Bug 275964 - [Cocoa][macOS] Allow additional syscall in GPU sandbox
Summary: [Cocoa][macOS] Allow additional syscall in GPU sandbox
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit2 (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Brent Fulgham
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2024-06-27 12:38 PDT by Brent Fulgham
Modified: 2024-06-28 16:34 PDT (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2024-06-27 12:38:47 PDT 
Telemetry and performance monitoring indicate that we need to allow `SYS_open_dprotected_np` in the GPU Process. These calls are already used in the WebContent and Network sandboxes.
Comment 1 Brent Fulgham 2024-06-27 12:40:54 PDT 
<rdar://128572367>
Comment 2 Brent Fulgham 2024-06-27 12:51:39 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/30242
Comment 3 EWS 2024-06-28 16:34:58 PDT 
Committed 280484@main (6fbe1f6d7f5d): <https://commits.webkit.org/280484@main>

Reviewed commits have been landed. Closing PR #30242 and removing active labels.