandboxParameters.addPathParameter("HOME_LIBRARY_DIR", FileSystem::fileSystemRepresentation(path).data()); > > path.append("/Preferences"); > > sandboxParameters.addPathParameter("HOME_LIBRARY_PREFERENCES_DIR", FileSystem::fileSystemRepresentation(path).data()); > >- switch (sandboxParameters.mode()) { >- case SandboxInitializationParameters::UseDefaultSandboxProfilePath: >- case SandboxInitializationParameters::UseOverrideSandboxProfilePath: { >+ auto startTime = WallTime::now(); >+ bool didApplySandbox = [&] { >+ using SandboxProfile = typename std::remove_pointer<sandbox_profile_t>::type; >+ >+ static constexpr uint32_t versionNumber = 0; >+ struct CachedFileHeader { >+ uint32_t versionNumber; >+ uint32_t sandboxHeaderSize; >+ uint32_t sandboxBuiltinSize; // If a builtin doesn't exist, this is UINT_MAX >+ uint32_t sandboxDataSize; >+ // OOPS: build in versioning based on webkit binary. >+ }; >+ // The file is layed out on disk like: >+ // byte 0 >+ // CachedFileHeader <- sizeof(CachedFileHeader) bytes >+ // SandboxHeader <- sandboxHeaderSize bytes >+ // [SandboxBuiltin] optional. Present if sanboxBuiltinSize is not UINT_MAX. If present, sandboxBuiltinSize bytes. >+ // SandboxData <- sandboxDataSize bytes >+ // byte N >+ >+ auto getFileContents = [] (const String& path) -> std::optional<Vector<char>> { >+ FileSystem::PlatformFileHandle handle = openFile(path, FileSystem::FileOpenMode::Read); >+ >+ if (handle == FileSystem::invalidPlatformFileHandle) { >+ verboseLog("Can't get file handle for path: ", path); >+ return std::nullopt; >+ } >+ >+ auto closeFileOnExit = makeScopeExit([&] { >+ FileSystem::closeFile(handle); >+ }); >+ >+ long long fileSize; >+ if (!FileSystem::getFileSize(handle, fileSize)) { >+ verboseLog("Could not get size for file: ", path); >+ return std::nullopt; >+ } >+ RELEASE_ASSERT(fileSize >= 0); >+ >+ Vector<char> contents(safeCast<size_t>(fileSize)); >+ int bytesRead = FileSystem::readFromFile(handle, contents.data(), safeCast<size_t>(fileSize)); >+ if (safeCast<int>(fileSize) != bytesRead) { >+ verboseLog("Could not read the file: ", path); >+ return std::nullopt; >+ } >+ >+ return WTFMove(contents); >+ }; >+ >+ if (sandboxParameters.mode() != SandboxInitializationParameters::UseDefaultSandboxProfilePath >+ && sandboxParameters.mode() != SandboxInitializationParameters::UseOverrideSandboxProfilePath) >+ return false; >+ > String sandboxProfilePath = sandboxParameters.mode() == SandboxInitializationParameters::UseDefaultSandboxProfilePath ? defaultProfilePath : sandboxParameters.overrideSandboxProfilePath(); >- if (!sandboxProfilePath.isEmpty()) { >- CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ if (sandboxProfilePath.isEmpty()) >+ return false; >+ >+ sandbox_params_t sandboxParams = sandbox_create_params(); >+ auto freeParamsOnExit = makeScopeExit([&] { >+ sandbox_free_params(sandboxParams); >+ }); >+ >+ Vector<uint8_t> sandboxHeader; >+ Vector<char> sandboxSBFileContents; >+ // Compute the sandbox header size. >+ { >+ Checked<size_t> headerSize = 0; >+ for (size_t i = 0; i < sandboxParameters.count(); ++i) { >+ const char* name = sandboxParameters.name(i); >+ const char* value = sandboxParameters.value(i); >+ if (sandbox_set_param(sandboxParams, name, value)) >+ CRASH(); >+ headerSize += strlen(name) + 1; >+ headerSize += strlen(value) + 1; >+ } >+ >+ >+ if (auto fileContents = getFileContents(sandboxProfilePath)) >+ sandboxSBFileContents = WTFMove(*fileContents); >+ else >+ return false; >+ >+ headerSize += sandboxSBFileContents.size(); >+ sandboxHeader = Vector<uint8_t>(headerSize.unsafeGet()); >+ } >+ >+ // Write out the sandbox header. >+ { >+ size_t cursor = 0; >+ for (size_t i = 0; i < sandboxParameters.count(); ++i) { >+ auto appendCString = [&] (const char* value) { >+ size_t length = strlen(value); >+ RELEASE_ASSERT(cursor + length < sandboxHeader.size()); >+ memcpy(sandboxHeader.data() + cursor, value, length); >+ cursor += length; >+ RELEASE_ASSERT(cursor + 1 <= sandboxHeader.size()); >+ sandboxHeader[cursor] = bitwise_cast<uint8_t>(':'); >+ ++cursor; >+ }; >+ >+ const char* name = sandboxParameters.name(i); >+ appendCString(name); >+ const char* value = sandboxParameters.value(i); >+ appendCString(value); >+ } >+ >+ memcpy(sandboxHeader.data() + cursor, sandboxSBFileContents.data(), sandboxSBFileContents.size()); >+ cursor += sandboxSBFileContents.size(); >+ RELEASE_ASSERT(cursor == sandboxHeader.size()); >+ } >+ >+ >+ String sandboxDirectory = darwinUserCacheDir; // OOPS: Do we want to just use the one w/ client identifier appended to it? >+#if USE(APPLE_INTERNAL_SDK) >+ switch (parameters.processType) { >+ case WebContentType: >+ sandboxDirectory.append("/com.apple.WebKit.WebContent.Sandbox"); >+ break; >+ case NetworkType: >+ sandboxDirectory.append("/com.apple.WebKit.Networking.Sandbox"); >+ break; >+ case StorageType: >+ sandboxDirectory.append("/com.apple.WebKit.Storage.Sandbox"); >+ break; >+ case PluginType: >+ sandboxDirectory.append("/com.apple.WebKit.Plugin.Sandbox"); >+ break; >+ default: >+ CRASH(); >+ } >+#else >+ sandboxDirectory.append("/com.apple.WebKit.WebKitSandbox"); >+#endif >+ >+ String sandboxFile = sandboxDirectory; >+ sandboxFile.append("/CompiledSandbox+"); >+#if !(USE(APPLE_INTERNAL_SDK)) >+ sandboxFile.append(sandboxParameters.userDirectorySuffix()); >+ sandboxFile.append('+'); >+#endif >+ >+ { >+ auto crypto = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_1); >+ crypto->addBytes(sandboxHeader.data(), sandboxHeader.size()); >+ Vector<uint8_t> hash = crypto->computeHash(); >+ char* hashAsString = static_cast<char*>(fastMalloc(hash.size() * 2 + 1)); >+ char* ptr = hashAsString; >+ for (uint8_t byte : hash) { >+ snprintf(ptr, 3, "%02x", byte); >+ ptr += 2; >+ } >+ *ptr = '\0'; >+ RELEASE_ASSERT(static_cast<uintptr_t>(ptr - hashAsString) == hash.size() * 2); >+ // dataLogLn("hashAsString extension: ", hashAsString); >+ sandboxFile.append(hashAsString); >+ } >+ >+ bool didApplyCachedSandbox = [&] { >+ Vector<char> compiledFile; >+ if (auto maybeCompiledFile = getFileContents(sandboxFile)) >+ compiledFile = WTFMove(*maybeCompiledFile); >+ else >+ return false; >+ >+ size_t cursor = 0; >+ auto readHeader = [&] (CachedFileHeader& value) { >+ if (cursor + sizeof(CachedFileHeader) > compiledFile.size()) >+ return false; >+ memcpy(&value, compiledFile.data() + cursor, sizeof(CachedFileHeader)); >+ cursor += sizeof(CachedFileHeader); >+ return true; >+ }; >+ >+ CachedFileHeader header; >+ if (!readHeader(header)) { >+ verboseLog("Cached file is smaller than sizeof(CachedFileHeader)"); >+ return false; >+ } >+ >+ if (header.versionNumber != versionNumber) { >+ verboseLog("cached file has old version number: ", header.versionNumber); >+ return false; >+ } >+ >+ size_t expectedFileSize = sizeof(CachedFileHeader) + header.sandboxHeaderSize + header.sandboxDataSize; >+ bool haveBuiltin = header.sandboxBuiltinSize != std::numeric_limits<uint32_t>::max(); >+ if (haveBuiltin) >+ expectedFileSize += header.sandboxBuiltinSize; >+ >+ if (compiledFile.size() != expectedFileSize) { >+ verboseLog("Cached file has wrong file size."); >+ return false; >+ } >+ >+ if (header.sandboxHeaderSize != sandboxHeader.size()) { >+ verboseLog("header size different from cached header size"); >+ return false; >+ } >+ >+ if (memcmp(sandboxHeader.data(), compiledFile.data() + cursor, sandboxHeader.size())) { >+ verboseLog("Header and cached header do not have the same contents."); >+ return false; >+ } >+ cursor += sandboxHeader.size(); >+ >+ SandboxProfile profile; >+ profile.builtin = nullptr; >+ profile.size = header.sandboxDataSize; >+ if (haveBuiltin) { >+ profile.builtin = static_cast<char*>(fastMalloc(header.sandboxBuiltinSize + 1)); >+ memcpy(profile.builtin, compiledFile.data() + cursor, header.sandboxBuiltinSize); >+ profile.builtin[header.sandboxBuiltinSize] = '\0'; >+ cursor += header.sandboxBuiltinSize; >+ } >+ auto freeBuiltinOnExit = makeScopeExit([&] { >+ if (profile.builtin) >+ fastFree(profile.builtin); >+ }); >+ profile.data = bitwise_cast<unsigned char*>(compiledFile.data()) + cursor; >+ RELEASE_ASSERT(cursor + profile.size == compiledFile.size()); >+ >+ if (sandbox_apply(&profile)) { >+ verboseLog("could not apply cached sandbox"); >+ // OOPS: should we return false here, so we can fallback perhaps? >+ CRASH(); >+ } >+ >+ verboseLog("Applied cached sandbox successfully"); >+ return true; >+ }(); >+ >+ if (didApplyCachedSandbox) >+ return true; >+ >+ bool hasSandboxDirectory = FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes); >+ if (!hasSandboxDirectory) { >+#if USE(APPLE_INTERNAL_SDK) >+ CString sandboxPath = FileSystem::fileSystemRepresentation(sandboxDirectory); >+ bool madeDirectory = false; >+ switch (parameters.processType) { >+ case WebContentType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitWebContentSandbox")); >+ break; >+ case NetworkType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitNetworkingSandbox")); >+ break; >+ case StorageType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitStorageSandbox")); >+ break; >+ case PluginType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitPluginSandbox")); >+ break; >+ default: >+ CRASH(); >+ } >+ if (madeDirectory) >+ verboseLog("Made rootless directory: ", sandboxPath); >+ else >+ verboseLog("Could not make rootless directory, errno: ", errno); >+#else >+ bool madeDirectory = FileSystem::makeAllDirectories(sandboxDirectory); >+#endif >+ if (madeDirectory) { >+ ASSERT(FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes)); >+ verboseLog("Created sandbox directory: ", sandboxDirectory); >+ hasSandboxDirectory = true; >+ } else { >+ // We may have raced with someone else making it. That's ok. >+ hasSandboxDirectory = FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes); >+ } >+ } >+ >+ if (!hasSandboxDirectory) { >+ verboseLog("Bailing because we don't have a sandbox directory"); >+ return false; >+ } >+ >+ char* error = nullptr; >+ CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ SandboxProfile* sandboxProfile = sandbox_compile_file(profilePath.data(), sandboxParams, &error); >+ if (!sandboxProfile) { >+ WTFLogAlways("%s: Couldn't compile WebContent sandbox %s\n", getprogname(), error); >+ CRASH(); >+ } >+ auto freeSandboxOnExit = makeScopeExit([&] { >+ sandbox_free_profile(sandboxProfile); >+ }); >+ >+ Checked<size_t> fileSize = 0; >+ fileSize += sizeof(CachedFileHeader); >+ fileSize += sandboxHeader.size(); >+ if (sandboxProfile->builtin) >+ fileSize += strlen(sandboxProfile->builtin); >+ fileSize += sandboxProfile->size; >+ >+ CachedFileHeader header { >+ versionNumber, >+ safeCast<uint32_t>(sandboxHeader.size()), >+ sandboxProfile->builtin ? safeCast<uint32_t>(strlen(sandboxProfile->builtin)) : std::numeric_limits<uint32_t>::max(), >+ safeCast<uint32_t>(sandboxProfile->size) >+ }; >+ >+ Vector<char> fileContents(fileSize.unsafeGet()); >+ >+ // Write out our file content into a temporary vector. >+ { >+ size_t cursor = 0; >+ >+ RELEASE_ASSERT(cursor + sizeof(CachedFileHeader) <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, &header, sizeof(CachedFileHeader)); >+ cursor += sizeof(CachedFileHeader); >+ >+ RELEASE_ASSERT(cursor + sandboxHeader.size() <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxHeader.data(), sandboxHeader.size()); >+ cursor += sandboxHeader.size(); >+ >+ if (sandboxProfile->builtin) { >+ size_t length = strlen(sandboxProfile->builtin); >+ RELEASE_ASSERT(cursor + length <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxProfile->builtin, length); >+ cursor += length; >+ } >+ >+ RELEASE_ASSERT(cursor + sandboxProfile->size == fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxProfile->data, sandboxProfile->size); >+ } >+ >+ FileSystem::PlatformFileHandle tempHandle; >+ String tempFileString; >+ CString tempFilePath; >+ for (unsigned i = 0; true; ++i) { >+ tempFileString = sandboxDirectory; >+ tempFileString.append("/tempfile"); >+ if (i) >+ tempFileString.append(String::number(i)); >+ tempFilePath = FileSystem::fileSystemRepresentation(tempFileString); >+ if (tempFilePath.isNull()) >+ return false; >+ tempHandle = open(tempFilePath.data(), (O_WRONLY | O_CREAT | O_EXCL), 0666); >+ if (tempHandle != FileSystem::invalidPlatformFileHandle) >+ break; >+ if (errno != EEXIST) >+ return false; >+ verboseLog("errno is EEXIST, looping back and trying again: ", tempFileString); >+ } >+ >+ bool didRenameFile = false; >+ ASSERT(tempHandle != FileSystem::invalidPlatformFileHandle); >+ int writeSize = FileSystem::writeToFile(tempHandle, bitwise_cast<const char*>(fileContents.data()), safeCast<int>(fileContents.size())); >+ if (writeSize == safeCast<int>(fileContents.size())) { >+ // Rename the temp file to the expected file. We do it this way because this is an atomic operation. >+ // OOPS: What is the behavior if this happens concurrently to read when the file already exists? >+ CString sandboxFilePath = FileSystem::fileSystemRepresentation(sandboxFile); >+ if (!sandboxFilePath.isNull()) { >+ verboseLog("Renaming from: '", tempFilePath, "' to: '", sandboxFile, "'"); >+ if (!rename(tempFilePath.data(), sandboxFilePath.data())) { >+ didRenameFile = true; >+ verboseLog("Rename succeeded"); >+ } else >+ verboseLog("Rename failed: ", errno); >+ } >+ } else >+ verboseLog("Did not successfully write file temp file: ", tempFilePath); >+ >+ FileSystem::closeFile(tempHandle); >+ >+ if (!didRenameFile) >+ FileSystem::deleteFile(tempFileString); >+ >+ if (sandbox_apply(sandboxProfile)) { >+ verboseLog("could not apply compiled sandbox!"); >+ WTFLogAlways("%s: Couldn't apply compiled sandbox profile, errno: %d\n", getprogname(), errno); >+ exit(EX_NOPERM); >+ } >+ >+ return true; >+ }(); >+ >+ if (didApplySandbox) { >+ auto endTime = WallTime::now(); >+ dataLogLn("Apply time: ", (endTime - startTime).milliseconds()); >+ } else { >+ switch (sandboxParameters.mode()) { >+ case SandboxInitializationParameters::UseDefaultSandboxProfilePath: >+ case SandboxInitializationParameters::UseOverrideSandboxProfilePath: { >+ String sandboxProfilePath = sandboxParameters.mode() == SandboxInitializationParameters::UseDefaultSandboxProfilePath ? defaultProfilePath : sandboxParameters.overrideSandboxProfilePath(); >+ if (!sandboxProfilePath.isEmpty()) { >+ CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ char* errorBuf; >+#pragma clang diagnostic push >+#pragma clang diagnostic ignored "-Wdeprecated-declarations" >+ if (sandbox_init_with_parameters(profilePath.data(), SANDBOX_NAMED_EXTERNAL, sandboxParameters.namedParameterArray(), &errorBuf)) { >+#pragma clang diagnostic pop >+ WTFLogAlways("%s: Couldn't initialize sandbox profile [%s], error '%s'\n", getprogname(), profilePath.data(), errorBuf); >+ for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) >+ WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); >+ exit(EX_NOPERM); >+ } >+ } >+ >+ break; >+ } >+ case SandboxInitializationParameters::UseSandboxProfile: { > char* errorBuf; > #pragma clang diagnostic push > #pragma clang diagnostic ignored "-Wdeprecated-declarations" >- if (sandbox_init_with_parameters(profilePath.data(), SANDBOX_NAMED_EXTERNAL, sandboxParameters.namedParameterArray(), &errorBuf)) { >+ if (sandbox_init_with_parameters(sandboxParameters.sandboxProfile().utf8().data(), 0, sandboxParameters.namedParameterArray(), &errorBuf)) { > #pragma clang diagnostic pop >- WTFLogAlways("%s: Couldn't initialize sandbox profile [%s], error '%s'\n", getprogname(), profilePath.data(), errorBuf); >+ WTFLogAlways("%s: Couldn't initialize sandbox profile, error '%s'\n", getprogname(), errorBuf); > for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) > WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); > exit(EX_NOPERM); > } >- } > >- break; >- } >- case SandboxInitializationParameters::UseSandboxProfile: { >- char* errorBuf; >-#pragma clang diagnostic push >-#pragma clang diagnostic ignored "-Wdeprecated-declarations" >- if (sandbox_init_with_parameters(sandboxParameters.sandboxProfile().utf8().data(), 0, sandboxParameters.namedParameterArray(), &errorBuf)) { >-#pragma clang diagnostic pop >- WTFLogAlways("%s: Couldn't initialize sandbox profile, error '%s'\n", getprogname(), errorBuf); >- for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) >- WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); >- exit(EX_NOPERM); >+ break; >+ } > } >- >- break; >- } > } > > // This will override LSFileQuarantineEnabled from Info.plist unless sandbox quarantine is globally disabled. >diff --git a/Source/WebKit/StorageProcess/StorageProcess.h b/Source/WebKit/StorageProcess/StorageProcess.h >index 298390b3d8ac4fd69bdf870487622f1dca4cb194..d28ebb600334053c8ba275cf1896d94263893187 100644 >--- a/Source/WebKit/StorageProcess/StorageProcess.h >+++ b/Source/WebKit/StorageProcess/StorageProcess.h >@@ -71,6 +71,8 @@ class StorageProcess : public ChildProcess > friend NeverDestroyed<StorageProcess>; > public: > static StorageProcess& singleton(); >+ static const ChildProcess::ProcessType processType = StorageType; >+ > ~StorageProcess(); > > WorkQueue& queue() { return m_queue.get(); } >diff --git a/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm b/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >index 375a1705cd374734b50b081c072cdccc8ad61f8e..c54a2853aeb94d4ed9b2a709f3c833a90e43254b 100644 >--- a/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >+++ b/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >@@ -150,7 +150,7 @@ void ProcessLauncher::launchProcess() > xpc_dictionary_set_string(preBootstrapMessage.get(), "message-name", "pre-bootstrap"); > xpc_connection_send_message(m_xpcConnection.get(), preBootstrapMessage.get()); > } >- >+ > // Create the listening port. > mach_port_t listeningPort = MACH_PORT_NULL; > auto kr = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &listeningPort); >@@ -283,11 +283,11 @@ void ProcessLauncher::terminateProcess() > > if (!m_processIdentifier) > return; >- >+ > kill(m_processIdentifier, SIGKILL); > m_processIdentifier = 0; > } >- >+ > void ProcessLauncher::platformInvalidate() > { > if (!m_xpcConnection) >diff --git a/Source/WebKit/WebKit.xcodeproj/project.pbxproj b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >index d8d29516a6cb6445bbdc5de7497cee163f160645..c3afc0d05da52abb2e428b704c414dba9806d48f 100644 >--- a/Source/WebKit/WebKit.xcodeproj/project.pbxproj >+++ b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >@@ -3336,6 +3336,8 @@ > 41897ED51F415D850016FA42 /* CacheStorageEngineConnection.messages.in */ = {isa = PBXFileReference; lastKnownFileType = text; path = CacheStorageEngineConnection.messages.in; sourceTree = "<group>"; }; > 41897ED61F415D860016FA42 /* CacheStorageEngine.