215869 2020-08-26 15:13:56 -0700 [macOS] Stop logging sandbox violations of com.apple.CoreDisplay.Notification 2020-08-27 09:53:00 -0700 1 1 1 Unclassified WebKit WebKit Misc. WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 pvollan pvollan bfulgham cdumez darin nham webkit-bug-importer oldest_to_newest 1683162 0 pvollan 2020-08-26 15:13:56 -0700 On macOS, stop logging mach-lookup sandbox violations of com.apple.CoreDisplay.Notification for performance reasons. 1683164 1 407342 pvollan 2020-08-26 15:16:55 -0700 Created attachment 407342 Patch 1683167 2 pvollan 2020-08-26 15:17:37 -0700 <rdar://problem/67831223> 1683188 3 407353 pvollan 2020-08-26 16:29:10 -0700 Created attachment 407353 Patch 1683190 4 407353 darin 2020-08-26 16:33:37 -0700 Comment on attachment 407353 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=407353&action=review > Source/WebKit/ChangeLog:8 > + On macOS, stop logging mach-lookup sandbox violations of com.apple.CoreDisplay.Notification for performance reasons. This makes it sound like it’s something already denied, and this patch simply changes it to no-log. > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:771 > +#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 110000 > +(deny mach-lookup (with no-log) > + (global-name "com.apple.CoreDisplay.Notification)) > +#endif But this is a new deny rule, not changing an existing one to no-log mode. What am I missing? 1683202 5 pvollan 2020-08-26 16:57:19 -0700 (In reply to Darin Adler from comment #4) > Comment on attachment 407353 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=407353&action=review > > > Source/WebKit/ChangeLog:8 > > + On macOS, stop logging mach-lookup sandbox violations of com.apple.CoreDisplay.Notification for performance reasons. > > This makes it sound like it’s something already denied, and this patch > simply changes it to no-log. > Yes, that is correct. > > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:771 > > +#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 110000 > > +(deny mach-lookup (with no-log) > > + (global-name "com.apple.CoreDisplay.Notification)) > > +#endif > > But this is a new deny rule, not changing an existing one to no-log mode. > > What am I missing? Yes, you are right. There is no previous rule for this service, so the default behavior is in effect, where the service is being denied, but with logging enabled. This change is only changing the logging behavior. Thanks for reviewing! 1683209 6 407353 darin 2020-08-26 17:05:22 -0700 Comment on attachment 407353 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=407353&action=review >>> Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:771 >>> +#endif >> >> But this is a new deny rule, not changing an existing one to no-log mode. >> >> What am I missing? > > Yes, you are right. There is no previous rule for this service, so the default behavior is in effect, where the service is being denied, but with logging enabled. > > This change is only changing the logging behavior. > > Thanks for reviewing! Oh, didn’t realize that "deny" was default for everything. I guess that should have been obvious. 