Bug 207279

Summary: [iOS] Do not create sandbox reports when the UI process cannot issue extensions to diagnostics service
Product: WebKit Reporter: Per Arne Vollan <pvollan>
Component: WebKit Misc.Assignee: Per Arne Vollan <pvollan>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, bfulgham, cdumez, cmarcelo, commit-queue, dbates, ews-watchlist, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Per Arne Vollan 2020-02-05 11:26:26 PST 
Do not create sandbox reports when the UI process cannot issue mach extensions to the diagnostics service. The majority of clients are capable of doing this.
Comment 1 Per Arne Vollan 2020-02-05 11:26:51 PST 
rdar://problem/59030957
Comment 2 Per Arne Vollan 2020-02-05 11:52:47 PST 
Created attachment 389838 [details]
Patch
Comment 3 Brent Fulgham 2020-02-05 12:30:11 PST 
Comment on attachment 389838 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=389838&action=review

> Source/WebKit/Shared/SandboxExtension.h:59
> +    };

You could maybe do:

enum class Flags : uint32_t {
    Default = 0,
    NoReport = SANDBOX_EXTENSION_NO_REPORT
};


Then I think that OptionSet<Flags> would map to unit32_t, and do the |-ing for you.

But you would need to add SandboxSPI.h header, which might be undesirable.

> Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm:91
> +            extensionFlags |= SANDBOX_EXTENSION_NO_REPORT;

I don't think you need this code, if you make the OptionSet<Flags> as I suggested.

> Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm:97
> +            return sandbox_extension_issue_file(APP_SANDBOX_READ_WRITE, path, extensionFlags);

I wonder if we should consider adding SANDBOX_EXTENSION_CANONICAL to our file paths (if we ensure we always work with fully-resolved paths).
Comment 4 Per Arne Vollan 2020-02-05 13:20:09 PST 
(In reply to Brent Fulgham from comment #3)
> Comment on attachment 389838 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=389838&action=review
> 
> > Source/WebKit/Shared/SandboxExtension.h:59
> > +    };
> 
> You could maybe do:
> 
> enum class Flags : uint32_t {
>     Default = 0,
>     NoReport = SANDBOX_EXTENSION_NO_REPORT
> };
> 
> 
> Then I think that OptionSet<Flags> would map to unit32_t, and do the |-ing
> for you.
> 
> But you would need to add SandboxSPI.h header, which might be undesirable.
> 

Good idea! However, I don't think this will compile on other platforms. Are you OK with keeping as is?

> > Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm:91
> > +            extensionFlags |= SANDBOX_EXTENSION_NO_REPORT;
> 
> I don't think you need this code, if you make the OptionSet<Flags> as I
> suggested.
> 
> > Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm:97
> > +            return sandbox_extension_issue_file(APP_SANDBOX_READ_WRITE, path, extensionFlags);
> 
> I wonder if we should consider adding SANDBOX_EXTENSION_CANONICAL to our
> file paths (if we ensure we always work with fully-resolved paths).

I think that would be good enhancement! Perhaps we could do this in a follow-up patch?

Thanks for reviewing!
Comment 5 Brent Fulgham 2020-02-05 16:00:03 PST 
Comment on attachment 389838 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=389838&action=review

>>> Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm:91
>>> +            extensionFlags |= SANDBOX_EXTENSION_NO_REPORT;
>> 
>> I don't think you need this code, if you make the OptionSet<Flags> as I suggested.
> 
> I think that would be good enhancement! Perhaps we could do this in a follow-up patch?
> 
> Thanks for reviewing!

Sure -- no need to do now.
Comment 6 WebKit Commit Bot 2020-02-05 16:06:27 PST 
Comment on attachment 389838 [details]
Patch

Clearing flags on attachment: 389838

Committed r255874: <https://trac.webkit.org/changeset/255874>
Comment 7 WebKit Commit Bot 2020-02-05 16:06:29 PST 
All reviewed patches have been landed.  Closing bug.