Bug 167669

Summary:

[WebRTC][WebKit2] Support expanding the sandbox to allow microphone access at process launch

Product:

WebKit

Reporter:

Brent Fulgham <bfulgham>

Component:

Media

Assignee:

Brent Fulgham <bfulgham>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, bfulgham, commit-queue, youennf

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

124288

Attachments:

Description	Flags
Patch	none
Patch	none

Description Brent Fulgham 2017-01-31 15:14:17 PST

Due to <rdar://problem/29448368> we need to expand the sandbox to encompass the microphone hardware at the launch of the WebProcess. Once this radar is fixed, lived switching between allowing and denying microphone state at the Sandbox level will work properly.

This change should be viewed as a temporary workaround until the underlying bug is fixed. We do not want to limit microphone access granularity to WebProcess launch.

Comment 1 Brent Fulgham 2017-01-31 15:14:53 PST

<rdar://problem/29974333>

Comment 2 Brent Fulgham 2017-01-31 15:18:54 PST

Created attachment 300269 [details]
Patch

Comment 3 Alex Christensen 2017-01-31 16:14:08 PST

Comment on attachment 300269 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=300269&action=review

We definitely need this, but don't we also need to call SandboxExtension::create and consume and revoke it?

> Source/WebKit2/UIProcess/WebProcessPool.cpp:579
> +    // FIXME: Remove this and related parameter when <rdar://problem/29448368> is fixed.

I don't think we need this comment.

Comment 4 Brent Fulgham 2017-01-31 16:21:35 PST

(In reply to comment #3)
> Comment on attachment 300269 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=300269&action=review
> 
> We definitely need this, but don't we also need to call
> SandboxExtension::create and consume and revoke it?

Isn't that handled by the SandboxExtension::consumePermanently(...) call we make in WebProcessCocoa?

SandboxExtension::createHandleForGenericExtension calls into WKSandboxExtensionCreate.

SandboxExtension::consumePermanently calls WKSandboxExtensionConsume and WKSandboxExtensionDestroy internally.

Comment 5 youenn fablet 2017-01-31 16:32:30 PST

Comment on attachment 300269 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=300269&action=review

> Source/WebKit2/UIProcess/WebProcessPool.cpp:578
> +#if ENABLE(WEB_RTC)

This should probably be ENABLE(MEDIA_STREAM) and mediaStreamEnabled()

Comment 6 Brent Fulgham 2017-01-31 17:26:25 PST

Created attachment 300285 [details]
Patch

Comment 7 WebKit Commit Bot 2017-01-31 22:09:16 PST

Comment on attachment 300285 [details]
Patch

Clearing flags on attachment: 300285

Committed r211470: <http://trac.webkit.org/changeset/211470>

Comment 8 WebKit Commit Bot 2017-01-31 22:09:19 PST

All reviewed patches have been landed.  Closing bug.