RESOLVED FIXED232329
[macOS][GPUP] Remove access to sysctl properties 
https://bugs.webkit.org/show_bug.cgi?id=232329
Summary [macOS][GPUP] Remove access to sysctl properties
Per Arne Vollan
Reported 2021-10-26 13:46:19 PDT
Based on telemetry, remove access to unused sysctl properties in the GPU process' sandbox on macOS.
Attachments
Patch (3.78 KB, patch)
2021-10-26 13:48 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2021-10-26 13:46:53 PDT
<rdar://problem/84679628>
Per Arne Vollan
Comment 2 2021-10-26 13:48:36 PDT
Created attachment 442527 [details] Patch
Darin Adler
Comment 3 2021-10-26 13:56:14 PDT
Comment on attachment 442527 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=442527&action=review > Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:173 > -(deny sysctl*) > +(deny sysctl* (with telemetry)) This change is not mentioned in the change log. What’s the rationale?
Per Arne Vollan
Comment 4 2021-10-26 14:04:02 PDT
(In reply to Darin Adler from comment #3) > Comment on attachment 442527 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=442527&action=review > > > Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:173 > > -(deny sysctl*) > > +(deny sysctl* (with telemetry)) > > This change is not mentioned in the change log. What’s the rationale? This is to get telemetry for sysctl properties we might need to add in the future when new features being are added to the GPU process. Thanks for reviewing!
Per Arne Vollan
Comment 5 2021-11-10 12:26:31 PST
Comment on attachment 442527 [details] Patch Thanks for reviewing!
EWS
Comment 6 2021-11-10 12:30:13 PST
Committed r285606 (244110@main): <https://commits.webkit.org/244110@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 442527 [details].
Note You need to log in before you can comment on or make changes to this bug.