275964 – [Cocoa][macOS] Allow additional syscall in GPU sandbox

RESOLVED FIXED275964

[Cocoa][macOS] Allow additional syscall in GPU sandbox

https://bugs.webkit.org/show_bug.cgi?id=275964

Summary [Cocoa][macOS] Allow additional syscall in GPU sandbox

Brent Fulgham

Reported 2024-06-27 12:38:47 PDT

Telemetry and performance monitoring indicate that we need to allow `SYS_open_dprotected_np` in the GPU Process. These calls are already used in the WebContent and Network sandboxes.

Attachments
Add attachment proposed patch, testcase, etc.

Brent Fulgham

Comment 1 2024-06-27 12:40:54 PDT

<rdar://128572367>

Brent Fulgham

Comment 2 2024-06-27 12:51:39 PDT

Pull request: https://github.com/WebKit/WebKit/pull/30242

EWS

Comment 3 2024-06-28 16:34:58 PDT

Committed 280484@main (6fbe1f6d7f5d): <https://commits.webkit.org/280484@main> Reviewed commits have been landed. Closing PR #30242 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component WebKit2

Assignee

Brent Fulgham

Reported

2024-06-27 12:38 PDT

Modified

2024-06-28 16:34 PDT History

CC List

2 users Show

URL

Keywords InRadar

Depends on

Blocks