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = CacheStorageEngine.cpp; sourceTree = "<group>"; }; > 419ACF9B1F981D26009F1A83 /* WebServiceWorkerFetchTaskClient.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebServiceWorkerFetchTaskClient.h; sourceTree = "<group>"; }; >+ 41AA59D420D2F94000F3471A /* Storage-OSX.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "Storage-OSX.entitlements"; sourceTree = "<group>"; }; >+ 41AA59D520D2FA5300F3471A /* Network-OSX.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "Network-OSX.entitlements"; sourceTree = "<group>"; }; > 41AC86811E042E5300303074 /* WebRTCResolver.messages.in */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; lineEnding = 0; name = WebRTCResolver.messages.in; path = Network/webrtc/WebRTCResolver.messages.in; sourceTree = "<group>"; xcLanguageSpecificationIdentifier = "<none>"; }; > 41B28B081F83AD3E00FB52AC /* RTCPacketOptions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RTCPacketOptions.h; sourceTree = "<group>"; }; > 41B28B091F83AD3E00FB52AC /* RTCPacketOptions.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RTCPacketOptions.cpp; sourceTree = "<group>"; }; >@@ -5061,6 +5063,7 @@ > 1A4F976C100E7B6600637A18 /* FeatureDefines.xcconfig */, > 37119A7D20CCB64E002C6DC9 /* Network-iOS-minimalsimulator.entitlements */, > 7C0BB9A918DCDF5A0006C086 /* Network-iOS.entitlements */, >+ 41AA59D520D2FA5300F3471A /* Network-OSX.entitlements */, > BC8283AB16B4BEAD00A278FE /* NetworkService.xcconfig */, > A1EDD2DB1884B96400BBFE98 /* PluginProcessShim.xcconfig */, > BC8283F216B4FC5300A278FE /* PluginService.32.xcconfig */, >@@ -5069,6 +5072,7 @@ > 37E83D401B37D27B002079EE /* SandboxProfiles.xcconfig */, > A1EDD2DC1884B9B500BBFE98 /* SecItemShim.xcconfig */, > 5183B3931379F85C00E8754E /* Shim.xcconfig */, >+ 41AA59D420D2F94000F3471A /* Storage-OSX.entitlements */, > 51A60B29180CCD9000F3BF50 /* StorageService.xcconfig */, > 1A4F976E100E7B6600637A18 /* Version.xcconfig */, > 37119A7E20CCB64E002C6DC9 /* WebContent-iOS-minimalsimulator.entitlements */, >@@ -10358,13 +10362,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Unlock keychain"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10376,13 +10376,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Unlock keychain"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10394,13 +10390,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Remove stale entitlement file"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10412,13 +10404,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Remove stale entitlement file"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10430,14 +10418,10 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > "$(TEMP_FILE_DIR)/$(FULL_PRODUCT_NAME).xcent", > ); > name = "Process WebContent entitlements"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10449,14 +10433,10 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > "$(TEMP_FILE_DIR)/$(FULL_PRODUCT_NAME).xcent", > ); > name = "Process WebContent entitlements"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >diff --git a/Source/WebKit/WebProcess/WebProcess.h b/Source/WebKit/WebProcess/WebProcess.h >index b8520acd2bd83c4915713fd54340efeb456dcefb..fbad5565cce74e984be2f206aa3fa9bbbc4eecf0 100644 >--- a/Source/WebKit/WebProcess/WebProcess.h >+++ b/Source/WebKit/WebProcess/WebProcess.h >@@ -108,6 +108,7 @@ struct WebsiteDataStoreParameters; > class WebProcess : public ChildProcess { > public: > static WebProcess& singleton(); >+ static const ChildProcess::ProcessType processType = WebContentType; > > template <typename T> > T* supplement() >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index 95e7eb0c860baffea359fa7f3700b5c3ff7d5547..ddcc6af503af603bce404db436b97bbe2a72301c 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,12 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added custom sign posts for sandbox initialization >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * Tracing/SystemTracePoints.plist: >+ > 2018-06-12 Valerie R Young <valerie@bocoup.com> > > test262/Runner.pm: add unit tests >diff --git a/Tools/Scripts/webkitpy/tool/commands/stepsequence.py b/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >index bb3c5870630f4e163c387941bc57d3eceec52212..48a7585b0f41c6aecf8f0002dff9322b2aa4b646 100644 >--- a/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >+++ b/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >@@ -64,6 +64,7 @@ class StepSequence(object): > > def _run(self, tool, options, state): > for step in self._steps: >+ print tool.scm().create_patch(options.git_commit) > step(tool, options).run(state) > > def run_and_handle_errors(self, tool, options, state=None): >diff --git a/Tools/Tracing/SystemTracePoints.plist b/Tools/Tracing/SystemTracePoints.plist >index e9e1776965bac9ddd1d647fb920734600f8a2905..7cba493bd1da205bc2514d26b96eda2f5c7acd01 100644 >--- a/Tools/Tracing/SystemTracePoints.plist >+++ b/Tools/Tracing/SystemTracePoints.plist >@@ -300,6 +300,18 @@ > <key>CodeEnd</key> > <string>14004</string> > </dict> >+ <dict> >+ <key>Name</key> >+ <string>Process Launch</string> >+ <key>Type</key> >+ <string>Interval</string> >+ <key>Component</key> >+ <string>47</string> >+ <key>CodeBegin</key> >+ <string>14003</string> >+ <key>CodeEnd</key> >+ <string>14004</string> >+ </dict> > </array> > </dict> > </array> > >Subversion Revision: 232757 >diff --git a/Source/WTF/ChangeLog b/Source/WTF/ChangeLog >index c2c83cfbe4108647f6a4147c6c78e57d3c82fad0..911eefc557b45cff3d5fe656db4881fc3a5817e2 100644 >--- a/Source/WTF/ChangeLog >+++ b/Source/WTF/ChangeLog >@@ -1,3 +1,12 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added custom sign posts for sandbox initialization >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * wtf/SystemTracing.h: >+ > 2018-06-11 Saam Barati <sbarati@apple.com> > > The NaturalLoops algorithm only works when the list of blocks in a loop is de-duplicated >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 517b87c29b3dd61271bfcf3ef1e959a2518a551d..b2e04b7aa46186334d07533f24e8effc09f7069f 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,32 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added support for compiled sandbox file caching >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * Configurations/Network-OSX.entitlements: Copied from Source/WebKit/Configurations/WebContent-OSX.entitlements. >+ * Configurations/NetworkService.xcconfig: >+ * Configurations/PluginService.entitlements: >+ * Configurations/Storage-OSX.entitlements: Copied from Source/WebKit/Configurations/WebContent-OSX.entitlements. >+ * Configurations/StorageService.xcconfig: >+ * Configurations/WebContent-OSX.entitlements: >+ * Configurations/WebKit.xcconfig: >+ * NetworkProcess/NetworkProcess.h: >+ * PluginProcess/PluginProcess.h: >+ * Shared/ChildProcess.h: >+ * Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h: >+ (WebKit::XPCServiceInitializer): >+ * Shared/mac/ChildProcessMac.mm: >+ (WebKit::verboseLog): >+ (WebKit::ChildProcess::initializeSandbox): >+ * StorageProcess/StorageProcess.h: >+ * UIProcess/Launcher/mac/ProcessLauncherMac.mm: >+ (WebKit::ProcessLauncher::launchProcess): >+ (WebKit::ProcessLauncher::terminateProcess): >+ * WebKit.xcodeproj/project.pbxproj: >+ * WebProcess/WebProcess.h: >+ > 2018-06-11 Carlos Garcia Campos <cgarcia@igalia.com> > > Unreviewed. Update OptionsGTK.cmake and NEWS for 2.21.4 release. >diff --git a/Source/WTF/wtf/SystemTracing.h b/Source/WTF/wtf/SystemTracing.h >index b52be8d38682fa59bbd6619573b77ec0bd34f112..105196ec48735fab52b3931511e00ed0c14fe15f 100644 >--- a/Source/WTF/wtf/SystemTracing.h >+++ b/Source/WTF/wtf/SystemTracing.h >@@ -96,6 +96,8 @@ enum TracePointCode { > CommitLayerTreeEnd, > ProcessLaunchStart, > ProcessLaunchEnd, >+ InitializeSandboxStart, >+ InitializeSandboxEnd, > }; > > #ifdef __cplusplus >diff --git a/Source/WebKit/Configurations/Network-OSX.entitlements b/Source/WebKit/Configurations/Network-OSX.entitlements >new file mode 100644 >index 0000000000000000000000000000000000000000..03270566fc5437bd7d8911179dd517c5febd42ab >--- /dev/null >+++ b/Source/WebKit/Configurations/Network-OSX.entitlements >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> >+<plist version="1.0"> >+<dict> >+ <key>com.apple.rootless.storage.WebKitNetworkingSandbox</key> >+ <true/> >+</dict> >+</plist> >diff --git a/Source/WebKit/Configurations/NetworkService.xcconfig b/Source/WebKit/Configurations/NetworkService.xcconfig >index 5b602d60d8d486ca1a34b3d68752a329aa42b7a3..907a787c86644b6cd732e5243e487f4429950510 100644 >--- a/Source/WebKit/Configurations/NetworkService.xcconfig >+++ b/Source/WebKit/Configurations/NetworkService.xcconfig >@@ -32,6 +32,7 @@ WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_appletvos = Network-iOS; > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_appletvsimulator = Network-iOS; > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_iphoneminimalsimulator = Network-iOS-minimalsimulator; > >+CODE_SIGN_ENTITLEMENTS_COCOA_TOUCH_NO = Configurations/Network-OSX.entitlements; > OTHER_CODE_SIGN_FLAGS = $(WK_LIBRARY_VALIDATION_CODE_SIGN_FLAGS); > > PRODUCT_NAME = com.apple.WebKit.Networking; >diff --git a/Source/WebKit/Configurations/PluginService.entitlements b/Source/WebKit/Configurations/PluginService.entitlements >index 25e58ca5e26a0354714f719efa86ac676534a39d..1a3367050648f4190313726b42121092e680ee18 100644 >--- a/Source/WebKit/Configurations/PluginService.entitlements >+++ b/Source/WebKit/Configurations/PluginService.entitlements >@@ -10,5 +10,7 @@ > <true/> > <key>com.apple.security.cs.disable-library-validation</key> > <true/> >+ <key>com.apple.rootless.storage.WebKitPluginSandbox</key> >+ <true/> > </dict> > </plist> >diff --git a/Source/WebKit/Configurations/Storage-OSX.entitlements b/Source/WebKit/Configurations/Storage-OSX.entitlements >new file mode 100644 >index 0000000000000000000000000000000000000000..bbb392e80f95671e8f90889e0c869e1686347998 >--- /dev/null >+++ b/Source/WebKit/Configurations/Storage-OSX.entitlements >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> >+<plist version="1.0"> >+<dict> >+ <key>com.apple.rootless.storage.WebKitStorageSandbox</key> >+ <true/> >+</dict> >+</plist> >diff --git a/Source/WebKit/Configurations/StorageService.xcconfig b/Source/WebKit/Configurations/StorageService.xcconfig >index 75761d808af04253a6dd7d3fadad1835ba8af5e3..c857586f77301ce175708c6e074aa290e6e644b4 100644 >--- a/Source/WebKit/Configurations/StorageService.xcconfig >+++ b/Source/WebKit/Configurations/StorageService.xcconfig >@@ -25,6 +25,7 @@ > > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = Databases-iOS; > >+CODE_SIGN_ENTITLEMENTS_COCOA_TOUCH_NO = Configurations/Storage-OSX.entitlements; > OTHER_CODE_SIGN_FLAGS = $(WK_LIBRARY_VALIDATION_CODE_SIGN_FLAGS); > > PRODUCT_NAME = $(WK_STORAGE_SERVICE_PRODUCT_NAME); >diff --git a/Source/WebKit/Configurations/WebContent-OSX.entitlements b/Source/WebKit/Configurations/WebContent-OSX.entitlements >index d35e43ae588cdfe5570930260829dcd145c4d1e2..c2354c41a37e294c41ad95472b734ff929d34d05 100644 >--- a/Source/WebKit/Configurations/WebContent-OSX.entitlements >+++ b/Source/WebKit/Configurations/WebContent-OSX.entitlements >@@ -4,5 +4,7 @@ > <dict> > <key>com.apple.security.cs.allow-jit</key> > <true/> >+ <key>com.apple.rootless.storage.WebKitWebContentSandbox</key> >+ <true/> > </dict> > </plist> >diff --git a/Source/WebKit/Configurations/WebKit.xcconfig b/Source/WebKit/Configurations/WebKit.xcconfig >index 79f44e0517b88e91f9a1e7c2147d27476c90adfc..6d250e4fa34f8d01b0ffbf2005a445e078c7e033 100644 >--- a/Source/WebKit/Configurations/WebKit.xcconfig >+++ b/Source/WebKit/Configurations/WebKit.xcconfig >@@ -82,6 +82,9 @@ WK_MOBILE_CORE_SERVICES_LDFLAGS_cocoatouch = -framework MobileCoreServices; > WK_MOBILE_GESTALT_LDFLAGS = $(WK_MOBILE_GESTALT_LDFLAGS_$(WK_COCOA_TOUCH)); > WK_MOBILE_GESTALT_LDFLAGS_cocoatouch = -lMobileGestalt; > >+WK_LIBSANDBOX_LDFLAGS = $(WK_LIBSANDBOX_LDFLAGS_$(WK_PLATFORM_NAME)); >+WK_LIBSANDBOX_LDFLAGS_macosx = -lsandbox; >+ > WK_OPENGL_LDFLAGS = $(WK_OPENGL_LDFLAGS_$(WK_PLATFORM_NAME)); > WK_OPENGL_LDFLAGS_iphoneos = -framework OpenGLES; > WK_OPENGL_LDFLAGS_iphoneminimalsimulator = -framework OpenGL; >@@ -112,7 +115,7 @@ WK_UIKIT_LDFLAGS_cocoatouch = -framework UIKit; > WK_URL_FORMATTING_LDFLAGS = $(WK_URL_FORMATTING_LDFLAGS_$(WK_HAVE_URL_FORMATTING)); > WK_URL_FORMATTING_LDFLAGS_YES = -framework URLFormatting; > >-FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework WebKitLegacy -lnetwork $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_ASSERTION_SERVICES_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_PDF_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_OPENGL_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS); >+FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework WebKitLegacy -lnetwork $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_ASSERTION_SERVICES_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_PDF_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_LDFLAGS) $(WK_LIBSANDBOX_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_OPENGL_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS); > > // Prevent C++ standard library operator new, delete and their related exception types from being exported as weak symbols. > UNEXPORTED_SYMBOL_LDFLAGS = -Wl,-unexported_symbol -Wl,__ZTISt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTISt9exception -Wl,-unexported_symbol -Wl,__ZTSSt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTSSt9exception -Wl,-unexported_symbol -Wl,__ZdlPvS_ -Wl,-unexported_symbol -Wl,__ZnwmPv -Wl,-unexported_symbol -Wl,__Znwm -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC2EOS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC1EOS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEaSEDn -Wl,-unexported_symbol, -Wl,__ZNKSt3__18functionIFvN7WebCore12PolicyActionEEEclES2_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEE4swapERS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC1ERKS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC2ERKS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEED1Ev -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEED2Ev -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEaSERKS4_ -Wl,-unexported_symbol, -Wl,__ZTVNSt3__117bad_function_callE; >diff --git a/Source/WebKit/NetworkProcess/NetworkProcess.h b/Source/WebKit/NetworkProcess/NetworkProcess.h >index 08e24dce6108247297305b86adcebe2844747681..f6a0ed2186c7957733ac4cd9e50c80d895027866 100644 >--- a/Source/WebKit/NetworkProcess/NetworkProcess.h >+++ b/Source/WebKit/NetworkProcess/NetworkProcess.h >@@ -80,6 +80,7 @@ class NetworkProcess : public ChildProcess, private DownloadManager::Client { > friend NeverDestroyed<DownloadManager>; > public: > static NetworkProcess& singleton(); >+ static const ChildProcess::ProcessType processType = NetworkType; > > template <typename T> > T* supplement() >diff --git a/Source/WebKit/PluginProcess/PluginProcess.h b/Source/WebKit/PluginProcess/PluginProcess.h >index d5081b061cdf7936a06c94039dd92623843ccf95..1b7a6461209b8f98feb6f9d7fb6704141643f81c 100644 >--- a/Source/WebKit/PluginProcess/PluginProcess.h >+++ b/Source/WebKit/PluginProcess/PluginProcess.h >@@ -49,6 +49,7 @@ class PluginProcess : public ChildProcess > > public: > static PluginProcess& singleton(); >+ static const ChildProcess::ProcessType processType = PluginType; > > void removeWebProcessConnection(WebProcessConnection*); > >diff --git a/Source/WebKit/Shared/ChildProcess.h b/Source/WebKit/Shared/ChildProcess.h >index b35c9f2e3f3fa87e2dfbee1b0afc979b98a2f8f1..809ec4343135fd55e055daad9c98dda7b53d2267 100644 >--- a/Source/WebKit/Shared/ChildProcess.h >+++ b/Source/WebKit/Shared/ChildProcess.h >@@ -39,22 +39,19 @@ > namespace WebKit { > > class SandboxInitializationParameters; >- >-struct ChildProcessInitializationParameters { >- String uiProcessName; >- String clientIdentifier; >- std::optional<WebCore::ProcessIdentifier> processIdentifier; >- IPC::Connection::Identifier connectionIdentifier; >- HashMap<String, String> extraInitializationData; >-#if PLATFORM(COCOA) >- OSObjectPtr<xpc_object_t> priorityBoostMessage; >-#endif >-}; >+struct ChildProcessInitializationParameters; > > class ChildProcess : protected IPC::Connection::Client, public IPC::MessageSender { > WTF_MAKE_NONCOPYABLE(ChildProcess); > > public: >+ enum ProcessType { >+ WebContentType, >+ NetworkType, >+ StorageType, >+ PluginType >+ }; >+ > void initialize(const ChildProcessInitializationParameters&); > > // disable and enable termination of the process. when disableTermination is called, the >@@ -146,6 +143,18 @@ private: > OSObjectPtr<xpc_object_t> m_priorityBoostMessage; > #endif > }; >+ >+struct ChildProcessInitializationParameters { >+ String uiProcessName; >+ String clientIdentifier; >+ std::optional<WebCore::ProcessIdentifier> processIdentifier; >+ IPC::Connection::Identifier connectionIdentifier; >+ HashMap<String, String> extraInitializationData; >+ ChildProcess::ProcessType processType; >+#if PLATFORM(COCOA) >+ OSObjectPtr<xpc_object_t> priorityBoostMessage; >+#endif >+}; > > } // namespace WebKit > >diff --git a/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h