Summary: | Unblock iokit-get-property needed for frame buffer initialization | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Brent Fulgham <bfulgham> | ||||
Component: | WebKit Misc. | Assignee: | Brent Fulgham <bfulgham> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | achristensen, ap, bfulgham, commit-queue, ggaren, pvollan, webkit-bug-importer | ||||
Priority: | P2 | Keywords: | InRadar | ||||
Version: | WebKit Nightly Build | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Attachments: |
|
Description
Brent Fulgham
2019-12-19 13:05:15 PST
Created attachment 386135 [details]
Patch
Comment on attachment 386135 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=386135&action=review > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:105 > + ; IOMobileFramebuffer > + (with-filter (iokit-registry-entry-class "IOMobileFramebuffer") > + (allow iokit-get-properties > + (iokit-property "AppleTV" > + "DisplayPipePlaneBaseAlignment" > + "DisplayPipeStrideRequirements" > + "PerformanceStatistics" > + "appleTV-VID0" > + "appleTV-VID1" > + "hdcp-hoover-protocol"))) > + > + (mobile-preferences-read "com.apple.iokit.IOMobileGraphicsFamily") > +) Do we need to audit new iokit get properties rules in the WebContent process? Or is it always safe to add these? Comment on attachment 386135 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=386135&action=review >> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:105 >> +) > > Do we need to audit new iokit get properties rules in the WebContent process? Or is it always safe to add these? Are all strictly needed, or would a subset be sufficient? Comment on attachment 386135 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=386135&action=review >>> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:105 >>> +) >> >> Do we need to audit new iokit get properties rules in the WebContent process? Or is it always safe to add these? > > Are all strictly needed, or would a subset be sufficient? Many of these are already part of the "global" set of allow rules; I want to move to this model for them in the future. So this change is a first step in that direction. I think these are safe to add from a security standpoint. They were vetted for use in container.sb, and David has stated that he isn't worried about these "read data" properties. Comment on attachment 386135 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=386135&action=review R=me. >>>> Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:105 >>>> +) >>> >>> Do we need to audit new iokit get properties rules in the WebContent process? Or is it always safe to add these? >> >> Are all strictly needed, or would a subset be sufficient? > > Many of these are already part of the "global" set of allow rules; I want to move to this model for them in the future. So this change is a first step in that direction. > > I think these are safe to add from a security standpoint. They were vetted for use in container.sb, and David has stated that he isn't worried about these "read data" properties. Sounds good! Committed r253792: <https://trac.webkit.org/changeset/253792> |