RESOLVED FIXED Bug 203915
[iOS] The UI process should issue mach sandbox extension to "com.apple.AGXCompilerService" 
https://bugs.webkit.org/show_bug.cgi?id=203915
Summary [iOS] The UI process should issue mach sandbox extension to "com.apple.AGXCom...
Per Arne Vollan
Reported 2019-11-06 13:20:15 PST
Only a few iPad models need access to "com.apple.AGXCompilerService” in the WebContent process. The UI process should issue this mach extension for these iPad models.
Attachments
Patch (6.72 KB, patch)
2019-11-06 13:24 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (6.82 KB, patch)
2019-11-06 13:43 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (6.80 KB, patch)
2019-11-06 13:46 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (6.83 KB, patch)
2019-12-04 15:14 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Per Arne Vollan
Comment 1 2019-11-06 13:20:37 PST
rdar://problem/56921370
Per Arne Vollan
Comment 2 2019-11-06 13:24:16 PST
Created attachment 382954 [details] Patch
Per Arne Vollan
Comment 3 2019-11-06 13:43:19 PST
Created attachment 382957 [details] Patch
Per Arne Vollan
Comment 4 2019-11-06 13:46:03 PST
Created attachment 382958 [details] Patch
Per Arne Vollan
Comment 5 2019-12-04 15:14:52 PST
Created attachment 384852 [details] Patch
Per Arne Vollan
Comment 6 2019-12-04 15:15:18 PST
(In reply to Per Arne Vollan from comment #5) > Created attachment 384852 [details] > Patch Rebased.
Brent Fulgham
Comment 7 2019-12-04 15:19:30 PST
Comment on attachment 384852 [details] Patch Looks good. r=me
Per Arne Vollan
Comment 8 2019-12-04 15:24:03 PST
(In reply to Brent Fulgham from comment #7) > Comment on attachment 384852 [details] > Patch > > Looks good. r=me Thanks for reviewing :)
WebKit Commit Bot
Comment 9 2019-12-04 16:07:46 PST
Comment on attachment 384852 [details] Patch Clearing flags on attachment: 384852 Committed r253127: <https://trac.webkit.org/changeset/253127>
WebKit Commit Bot
Comment 10 2019-12-04 16:07:48 PST
All reviewed patches have been landed. Closing bug.
Brent Fulgham
Comment 11 2019-12-12 16:49:19 PST
Comment on attachment 384852 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=384852&action=review > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:969 > + (global-name "com.apple.iphone.axserver-systemwide" "com.apple.tccd" "com.apple.AGXCompilerService"))) I think this might be wrong. AGXCompilerService is an xpc-service-name-prefix, so it won't be found in the global-name namespace. This might create problems on hardware that needs AGXCompilerService. We should probably have a second allow-mach-lookup section that uses 'xpc-service-name', and another that uses 'xpc-service-name-prefix'.
Per Arne Vollan
Comment 12 2019-12-12 16:52:21 PST
(In reply to Brent Fulgham from comment #11) > Comment on attachment 384852 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=384852&action=review > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:969 > > + (global-name "com.apple.iphone.axserver-systemwide" "com.apple.tccd" "com.apple.AGXCompilerService"))) > > I think this might be wrong. AGXCompilerService is an > xpc-service-name-prefix, so it won't be found in the global-name namespace. > > This might create problems on hardware that needs AGXCompilerService. > > We should probably have a second allow-mach-lookup section that uses > 'xpc-service-name', and another that uses 'xpc-service-name-prefix'. Oh, that's a good point. Great catch!
Note You need to log in before you can comment on or make changes to this bug.