b/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >index 209e20a75493410ee8f967b45bfdd42f57b2fdef..47414e3863f4a7a4c707e001c6d82eef2f65b7a1 100644 >--- a/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >+++ b/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >@@ -111,6 +111,8 @@ void XPCServiceInitializer(OSObjectPtr<xpc_connection_t> connection, xpc_object_ > if (parameters.extraInitializationData.contains(ASCIILiteral("always-runs-at-background-priority"))) > Thread::setGlobalMaxQOSClass(QOS_CLASS_UTILITY); > #endif >+ >+ parameters.processType = XPCServiceType::processType; > > XPCServiceType::singleton().initialize(parameters); > } >diff --git a/Source/WebKit/Shared/mac/ChildProcessMac.mm b/Source/WebKit/Shared/mac/ChildProcessMac.mm >index aed5b9fd70960fe170d5026cc20e267a516f0204..46830ea1b04a69e91e8ded3a86673915ecabb723 100644 >--- a/Source/WebKit/Shared/mac/ChildProcessMac.mm >+++ b/Source/WebKit/Shared/mac/ChildProcessMac.mm >@@ -31,16 +31,25 @@ > #import "CodeSigning.h" > #import "QuarantineSPI.h" > #import "SandboxInitializationParameters.h" >+#import "SandboxUtilities.h" > #import "WKFoundation.h" > #import "XPCServiceEntryPoint.h" > #import <WebCore/FileSystem.h> > #import <WebCore/SystemVersion.h> > #import <mach/mach.h> > #import <mach/task.h> >+#import <pal/crypto/CryptoDigest.h> > #import <pwd.h> >+#import <rootless.h> >+extern "C" { >+#import <sandbox/libsandbox.h> >+} > #import <stdlib.h> > #import <sysexits.h> >+#import <wtf/DataLog.h> > #import <wtf/Scope.h> >+#import <wtf/SystemTracing.h> >+#import <wtf/WallTime.h> > #import <wtf/spi/darwin/SandboxSPI.h> > > #if USE(APPLE_INTERNAL_SDK) >@@ -110,8 +119,19 @@ static OSStatus enableSandboxStyleFileQuarantine() > #endif > } > >+static bool verbose = false; >+template<typename... Types> >+void verboseLog(const Types&... values) >+{ >+ dataLogLnIf(verbose, values...); >+} >+ > void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters) > { >+ tracePoint(static_cast<TracePointCode>(InitializeSandboxStart)); >+ auto stopTraceOnExit = makeScopeExit([] { >+ tracePoint(static_cast<TracePointCode>(InitializeSandboxEnd)); >+ }); > #if WK_API_ENABLED > NSBundle *webKit2Bundle = [NSBundle bundleForClass:NSClassFromString(@"WKWebView")]; > #else >@@ -131,7 +151,7 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > sandboxParameters.setUserDirectorySuffix(defaultUserDirectorySuffix); > } > } >- >+ > Vector<String> osVersionParts; > String osSystemMarketingVersion = systemMarketingVersion(); > osSystemMarketingVersion.split('.', false, osVersionParts); >@@ -142,6 +162,17 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > String osVersion = osVersionParts[0] + '.' + osVersionParts[1]; > sandboxParameters.addParameter("_OS_VERSION", osVersion.utf8().data()); > >+ char darwinUserCacheDir[PATH_MAX]; >+ { >+ char temp[PATH_MAX]; >+ if (!confstr(_CS_DARWIN_USER_CACHE_DIR, temp, sizeof(temp))) { >+ WTFLogAlways("%s: couldn't retrieve private cache directory path: %d\n", getprogname(), errno); >+ exit(EX_NOPERM); >+ } >+ if (!realpath(temp, darwinUserCacheDir)) >+ CRASH(); >+ } >+ > // Use private temporary and cache directories. > setenv("DIRHELPER_USER_DIR_SUFFIX", FileSystem::fileSystemRepresentation(sandboxParameters.userDirectorySuffix()).data(), 1); > char temporaryDirectory[PATH_MAX]; >@@ -169,46 +200,431 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > String path = String::fromUTF8(pwd.pw_dir); > path.append("/Library"); > >+ String libraryPath = path; >+ > sandboxParameters.addPathParameter("HOME_LIBRARY_DIR", FileSystem::fileSystemRepresentation(path).data()); > > path.append("/Preferences"); > > sandboxParameters.addPathParameter("HOME_LIBRARY_PREFERENCES_DIR", FileSystem::fileSystemRepresentation(path).data()); > >- switch (sandboxParameters.mode()) { >- case SandboxInitializationParameters::UseDefaultSandboxProfilePath: >- case SandboxInitializationParameters::UseOverrideSandboxProfilePath: { >+ auto startTime = WallTime::now(); >+ bool didApplySandbox = [&] { >+ using SandboxProfile = typename std::remove_pointer<sandbox_profile_t>::type; >+ >+ static constexpr uint32_t versionNumber = 0; >+ struct CachedFileHeader { >+ uint32_t versionNumber; >+ uint32_t sandboxHeaderSize; >+ uint32_t sandboxBuiltinSize; // If a builtin doesn't exist, this is UINT_MAX >+ uint32_t sandboxDataSize; >+ // OOPS: build in versioning based on webkit binary. >+ }; >+ // The file is layed out on disk like: >+ // byte 0 >+ // CachedFileHeader <- sizeof(CachedFileHeader) bytes >+ // SandboxHeader <- sandboxHeaderSize bytes >+ // [SandboxBuiltin] optional. Present if sanboxBuiltinSize is not UINT_MAX. If present, sandboxBuiltinSize bytes. >+ // SandboxData <- sandboxDataSize bytes >+ // byte N >+ >+ auto getFileContents = [] (const String& path) -> std::optional<Vector<char>> { >+ FileSystem::PlatformFileHandle handle = openFile(path, FileSystem::FileOpenMode::Read); >+ >+ if (handle == FileSystem::invalidPlatformFileHandle) { >+ verboseLog("Can't get file handle for path: ", path); >+ return std::nullopt; >+ } >+ >+ auto closeFileOnExit = makeScopeExit([&] { >+ FileSystem::closeFile(handle); >+ }); >+ >+ long long fileSize; >+ if (!FileSystem::getFileSize(handle, fileSize)) { >+ verboseLog("Could not get size for file: ", path); >+ return std::nullopt; >+ } >+ RELEASE_ASSERT(fileSize >= 0); >+ >+ Vector<char> contents(safeCast<size_t>(fileSize)); >+ int bytesRead = FileSystem::readFromFile(handle, contents.data(), safeCast<size_t>(fileSize)); >+ if (safeCast<int>(fileSize) != bytesRead) { >+ verboseLog("Could not read the file: ", path); >+ return std::nullopt; >+ } >+ >+ return WTFMove(contents); >+ }; >+ >+ if (sandboxParameters.mode() != SandboxInitializationParameters::UseDefaultSandboxProfilePath >+ && sandboxParameters.mode() != SandboxInitializationParameters::UseOverrideSandboxProfilePath) >+ return false; >+ > String sandboxProfilePath = sandboxParameters.mode() == SandboxInitializationParameters::UseDefaultSandboxProfilePath ? defaultProfilePath : sandboxParameters.overrideSandboxProfilePath(); >- if (!sandboxProfilePath.isEmpty()) { >- CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ if (sandboxProfilePath.isEmpty()) >+ return false; >+ >+ sandbox_params_t sandboxParams = sandbox_create_params(); >+ auto freeParamsOnExit = makeScopeExit([&] { >+ sandbox_free_params(sandboxParams); >+ }); >+ >+ Vector<uint8_t> sandboxHeader; >+ Vector<char> sandboxSBFileContents; >+ // Compute the sandbox header size. >+ { >+ Checked<size_t> headerSize = 0; >+ for (size_t i = 0; i < sandboxParameters.count(); ++i) { >+ const char* name = sandboxParameters.name(i); >+ const char* value = sandboxParameters.value(i); >+ if (sandbox_set_param(sandboxParams, name, value)) >+ CRASH(); >+ headerSize += strlen(name) + 1; >+ headerSize += strlen(value) + 1; >+ } >+ >+ >+ if (auto fileContents = getFileContents(sandboxProfilePath)) >+ sandboxSBFileContents = WTFMove(*fileContents); >+ else >+ return false; >+ >+ headerSize += sandboxSBFileContents.size(); >+ sandboxHeader = Vector<uint8_t>(headerSize.unsafeGet()); >+ } >+ >+ // Write out the sandbox header. >+ { >+ size_t cursor = 0; >+ for (size_t i = 0; i < sandboxParameters.count(); ++i) { >+ auto appendCString = [&] (const char* value) { >+ size_t length = strlen(value); >+ RELEASE_ASSERT(cursor + length < sandboxHeader.size()); >+ memcpy(sandboxHeader.data() + cursor, value, length); >+ cursor += length; >+ RELEASE_ASSERT(cursor + 1 <= sandboxHeader.size()); >+ sandboxHeader[cursor] = bitwise_cast<uint8_t>(':'); >+ ++cursor; >+ }; >+ >+ const char* name = sandboxParameters.name(i); >+ appendCString(name); >+ const char* value = sandboxParameters.value(i); >+ appendCString(value); >+ } >+ >+ memcpy(sandboxHeader.data() + cursor, sandboxSBFileContents.data(), sandboxSBFileContents.size()); >+ cursor += sandboxSBFileContents.size(); >+ RELEASE_ASSERT(cursor == sandboxHeader.size()); >+ } >+ >+ >+ String sandboxDirectory = darwinUserCacheDir; // OOPS: Do we want to just use the one w/ client identifier appended to it? >+#if USE(APPLE_INTERNAL_SDK) >+ switch (parameters.processType) { >+ case WebContentType: >+ sandboxDirectory.append("/com.apple.WebKit.WebContent.Sandbox"); >+ break; >+ case NetworkType: >+ sandboxDirectory.append("/com.apple.WebKit.Networking.Sandbox"); >+ break; >+ case StorageType: >+ sandboxDirectory.append("/com.apple.WebKit.Storage.Sandbox"); >+ break; >+ case PluginType: >+ sandboxDirectory.append("/com.apple.WebKit.Plugin.Sandbox"); >+ break; >+ default: >+ CRASH(); >+ } >+#else >+ sandboxDirectory.append("/com.apple.WebKit.WebKitSandbox"); >+#endif >+ >+ String sandboxFile = sandboxDirectory; >+ sandboxFile.append("/CompiledSandbox+"); >+#if !(USE(APPLE_INTERNAL_SDK)) >+ sandboxFile.append(sandboxParameters.userDirectorySuffix()); >+ sandboxFile.append('+'); >+#endif >+ >+ { >+ auto crypto = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_1); >+ crypto->addBytes(sandboxHeader.data(), sandboxHeader.size()); >+ Vector<uint8_t> hash = crypto->computeHash(); >+ char* hashAsString = static_cast<char*>(fastMalloc(hash.size() * 2 + 1)); >+ char* ptr = hashAsString; >+ for (uint8_t byte : hash) { >+ snprintf(ptr, 3, "%02x", byte); >+ ptr += 2; >+ } >+ *ptr = '\0'; >+ RELEASE_ASSERT(static_cast<uintptr_t>(ptr - hashAsString) == hash.size() * 2); >+ // dataLogLn("hashAsString extension: ", hashAsString); >+ sandboxFile.append(hashAsString); >+ } >+ >+ bool didApplyCachedSandbox = [&] { >+ Vector<char> compiledFile; >+ if (auto maybeCompiledFile = getFileContents(sandboxFile)) >+ compiledFile = WTFMove(*maybeCompiledFile); >+ else >+ return false; >+ >+ size_t cursor = 0; >+ auto readHeader = [&] (CachedFileHeader& value) { >+ if (cursor + sizeof(CachedFileHeader) > compiledFile.size()) >+ return false; >+ memcpy(&value, compiledFile.data() + cursor, sizeof(CachedFileHeader)); >+ cursor += sizeof(CachedFileHeader); >+ return true; >+ }; >+ >+ CachedFileHeader header; >+ if (!readHeader(header)) { >+ verboseLog("Cached file is smaller than sizeof(CachedFileHeader)"); >+ return false; >+ } >+ >+ if (header.versionNumber != versionNumber) { >+ verboseLog("cached file has old version number: ", header.versionNumber); >+ return false; >+ } >+ >+ size_t expectedFileSize = sizeof(CachedFileHeader) + header.sandboxHeaderSize + header.sandboxDataSize; >+ bool haveBuiltin = header.sandboxBuiltinSize != std::numeric_limits<uint32_t>::max(); >+ if (haveBuiltin) >+ expectedFileSize += header.sandboxBuiltinSize; >+ >+ if (compiledFile.size() != expectedFileSize) { >+ verboseLog("Cached file has wrong file size."); >+ return false; >+ } >+ >+ if (header.sandboxHeaderSize != sandboxHeader.size()) { >+ verboseLog("header size different from cached header size"); >+ return false; >+ } >+ >+ if (memcmp(sandboxHeader.data(), compiledFile.data() + cursor, sandboxHeader.size())) { >+ verboseLog("Header and cached header do not have the same contents."); >+ return false; >+ } >+ cursor += sandboxHeader.size(); >+ >+ SandboxProfile profile; >+ profile.builtin = nullptr; >+ profile.size = header.sandboxDataSize; >+ if (haveBuiltin) { >+ profile.builtin = static_cast<char*>(fastMalloc(header.sandboxBuiltinSize + 1)); >+ memcpy(profile.builtin, compiledFile.data() + cursor, header.sandboxBuiltinSize); >+ profile.builtin[header.sandboxBuiltinSize] = '\0'; >+ cursor += header.sandboxBuiltinSize; >+ } >+ auto freeBuiltinOnExit = makeScopeExit([&] { >+ if (profile.builtin) >+ fastFree(profile.builtin); >+ }); >+ profile.data = bitwise_cast<unsigned char*>(compiledFile.data()) + cursor; >+ RELEASE_ASSERT(cursor + profile.size == compiledFile.size()); >+ >+ if (sandbox_apply(&profile)) { >+ verboseLog("could not apply cached sandbox"); >+ // OOPS: should we return false here, so we can fallback perhaps? >+ CRASH(); >+ } >+ >+ verboseLog("Applied cached sandbox successfully"); >+ return true; >+ }(); >+ >+ if (didApplyCachedSandbox) >+ return true; >+ >+ bool hasSandboxDirectory = FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes); >+ if (!hasSandboxDirectory) { >+#if USE(APPLE_INTERNAL_SDK) >+ CString sandboxPath = FileSystem::fileSystemRepresentation(sandboxDirectory); >+ bool madeDirectory = false; >+ switch (parameters.processType) { >+ case WebContentType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitWebContentSandbox")); >+ break; >+ case NetworkType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitNetworkingSandbox")); >+ break; >+ case StorageType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitStorageSandbox")); >+ break; >+ case PluginType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitPluginSandbox")); >+ break; >+ default: >+ CRASH(); >+ } >+ if (madeDirectory) >+ verboseLog("Made rootless directory: ", sandboxPath); >+ else >+ verboseLog("Could not make rootless directory, errno: ", errno); >+#else >+ bool madeDirectory = FileSystem::makeAllDirectories(sandboxDirectory); >+#endif >+ if (madeDirectory) { >+ ASSERT(FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes)); >+ verboseLog("Created sandbox directory: ", sandboxDirectory); >+ hasSandboxDirectory = true; >+ } else { >+ // We may have raced with someone else making it. That's ok. >+ hasSandboxDirectory = FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes); >+ } >+ } >+ >+ if (!hasSandboxDirectory) { >+ verboseLog("Bailing because we don't have a sandbox directory"); >+ return false; >+ } >+ >+ char* error = nullptr; >+ CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ SandboxProfile* sandboxProfile = sandbox_compile_file(profilePath.data(), sandboxParams, &error); >+ if (!sandboxProfile) { >+ WTFLogAlways("%s: Couldn't compile WebContent sandbox %s\n", getprogname(), error); >+ CRASH(); >+ } >+ auto freeSandboxOnExit = makeScopeExit([&] { >+ sandbox_free_profile(sandboxProfile); >+ }); >+ >+ Checked<size_t> fileSize = 0; >+ fileSize += sizeof(CachedFileHeader); >+ fileSize += sandboxHeader.size(); >+ if (sandboxProfile->builtin) >+ fileSize += strlen(sandboxProfile->builtin); >+ fileSize += sandboxProfile->size; >+ >+ CachedFileHeader header { >+ versionNumber, >+ safeCast<uint32_t>(sandboxHeader.size()), >+ sandboxProfile->builtin ? safeCast<uint32_t>(strlen(sandboxProfile->builtin)) : std::numeric_limits<uint32_t>::max(), >+ safeCast<uint32_t>(sandboxProfile->size) >+ }; >+ >+ Vector<char> fileContents(fileSize.unsafeGet()); >+ >+ // Write out our file content into a temporary vector. >+ { >+ size_t cursor = 0; >+ >+ RELEASE_ASSERT(cursor + sizeof(CachedFileHeader) <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, &header, sizeof(CachedFileHeader)); >+ cursor += sizeof(CachedFileHeader); >+ >+ RELEASE_ASSERT(cursor + sandboxHeader.size() <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxHeader.data(), sandboxHeader.size()); >+ cursor += sandboxHeader.size(); >+ >+ if (sandboxProfile->builtin) { >+ size_t length = strlen(sandboxProfile->builtin); >+ RELEASE_ASSERT(cursor + length <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxProfile->builtin, length); >+ cursor += length; >+ } >+ >+ RELEASE_ASSERT(cursor + sandboxProfile->size == fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxProfile->data, sandboxProfile->size); >+ } >+ >+ FileSystem::PlatformFileHandle tempHandle; >+ String tempFileString; >+ CString tempFilePath; >+ for (unsigned i = 0; true; ++i) { >+ tempFileString = sandboxDirectory; >+ tempFileString.append("/tempfile"); >+ if (i) >+ tempFileString.append(String::number(i)); >+ tempFilePath = FileSystem::fileSystemRepresentation(tempFileString); >+ if (tempFilePath.isNull()) >+ return false; >+ tempHandle = open(tempFilePath.data(), (O_WRONLY | O_CREAT | O_EXCL), 0666); >+ if (tempHandle != FileSystem::invalidPlatformFileHandle) >+ break; >+ if (errno != EEXIST) >+ return false; >+ verboseLog("errno is EEXIST, looping back and trying again: ", tempFileString); >+ } >+ >+ bool didRenameFile = false; >+ ASSERT(tempHandle != FileSystem::invalidPlatformFileHandle); >+ int writeSize = FileSystem::writeToFile(tempHandle, bitwise_cast<const char*>(fileContents.data()), safeCast<int>(fileContents.size())); >+ if (writeSize == safeCast<int>(fileContents.size())) { >+ // Rename the temp file to the expected file. We do it this way because this is an atomic operation. >+ // OOPS: What is the behavior if this happens concurrently to read when the file already exists? >+ CString sandboxFilePath = FileSystem::fileSystemRepresentation(sandboxFile); >+ if (!sandboxFilePath.isNull()) { >+ verboseLog("Renaming from: '", tempFilePath, "' to: '", sandboxFile, "'"); >+ if (!rename(tempFilePath.data(), sandboxFilePath.data())) { >+ didRenameFile = true; >+ verboseLog("Rename succeeded"); >+ } else >+ verboseLog("Rename failed: ", errno); >+ } >+ } else >+ verboseLog("Did not successfully write file temp file: ", tempFilePath); >+ >+ FileSystem::closeFile(tempHandle); >+ >+ if (!didRenameFile) >+ FileSystem::deleteFile(tempFileString); >+ >+ if (sandbox_apply(sandboxProfile)) { >+ verboseLog("could not apply compiled sandbox!"); >+ WTFLogAlways("%s: Couldn't apply compiled sandbox profile, errno: %d\n", getprogname(), errno); >+ exit(EX_NOPERM); >+ } >+ >+ return true; >+ }(); >+ >+ if (didApplySandbox) { >+ auto endTime = WallTime::now(); >+ dataLogLn("Apply time: ", (endTime - startTime).milliseconds()); >+ } else { >+ switch (sandboxParameters.mode()) { >+ case SandboxInitializationParameters::UseDefaultSandboxProfilePath: >+ case SandboxInitializationParameters::UseOverrideSandboxProfilePath: { >+ String sandboxProfilePath = sandboxParameters.mode() == SandboxInitializationParameters::UseDefaultSandboxProfilePath ? defaultProfilePath : sandboxParameters.overrideSandboxProfilePath(); >+ if (!sandboxProfilePath.isEmpty()) { >+ CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ char* errorBuf; >+#pragma clang diagnostic push >+#pragma clang diagnostic ignored "-Wdeprecated-declarations" >+ if (sandbox_init_with_parameters(profilePath.data(), SANDBOX_NAMED_EXTERNAL, sandboxParameters.namedParameterArray(), &errorBuf)) { >+#pragma clang diagnostic pop >+ WTFLogAlways("%s: Couldn't initialize sandbox profile [%s], error '%s'\n", getprogname(), profilePath.data(), errorBuf); >+ for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) >+ WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); >+ exit(EX_NOPERM); >+ } >+ } >+ >+ break; >+ } >+ case SandboxInitializationParameters::UseSandboxProfile: { > char* errorBuf; > #pragma clang diagnostic push > #pragma clang diagnostic ignored "-Wdeprecated-declarations" >- if (sandbox_init_with_parameters(profilePath.data(), SANDBOX_NAMED_EXTERNAL, sandboxParameters.namedParameterArray(), &errorBuf)) { >+ if (sandbox_init_with_parameters(sandboxParameters.sandboxProfile().utf8().data(), 0, sandboxParameters.namedParameterArray(), &errorBuf)) { > #pragma clang diagnostic pop >- WTFLogAlways("%s: Couldn't initialize sandbox profile [%s], error '%s'\n", getprogname(), profilePath.data(), errorBuf); >+ WTFLogAlways("%s: Couldn't initialize sandbox profile, error '%s'\n", getprogname(), errorBuf); > for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) > WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); > exit(EX_NOPERM); > } >- } > >- break; >- } >- case SandboxInitializationParameters::UseSandboxProfile: { >- char* errorBuf; >-#pragma clang diagnostic push >-#pragma clang diagnostic ignored "-Wdeprecated-declarations" >- if (sandbox_init_with_parameters(sandboxParameters.sandboxProfile().utf8().data(), 0, sandboxParameters.namedParameterArray(), &errorBuf)) { >-#pragma clang diagnostic pop >- WTFLogAlways("%s: Couldn't initialize sandbox profile, error '%s'\n", getprogname(), errorBuf); >- for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) >- WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); >- exit(EX_NOPERM); >+ break; >+ } > } >- >- break; >- } > } > > // This will override LSFileQuarantineEnabled from Info.plist unless sandbox quarantine is globally disabled. >diff --git a/Source/WebKit/StorageProcess/StorageProcess.h b/Source/WebKit/StorageProcess/StorageProcess.h >index 298390b3d8ac4fd69bdf870487622f1dca4cb194..d28ebb600334053c8ba275cf1896d94263893187 100644 >--- a/Source/WebKit/StorageProcess/StorageProcess.h >+++ b/Source/WebKit/StorageProcess/StorageProcess.h >@@ -71,6 +71,8 @@ class StorageProcess : public ChildProcess > friend NeverDestroyed<StorageProcess>; > public: > static StorageProcess& singleton(); >+ static const ChildProcess::ProcessType processType = StorageType; >+ > ~StorageProcess(); > > WorkQueue& queue() { return m_queue.get(); } >diff --git a/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm b/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >index 375a1705cd374734b50b081c072cdccc8ad61f8e..c54a2853aeb94d4ed9b2a709f3c833a90e43254b 100644 >--- a/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >+++ b/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >@@ -150,7 +150,7 @@ void ProcessLauncher::launchProcess() > xpc_dictionary_set_string(preBootstrapMessage.get(), "message-name", "pre-bootstrap"); > xpc_connection_send_message(m_xpcConnection.get(), preBootstrapMessage.get()); > } >- >+ > // Create the listening port. > mach_port_t listeningPort = MACH_PORT_NULL; > auto kr = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &listeningPort); >@@ -283,11 +283,11 @@ void ProcessLauncher::terminateProcess() > > if (!m_processIdentifier) > return; >- >+ > kill(m_processIdentifier, SIGKILL); > m_processIdentifier = 0; > } >- >+ > void ProcessLauncher::platformInvalidate() > { > if (!m_xpcConnection) >diff --git a/Source/WebKit/WebKit.xcodeproj/project.pbxproj b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >index d8d29516a6cb6445bbdc5de7497cee163f160645..c3afc0d05da52abb2e428b704c414dba9806d48f 100644 >--- a/Source/WebKit/WebKit.xcodeproj/project.pbxproj >+++ b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >@@ -3336,6 +3336,8 @@ > 41897ED51F415D850016FA42 /* CacheStorageEngineConnection.messages.in */ = {isa = PBXFileReference; lastKnownFileType = text; path = CacheStorageEngineConnection.messages.in; sourceTree = "<group>"; }; > 41897ED61F415D860016FA42 /* CacheStorageEngine.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = CacheStorageEngine.cpp; sourceTree = "<group>"; }; > 419ACF9B1F981D26009F1A83 /* WebServiceWorkerFetchTaskClient.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebServiceWorkerFetchTaskClient.h; sourceTree = "<group>"; }; >+ 41AA59D420D2F94000F3471A /* Storage-OSX.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "Storage-OSX.entitlements"; sourceTree = "<group>"; }; >+ 41AA59D520D2FA5300F3471A /* Network-OSX.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "Network-OSX.entitlements"; sourceTree = "<group>"; }; > 41AC86811E042E5300303074 /* WebRTCResolver.messages.in */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; lineEnding = 0; name = WebRTCResolver.messages.in; path = Network/webrtc/WebRTCResolver.messages.in; sourceTree = "<group>"; xcLanguageSpecificationIdentifier = "<none>"; }; > 41B28B081F83AD3E00FB52AC /* RTCPacketOptions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RTCPacketOptions.h; sourceTree = "<group>"; }; > 41B28B091F83AD3E00FB52AC /* RTCPacketOptions.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RTCPacketOptions.cpp; sourceTree = "<group>"; }; >@@ -5061,6 +5063,7 @@ > 1A4F976C100E7B6600637A18 /* FeatureDefines.xcconfig */, > 37119A7D20CCB64E002C6DC9 /* Network-iOS-minimalsimulator.entitlements */, > 7C0BB9A918DCDF5A0006C086 /* Network-iOS.entitlements */, >+ 41AA59D520D2FA5300F3471A /* Network-OSX.entitlements */, > BC8283AB16B4BEAD00A278FE /* NetworkService.xcconfig */, > A1EDD2DB1884B96400BBFE98 /* PluginProcessShim.xcconfig */, > BC8283F216B4FC5300A278FE /* PluginService.32.xcconfig */, >@@ -5069,6 +5072,7 @@ > 37E83D401B37D27B002079EE /* SandboxProfiles.xcconfig */, > A1EDD2DC1884B9B500BBFE98 /* SecItemShim.xcconfig */, > 5183B3931379F85C00E8754E /* Shim.xcconfig */, >+ 41AA59D420D2F94000F3471A /* Storage-OSX.entitlements */, > 51A60B29180CCD9000F3BF50 /* StorageService.xcconfig */, > 1A4F976E100E7B6600637A18 /* Version.xcconfig */, > 37119A7E20CCB64E002C6DC9 /* WebContent-iOS-minimalsimulator.entitlements */, >@@ -10358,13 +10362,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Unlock keychain"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10376,13 +10376,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Unlock keychain"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10394,13 +10390,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Remove stale entitlement file"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10412,13 +10404,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Remove stale entitlement file"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10430,14 +10418,10 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > "$(TEMP_FILE_DIR)/$(FULL_PRODUCT_NAME).xcent", > ); > name = "Process WebContent entitlements"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10449,14 +10433,10 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > "$(TEMP_FILE_DIR)/$(FULL_PRODUCT_NAME).xcent", > ); > name = "Process WebContent entitlements"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >diff --git a/Source/WebKit/WebProcess/WebProcess.h b/Source/WebKit/WebProcess/WebProcess.h >index b8520acd2bd83c4915713fd54340efeb456dcefb..fbad5565cce74e984be2f206aa3fa9bbbc4eecf0 100644 >--- a/Source/WebKit/WebProcess/WebProcess.h >+++ b/Source/WebKit/WebProcess/WebProcess.h >@@ -108,6 +108,7 @@ struct WebsiteDataStoreParameters; > class WebProcess : public ChildProcess { > public: > static WebProcess& singleton(); >+ static const ChildProcess::ProcessType processType = WebContentType; > > template <typename T> > T* supplement() >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index 95e7eb0c860baffea359fa7f3700b5c3ff7d5547..ddcc6af503af603bce404db436b97bbe2a72301c 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,12 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added custom sign posts for sandbox initialization >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * Tracing/SystemTracePoints.plist: >+ > 2018-06-12 Valerie R Young <valerie@bocoup.com> > > test262/Runner.pm: add unit tests >diff --git a/Tools/Scripts/webkitpy/tool/commands/stepsequence.py b/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >index bb3c5870630f4e163c387941bc57d3eceec52212..48a7585b0f41c6aecf8f0002dff9322b2aa4b646 100644 >--- a/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >+++ b/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >@@ -64,6 +64,7 @@ class StepSequence(object): > > def _run(self, tool, options, state): > for step in self._steps: >+ print tool.scm().create_patch(options.git_commit) > step(tool, options).run(state) > > def run_and_handle_errors(self, tool, options, state=None): >diff --git a/Tools/Tracing/SystemTracePoints.plist b/Tools/Tracing/SystemTracePoints.plist >index e9e1776965bac9ddd1d647fb920734600f8a2905..7cba493bd1da205bc2514d26b96eda2f5c7acd01 100644 >--- a/Tools/Tracing/SystemTracePoints.plist >+++ b/Tools/Tracing/SystemTracePoints.plist >@@ -300,6 +300,18 @@ > <key>CodeEnd</key> > <string>14004</string> > </dict> >+ <dict> >+ <key>Name</key> >+ <string>Process Launch</string> >+ <key>Type</key> >+ <string>Interval</string> >+ <key>Component</key> >+ <string>47</string> >+ <key>CodeBegin</key> >+ <string>14003</string> >+ <key>CodeEnd</key> >+ <string>14004</string> >+ </dict> > </array> > </dict> > </array> > >Total errors found: 0 in 22 files >Subversion Revision: 232757 >diff --git a/Source/WTF/ChangeLog b/Source/WTF/ChangeLog >index c2c83cfbe4108647f6a4147c6c78e57d3c82fad0..911eefc557b45cff3d5fe656db4881fc3a5817e2 100644 >--- a/Source/WTF/ChangeLog >+++ b/Source/WTF/ChangeLog >@@ -1,3 +1,12 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added custom sign posts for sandbox initialization >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * wtf/SystemTracing.h: >+ > 2018-06-11 Saam Barati <sbarati@apple.com> > > The NaturalLoops algorithm only works when the list of blocks in a loop is de-duplicated >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 517b87c29b3dd61271bfcf3ef1e959a2518a551d..b2e04b7aa46186334d07533f24e8effc09f7069f 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,32 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added support for compiled sandbox file caching >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * Configurations/Network-OSX.entitlements: Copied from Source/WebKit/Configurations/WebContent-OSX.entitlements. >+ * Configurations/NetworkService.xcconfig: >+ * Configurations/PluginService.entitlements: >+ * Configurations/Storage-OSX.entitlements: Copied from Source/WebKit/Configurations/WebContent-OSX.entitlements. >+ * Configurations/StorageService.xcconfig: >+ * Configurations/WebContent-OSX.entitlements: >+ * Configurations/WebKit.xcconfig: >+ * NetworkProcess/NetworkProcess.h: >+ * PluginProcess/PluginProcess.h: >+ * Shared/ChildProcess.h: >+ * Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h: >+ (WebKit::XPCServiceInitializer): >+ * Shared/mac/ChildProcessMac.mm: >+ (WebKit::verboseLog): >+ (WebKit::ChildProcess::initializeSandbox): >+ * StorageProcess/StorageProcess.h: >+ * UIProcess/Launcher/mac/ProcessLauncherMac.mm: >+ (WebKit::ProcessLauncher::launchProcess): >+ (WebKit::ProcessLauncher::terminateProcess): >+ * WebKit.xcodeproj/project.pbxproj: >+ * WebProcess/WebProcess.h: >+ > 2018-06-11 Carlos Garcia Campos <cgarcia@igalia.com> > > Unreviewed. Update OptionsGTK.cmake and NEWS for 2.21.4 release. >diff --git a/Source/WTF/wtf/SystemTracing.h b/Source/WTF/wtf/SystemTracing.h >index b52be8d38682fa59bbd6619573b77ec0bd34f112..105196ec48735fab52b3931511e00ed0c14fe15f 100644 >--- a/Source/WTF/wtf/SystemTracing.h >+++ b/Source/WTF/wtf/SystemTracing.h >@@ -96,6 +96,8 @@ enum TracePointCode { > CommitLayerTreeEnd, > ProcessLaunchStart, > ProcessLaunchEnd, >+ InitializeSandboxStart, >+ InitializeSandboxEnd, > }; > > #ifdef __cplusplus >diff --git a/Source/WebKit/Configurations/Network-OSX.entitlements b/Source/WebKit/Configurations/Network-OSX.entitlements >new file mode 100644 >index 0000000000000000000000000000000000000000..03270566fc5437bd7d8911179dd517c5febd42ab >--- /dev/null >+++ b/Source/WebKit/Configurations/Network-OSX.entitlements >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> >+<plist version="1.0"> >+<dict> >+ <key>com.apple.rootless.storage.WebKitNetworkingSandbox</key> >+ <true/> >+</dict> >+</plist> >diff --git a/Source/WebKit/Configurations/NetworkService.xcconfig b/Source/WebKit/Configurations/NetworkService.xcconfig >index 5b602d60d8d486ca1a34b3d68752a329aa42b7a3..907a787c86644b6cd732e5243e487f4429950510 100644 >--- a/Source/WebKit/Configurations/NetworkService.xcconfig >+++ b/Source/WebKit/Configurations/NetworkService.xcconfig >@@ -32,6 +32,7 @@ WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_appletvos = Network-iOS; > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_appletvsimulator = Network-iOS; > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_iphoneminimalsimulator = Network-iOS-minimalsimulator; > >+CODE_SIGN_ENTITLEMENTS_COCOA_TOUCH_NO = Configurations/Network-OSX.entitlements; > OTHER_CODE_SIGN_FLAGS = $(WK_LIBRARY_VALIDATION_CODE_SIGN_FLAGS); > > PRODUCT_NAME = com.apple.WebKit.Networking; >diff --git a/Source/WebKit/Configurations/PluginService.entitlements b/Source/WebKit/Configurations/PluginService.entitlements >index 25e58ca5e26a0354714f719efa86ac676534a39d..1a3367050648f4190313726b42121092e680ee18 100644 >--- a/Source/WebKit/Configurations/PluginService.entitlements >+++ b/Source/WebKit/Configurations/PluginService.entitlements >@@ -10,5 +10,7 @@ > <true/> > <key>com.apple.security.cs.disable-library-validation</key> > <true/> >+ <key>com.apple.rootless.storage.WebKitPluginSandbox</key> >+ <true/> > </dict> > </plist> >diff --git a/Source/WebKit/Configurations/Storage-OSX.entitlements b/Source/WebKit/Configurations/Storage-OSX.entitlements >new file mode 100644 >index 0000000000000000000000000000000000000000..bbb392e80f95671e8f90889e0c869e1686347998 >--- /dev/null >+++ b/Source/WebKit/Configurations/Storage-OSX.entitlements >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> >+<plist version="1.0"> >+<dict> >+ <key>com.apple.rootless.storage.WebKitStorageSandbox</key> >+ <true/> >+</dict> >+</plist> >diff --git a/Source/WebKit/Configurations/StorageService.xcconfig b/Source/WebKit/Configurations/StorageService.xcconfig >index 75761d808af04253a6dd7d3fadad1835ba8af5e3..c857586f77301ce175708c6e074aa290e6e644b4 100644 >--- a/Source/WebKit/Configurations/StorageService.xcconfig >+++ b/Source/WebKit/Configurations/StorageService.xcconfig >@@ -25,6 +25,7 @@ > > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = Databases-iOS; > >+CODE_SIGN_ENTITLEMENTS_COCOA_TOUCH_NO = Configurations/Storage-OSX.entitlements; > OTHER_CODE_SIGN_FLAGS = $(WK_LIBRARY_VALIDATION_CODE_SIGN_FLAGS); > > PRODUCT_NAME = $(WK_STORAGE_SERVICE_PRODUCT_NAME); >diff --git a/Source/WebKit/Configurations/WebContent-OSX.entitlements b/Source/WebKit/Configurations/WebContent-OSX.entitlements >index d35e43ae588cdfe5570930260829dcd145c4d1e2..c2354c41a37e294c41ad95472b734ff929d34d05 100644 >--- a/Source/WebKit/Configurations/WebContent-OSX.entitlements >+++ b/Source/WebKit/Configurations/WebContent-OSX.entitlements >@@ -4,5 +4,7 @@ > <dict> > <key>com.apple.security.cs.allow-jit</key> > <true/> >+ <key>com.apple.rootless.storage.WebKitWebContentSandbox</key> >+ <true/> > </dict> > </plist> >diff --git a/Source/WebKit/Configurations/WebKit.xcconfig b/Source/WebKit/Configurations/WebKit.xcconfig >index 79f44e0517b88e91f9a1e7c2147d27476c90adfc..6d250e4fa34f8d01b0ffbf2005a445e078c7e033 100644 >--- a/Source/WebKit/Configurations/WebKit.xcconfig >+++ b/Source/WebKit/Configurations/WebKit.xcconfig >@@ -82,6 +82,9 @@ WK_MOBILE_CORE_SERVICES_LDFLAGS_cocoatouch = -framework MobileCoreServices; > WK_MOBILE_GESTALT_LDFLAGS = $(WK_MOBILE_GESTALT_LDFLAGS_$(WK_COCOA_TOUCH)); > WK_MOBILE_GESTALT_LDFLAGS_cocoatouch = -lMobileGestalt; > >+WK_LIBSANDBOX_LDFLAGS = $(WK_LIBSANDBOX_LDFLAGS_$(WK_PLATFORM_NAME)); >+WK_LIBSANDBOX_LDFLAGS_macosx = -lsandbox; >+ > WK_OPENGL_LDFLAGS = $(WK_OPENGL_LDFLAGS_$(WK_PLATFORM_NAME)); > WK_OPENGL_LDFLAGS_iphoneos = -framework OpenGLES; > WK_OPENGL_LDFLAGS_iphoneminimalsimulator = -framework OpenGL; >@@ -112,7 +115,7 @@ WK_UIKIT_LDFLAGS_cocoatouch = -framework UIKit; > WK_URL_FORMATTING_LDFLAGS = $(WK_URL_FORMATTING_LDFLAGS_$(WK_HAVE_URL_FORMATTING)); > WK_URL_FORMATTING_LDFLAGS_YES = -framework URLFormatting; > >-FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework WebKitLegacy -lnetwork $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_ASSERTION_SERVICES_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_PDF_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_OPENGL_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS); >+FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework WebKitLegacy -lnetwork $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_ASSERTION_SERVICES_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_PDF_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_LDFLAGS) $(WK_LIBSANDBOX_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_OPENGL_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS); > > // Prevent C++ standard library operator new, delete and their related exception types from being exported as weak symbols. > UNEXPORTED_SYMBOL_LDFLAGS = -Wl,-unexported_symbol -Wl,__ZTISt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTISt9exception -Wl,-unexported_symbol -Wl,__ZTSSt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTSSt9exception -Wl,-unexported_symbol -Wl,__ZdlPvS_ -Wl,-unexported_symbol -Wl,__ZnwmPv -Wl,-unexported_symbol -Wl,__Znwm -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC2EOS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC1EOS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEaSEDn -Wl,-unexported_symbol, -Wl,__ZNKSt3__18functionIFvN7WebCore12PolicyActionEEEclES2_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEE4swapERS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC1ERKS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC2ERKS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEED1Ev -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEED2Ev -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEaSERKS4_ -Wl,-unexported_symbol, -Wl,__ZTVNSt3__117bad_function_callE; >diff --git a/Source/WebKit/NetworkProcess/NetworkProcess.h b/Source/WebKit/NetworkProcess/NetworkProcess.h >index 08e24dce6108247297305b86adcebe2844747681..f6a0ed2186c7957733ac4cd9e50c80d895027866 100644 >--- a/Source/WebKit/NetworkProcess/NetworkProcess.h >+++ b/Source/WebKit/NetworkProcess/NetworkProcess.h >@@ -80,6 +80,7 @@ class NetworkProcess : public ChildProcess, private DownloadManager::Client { > friend NeverDestroyed<DownloadManager>; > public: > static NetworkProcess& singleton(); >+ static const ChildProcess::ProcessType processType = NetworkType; > > template <typename T> > T* supplement() >diff --git a/Source/WebKit/PluginProcess/PluginProcess.h b/Source/WebKit/PluginProcess/PluginProcess.h >index d5081b061cdf7936a06c94039dd92623843ccf95..1b7a6461209b8f98feb6f9d7fb6704141643f81c 100644 >--- a/Source/WebKit/PluginProcess/PluginProcess.h >+++ b/Source/WebKit/PluginProcess/PluginProcess.h >@@ -49,6 +49,7 @@ class PluginProcess : public ChildProcess > > public: > static PluginProcess& singleton(); >+ static const ChildProcess::ProcessType processType = PluginType; > > void removeWebProcessConnection(WebProcessConnection*); > >diff --git a/Source/WebKit/Shared/ChildProcess.h b/Source/WebKit/Shared/ChildProcess.h >index b35c9f2e3f3fa87e2dfbee1b0afc979b98a2f8f1..809ec4343135fd55e055daad9c98dda7b53d2267 100644 >--- a/Source/WebKit/Shared/ChildProcess.h >+++ b/Source/WebKit/Shared/ChildProcess.h >@@ -39,22 +39,19 @@ > namespace WebKit { > > class SandboxInitializationParameters; >- >-struct ChildProcessInitializationParameters { >- String uiProcessName; >- String clientIdentifier; >- std::optional<WebCore::ProcessIdentifier> processIdentifier; >- IPC::Connection::Identifier connectionIdentifier; >- HashMap<String, String> extraInitializationData; >-#if PLATFORM(COCOA) >- OSObjectPtr<xpc_object_t> priorityBoostMessage; >-#endif >-}; >+struct ChildProcessInitializationParameters; > > class ChildProcess : protected IPC::Connection::Client, public IPC::MessageSender { > WTF_MAKE_NONCOPYABLE(ChildProcess); > > public: >+ enum ProcessType { >+ WebContentType, >+ NetworkType, >+ StorageType, >+ PluginType >+ }; >+ > void initialize(const ChildProcessInitializationParameters&); > > // disable and enable termination of the process. when disableTermination is called, the >@@ -146,6 +143,18 @@ private: > OSObjectPtr<xpc_object_t> m_priorityBoostMessage; > #endif > }; >+ >+struct ChildProcessInitializationParameters { >+ String uiProcessName; >+ String clientIdentifier; >+ std::optional<WebCore::ProcessIdentifier> processIdentifier; >+ IPC::Connection::Identifier connectionIdentifier; >+ HashMap<String, String> extraInitializationData; >+ ChildProcess::ProcessType processType; >+#if PLATFORM(COCOA) >+ OSObjectPtr<xpc_object_t> priorityBoostMessage; >+#endif >+}; > > } // namespace WebKit > >diff --git a/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h b/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >index 209e20a75493410ee8f967b45bfdd42f57b2fdef..47414e3863f4a7a4c707e001c6d82eef2f65b7a1 100644 >--- a/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >+++ b/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >@@ -111,6 +111,8 @@ void XPCServiceInitializer(OSObjectPtr<xpc_connection_t> connection, xpc_object_ > if (parameters.extraInitializationData.contains(ASCIILiteral("always-runs-at-background-priority"))) > Thread::setGlobalMaxQOSClass(QOS_CLASS_UTILITY); > #endif >+ >+ parameters.processType = XPCServiceType::processType; > > XPCServiceType::singleton().initialize(parameters); > } >diff --git a/Source/WebKit/Shared/mac/ChildProcessMac.mm b/Source/WebKit/Shared/mac/ChildProcessMac.mm >index aed5b9fd70960fe170d5026cc20e267a516f0204..46830ea1b04a69e91e8ded3a86673915ecabb723 100644 >--- a/Source/WebKit/Shared/mac/ChildProcessMac.mm >+++ b/Source/WebKit/Shared/mac/ChildProcessMac.mm >@@ -31,16 +31,25 @@ > #import "CodeSigning.h" > #import "QuarantineSPI.h" > #import "SandboxInitializationParameters.h" >+#import "SandboxUtilities.h" > #import "WKFoundation.h" > #import "XPCServiceEntryPoint.h" > #import <WebCore/FileSystem.h> > #import <WebCore/SystemVersion.h> > #import <mach/mach.h> > #import <mach/task.h> >+#import <pal/crypto/CryptoDigest.h> > #import <pwd.h> >+#import <rootless.h> >+extern "C" { >+#import <sandbox/libsandbox.h> >+} > #import <stdlib.h> > #import <sysexits.h> >+#import <wtf/DataLog.h> > #import <wtf/Scope.h> >+#import <wtf/SystemTracing.h> >+#import <wtf/WallTime.h> > #import <wtf/spi/darwin/SandboxSPI.h> > > #if USE(APPLE_INTERNAL_SDK) >@@ -110,8 +119,19 @@ static OSStatus enableSandboxStyleFileQuarantine() > #endif > } > >+static bool verbose = false; >+template<typename... Types> >+void verboseLog(const Types&... values) >+{ >+ dataLogLnIf(verbose, values...); >+} >+ > void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters) > { >+ tracePoint(static_cast<TracePointCode>(InitializeSandboxStart)); >+ auto stopTraceOnExit = makeScopeExit([] { >+ tracePoint(static_cast<TracePointCode>(InitializeSandboxEnd)); >+ }); > #if WK_API_ENABLED > NSBundle *webKit2Bundle = [NSBundle bundleForClass:NSClassFromString(@"WKWebView")]; > #else >@@ -131,7 +151,7 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > sandboxParameters.setUserDirectorySuffix(defaultUserDirectorySuffix); > } > } >- >+ > Vector<String> osVersionParts; > String osSystemMarketingVersion = systemMarketingVersion(); > osSystemMarketingVersion.split('.', false, osVersionParts); >@@ -142,6 +162,17 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > String osVersion = osVersionParts[0] + '.' + osVersionParts[1]; > sandboxParameters.addParameter("_OS_VERSION", osVersion.utf8().data()); > >+ char darwinUserCacheDir[PATH_MAX]; >+ { >+ char temp[PATH_MAX]; >+ if (!confstr(_CS_DARWIN_USER_CACHE_DIR, temp, sizeof(temp))) { >+ WTFLogAlways("%s: couldn't retrieve private cache directory path: %d\n", getprogname(), errno); >+ exit(EX_NOPERM); >+ } >+ if (!realpath(temp, darwinUserCacheDir)) >+ CRASH(); >+ } >+ > // Use private temporary and cache directories. > setenv("DIRHELPER_USER_DIR_SUFFIX", FileSystem::fileSystemRepresentation(sandboxParameters.userDirectorySuffix()).data(), 1); > char temporaryDirectory[PATH_MAX]; >@@ -169,46 +200,431 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > String path = String::fromUTF8(pwd.pw_dir); > path.append("/Library"); > >+ String libraryPath = path; >+ > sandboxParameters.addPathParameter("HOME_LIBRARY_DIR", FileSystem::fileSystemRepresentation(path).data()); > > path.append("/Preferences"); > > sandboxParameters.addPathParameter("HOME_LIBRARY_PREFERENCES_DIR", FileSystem::fileSystemRepresentation(path).data()); > >- switch (sandboxParameters.mode()) { >- case SandboxInitializationParameters::UseDefaultSandboxProfilePath: >- case SandboxInitializationParameters::UseOverrideSandboxProfilePath: { >+ auto startTime = WallTime::now(); >+ bool didApplySandbox = [&] { >+ using SandboxProfile = typename std::remove_pointer<sandbox_profile_t>::type; >+ >+ static constexpr uint32_t versionNumber = 0; >+ struct CachedFileHeader { >+ uint32_t versionNumber; >+ uint32_t sandboxHeaderSize; >+ uint32_t sandboxBuiltinSize; // If a builtin doesn't exist, this is UINT_MAX >+ uint32_t sandboxDataSize; >+ // OOPS: build in versioning based on webkit binary. >+ }; >+ // The file is layed out on disk like: >+ // byte 0 >+ // CachedFileHeader <- sizeof(CachedFileHeader) bytes >+ // SandboxHeader <- sandboxHeaderSize bytes >+ // [SandboxBuiltin] optional. Present if sanboxBuiltinSize is not UINT_MAX. If present, sandboxBuiltinSize bytes. >+ // SandboxData <- sandboxDataSize bytes >+ // byte N >+ >+ auto getFileContents = [] (const String& path) -> std::optional<Vector<char>> { >+ FileSystem::PlatformFileHandle handle = openFile(path, FileSystem::FileOpenMode::Read); >+ >+ if (handle == FileSystem::invalidPlatformFileHandle) { >+ verboseLog("Can't get file handle for path: ", path); >+ return std::nullopt; >+ } >+ >+ auto closeFileOnExit = makeScopeExit([&] { >+ FileSystem::closeFile(handle); >+ }); >+ >+ long long fileSize; >+ if (!FileSystem::getFileSize(handle, fileSize)) { >+ verboseLog("Could not get size for file: ", path); >+ return std::nullopt; >+ } >+ RELEASE_ASSERT(fileSize >= 0); >+ >+ Vector<char> contents(safeCast<size_t>(fileSize)); >+ int bytesRead = FileSystem::readFromFile(handle, contents.data(), safeCast<size_t>(fileSize)); >+ if (safeCast<int>(fileSize) != bytesRead) { >+ verboseLog("Could not read the file: ", path); >+ return std::nullopt; >+ } >+ >+ return WTFMove(contents); >+ }; >+ >+ if (sandboxParameters.mode() != SandboxInitializationParameters::UseDefaultSandboxProfilePath >+ && sandboxParameters.mode() != SandboxInitializationParameters::UseOverrideSandboxProfilePath) >+ return false; >+ > String sandboxProfilePath = sandboxParameters.mode() == SandboxInitializationParameters::UseDefaultSandboxProfilePath ? defaultProfilePath : sandboxParameters.overrideSandboxProfilePath(); >- if (!sandboxProfilePath.isEmpty()) { >- CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ if (sandboxProfilePath.isEmpty()) >+ return false; >+ >+ sandbox_params_t sandboxParams = sandbox_create_params(); >+ auto freeParamsOnExit = makeScopeExit([&] { >+ sandbox_free_params(sandboxParams); >+ }); >+ >+ Vector<uint8_t> sandboxHeader; >+ Vector<char> sandboxSBFileContents; >+ // Compute the sandbox header size. >+ { >+ Checked<size_t> headerSize = 0; >+ for (size_t i = 0; i < sandboxParameters.count(); ++i) { >+ const char* name = sandboxParameters.name(i); >+ const char* value = sandboxParameters.value(i); >+ if (sandbox_set_param(sandboxParams, name, value)) >+ CRASH(); >+ headerSize += strlen(name) + 1; >+ headerSize += strlen(value) + 1; >+ } >+ >+ >+ if (auto fileContents = getFileContents(sandboxProfilePath)) >+ sandboxSBFileContents = WTFMove(*fileContents); >+ else >+ return false; >+ >+ headerSize += sandboxSBFileContents.size(); >+ sandboxHeader = Vector<uint8_t>(headerSize.unsafeGet()); >+ } >+ >+ // Write out the sandbox header. >+ { >+ size_t cursor = 0; >+ for (size_t i = 0; i < sandboxParameters.count(); ++i) { >+ auto appendCString = [&] (const char* value) { >+ size_t length = strlen(value); >+ RELEASE_ASSERT(cursor + length < sandboxHeader.size()); >+ memcpy(sandboxHeader.data() + cursor, value, length); >+ cursor += length; >+ RELEASE_ASSERT(cursor + 1 <= sandboxHeader.size()); >+ sandboxHeader[cursor] = bitwise_cast<uint8_t>(':'); >+ ++cursor; >+ }; >+ >+ const char* name = sandboxParameters.name(i); >+ appendCString(name); >+ const char* value = sandboxParameters.value(i); >+ appendCString(value); >+ } >+ >+ memcpy(sandboxHeader.data() + cursor, sandboxSBFileContents.data(), sandboxSBFileContents.size()); >+ cursor += sandboxSBFileContents.size(); >+ RELEASE_ASSERT(cursor == sandboxHeader.size()); >+ } >+ >+ >+ String sandboxDirectory = darwinUserCacheDir; // OOPS: Do we want to just use the one w/ client identifier appended to it? >+#if USE(APPLE_INTERNAL_SDK) >+ switch (parameters.processType) { >+ case WebContentType: >+ sandboxDirectory.append("/com.apple.WebKit.WebContent.Sandbox"); >+ break; >+ case NetworkType: >+ sandboxDirectory.append("/com.apple.WebKit.Networking.Sandbox"); >+ break; >+ case StorageType: >+ sandboxDirectory.append("/com.apple.WebKit.Storage.Sandbox"); >+ break; >+ case PluginType: >+ sandboxDirectory.append("/com.apple.WebKit.Plugin.Sandbox"); >+ break; >+ default: >+ CRASH(); >+ } >+#else >+ sandboxDirectory.append("/com.apple.WebKit.WebKitSandbox"); >+#endif >+ >+ String sandboxFile = sandboxDirectory; >+ sandboxFile.append("/CompiledSandbox+"); >+#if !(USE(APPLE_INTERNAL_SDK)) >+ sandboxFile.append(sandboxParameters.userDirectorySuffix()); >+ sandboxFile.append('+'); >+#endif >+ >+ { >+ auto crypto = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_1); >+ crypto->addBytes(sandboxHeader.data(), sandboxHeader.size()); >+ Vector<uint8_t> hash = crypto->computeHash(); >+ char* hashAsString = static_cast<char*>(fastMalloc(hash.size() * 2 + 1)); >+ char* ptr = hashAsString; >+ for (uint8_t byte : hash) { >+ snprintf(ptr, 3, "%02x", byte); >+ ptr += 2; >+ } >+ *ptr = '\0'; >+ RELEASE_ASSERT(static_cast<uintptr_t>(ptr - hashAsString) == hash.size() * 2); >+ // dataLogLn("hashAsString extension: ", hashAsString); >+ sandboxFile.append(hashAsString); >+ } >+ >+ bool didApplyCachedSandbox = [&] { >+ Vector<char> compiledFile; >+ if (auto maybeCompiledFile = getFileContents(sandboxFile)) >+ compiledFile = WTFMove(*maybeCompiledFile); >+ else >+ return false; >+ >+ size_t cursor = 0; >+ auto readHeader = [&] (CachedFileHeader& value) { >+ if (cursor + sizeof(CachedFileHeader) > compiledFile.size()) >+ return false; >+ memcpy(&value, compiledFile.data() + cursor, sizeof(CachedFileHeader)); >+ cursor += sizeof(CachedFileHeader); >+ return true; >+ }; >+ >+ CachedFileHeader header; >+ if (!readHeader(header)) { >+ verboseLog("Cached file is smaller than sizeof(CachedFileHeader)"); >+ return false; >+ } >+ >+ if (header.versionNumber != versionNumber) { >+ verboseLog("cached file has old version number: ", header.versionNumber); >+ return false; >+ } >+ >+ size_t expectedFileSize = sizeof(CachedFileHeader) + header.sandboxHeaderSize + header.sandboxDataSize; >+ bool haveBuiltin = header.sandboxBuiltinSize != std::numeric_limits<uint32_t>::max(); >+ if (haveBuiltin) >+ expectedFileSize += header.sandboxBuiltinSize; >+ >+ if (compiledFile.size() != expectedFileSize) { >+ verboseLog("Cached file has wrong file size."); >+ return false; >+ } >+ >+ if (header.sandboxHeaderSize != sandboxHeader.size()) { >+ verboseLog("header size different from cached header size"); >+ return false; >+ } >+ >+ if (memcmp(sandboxHeader.data(), compiledFile.data() + cursor, sandboxHeader.size())) { >+ verboseLog("Header and cached header do not have the same contents."); >+ return false; >+ } >+ cursor += sandboxHeader.size(); >+ >+ SandboxProfile profile; >+ profile.builtin = nullptr; >+ profile.size = header.sandboxDataSize; >+ if (haveBuiltin) { >+ profile.builtin = static_cast<char*>(fastMalloc(header.sandboxBuiltinSize + 1)); >+ memcpy(profile.builtin, compiledFile.data() + cursor, header.sandboxBuiltinSize); >+ profile.builtin[header.sandboxBuiltinSize] = '\0'; >+ cursor += header.sandboxBuiltinSize; >+ } >+ auto freeBuiltinOnExit = makeScopeExit([&] { >+ if (profile.builtin) >+ fastFree(profile.builtin); >+ }); >+ profile.data = bitwise_cast<unsigned char*>(compiledFile.data()) + cursor; >+ RELEASE_ASSERT(cursor + profile.size == compiledFile.size()); >+ >+ if (sandbox_apply(&profile)) { >+ verboseLog("could not apply cached sandbox"); >+ // OOPS: should we return false here, so we can fallback perhaps? >+ CRASH(); >+ } >+ >+ verboseLog("Applied cached sandbox successfully"); >+ return true; >+ }(); >+ >+ if (didApplyCachedSandbox) >+ return true; >+ >+ bool hasSandboxDirectory = FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes); >+ if (!hasSandboxDirectory) { >+#if USE(APPLE_INTERNAL_SDK) >+ CString sandboxPath = FileSystem::fileSystemRepresentation(sandboxDirectory); >+ bool madeDirectory = false; >+ switch (parameters.processType) { >+ case WebContentType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitWebContentSandbox")); >+ break; >+ case NetworkType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitNetworkingSandbox")); >+ break; >+ case StorageType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitStorageSandbox")); >+ break; >+ case PluginType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitPluginSandbox")); >+ break; >+ default: >+ CRASH(); >+ } >+ if (madeDirectory) >+ verboseLog("Made rootless directory: ", sandboxPath); >+ else >+ verboseLog("Could not make rootless directory, errno: ", errno); >+#else >+ bool madeDirectory = FileSystem::makeAllDirectories(sandboxDirectory); >+#endif >+ if (madeDirectory) { >+ ASSERT(FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes)); >+ verboseLog("Created sandbox directory: ", sandboxDirectory); >+ hasSandboxDirectory = true; >+ } else { >+ // We may have raced with someone else making it. That's ok. >+ hasSandboxDirectory = FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes); >+ } >+ } >+ >+ if (!hasSandboxDirectory) { >+ verboseLog("Bailing because we don't have a sandbox directory"); >+ return false; >+ } >+ >+ char* error = nullptr; >+ CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ SandboxProfile* sandboxProfile = sandbox_compile_file(profilePath.data(), sandboxParams, &error); >+ if (!sandboxProfile) { >+ WTFLogAlways("%s: Couldn't compile WebContent sandbox %s\n", getprogname(), error); >+ CRASH(); >+ } >+ auto freeSandboxOnExit = makeScopeExit([&] { >+ sandbox_free_profile(sandboxProfile); >+ }); >+ >+ Checked<size_t> fileSize = 0; >+ fileSize += sizeof(CachedFileHeader); >+ fileSize += sandboxHeader.size(); >+ if (sandboxProfile->builtin) >+ fileSize += strlen(sandboxProfile->builtin); >+ fileSize += sandboxProfile->size; >+ >+ CachedFileHeader header { >+ versionNumber, >+ safeCast<uint32_t>(sandboxHeader.size()), >+ sandboxProfile->builtin ? safeCast<uint32_t>(strlen(sandboxProfile->builtin)) : std::numeric_limits<uint32_t>::max(), >+ safeCast<uint32_t>(sandboxProfile->size) >+ }; >+ >+ Vector<char> fileContents(fileSize.unsafeGet()); >+ >+ // Write