1683212 7 pvollan 2020-08-26 17:07:58 -0700 (In reply to Darin Adler from comment #6) > Comment on attachment 407353 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=407353&action=review > > >>> Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:771 > >>> +#endif > >> > >> But this is a new deny rule, not changing an existing one to no-log mode. > >> > >> What am I missing? > > > > Yes, you are right. There is no previous rule for this service, so the default behavior is in effect, where the service is being denied, but with logging enabled. > > > > This change is only changing the logging behavior. > > > > Thanks for reviewing! > > Oh, didn’t realize that "deny" was default for everything. I guess that > should have been obvious. Actually, in some cases, "allow" is the default, but not in this case :) Thanks for reviewing! 1683257 8 ews-feeder 2020-08-26 18:58:37 -0700 Committed r266216: <https://trac.webkit.org/changeset/266216> All reviewed patches have been landed. Closing bug and clearing flags on attachment 407353. 1683412 9 407353 cdumez 2020-08-27 09:53:00 -0700 Comment on attachment 407353 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=407353&action=review > Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:770 > + (global-name "com.apple.CoreDisplay.Notification)) Missing double quote here :( https://trac.webkit.org/changeset/266238/webkit 407342 2020-08-26 15:16:55 -0700 2020-08-26 16:29:08 -0700 Patch bug-215869-20200826151655.patch text/plain 1457 pvollan SW5kZXg6IFNvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJL aXQvQ2hhbmdlTG9nCShyZXZpc2lvbiAyNjYxOTUpCisrKyBTb3VyY2UvV2ViS2l0L0NoYW5nZUxv Zwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE2IEBACisyMDIwLTA4LTI2ICBQZXIgQXJuZSBW b2xsYW4gIDxwdm9sbGFuQGFwcGxlLmNvbT4KKworICAgICAgICBbbWFjT1NdIFN0b3AgbG9nZ2lu ZyBzYW5kYm94IHZpb2xhdGlvbnMgb2YgY29tLmFwcGxlLkNvcmVEaXNwbGF5Lk5vdGlmaWNhdGlv bgorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjE1ODY5 CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgT24gbWFj T1MsIHN0b3AgbG9nZ2luZyBtYWNoLWxvb2t1cCBzYW5kYm94IHZpb2xhdGlvbnMgb2YgY29tLmFw cGxlLkNvcmVEaXNwbGF5Lk5vdGlmaWNhdGlvbiBmb3IgcGVyZm9ybWFuY2UgcmVhc29ucy4KKwor ICAgICAgICBObyBuZXcgdGVzdHMsIHNpbmNlIHRoZXJlIGlzIG5vIGNoYW5nZSBpbiBiZWhhdmlv ci4gVGhlIHNlcnZpY2Ugd2FzIGFscmVhZHkgYmVpbmcgZGVuaWVkIGluIHRoZSBzYW5kYm94Lgor CisgICAgICAgICogV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbjoKKwogMjAy MC0wOC0yNiAgQWRpdHlhIEtlZXJ0aGkgIDxha2VlcnRoaUBhcHBsZS5jb20+CiAKICAgICAgICAg