RESOLVED FIXED Bug 225004
[iOS] [GPU] The UI process should issue the mach sandbox extension to 'com.apple.AGXCompilerService' 
https://bugs.webkit.org/show_bug.cgi?id=225004
Summary [iOS] [GPU] The UI process should issue the mach sandbox extension to 'com.ap...
Brent Fulgham
Reported 2021-04-23 15:45:42 PDT
In Bug 203915 and Bug 210616 we did work to only extend access to AGX-related graphics facilities on relevant hardware. This was lost in the transition to the GPU Process and should be added back. <rdar://problem/68362930>
Attachments
Patch (18.01 KB, patch)
2021-04-23 15:59 PDT, Brent Fulgham 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (17.93 KB, patch)
2021-04-23 16:49 PDT, Brent Fulgham 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (17.93 KB, patch)
2021-04-23 17:01 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Patch (17.79 KB, patch)
2021-04-26 09:55 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Patch (17.77 KB, patch)
2021-04-26 17:54 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Patch for landing (17.76 KB, patch)
2021-04-26 17:56 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2021-04-23 15:59:03 PDT
Created attachment 426959 [details] Patch
Per Arne Vollan
Comment 2 2021-04-23 16:13:07 PDT
Comment on attachment 426959 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=426959&action=review Great! R=me. > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb:975 > + (xpc-service-name-prefix "com.apple.AGXCompilerService"))) Is the prefix part needed?
Brent Fulgham
Comment 3 2021-04-23 16:49:30 PDT
Created attachment 426965 [details] Patch
Brent Fulgham
Comment 4 2021-04-23 16:50:09 PDT
(In reply to Per Arne Vollan from comment #2) > Comment on attachment 426959 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=426959&action=review > > Great! R=me. > > > Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb:975 > > + (xpc-service-name-prefix "com.apple.AGXCompilerService"))) > > Is the prefix part needed? Yes. This is right out of the WCP rules. There are two flavors of AGXCompilerService (one has a postfix).
Brent Fulgham
Comment 5 2021-04-23 17:01:58 PDT
Created attachment 426967 [details] Patch
Darin Adler
Comment 6 2021-04-25 12:41:40 PDT
Comment on attachment 426967 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=426967&action=review > Source/WebCore/platform/cocoa/AGXCompilerService.h:36 > +namespace WTF { > + > +class ASCIILiteral; > + > +} This isn’t needed or helpful. If we include <wtf/Forward.h>, then this is taken care of. If we don’t, then we have to write WTF::ASCIILiteral below. > Source/WebCore/platform/cocoa/AGXCompilerService.h:43 > +WEBCORE_EXPORT const Vector<ASCIILiteral>& agxCompilerServices(); > +WEBCORE_EXPORT const Vector<ASCIILiteral>& agxCompilerClasses(); Would be slightly more efficient to move to something that doesn’t require any memory allocation. To cite one example, maybe not the most elegant, these could return std::initializer_list<ASCIILiteral>, if all we need to do is iterate them. No reason to keep a Vector around in memory forever just because we need to call createHandlesForMachLookup. Sadly, right now SandboxExtension is specifically tied to Vector. So doing this might require a bit of refactoring, and is not urgent. Just slightly better memory use and I suppose a better idiom.
Darin Adler
Comment 7 2021-04-25 12:42:12 PDT
Comment on attachment 426967 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=426967&action=review > Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp:48 > +#include <WebCore/AGXCompilerService.h> Adding this broke the WinCairo build.
Brent Fulgham
Comment 8 2021-04-26 09:55:30 PDT
Created attachment 427061 [details] Patch
Brent Fulgham
Comment 9 2021-04-26 10:02:26 PDT
Comment on attachment 426967 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=426967&action=review >> Source/WebCore/platform/cocoa/AGXCompilerService.h:36 >> +} > > This isn’t needed or helpful. If we include <wtf/Forward.h>, then this is taken care of. If we don’t, then we have to write WTF::ASCIILiteral below. Ah, will fix. >> Source/WebCore/platform/cocoa/AGXCompilerService.h:43 >> +WEBCORE_EXPORT const Vector<ASCIILiteral>& agxCompilerClasses(); > > Would be slightly more efficient to move to something that doesn’t require any memory allocation. To cite one example, maybe not the most elegant, these could return std::initializer_list<ASCIILiteral>, if all we need to do is iterate them. No reason to keep a Vector around in memory forever just because we need to call createHandlesForMachLookup. > > Sadly, right now SandboxExtension is specifically tied to Vector. So doing this might require a bit of refactoring, and is not urgent. Just slightly better memory use and I suppose a better idiom. I filed Bug 225059 to remember to do this.
Darin Adler
Comment 10 2021-04-26 11:04:40 PDT
Comment on attachment 427061 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=427061&action=review > Source/WebCore/platform/cocoa/AGXCompilerService.h:31 > +#include <wtf/Forward.h> > +#include <wtf/Vector.h> Probably not worth another round of patch revision, but Vector.h already includes Forward.h so an explicit include of Forward.h probably is not needed. I should have made that clear in my earlier comment. Oh, and now,. on reflection, only Forward.h needs to be included here.
Brent Fulgham
Comment 11 2021-04-26 17:54:08 PDT
Created attachment 427111 [details] Patch
Brent Fulgham
Comment 12 2021-04-26 17:55:04 PDT
Comment on attachment 427061 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=427061&action=review >> Source/WebCore/platform/cocoa/AGXCompilerService.h:31 >> +#include <wtf/Vector.h> > > Probably not worth another round of patch revision, but Vector.h already includes Forward.h so an explicit include of Forward.h probably is not needed. I should have made that clear in my earlier comment. > > Oh, and now,. on reflection, only Forward.h needs to be included here. I'll fix it -- fewer includes are better!
Brent Fulgham
Comment 13 2021-04-26 17:56:25 PDT
Created attachment 427112 [details] Patch for landing
EWS
Comment 14 2021-04-27 10:08:32 PDT
Committed r276644 (237071@main): <https://commits.webkit.org/237071@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 427112 [details].
Note You need to log in before you can comment on or make changes to this bug.