out our file content into a temporary vector. >+ { >+ size_t cursor = 0; >+ >+ RELEASE_ASSERT(cursor + sizeof(CachedFileHeader) <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, &header, sizeof(CachedFileHeader)); >+ cursor += sizeof(CachedFileHeader); >+ >+ RELEASE_ASSERT(cursor + sandboxHeader.size() <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxHeader.data(), sandboxHeader.size()); >+ cursor += sandboxHeader.size(); >+ >+ if (sandboxProfile->builtin) { >+ size_t length = strlen(sandboxProfile->builtin); >+ RELEASE_ASSERT(cursor + length <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxProfile->builtin, length); >+ cursor += length; >+ } >+ >+ RELEASE_ASSERT(cursor + sandboxProfile->size == fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxProfile->data, sandboxProfile->size); >+ } >+ >+ FileSystem::PlatformFileHandle tempHandle; >+ String tempFileString; >+ CString tempFilePath; >+ for (unsigned i = 0; true; ++i) { >+ tempFileString = sandboxDirectory; >+ tempFileString.append("/tempfile"); >+ if (i) >+ tempFileString.append(String::number(i)); >+ tempFilePath = FileSystem::fileSystemRepresentation(tempFileString); >+ if (tempFilePath.isNull()) >+ return false; >+ tempHandle = open(tempFilePath.data(), (O_WRONLY | O_CREAT | O_EXCL), 0666); >+ if (tempHandle != FileSystem::invalidPlatformFileHandle) >+ break; >+ if (errno != EEXIST) >+ return false; >+ verboseLog("errno is EEXIST, looping back and trying again: ", tempFileString); >+ } >+ >+ bool didRenameFile = false; >+ ASSERT(tempHandle != FileSystem::invalidPlatformFileHandle); >+ int writeSize = FileSystem::writeToFile(tempHandle, bitwise_cast<const char*>(fileContents.data()), safeCast<int>(fileContents.size())); >+ if (writeSize == safeCast<int>(fileContents.size())) { >+ // Rename the temp file to the expected file. We do it this way because this is an atomic operation. >+ // OOPS: What is the behavior if this happens concurrently to read when the file already exists? >+ CString sandboxFilePath = FileSystem::fileSystemRepresentation(sandboxFile); >+ if (!sandboxFilePath.isNull()) { >+ verboseLog("Renaming from: '", tempFilePath, "' to: '", sandboxFile, "'"); >+ if (!rename(tempFilePath.data(), sandboxFilePath.data())) { >+ didRenameFile = true; >+ verboseLog("Rename succeeded"); >+ } else >+ verboseLog("Rename failed: ", errno); >+ } >+ } else >+ verboseLog("Did not successfully write file temp file: ", tempFilePath); >+ >+ FileSystem::closeFile(tempHandle); >+ >+ if (!didRenameFile) >+ FileSystem::deleteFile(tempFileString); >+ >+ if (sandbox_apply(sandboxProfile)) { >+ verboseLog("could not apply compiled sandbox!"); >+ WTFLogAlways("%s: Couldn't apply compiled sandbox profile, errno: %d\n", getprogname(), errno); >+ exit(EX_NOPERM); >+ } >+ >+ return true; >+ }(); >+ >+ if (didApplySandbox) { >+ auto endTime = WallTime::now(); >+ dataLogLn("Apply time: ", (endTime - startTime).milliseconds()); >+ } else { >+ switch (sandboxParameters.mode()) { >+ case SandboxInitializationParameters::UseDefaultSandboxProfilePath: >+ case SandboxInitializationParameters::UseOverrideSandboxProfilePath: { >+ String sandboxProfilePath = sandboxParameters.mode() == SandboxInitializationParameters::UseDefaultSandboxProfilePath ? defaultProfilePath : sandboxParameters.overrideSandboxProfilePath(); >+ if (!sandboxProfilePath.isEmpty()) { >+ CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ char* errorBuf; >+#pragma clang diagnostic push >+#pragma clang diagnostic ignored "-Wdeprecated-declarations" >+ if (sandbox_init_with_parameters(profilePath.data(), SANDBOX_NAMED_EXTERNAL, sandboxParameters.namedParameterArray(), &errorBuf)) { >+#pragma clang diagnostic pop >+ WTFLogAlways("%s: Couldn't initialize sandbox profile [%s], error '%s'\n", getprogname(), profilePath.data(), errorBuf); >+ for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) >+ WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); >+ exit(EX_NOPERM); >+ } >+ } >+ >+ break; >+ } >+ case SandboxInitializationParameters::UseSandboxProfile: { > char* errorBuf; > #pragma clang diagnostic push > #pragma clang diagnostic ignored "-Wdeprecated-declarations" >- if (sandbox_init_with_parameters(profilePath.data(), SANDBOX_NAMED_EXTERNAL, sandboxParameters.namedParameterArray(), &errorBuf)) { >+ if (sandbox_init_with_parameters(sandboxParameters.sandboxProfile().utf8().data(), 0, sandboxParameters.namedParameterArray(), &errorBuf)) { > #pragma clang diagnostic pop >- WTFLogAlways("%s: Couldn't initialize sandbox profile [%s], error '%s'\n", getprogname(), profilePath.data(), errorBuf); >+ WTFLogAlways("%s: Couldn't initialize sandbox profile, error '%s'\n", getprogname(), errorBuf); > for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) > WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); > exit(EX_NOPERM); > } >- } > >- break; >- } >- case SandboxInitializationParameters::UseSandboxProfile: { >- char* errorBuf; >-#pragma clang diagnostic push >-#pragma clang diagnostic ignored "-Wdeprecated-declarations" >- if (sandbox_init_with_parameters(sandboxParameters.sandboxProfile().utf8().data(), 0, sandboxParameters.namedParameterArray(), &errorBuf)) { >-#pragma clang diagnostic pop >- WTFLogAlways("%s: Couldn't initialize sandbox profile, error '%s'\n", getprogname(), errorBuf); >- for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) >- WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); >- exit(EX_NOPERM); >+ break; >+ } > } >- >- break; >- } > } > > // This will override LSFileQuarantineEnabled from Info.plist unless sandbox quarantine is globally disabled. >diff --git a/Source/WebKit/StorageProcess/StorageProcess.h b/Source/WebKit/StorageProcess/StorageProcess.h >index 298390b3d8ac4fd69bdf870487622f1dca4cb194..d28ebb600334053c8ba275cf1896d94263893187 100644 >--- a/Source/WebKit/StorageProcess/StorageProcess.h >+++ b/Source/WebKit/StorageProcess/StorageProcess.h >@@ -71,6 +71,8 @@ class StorageProcess : public ChildProcess > friend NeverDestroyed<StorageProcess>; > public: > static StorageProcess& singleton(); >+ static const ChildProcess::ProcessType processType = StorageType; >+ > ~StorageProcess(); > > WorkQueue& queue() { return m_queue.get(); } >diff --git a/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm b/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >index 375a1705cd374734b50b081c072cdccc8ad61f8e..c54a2853aeb94d4ed9b2a709f3c833a90e43254b 100644 >--- a/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >+++ b/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >@@ -150,7 +150,7 @@ void ProcessLauncher::launchProcess() > xpc_dictionary_set_string(preBootstrapMessage.get(), "message-name", "pre-bootstrap"); > xpc_connection_send_message(m_xpcConnection.get(), preBootstrapMessage.get()); > } >- >+ > // Create the listening port. > mach_port_t listeningPort = MACH_PORT_NULL; > auto kr = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &listeningPort); >@@ -283,11 +283,11 @@ void ProcessLauncher::terminateProcess() > > if (!m_processIdentifier) > return; >- >+ > kill(m_processIdentifier, SIGKILL); > m_processIdentifier = 0; > } >- >+ > void ProcessLauncher::platformInvalidate() > { > if (!m_xpcConnection) >diff --git a/Source/WebKit/WebKit.xcodeproj/project.pbxproj b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >index d8d29516a6cb6445bbdc5de7497cee163f160645..c3afc0d05da52abb2e428b704c414dba9806d48f 100644 >--- a/Source/WebKit/WebKit.xcodeproj/project.pbxproj >+++ b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >@@ -3336,6 +3336,8 @@ > 41897ED51F415D850016FA42 /* CacheStorageEngineConnection.messages.in */ = {isa = PBXFileReference; lastKnownFileType = text; path = CacheStorageEngineConnection.messages.in; sourceTree = "<group>"; }; > 41897ED61F415D860016FA42 /* CacheStorageEngine.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = CacheStorageEngine.cpp; sourceTree = "<group>"; }; > 419ACF9B1F981D26009F1A83 /* WebServiceWorkerFetchTaskClient.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebServiceWorkerFetchTaskClient.h; sourceTree = "<group>"; }; >+ 41AA59D420D2F94000F3471A /* Storage-OSX.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "Storage-OSX.entitlements"; sourceTree = "<group>"; }; >+ 41AA59D520D2FA5300F3471A /* Network-OSX.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "Network-OSX.entitlements"; sourceTree = "<group>"; }; > 41AC86811E042E5300303074 /* WebRTCResolver.messages.in */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; lineEnding = 0; name = WebRTCResolver.messages.in; path = Network/webrtc/WebRTCResolver.messages.in; sourceTree = "<group>"; xcLanguageSpecificationIdentifier = "<none>"; }; > 41B28B081F83AD3E00FB52AC /* RTCPacketOptions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RTCPacketOptions.h; sourceTree = "<group>"; }; > 41B28B091F83AD3E00FB52AC /* RTCPacketOptions.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RTCPacketOptions.cpp; sourceTree = "<group>"; }; >@@ -5061,6 +5063,7 @@ > 1A4F976C100E7B6600637A18 /* FeatureDefines.xcconfig */, > 37119A7D20CCB64E002C6DC9 /* Network-iOS-minimalsimulator.entitlements */, > 7C0BB9A918DCDF5A0006C086 /* Network-iOS.entitlements */, >+ 41AA59D520D2FA5300F3471A /* Network-OSX.entitlements */, > BC8283AB16B4BEAD00A278FE /* NetworkService.xcconfig */, > A1EDD2DB1884B96400BBFE98 /* PluginProcessShim.xcconfig */, > BC8283F216B4FC5300A278FE /* PluginService.32.xcconfig */, >@@ -5069,6 +5072,7 @@ > 37E83D401B37D27B002079EE /* SandboxProfiles.xcconfig */, > A1EDD2DC1884B9B500BBFE98 /* SecItemShim.xcconfig */, > 5183B3931379F85C00E8754E /* Shim.xcconfig */, >+ 41AA59D420D2F94000F3471A /* Storage-OSX.entitlements */, > 51A60B29180CCD9000F3BF50 /* StorageService.xcconfig */, > 1A4F976E100E7B6600637A18 /* Version.xcconfig */, > 37119A7E20CCB64E002C6DC9 /* WebContent-iOS-minimalsimulator.entitlements */, >@@ -10358,13 +10362,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Unlock keychain"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10376,13 +10376,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Unlock keychain"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10394,13 +10390,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Remove stale entitlement file"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10412,13 +10404,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Remove stale entitlement file"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10430,14 +10418,10 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > "$(TEMP_FILE_DIR)/$(FULL_PRODUCT_NAME).xcent", > ); > name = "Process WebContent entitlements"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10449,14 +10433,10 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > "$(TEMP_FILE_DIR)/$(FULL_PRODUCT_NAME).xcent", > ); > name = "Process WebContent entitlements"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >diff --git a/Source/WebKit/WebProcess/WebProcess.h b/Source/WebKit/WebProcess/WebProcess.h >index b8520acd2bd83c4915713fd54340efeb456dcefb..fbad5565cce74e984be2f206aa3fa9bbbc4eecf0 100644 >--- a/Source/WebKit/WebProcess/WebProcess.h >+++ b/Source/WebKit/WebProcess/WebProcess.h >@@ -108,6 +108,7 @@ struct WebsiteDataStoreParameters; > class WebProcess : public ChildProcess { > public: > static WebProcess& singleton(); >+ static const ChildProcess::ProcessType processType = WebContentType; > > template <typename T> > T* supplement() >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index 95e7eb0c860baffea359fa7f3700b5c3ff7d5547..ddcc6af503af603bce404db436b97bbe2a72301c 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,12 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added custom sign posts for sandbox initialization >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * Tracing/SystemTracePoints.plist: >+ > 2018-06-12 Valerie R Young <valerie@bocoup.com> > > test262/Runner.pm: add unit tests >diff --git a/Tools/Scripts/webkitpy/tool/commands/stepsequence.py b/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >index bb3c5870630f4e163c387941bc57d3eceec52212..48a7585b0f41c6aecf8f0002dff9322b2aa4b646 100644 >--- a/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >+++ b/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >@@ -64,6 +64,7 @@ class StepSequence(object): > > def _run(self, tool, options, state): > for step in self._steps: >+ print tool.scm().create_patch(options.git_commit) > step(tool, options).run(state) > > def run_and_handle_errors(self, tool, options, state=None): >diff --git a/Tools/Tracing/SystemTracePoints.plist b/Tools/Tracing/SystemTracePoints.plist >index e9e1776965bac9ddd1d647fb920734600f8a2905..7cba493bd1da205bc2514d26b96eda2f5c7acd01 100644 >--- a/Tools/Tracing/SystemTracePoints.plist >+++ b/Tools/Tracing/SystemTracePoints.plist >@@ -300,6 +300,18 @@ > <key>CodeEnd</key> > <string>14004</string> > </dict> >+ <dict> >+ <key>Name</key> >+ <string>Process Launch</string> >+ <key>Type</key> >+ <string>Interval</string> >+ <key>Component</key> >+ <string>47</string> >+ <key>CodeBegin</key> >+ <string>14003</string> >+ <key>CodeEnd</key> >+ <string>14004</string> >+ </dict> > </array> > </dict> > </array> > >Was that diff correct? [Y/n]: Subversion Revision: 232757 >diff --git a/Source/WTF/ChangeLog b/Source/WTF/ChangeLog >index c2c83cfbe4108647f6a4147c6c78e57d3c82fad0..911eefc557b45cff3d5fe656db4881fc3a5817e2 100644 >--- a/Source/WTF/ChangeLog >+++ b/Source/WTF/ChangeLog >@@ -1,3 +1,12 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added custom sign posts for sandbox initialization >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * wtf/SystemTracing.h: >+ > 2018-06-11 Saam Barati <sbarati@apple.com> > > The NaturalLoops algorithm only works when the list of blocks in a loop is de-duplicated >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 517b87c29b3dd61271bfcf3ef1e959a2518a551d..b2e04b7aa46186334d07533f24e8effc09f7069f 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,32 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added support for compiled sandbox file caching >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * Configurations/Network-OSX.entitlements: Copied from Source/WebKit/Configurations/WebContent-OSX.entitlements. >+ * Configurations/NetworkService.xcconfig: >+ * Configurations/PluginService.entitlements: >+ * Configurations/Storage-OSX.entitlements: Copied from Source/WebKit/Configurations/WebContent-OSX.entitlements. >+ * Configurations/StorageService.xcconfig: >+ * Configurations/WebContent-OSX.entitlements: >+ * Configurations/WebKit.xcconfig: >+ * NetworkProcess/NetworkProcess.h: >+ * PluginProcess/PluginProcess.h: >+ * Shared/ChildProcess.h: >+ * Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h: >+ (WebKit::XPCServiceInitializer): >+ * Shared/mac/ChildProcessMac.mm: >+ (WebKit::verboseLog): >+ (WebKit::ChildProcess::initializeSandbox): >+ * StorageProcess/StorageProcess.h: >+ * UIProcess/Launcher/mac/ProcessLauncherMac.mm: >+ (WebKit::ProcessLauncher::launchProcess): >+ (WebKit::ProcessLauncher::terminateProcess): >+ * WebKit.xcodeproj/project.pbxproj: >+ * WebProcess/WebProcess.h: >+ > 2018-06-11 Carlos Garcia Campos <cgarcia@igalia.com> > > Unreviewed. Update OptionsGTK.cmake and NEWS for 2.21.4 release. >diff --git a/Source/WTF/wtf/SystemTracing.h b/Source/WTF/wtf/SystemTracing.h >index b52be8d38682fa59bbd6619573b77ec0bd34f112..105196ec48735fab52b3931511e00ed0c14fe15f 100644 >--- a/Source/WTF/wtf/SystemTracing.h >+++ b/Source/WTF/wtf/SystemTracing.h >@@ -96,6 +96,8 @@ enum TracePointCode { > CommitLayerTreeEnd, > ProcessLaunchStart, > ProcessLaunchEnd, >+ InitializeSandboxStart, >+ InitializeSandboxEnd, > }; > > #ifdef __cplusplus >diff --git a/Source/WebKit/Configurations/Network-OSX.entitlements b/Source/WebKit/Configurations/Network-OSX.entitlements >new file mode 100644 >index 0000000000000000000000000000000000000000..03270566fc5437bd7d8911179dd517c5febd42ab >--- /dev/null >+++ b/Source/WebKit/Configurations/Network-OSX.entitlements >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> >+<plist version="1.0"> >+<dict> >+ <key>com.apple.rootless.storage.WebKitNetworkingSandbox</key> >+ <true/> >+</dict> >+</plist> >diff --git a/Source/WebKit/Configurations/NetworkService.xcconfig b/Source/WebKit/Configurations/NetworkService.xcconfig >index 5b602d60d8d486ca1a34b3d68752a329aa42b7a3..907a787c86644b6cd732e5243e487f4429950510 100644 >--- a/Source/WebKit/Configurations/NetworkService.xcconfig >+++ b/Source/WebKit/Configurations/NetworkService.xcconfig >@@ -32,6 +32,7 @@ WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_appletvos = Network-iOS; > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_appletvsimulator = Network-iOS; > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE_iphoneminimalsimulator = Network-iOS-minimalsimulator; > >+CODE_SIGN_ENTITLEMENTS_COCOA_TOUCH_NO = Configurations/Network-OSX.entitlements; > OTHER_CODE_SIGN_FLAGS = $(WK_LIBRARY_VALIDATION_CODE_SIGN_FLAGS); > > PRODUCT_NAME = com.apple.WebKit.Networking; >diff --git a/Source/WebKit/Configurations/PluginService.entitlements b/Source/WebKit/Configurations/PluginService.entitlements >index 25e58ca5e26a0354714f719efa86ac676534a39d..1a3367050648f4190313726b42121092e680ee18 100644 >--- a/Source/WebKit/Configurations/PluginService.entitlements >+++ b/Source/WebKit/Configurations/PluginService.entitlements >@@ -10,5 +10,7 @@ > <true/> > <key>com.apple.security.cs.disable-library-validation</key> > <true/> >+ <key>com.apple.rootless.storage.WebKitPluginSandbox</key> >+ <true/> > </dict> > </plist> >diff --git a/Source/WebKit/Configurations/Storage-OSX.entitlements b/Source/WebKit/Configurations/Storage-OSX.entitlements >new file mode 100644 >index 0000000000000000000000000000000000000000..bbb392e80f95671e8f90889e0c869e1686347998 >--- /dev/null >+++ b/Source/WebKit/Configurations/Storage-OSX.entitlements >@@ -0,0 +1,8 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> >+<plist version="1.0"> >+<dict> >+ <key>com.apple.rootless.storage.WebKitStorageSandbox</key> >+ <true/> >+</dict> >+</plist> >diff --git a/Source/WebKit/Configurations/StorageService.xcconfig b/Source/WebKit/Configurations/StorageService.xcconfig >index 75761d808af04253a6dd7d3fadad1835ba8af5e3..c857586f77301ce175708c6e074aa290e6e644b4 100644 >--- a/Source/WebKit/Configurations/StorageService.xcconfig >+++ b/Source/WebKit/Configurations/StorageService.xcconfig >@@ -25,6 +25,7 @@ > > WK_XPC_SERVICE_IOS_ENTITLEMENTS_BASE = Databases-iOS; > >+CODE_SIGN_ENTITLEMENTS_COCOA_TOUCH_NO = Configurations/Storage-OSX.entitlements; > OTHER_CODE_SIGN_FLAGS = $(WK_LIBRARY_VALIDATION_CODE_SIGN_FLAGS); > > PRODUCT_NAME = $(WK_STORAGE_SERVICE_PRODUCT_NAME); >diff --git a/Source/WebKit/Configurations/WebContent-OSX.entitlements b/Source/WebKit/Configurations/WebContent-OSX.entitlements >index d35e43ae588cdfe5570930260829dcd145c4d1e2..c2354c41a37e294c41ad95472b734ff929d34d05 100644 >--- a/Source/WebKit/Configurations/WebContent-OSX.entitlements >+++ b/Source/WebKit/Configurations/WebContent-OSX.entitlements >@@ -4,5 +4,7 @@ > <dict> > <key>com.apple.security.cs.allow-jit</key> > <true/> >+ <key>com.apple.rootless.storage.WebKitWebContentSandbox</key> >+ <true/> > </dict> > </plist> >diff --git a/Source/WebKit/Configurations/WebKit.xcconfig b/Source/WebKit/Configurations/WebKit.xcconfig >index 79f44e0517b88e91f9a1e7c2147d27476c90adfc..6d250e4fa34f8d01b0ffbf2005a445e078c7e033 100644 >--- a/Source/WebKit/Configurations/WebKit.xcconfig >+++ b/Source/WebKit/Configurations/WebKit.xcconfig >@@ -82,6 +82,9 @@ WK_MOBILE_CORE_SERVICES_LDFLAGS_cocoatouch = -framework MobileCoreServices; > WK_MOBILE_GESTALT_LDFLAGS = $(WK_MOBILE_GESTALT_LDFLAGS_$(WK_COCOA_TOUCH)); > WK_MOBILE_GESTALT_LDFLAGS_cocoatouch = -lMobileGestalt; > >+WK_LIBSANDBOX_LDFLAGS = $(WK_LIBSANDBOX_LDFLAGS_$(WK_PLATFORM_NAME)); >+WK_LIBSANDBOX_LDFLAGS_macosx = -lsandbox; >+ > WK_OPENGL_LDFLAGS = $(WK_OPENGL_LDFLAGS_$(WK_PLATFORM_NAME)); > WK_OPENGL_LDFLAGS_iphoneos = -framework OpenGLES; > WK_OPENGL_LDFLAGS_iphoneminimalsimulator = -framework OpenGL; >@@ -112,7 +115,7 @@ WK_UIKIT_LDFLAGS_cocoatouch = -framework UIKit; > WK_URL_FORMATTING_LDFLAGS = $(WK_URL_FORMATTING_LDFLAGS_$(WK_HAVE_URL_FORMATTING)); > WK_URL_FORMATTING_LDFLAGS_YES = -framework URLFormatting; > >-FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework WebKitLegacy -lnetwork $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_ASSERTION_SERVICES_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_PDF_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_OPENGL_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS); >+FRAMEWORK_AND_LIBRARY_LDFLAGS = -lobjc -framework CFNetwork -framework CoreAudio -framework CoreFoundation -framework CoreGraphics -framework CoreText -framework Foundation -framework ImageIO -framework IOKit -framework WebKitLegacy -lnetwork $(WK_ACCESSIBILITY_LDFLAGS) $(WK_APPKIT_LDFLAGS) $(WK_ASSERTION_SERVICES_LDFLAGS) $(WK_CARBON_LDFLAGS) $(WK_CORE_PDF_LDFLAGS) $(WK_CORE_PREDICTION_LDFLAGS) $(WK_CORE_SERVICES_LDFLAGS) $(WK_GRAPHICS_SERVICES_LDFLAGS) $(WK_IOSURFACE_LDFLAGS) $(WK_LIBSANDBOX_LDFLAGS) $(WK_LIBWEBRTC_LDFLAGS) $(WK_MOBILE_CORE_SERVICES_LDFLAGS) $(WK_MOBILE_GESTALT_LDFLAGS) $(WK_OPENGL_LDFLAGS) $(WK_PDFKIT_LDFLAGS) $(WK_SAFE_BROWSING_LDFLAGS) $(WK_UIKIT_LDFLAGS) $(WK_URL_FORMATTING_LDFLAGS); > > // Prevent C++ standard library operator new, delete and their related exception types from being exported as weak symbols. > UNEXPORTED_SYMBOL_LDFLAGS = -Wl,-unexported_symbol -Wl,__ZTISt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTISt9exception -Wl,-unexported_symbol -Wl,__ZTSSt9bad_alloc -Wl,-unexported_symbol -Wl,__ZTSSt9exception -Wl,-unexported_symbol -Wl,__ZdlPvS_ -Wl,-unexported_symbol -Wl,__ZnwmPv -Wl,-unexported_symbol -Wl,__Znwm -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC2EOS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC1EOS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEaSEDn -Wl,-unexported_symbol, -Wl,__ZNKSt3__18functionIFvN7WebCore12PolicyActionEEEclES2_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEE4swapERS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC1ERKS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEC2ERKS4_ -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEED1Ev -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEED2Ev -Wl,-unexported_symbol, -Wl,__ZNSt3__18functionIFvN7WebCore12PolicyActionEEEaSERKS4_ -Wl,-unexported_symbol, -Wl,__ZTVNSt3__117bad_function_callE; >diff --git a/Source/WebKit/NetworkProcess/NetworkProcess.h b/Source/WebKit/NetworkProcess/NetworkProcess.h >index 08e24dce6108247297305b86adcebe2844747681..f6a0ed2186c7957733ac4cd9e50c80d895027866 100644 >--- a/Source/WebKit/NetworkProcess/NetworkProcess.h >+++ b/Source/WebKit/NetworkProcess/NetworkProcess.h >@@ -80,6 +80,7 @@ class NetworkProcess : public ChildProcess, private DownloadManager::Client { > friend NeverDestroyed<DownloadManager>; > public: > static NetworkProcess& singleton(); >+ static const ChildProcess::ProcessType processType = NetworkType; > > template <typename T> > T* supplement() >diff --git a/Source/WebKit/PluginProcess/PluginProcess.h b/Source/WebKit/PluginProcess/PluginProcess.h >index d5081b061cdf7936a06c94039dd92623843ccf95..1b7a6461209b8f98feb6f9d7fb6704141643f81c 100644 >--- a/Source/WebKit/PluginProcess/PluginProcess.h >+++ b/Source/WebKit/PluginProcess/PluginProcess.h >@@ -49,6 +49,7 @@ class PluginProcess : public ChildProcess > > public: > static PluginProcess& singleton(); >+ static const ChildProcess::ProcessType processType = PluginType; > > void removeWebProcessConnection(WebProcessConnection*); > >diff --git a/Source/WebKit/Shared/ChildProcess.h b/Source/WebKit/Shared/ChildProcess.h >index b35c9f2e3f3fa87e2dfbee1b0afc979b98a2f8f1..809ec4343135fd55e055daad9c98dda7b53d2267 100644 >--- a/Source/WebKit/Shared/ChildProcess.h >+++ b/Source/WebKit/Shared/ChildProcess.h >@@ -39,22 +39,19 @@ > namespace WebKit { > > class SandboxInitializationParameters; >- >-struct ChildProcessInitializationParameters { >- String uiProcessName; >- String clientIdentifier; >- std::optional<WebCore::ProcessIdentifier> processIdentifier; >- IPC::Connection::Identifier connectionIdentifier; >- HashMap<String, String> extraInitializationData; >-#if PLATFORM(COCOA) >- OSObjectPtr<xpc_object_t> priorityBoostMessage; >-#endif >-}; >+struct ChildProcessInitializationParameters; > > class ChildProcess : protected IPC::Connection::Client, public IPC::MessageSender { > WTF_MAKE_NONCOPYABLE(ChildProcess); > > public: >+ enum ProcessType { >+ WebContentType, >+ NetworkType, >+ StorageType, >+ PluginType >+ }; >+ > void initialize(const ChildProcessInitializationParameters&); > > // disable and enable termination of the process. when disableTermination is called, the >@@ -146,6 +143,18 @@ private: > OSObjectPtr<xpc_object_t> m_priorityBoostMessage; > #endif > }; >+ >+struct ChildProcessInitializationParameters { >+ String uiProcessName; >+ String clientIdentifier; >+ std::optional<WebCore::ProcessIdentifier> processIdentifier; >+ IPC::Connection::Identifier connectionIdentifier; >+ HashMap<String, String> extraInitializationData; >+ ChildProcess::ProcessType processType; >+#if PLATFORM(COCOA) >+ OSObjectPtr<xpc_object_t> priorityBoostMessage; >+#endif >+}; > > } // namespace WebKit > >diff --git a/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h b/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >index 209e20a75493410ee8f967b45bfdd42f57b2fdef..47414e3863f4a7a4c707e001c6d82eef2f65b7a1 100644 >--- a/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >+++ b/Source/WebKit/Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.h >@@ -111,6 +111,8 @@ void XPCServiceInitializer(OSObjectPtr<xpc_connection_t> connection, xpc_object_ > if (parameters.extraInitializationData.contains(ASCIILiteral("always-runs-at-background-priority"))) > Thread::setGlobalMaxQOSClass(QOS_CLASS_UTILITY); > #endif >+ >+ parameters.processType = XPCServiceType::processType; > > XPCServiceType::singleton().initialize(parameters); > } >diff --git a/Source/WebKit/Shared/mac/ChildProcessMac.mm b/Source/WebKit/Shared/mac/ChildProcessMac.mm >index aed5b9fd70960fe170d5026cc20e267a516f0204..46830ea1b04a69e91e8ded3a86673915ecabb723 100644 >--- a/Source/WebKit/Shared/mac/ChildProcessMac.mm >+++ b/Source/WebKit/Shared/mac/ChildProcessMac.mm >@@ -31,16 +31,25 @@ > #import "CodeSigning.h" > #import "QuarantineSPI.h" > #import "SandboxInitializationParameters.h" >+#import "SandboxUtilities.h" > #import "WKFoundation.h" > #import "XPCServiceEntryPoint.h" > #import <WebCore/FileSystem.h> > #import <WebCore/SystemVersion.h> > #import <mach/mach.h> > #import <mach/task.h> >+#import <pal/crypto/CryptoDigest.h> > #import <pwd.h> >+#import <rootless.h> >+extern "C" { >+#import <sandbox/libsandbox.h> >+} > #import <stdlib.h> > #import <sysexits.h> >+#import <wtf/DataLog.h> > #import <wtf/Scope.h> >+#import <wtf/SystemTracing.h> >+#import <wtf/WallTime.h> > #import <wtf/spi/darwin/SandboxSPI.h> > > #if USE(APPLE_INTERNAL_SDK) >@@ -110,8 +119,19 @@ static OSStatus enableSandboxStyleFileQuarantine() > #endif > } > >+static bool verbose = false; >+template<typename... Types> >+void verboseLog(const Types&... values) >+{ >+ dataLogLnIf(verbose, values...); >+} >+ > void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters) > { >+ tracePoint(static_cast<TracePointCode>(InitializeSandboxStart)); >+ auto stopTraceOnExit = makeScopeExit([] { >+ tracePoint(static_cast<TracePointCode>(InitializeSandboxEnd)); >+ }); > #if WK_API_ENABLED > NSBundle *webKit2Bundle = [NSBundle bundleForClass:NSClassFromString(@"WKWebView")]; > #else >@@ -131,7 +151,7 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > sandboxParameters.setUserDirectorySuffix(defaultUserDirectorySuffix); > } > } >- >+ > Vector<String> osVersionParts; > String osSystemMarketingVersion = systemMarketingVersion(); > osSystemMarketingVersion.split('.', false, osVersionParts); >@@ -142,6 +162,17 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > String osVersion = osVersionParts[0] + '.' + osVersionParts[1]; > sandboxParameters.addParameter("_OS_VERSION", osVersion.utf8().data()); > >+ char darwinUserCacheDir[PATH_MAX]; >+ { >+ char temp[PATH_MAX]; >+ if (!confstr(_CS_DARWIN_USER_CACHE_DIR, temp, sizeof(temp))) { >+ WTFLogAlways("%s: couldn't retrieve private cache directory path: %d\n", getprogname(), errno); >+ exit(EX_NOPERM); >+ } >+ if (!realpath(temp, darwinUserCacheDir)) >+ CRASH(); >+ } >+ > // Use private temporary and cache directories. > setenv("DIRHELPER_USER_DIR_SUFFIX", FileSystem::fileSystemRepresentation(sandboxParameters.userDirectorySuffix()).data(), 1); > char temporaryDirectory[PATH_MAX]; >@@ -169,46 +200,431 @@ void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& > String path = String::fromUTF8(pwd.pw_dir); > path.append("/Library"); > >+ String libraryPath = path; >+ > sandboxParameters.addPathParameter("HOME_LIBRARY_DIR", FileSystem::fileSystemRepresentation(path).data()); > > path.append("/Preferences"); > > sandboxParameters.addPathParameter("HOME_LIBRARY_PREFERENCES_DIR", FileSystem::fileSystemRepresentation(path).data()); > >- switch (sandboxParameters.mode()) { >- case SandboxInitializationParameters::UseDefaultSandboxProfilePath: >- case SandboxInitializationParameters::UseOverrideSandboxProfilePath: { >+ auto startTime = WallTime::now(); >+ bool didApplySandbox = [&] { >+ using SandboxProfile = typename std::remove_pointer<sandbox_profile_t>::type; >+ >+ static constexpr uint32_t versionNumber = 0; >+ struct CachedFileHeader { >+ uint32_t versionNumber; >+ uint32_t sandboxHeaderSize; >+ uint32_t sandboxBuiltinSize; // If a builtin doesn't exist, this is UINT_MAX >+ uint32_t sandboxDataSize; >+ // OOPS: build in versioning based on webkit binary. >+ }; >+ // The file is layed out on disk like: >+ // byte 0 >+ // CachedFileHeader <- sizeof(CachedFileHeader) bytes >+ // SandboxHeader <- sandboxHeaderSize bytes >+ // [SandboxBuiltin] optional. Present if sanboxBuiltinSize is not UINT_MAX. If present, sandboxBuiltinSize bytes. >+ // SandboxData <- sandboxDataSize bytes >+ // byte N >+ >+ auto getFileContents = [] (const String& path) -> std::optional<Vector<char>> { >+ FileSystem::PlatformFileHandle handle = openFile(path, FileSystem::FileOpenMode::Read); >+ >+ if (handle == FileSystem::invalidPlatformFileHandle) { >+ verboseLog("Can't get file handle for path: ", path); >+ return std::nullopt; >+ } >+ >+ auto closeFileOnExit = makeScopeExit([&] { >+ FileSystem::closeFile(handle); >+ }); >+ >+ long long fileSize; >+ if (!FileSystem::getFileSize(handle, fileSize)) { >+ verboseLog("Could not get size for file: ", path); >+ return std::nullopt; >+ } >+ RELEASE_ASSERT(fileSize >= 0); >+ >+ Vector<char> contents(safeCast<size_t>(fileSize)); >+ int bytesRead = FileSystem::readFromFile(handle, contents.data(), safeCast<size_t>(fileSize)); >+ if (safeCast<int>(fileSize) != bytesRead) { >+ verboseLog("Could not read the file: ", path); >+ return std::nullopt; >+ } >+ >+ return WTFMove(contents); >+ }; >+ >+ if (sandboxParameters.mode() != SandboxInitializationParameters::UseDefaultSandboxProfilePath >+ && sandboxParameters.mode() != SandboxInitializationParameters::UseOverrideSandboxProfilePath) >+ return false; >+ > String sandboxProfilePath = sandboxParameters.mode() == SandboxInitializationParameters::UseDefaultSandboxProfilePath ? defaultProfilePath : sandboxParameters.overrideSandboxProfilePath(); >- if (!sandboxProfilePath.isEmpty()) { >- CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ if (sandboxProfilePath.isEmpty()) >+ return false; >+ >+ sandbox_params_t sandboxParams = sandbox_create_params(); >+ auto freeParamsOnExit = makeScopeExit([&] { >+ sandbox_free_params(sandboxParams); >+ }); >+ >+ Vector<uint8_t> sandboxHeader; >+ Vector<char> sandboxSBFileContents; >+ // Compute the sandbox header size. >+ { >+ Checked<size_t> headerSize = 0; >+ for (size_t i = 0; i < sandboxParameters.count(); ++i) { >+ const char* name = sandboxParameters.name(i); >+ const char* value = sandboxParameters.value(i); >+ if (sandbox_set_param(sandboxParams, name, value)) >+ CRASH(); >+ headerSize += strlen(name) + 1; >+ headerSize += strlen(value) + 1; >+ } >+ >+ >+ if (auto fileContents = getFileContents(sandboxProfilePath)) >+ sandboxSBFileContents = WTFMove(*fileContents); >+ else >+ return false; >+ >+ headerSize += sandboxSBFileContents.size(); >+ sandboxHeader = Vector<uint8_t>(headerSize.unsafeGet()); >+ } >+ >+ // Write out the sandbox header. >+ { >+ size_t cursor = 0; >+ for (size_t i = 0; i < sandboxParameters.count(); ++i) { >+ auto appendCString = [&] (const char* value) { >+ size_t length = strlen(value); >+ RELEASE_ASSERT(cursor + length < sandboxHeader.size()); >+ memcpy(sandboxHeader.data() + cursor, value, length); >+ cursor += length; >+ RELEASE_ASSERT(cursor + 1 <= sandboxHeader.size()); >+ sandboxHeader[cursor] = bitwise_cast<uint8_t>(':'); >+ ++cursor; >+ }; >+ >+ const char* name = sandboxParameters.name(i); >+ appendCString(name); >+ const char* value = sandboxParameters.value(i); >+ appendCString(value); >+ } >+ >+ memcpy(sandboxHeader.data() + cursor, sandboxSBFileContents.data(), sandboxSBFileContents.size()); >+ cursor += sandboxSBFileContents.size(); >+ RELEASE_ASSERT(cursor == sandboxHeader.size()); >+ } >+ >+ >+ String sandboxDirectory = darwinUserCacheDir; // OOPS: Do we want to just use the one w/ client identifier appended to it? >+#if USE(APPLE_INTERNAL_SDK) >+ switch (parameters.processType) { >+ case WebContentType: >+ sandboxDirectory.append("/com.apple.WebKit.WebContent.Sandbox"); >+ break; >+ case NetworkType: >+ sandboxDirectory.append("/com.apple.WebKit.Networking.Sandbox"); >+ break; >+ case StorageType: >+ sandboxDirectory.append("/com.apple.WebKit.Storage.Sandbox"); >+ break; >+ case PluginType: >+ sandboxDirectory.append("/com.apple.WebKit.Plugin.Sandbox"); >+ break; >+ default: >+ CRASH(); >+ } >+#else >+ sandboxDirectory.append("/com.apple.WebKit.WebKitSandbox"); >+#endif >+ >+ String sandboxFile = sandboxDirectory; >+ sandboxFile.append("/CompiledSandbox+"); >+#if !