Bug 221501 - REGRESSION (r271815): [macOS] /dev/dtracehelper is blocked on customer builds, even with SIP disabled
Summary: REGRESSION (r271815): [macOS] /dev/dtracehelper is blocked on customer builds...
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Brent Fulgham
Keywords: InRadar
Depends on:
Reported: 2021-02-05 14:00 PST by Brent Fulgham
Modified: 2021-02-05 16:07 PST (History)
3 users (show)

See Also:

Patch (3.59 KB, patch)
2021-02-05 14:06 PST, Brent Fulgham
no flags Details | Formatted Diff | Diff
Patch (1.69 KB, patch)
2021-02-05 14:49 PST, Brent Fulgham
no flags Details | Formatted Diff | Diff
Patch (1.74 KB, patch)
2021-02-05 14:56 PST, Brent Fulgham
no flags Details | Formatted Diff | Diff
Patch for landing (1.70 KB, patch)
2021-02-05 15:36 PST, Brent Fulgham
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2021-02-05 14:00:14 PST
The change in Bug 220927 was not implemented correctly: we should have gated access to /dev/dtracehelper on whether SIP disabled, not on AppleInternal.

We should likewise allow OpenGL Profiler to attach if SIP is disabled.
Comment 1 Brent Fulgham 2021-02-05 14:00:36 PST
Comment 2 Brent Fulgham 2021-02-05 14:06:19 PST
Created attachment 419460 [details]
Comment 3 Per Arne Vollan 2021-02-05 14:16:30 PST
Comment on attachment 419460 [details]

View in context: https://bugs.webkit.org/attachment.cgi?id=419460&action=review

Great! R=me.

> Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:710
> +    dispatch_once(&onceToken, ^{
> +        isSIPDisabled = !csr_check(CSR_DISABLE_FLAGS);

Since this only seems to be called on the main thread, I think the dispatch_once is not needed.
Comment 4 Brent Fulgham 2021-02-05 14:49:01 PST
(In reply to Brent Fulgham from comment #2)
> Created attachment 419460 [details]
> Patch

On second thought, none of the SIP flags seem related to the GL profiler, so let's leave that for future consideration.

Also, it turns out the Sandbox already has features to check CSR.
Comment 5 Brent Fulgham 2021-02-05 14:49:49 PST
Created attachment 419469 [details]
Comment 6 Per Arne Vollan 2021-02-05 14:53:58 PST
Comment on attachment 419469 [details]

Comment 7 Brent Fulgham 2021-02-05 14:56:23 PST
Created attachment 419471 [details]
Comment 8 Per Arne Vollan 2021-02-05 15:08:08 PST
Comment on attachment 419471 [details]

Comment 9 Brent Fulgham 2021-02-05 15:36:07 PST
Created attachment 419473 [details]
Patch for landing
Comment 10 Brent Fulgham 2021-02-05 15:36:56 PST
I confirmed that the CSR filter has been present since 2015, so we are safe to adopt without conditionals.
Comment 11 EWS 2021-02-05 16:07:23 PST
Committed r272449: <https://trac.webkit.org/changeset/272449>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 419473 [details].