W2lPU10gRGlzYWJsZWQgb3B0aW9ucyBpbiB0aGUgbXVsdGktc2VsZWN0IHBpY2tlciBzaG91bGQg bm90IGJlIHNlbGVjdGFibGUKSW5kZXg6IFNvdXJjZS9XZWJLaXQvV2ViUHJvY2Vzcy9jb20uYXBw bGUuV2ViUHJvY2Vzcy5zYi5pbgo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2ViS2l0L1dlYlByb2Nl c3MvY29tLmFwcGxlLldlYlByb2Nlc3Muc2IuaW4JKHJldmlzaW9uIDI2NjE2NykKKysrIFNvdXJj ZS9XZWJLaXQvV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbgkod29ya2luZyBj b3B5KQpAQCAtNzY1LDYgKzc2NSw5IEBACiAgICAgKGdsb2JhbC1uYW1lICJjb20uYXBwbGUud2lu ZG93c2VydmVyLmFjdGl2ZSIpKQogI2VuZGlmCiAKKyhkZW55IG1hY2gtbG9va3VwICh3aXRoIG5v LWxvZykKKyAgICAoZ2xvYmFsLW5hbWUgImNvbS5hcHBsZS5Db3JlRGlzcGxheS5Ob3RpZmljYXRp b24pKQorCiAjaWYgX19NQUNfT1NfWF9WRVJTSU9OX01JTl9SRVFVSVJFRCA8IDExMDAwMAogOzsg TmVlZGVkIHRvIHN1cHBvcnQgZW5jcnlwdGVkIG1lZGlhIHBsYXliYWNrIDxyZGFyOi8vcHJvYmxl bS80MDAzODQ3OD4KIChhbGxvdyBtYWNoLWxvb2t1cAo= 407353 2020-08-26 16:29:10 -0700 2020-08-26 18:58:37 -0700 Patch bug-215869-20200826162909.patch text/plain 1513 pvollan SW5kZXg6IFNvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJL aXQvQ2hhbmdlTG9nCShyZXZpc2lvbiAyNjYxOTUpCisrKyBTb3VyY2UvV2ViS2l0L0NoYW5nZUxv Zwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE2IEBACisyMDIwLTA4LTI2ICBQZXIgQXJuZSBW b2xsYW4gIDxwdm9sbGFuQGFwcGxlLmNvbT4KKworICAgICAgICBbbWFjT1NdIFN0b3AgbG9nZ2lu ZyBzYW5kYm94IHZpb2xhdGlvbnMgb2YgY29tLmFwcGxlLkNvcmVEaXNwbGF5Lk5vdGlmaWNhdGlv bgorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjE1ODY5 CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgT24gbWFj T1MsIHN0b3AgbG9nZ2luZyBtYWNoLWxvb2t1cCBzYW5kYm94IHZpb2xhdGlvbnMgb2YgY29tLmFw cGxlLkNvcmVEaXNwbGF5Lk5vdGlmaWNhdGlvbiBmb3IgcGVyZm9ybWFuY2UgcmVhc29ucy4KKwor ICAgICAgICBObyBuZXcgdGVzdHMsIHNpbmNlIHRoZXJlIGlzIG5vIGNoYW5nZSBpbiBiZWhhdmlv ci4gVGhlIHNlcnZpY2Ugd2FzIGFscmVhZHkgYmVpbmcgZGVuaWVkIGluIHRoZSBzYW5kYm94Lgor CisgICAgICAgICogV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbjoKKwogMjAy MC0wOC0yNiAgQWRpdHlhIEtlZXJ0aGkgIDxha2VlcnRoaUBhcHBsZS5jb20+CiAKICAgICAgICAg W2lPU10gRGlzYWJsZWQgb3B0aW9ucyBpbiB0aGUgbXVsdGktc2VsZWN0IHBpY2tlciBzaG91bGQg bm90IGJlIHNlbGVjdGFibGUKSW5kZXg6IFNvdXJjZS9XZWJLaXQvV2ViUHJvY2Vzcy9jb20uYXBw bGUuV2ViUHJvY2Vzcy5zYi5pbgo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2ViS2l0L1dlYlByb2Nl c3MvY29tLmFwcGxlLldlYlByb2Nlc3Muc2IuaW4JKHJldmlzaW9uIDI2NjE2NykKKysrIFNvdXJj ZS9XZWJLaXQvV2ViUHJvY2Vzcy9jb20uYXBwbGUuV2ViUHJvY2Vzcy5zYi5pbgkod29ya2luZyBj b3B5KQpAQCAtNzY1LDYgKzc2NSwxMSBAQAogICAgIChnbG9iYWwtbmFtZSAiY29tLmFwcGxlLndp bmRvd3NlcnZlci5hY3RpdmUiKSkKICNlbmRpZgogCisjaWYgX19NQUNfT1NfWF9WRVJTSU9OX01J Tl9SRVFVSVJFRCA+PSAxMTAwMDAKKyhkZW55IG1hY2gtbG9va3VwICh3aXRoIG5vLWxvZykKKyAg ICAoZ2xvYmFsLW5hbWUgImNvbS5hcHBsZS5Db3JlRGlzcGxheS5Ob3RpZmljYXRpb24pKQorI2Vu ZGlmCisKICNpZiBfX01BQ19PU19YX1ZFUlNJT05fTUlOX1JFUVVJUkVEIDwgMTEwMDAwCiA7OyBO ZWVkZWQgdG8gc3VwcG9ydCBlbmNyeXB0ZWQgbWVkaWEgcGxheWJhY2sgPHJkYXI6Ly9wcm9ibGVt LzQwMDM4NDc4PgogKGFsbG93IG1hY2gtbG9va3VwCg==