(USE(APPLE_INTERNAL_SDK)) >+ sandboxFile.append(sandboxParameters.userDirectorySuffix()); >+ sandboxFile.append('+'); >+#endif >+ >+ { >+ auto crypto = PAL::CryptoDigest::create(PAL::CryptoDigest::Algorithm::SHA_1); >+ crypto->addBytes(sandboxHeader.data(), sandboxHeader.size()); >+ Vector<uint8_t> hash = crypto->computeHash(); >+ char* hashAsString = static_cast<char*>(fastMalloc(hash.size() * 2 + 1)); >+ char* ptr = hashAsString; >+ for (uint8_t byte : hash) { >+ snprintf(ptr, 3, "%02x", byte); >+ ptr += 2; >+ } >+ *ptr = '\0'; >+ RELEASE_ASSERT(static_cast<uintptr_t>(ptr - hashAsString) == hash.size() * 2); >+ // dataLogLn("hashAsString extension: ", hashAsString); >+ sandboxFile.append(hashAsString); >+ } >+ >+ bool didApplyCachedSandbox = [&] { >+ Vector<char> compiledFile; >+ if (auto maybeCompiledFile = getFileContents(sandboxFile)) >+ compiledFile = WTFMove(*maybeCompiledFile); >+ else >+ return false; >+ >+ size_t cursor = 0; >+ auto readHeader = [&] (CachedFileHeader& value) { >+ if (cursor + sizeof(CachedFileHeader) > compiledFile.size()) >+ return false; >+ memcpy(&value, compiledFile.data() + cursor, sizeof(CachedFileHeader)); >+ cursor += sizeof(CachedFileHeader); >+ return true; >+ }; >+ >+ CachedFileHeader header; >+ if (!readHeader(header)) { >+ verboseLog("Cached file is smaller than sizeof(CachedFileHeader)"); >+ return false; >+ } >+ >+ if (header.versionNumber != versionNumber) { >+ verboseLog("cached file has old version number: ", header.versionNumber); >+ return false; >+ } >+ >+ size_t expectedFileSize = sizeof(CachedFileHeader) + header.sandboxHeaderSize + header.sandboxDataSize; >+ bool haveBuiltin = header.sandboxBuiltinSize != std::numeric_limits<uint32_t>::max(); >+ if (haveBuiltin) >+ expectedFileSize += header.sandboxBuiltinSize; >+ >+ if (compiledFile.size() != expectedFileSize) { >+ verboseLog("Cached file has wrong file size."); >+ return false; >+ } >+ >+ if (header.sandboxHeaderSize != sandboxHeader.size()) { >+ verboseLog("header size different from cached header size"); >+ return false; >+ } >+ >+ if (memcmp(sandboxHeader.data(), compiledFile.data() + cursor, sandboxHeader.size())) { >+ verboseLog("Header and cached header do not have the same contents."); >+ return false; >+ } >+ cursor += sandboxHeader.size(); >+ >+ SandboxProfile profile; >+ profile.builtin = nullptr; >+ profile.size = header.sandboxDataSize; >+ if (haveBuiltin) { >+ profile.builtin = static_cast<char*>(fastMalloc(header.sandboxBuiltinSize + 1)); >+ memcpy(profile.builtin, compiledFile.data() + cursor, header.sandboxBuiltinSize); >+ profile.builtin[header.sandboxBuiltinSize] = '\0'; >+ cursor += header.sandboxBuiltinSize; >+ } >+ auto freeBuiltinOnExit = makeScopeExit([&] { >+ if (profile.builtin) >+ fastFree(profile.builtin); >+ }); >+ profile.data = bitwise_cast<unsigned char*>(compiledFile.data()) + cursor; >+ RELEASE_ASSERT(cursor + profile.size == compiledFile.size()); >+ >+ if (sandbox_apply(&profile)) { >+ verboseLog("could not apply cached sandbox"); >+ // OOPS: should we return false here, so we can fallback perhaps? >+ CRASH(); >+ } >+ >+ verboseLog("Applied cached sandbox successfully"); >+ return true; >+ }(); >+ >+ if (didApplyCachedSandbox) >+ return true; >+ >+ bool hasSandboxDirectory = FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes); >+ if (!hasSandboxDirectory) { >+#if USE(APPLE_INTERNAL_SDK) >+ CString sandboxPath = FileSystem::fileSystemRepresentation(sandboxDirectory); >+ bool madeDirectory = false; >+ switch (parameters.processType) { >+ case WebContentType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitWebContentSandbox")); >+ break; >+ case NetworkType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitNetworkingSandbox")); >+ break; >+ case StorageType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitStorageSandbox")); >+ break; >+ case PluginType: >+ madeDirectory = !(rootless_mkdir_datavault(sandboxPath.data(), 0700, "WebKitPluginSandbox")); >+ break; >+ default: >+ CRASH(); >+ } >+ if (madeDirectory) >+ verboseLog("Made rootless directory: ", sandboxPath); >+ else >+ verboseLog("Could not make rootless directory, errno: ", errno); >+#else >+ bool madeDirectory = FileSystem::makeAllDirectories(sandboxDirectory); >+#endif >+ if (madeDirectory) { >+ ASSERT(FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes)); >+ verboseLog("Created sandbox directory: ", sandboxDirectory); >+ hasSandboxDirectory = true; >+ } else { >+ // We may have raced with someone else making it. That's ok. >+ hasSandboxDirectory = FileSystem::fileIsDirectory(sandboxDirectory, FileSystem::ShouldFollowSymbolicLinks::Yes); >+ } >+ } >+ >+ if (!hasSandboxDirectory) { >+ verboseLog("Bailing because we don't have a sandbox directory"); >+ return false; >+ } >+ >+ char* error = nullptr; >+ CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ SandboxProfile* sandboxProfile = sandbox_compile_file(profilePath.data(), sandboxParams, &error); >+ if (!sandboxProfile) { >+ WTFLogAlways("%s: Couldn't compile WebContent sandbox %s\n", getprogname(), error); >+ CRASH(); >+ } >+ auto freeSandboxOnExit = makeScopeExit([&] { >+ sandbox_free_profile(sandboxProfile); >+ }); >+ >+ Checked<size_t> fileSize = 0; >+ fileSize += sizeof(CachedFileHeader); >+ fileSize += sandboxHeader.size(); >+ if (sandboxProfile->builtin) >+ fileSize += strlen(sandboxProfile->builtin); >+ fileSize += sandboxProfile->size; >+ >+ CachedFileHeader header { >+ versionNumber, >+ safeCast<uint32_t>(sandboxHeader.size()), >+ sandboxProfile->builtin ? safeCast<uint32_t>(strlen(sandboxProfile->builtin)) : std::numeric_limits<uint32_t>::max(), >+ safeCast<uint32_t>(sandboxProfile->size) >+ }; >+ >+ Vector<char> fileContents(fileSize.unsafeGet()); >+ >+ // Write out our file content into a temporary vector. >+ { >+ size_t cursor = 0; >+ >+ RELEASE_ASSERT(cursor + sizeof(CachedFileHeader) <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, &header, sizeof(CachedFileHeader)); >+ cursor += sizeof(CachedFileHeader); >+ >+ RELEASE_ASSERT(cursor + sandboxHeader.size() <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxHeader.data(), sandboxHeader.size()); >+ cursor += sandboxHeader.size(); >+ >+ if (sandboxProfile->builtin) { >+ size_t length = strlen(sandboxProfile->builtin); >+ RELEASE_ASSERT(cursor + length <= fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxProfile->builtin, length); >+ cursor += length; >+ } >+ >+ RELEASE_ASSERT(cursor + sandboxProfile->size == fileContents.size()); >+ memcpy(fileContents.data() + cursor, sandboxProfile->data, sandboxProfile->size); >+ } >+ >+ FileSystem::PlatformFileHandle tempHandle; >+ String tempFileString; >+ CString tempFilePath; >+ for (unsigned i = 0; true; ++i) { >+ tempFileString = sandboxDirectory; >+ tempFileString.append("/tempfile"); >+ if (i) >+ tempFileString.append(String::number(i)); >+ tempFilePath = FileSystem::fileSystemRepresentation(tempFileString); >+ if (tempFilePath.isNull()) >+ return false; >+ tempHandle = open(tempFilePath.data(), (O_WRONLY | O_CREAT | O_EXCL), 0666); >+ if (tempHandle != FileSystem::invalidPlatformFileHandle) >+ break; >+ if (errno != EEXIST) >+ return false; >+ verboseLog("errno is EEXIST, looping back and trying again: ", tempFileString); >+ } >+ >+ bool didRenameFile = false; >+ ASSERT(tempHandle != FileSystem::invalidPlatformFileHandle); >+ int writeSize = FileSystem::writeToFile(tempHandle, bitwise_cast<const char*>(fileContents.data()), safeCast<int>(fileContents.size())); >+ if (writeSize == safeCast<int>(fileContents.size())) { >+ // Rename the temp file to the expected file. We do it this way because this is an atomic operation. >+ // OOPS: What is the behavior if this happens concurrently to read when the file already exists? >+ CString sandboxFilePath = FileSystem::fileSystemRepresentation(sandboxFile); >+ if (!sandboxFilePath.isNull()) { >+ verboseLog("Renaming from: '", tempFilePath, "' to: '", sandboxFile, "'"); >+ if (!rename(tempFilePath.data(), sandboxFilePath.data())) { >+ didRenameFile = true; >+ verboseLog("Rename succeeded"); >+ } else >+ verboseLog("Rename failed: ", errno); >+ } >+ } else >+ verboseLog("Did not successfully write file temp file: ", tempFilePath); >+ >+ FileSystem::closeFile(tempHandle); >+ >+ if (!didRenameFile) >+ FileSystem::deleteFile(tempFileString); >+ >+ if (sandbox_apply(sandboxProfile)) { >+ verboseLog("could not apply compiled sandbox!"); >+ WTFLogAlways("%s: Couldn't apply compiled sandbox profile, errno: %d\n", getprogname(), errno); >+ exit(EX_NOPERM); >+ } >+ >+ return true; >+ }(); >+ >+ if (didApplySandbox) { >+ auto endTime = WallTime::now(); >+ dataLogLn("Apply time: ", (endTime - startTime).milliseconds()); >+ } else { >+ switch (sandboxParameters.mode()) { >+ case SandboxInitializationParameters::UseDefaultSandboxProfilePath: >+ case SandboxInitializationParameters::UseOverrideSandboxProfilePath: { >+ String sandboxProfilePath = sandboxParameters.mode() == SandboxInitializationParameters::UseDefaultSandboxProfilePath ? defaultProfilePath : sandboxParameters.overrideSandboxProfilePath(); >+ if (!sandboxProfilePath.isEmpty()) { >+ CString profilePath = FileSystem::fileSystemRepresentation(sandboxProfilePath); >+ char* errorBuf; >+#pragma clang diagnostic push >+#pragma clang diagnostic ignored "-Wdeprecated-declarations" >+ if (sandbox_init_with_parameters(profilePath.data(), SANDBOX_NAMED_EXTERNAL, sandboxParameters.namedParameterArray(), &errorBuf)) { >+#pragma clang diagnostic pop >+ WTFLogAlways("%s: Couldn't initialize sandbox profile [%s], error '%s'\n", getprogname(), profilePath.data(), errorBuf); >+ for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) >+ WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); >+ exit(EX_NOPERM); >+ } >+ } >+ >+ break; >+ } >+ case SandboxInitializationParameters::UseSandboxProfile: { > char* errorBuf; > #pragma clang diagnostic push > #pragma clang diagnostic ignored "-Wdeprecated-declarations" >- if (sandbox_init_with_parameters(profilePath.data(), SANDBOX_NAMED_EXTERNAL, sandboxParameters.namedParameterArray(), &errorBuf)) { >+ if (sandbox_init_with_parameters(sandboxParameters.sandboxProfile().utf8().data(), 0, sandboxParameters.namedParameterArray(), &errorBuf)) { > #pragma clang diagnostic pop >- WTFLogAlways("%s: Couldn't initialize sandbox profile [%s], error '%s'\n", getprogname(), profilePath.data(), errorBuf); >+ WTFLogAlways("%s: Couldn't initialize sandbox profile, error '%s'\n", getprogname(), errorBuf); > for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) > WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); > exit(EX_NOPERM); > } >- } > >- break; >- } >- case SandboxInitializationParameters::UseSandboxProfile: { >- char* errorBuf; >-#pragma clang diagnostic push >-#pragma clang diagnostic ignored "-Wdeprecated-declarations" >- if (sandbox_init_with_parameters(sandboxParameters.sandboxProfile().utf8().data(), 0, sandboxParameters.namedParameterArray(), &errorBuf)) { >-#pragma clang diagnostic pop >- WTFLogAlways("%s: Couldn't initialize sandbox profile, error '%s'\n", getprogname(), errorBuf); >- for (size_t i = 0, count = sandboxParameters.count(); i != count; ++i) >- WTFLogAlways("%s=%s\n", sandboxParameters.name(i), sandboxParameters.value(i)); >- exit(EX_NOPERM); >+ break; >+ } > } >- >- break; >- } > } > > // This will override LSFileQuarantineEnabled from Info.plist unless sandbox quarantine is globally disabled. >diff --git a/Source/WebKit/StorageProcess/StorageProcess.h b/Source/WebKit/StorageProcess/StorageProcess.h >index 298390b3d8ac4fd69bdf870487622f1dca4cb194..d28ebb600334053c8ba275cf1896d94263893187 100644 >--- a/Source/WebKit/StorageProcess/StorageProcess.h >+++ b/Source/WebKit/StorageProcess/StorageProcess.h >@@ -71,6 +71,8 @@ class StorageProcess : public ChildProcess > friend NeverDestroyed<StorageProcess>; > public: > static StorageProcess& singleton(); >+ static const ChildProcess::ProcessType processType = StorageType; >+ > ~StorageProcess(); > > WorkQueue& queue() { return m_queue.get(); } >diff --git a/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm b/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >index 375a1705cd374734b50b081c072cdccc8ad61f8e..c54a2853aeb94d4ed9b2a709f3c833a90e43254b 100644 >--- a/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >+++ b/Source/WebKit/UIProcess/Launcher/mac/ProcessLauncherMac.mm >@@ -150,7 +150,7 @@ void ProcessLauncher::launchProcess() > xpc_dictionary_set_string(preBootstrapMessage.get(), "message-name", "pre-bootstrap"); > xpc_connection_send_message(m_xpcConnection.get(), preBootstrapMessage.get()); > } >- >+ > // Create the listening port. > mach_port_t listeningPort = MACH_PORT_NULL; > auto kr = mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &listeningPort); >@@ -283,11 +283,11 @@ void ProcessLauncher::terminateProcess() > > if (!m_processIdentifier) > return; >- >+ > kill(m_processIdentifier, SIGKILL); > m_processIdentifier = 0; > } >- >+ > void ProcessLauncher::platformInvalidate() > { > if (!m_xpcConnection) >diff --git a/Source/WebKit/WebKit.xcodeproj/project.pbxproj b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >index d8d29516a6cb6445bbdc5de7497cee163f160645..c3afc0d05da52abb2e428b704c414dba9806d48f 100644 >--- a/Source/WebKit/WebKit.xcodeproj/project.pbxproj >+++ b/Source/WebKit/WebKit.xcodeproj/project.pbxproj >@@ -3336,6 +3336,8 @@ > 41897ED51F415D850016FA42 /* CacheStorageEngineConnection.messages.in */ = {isa = PBXFileReference; lastKnownFileType = text; path = CacheStorageEngineConnection.messages.in; sourceTree = "<group>"; }; > 41897ED61F415D860016FA42 /* CacheStorageEngine.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = CacheStorageEngine.cpp; sourceTree = "<group>"; }; > 419ACF9B1F981D26009F1A83 /* WebServiceWorkerFetchTaskClient.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebServiceWorkerFetchTaskClient.h; sourceTree = "<group>"; }; >+ 41AA59D420D2F94000F3471A /* Storage-OSX.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "Storage-OSX.entitlements"; sourceTree = "<group>"; }; >+ 41AA59D520D2FA5300F3471A /* Network-OSX.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = "Network-OSX.entitlements"; sourceTree = "<group>"; }; > 41AC86811E042E5300303074 /* WebRTCResolver.messages.in */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; lineEnding = 0; name = WebRTCResolver.messages.in; path = Network/webrtc/WebRTCResolver.messages.in; sourceTree = "<group>"; xcLanguageSpecificationIdentifier = "<none>"; }; > 41B28B081F83AD3E00FB52AC /* RTCPacketOptions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RTCPacketOptions.h; sourceTree = "<group>"; }; > 41B28B091F83AD3E00FB52AC /* RTCPacketOptions.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RTCPacketOptions.cpp; sourceTree = "<group>"; }; >@@ -5061,6 +5063,7 @@ > 1A4F976C100E7B6600637A18 /* FeatureDefines.xcconfig */, > 37119A7D20CCB64E002C6DC9 /* Network-iOS-minimalsimulator.entitlements */, > 7C0BB9A918DCDF5A0006C086 /* Network-iOS.entitlements */, >+ 41AA59D520D2FA5300F3471A /* Network-OSX.entitlements */, > BC8283AB16B4BEAD00A278FE /* NetworkService.xcconfig */, > A1EDD2DB1884B96400BBFE98 /* PluginProcessShim.xcconfig */, > BC8283F216B4FC5300A278FE /* PluginService.32.xcconfig */, >@@ -5069,6 +5072,7 @@ > 37E83D401B37D27B002079EE /* SandboxProfiles.xcconfig */, > A1EDD2DC1884B9B500BBFE98 /* SecItemShim.xcconfig */, > 5183B3931379F85C00E8754E /* Shim.xcconfig */, >+ 41AA59D420D2F94000F3471A /* Storage-OSX.entitlements */, > 51A60B29180CCD9000F3BF50 /* StorageService.xcconfig */, > 1A4F976E100E7B6600637A18 /* Version.xcconfig */, > 37119A7E20CCB64E002C6DC9 /* WebContent-iOS-minimalsimulator.entitlements */, >@@ -10358,13 +10362,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Unlock keychain"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10376,13 +10376,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Unlock keychain"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10394,13 +10390,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Remove stale entitlement file"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10412,13 +10404,9 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > ); > name = "Remove stale entitlement file"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10430,14 +10418,10 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > "$(TEMP_FILE_DIR)/$(FULL_PRODUCT_NAME).xcent", > ); > name = "Process WebContent entitlements"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >@@ -10449,14 +10433,10 @@ > buildActionMask = 2147483647; > files = ( > ); >- inputFileListPaths = ( >- ); > inputPaths = ( > "$(TEMP_FILE_DIR)/$(FULL_PRODUCT_NAME).xcent", > ); > name = "Process WebContent entitlements"; >- outputFileListPaths = ( >- ); > outputPaths = ( > ); > runOnlyForDeploymentPostprocessing = 0; >diff --git a/Source/WebKit/WebProcess/WebProcess.h b/Source/WebKit/WebProcess/WebProcess.h >index b8520acd2bd83c4915713fd54340efeb456dcefb..fbad5565cce74e984be2f206aa3fa9bbbc4eecf0 100644 >--- a/Source/WebKit/WebProcess/WebProcess.h >+++ b/Source/WebKit/WebProcess/WebProcess.h >@@ -108,6 +108,7 @@ struct WebsiteDataStoreParameters; > class WebProcess : public ChildProcess { > public: > static WebProcess& singleton(); >+ static const ChildProcess::ProcessType processType = WebContentType; > > template <typename T> > T* supplement() >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index 95e7eb0c860baffea359fa7f3700b5c3ff7d5547..ddcc6af503af603bce404db436b97bbe2a72301c 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,12 @@ >+2018-06-14 Ben Richards <benton_richards@apple.com> >+ >+ Added custom sign posts for sandbox initialization >+ https://bugs.webkit.org/show_bug.cgi?id=184991 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * Tracing/SystemTracePoints.plist: >+ > 2018-06-12 Valerie R Young <valerie@bocoup.com> > > test262/Runner.pm: add unit tests >diff --git a/Tools/Scripts/webkitpy/tool/commands/stepsequence.py b/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >index bb3c5870630f4e163c387941bc57d3eceec52212..48a7585b0f41c6aecf8f0002dff9322b2aa4b646 100644 >--- a/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >+++ b/Tools/Scripts/webkitpy/tool/commands/stepsequence.py >@@ -64,6 +64,7 @@ class StepSequence(object): > > def _run(self, tool, options, state): > for step in self._steps: >+ print tool.scm().create_patch(options.git_commit) > step(tool, options).run(state) > > def run_and_handle_errors(self, tool, options, state=None): >diff --git a/Tools/Tracing/SystemTracePoints.plist b/Tools/Tracing/SystemTracePoints.plist >index e9e1776965bac9ddd1d647fb920734600f8a2905..7cba493bd1da205bc2514d26b96eda2f5c7acd01 100644 >--- a/Tools/Tracing/SystemTracePoints.plist >+++ b/Tools/Tracing/SystemTracePoints.plist >@@ -300,6 +300,18 @@ > <key>CodeEnd</key> > <string>14004</string> > </dict> >+ <dict> >+ <key>Name</key> >+ <string>Process Launch</string> >+ <key>Type</key> >+ <string>Interval</string> >+ <key>Component</key> >+ <string>47</string> >+ <key>CodeBegin</key> >+ <string>14003</string> >+ <key>CodeEnd</key> >+ <string>14004</string> >+ </dict> > </array> > </dict> > </array> >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=342768">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 184991
:
338858
|
338915
|
338951
|
338955
|
338963
|
338968
|
339519
|
342768
|
342781
|
342796
|
342947
|
342973
|
342997
|
343006
|
343012
|
343014
|
343025
|
343051
|
343063
|
343073
|
343094
|
343110
|
343126
|
343354
|
343356
|
343456
|
343554
|
343574
|
343651
|
343655
|
343771
|
343774
|
343776
|
343804
|
344130
|
344805
|
344832
|
345206
|
345287
|
345311
|
345327
|
345377
|
345392
|
345405
|
345588
|
345598
|
346440
|
346558
|
346743
|
346810
|
346841
|
347144
|
347170