Changeset 232604 in webkit
- Timestamp:
- Jun 7, 2018 4:14:04 PM (6 years ago)
- Location:
- trunk
- Files:
-
- 14 edited
- 2 copied
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r232602 r232604 1 2018-06-07 Tadeu Zagallo <tzagallo@apple.com> 2 3 Don't try to allocate JIT memory if we don't have the JIT entitlement 4 https://bugs.webkit.org/show_bug.cgi?id=182605 5 <rdar://problem/38271229> 6 7 Reviewed by Mark Lam. 8 9 Check that the current process has the correct entitlements before 10 trying to allocate JIT memory to silence warnings. 11 12 * jit/ExecutableAllocator.cpp: 13 (JSC::allowJIT): Helper that checks entitlements on iOS and returns true in other platforms 14 (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator): check allowJIT before trying to allocate 15 1 16 2018-06-07 Saam Barati <sbarati@apple.com> 2 17 -
trunk/Source/JavaScriptCore/jit/ExecutableAllocator.cpp
r231175 r232604 39 39 #endif 40 40 41 #if PLATFORM(IOS) 42 #include <wtf/cocoa/Entitlements.h> 43 #endif 44 41 45 #include "LinkBuffer.h" 42 46 #include "MacroAssembler.h" … … 111 115 #endif 112 116 117 static bool allowJIT() 118 { 119 #if PLATFORM(IOS) && (CPU(ARM64) || CPU(ARM)) 120 return processHasEntitlement("dynamic-codesigning"); 121 #else 122 return true; 123 #endif 124 } 125 113 126 class FixedVMPoolExecutableAllocator : public MetaAllocator { 114 127 WTF_MAKE_FAST_ALLOCATED; … … 117 130 : MetaAllocator(jitAllocationGranule) // round up all allocations to 32 bytes 118 131 { 132 if (!allowJIT()) 133 return; 134 119 135 size_t reservationSize; 120 136 if (Options::jitMemoryReservationSize()) -
trunk/Source/WTF/ChangeLog
r232528 r232604 1 2018-06-07 Tadeu Zagallo <tzagallo@apple.com> 2 3 Don't try to allocate JIT memory if we don't have the JIT entitlement 4 https://bugs.webkit.org/show_bug.cgi?id=182605 5 <rdar://problem/38271229> 6 7 Reviewed by Mark Lam. 8 9 Move processHasEntitlement from Source/WebKit/Shared/mac/SandboxUtilities.h 10 into WTF so JavaScriptCore can also use it. 11 12 * WTF.xcodeproj/project.pbxproj: 13 * wtf/PlatformMac.cmake: 14 * wtf/cocoa/Entitlements.cpp: 15 (WTF::processHasEntitlement): 16 * wtf/cocoa/Entitlements.h: 17 * wtf/spi/cocoa/SecuritySPI.h: 18 1 19 2018-06-05 Darin Adler <darin@apple.com> 2 20 -
trunk/Source/WTF/WTF.xcodeproj/project.pbxproj
r232528 r232604 45 45 0FFF19DC1BB334EB00886D91 /* ParallelHelperPool.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FFF19DA1BB334EB00886D91 /* ParallelHelperPool.cpp */; }; 46 46 14022F4118F5C3FC007FF0EB /* libbmalloc.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 14022F4018F5C3FC007FF0EB /* libbmalloc.a */; }; 47 143DDE9620C8BC37007F76FA /* Entitlements.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 143DDE9520C8BC37007F76FA /* Entitlements.cpp */; }; 47 48 143F611F1565F0F900DB514A /* RAMSize.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 143F611D1565F0F900DB514A /* RAMSize.cpp */; }; 48 49 1447AEC618FCE57700B3D7FF /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 1447AEC518FCE57700B3D7FF /* Foundation.framework */; }; … … 269 270 132743924FC54E469F5A8E6E /* StdUnorderedSet.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = StdUnorderedSet.h; sourceTree = "<group>"; }; 270 271 14022F4018F5C3FC007FF0EB /* libbmalloc.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; path = libbmalloc.a; sourceTree = BUILT_PRODUCTS_DIR; }; 272 143DDE9520C8BC37007F76FA /* Entitlements.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = Entitlements.cpp; sourceTree = "<group>"; }; 273 143DDE9720C8BE99007F76FA /* Entitlements.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Entitlements.h; sourceTree = "<group>"; }; 271 274 143F611D1565F0F900DB514A /* RAMSize.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RAMSize.cpp; sourceTree = "<group>"; }; 272 275 143F611E1565F0F900DB514A /* RAMSize.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RAMSize.h; sourceTree = "<group>"; }; … … 1316 1319 children = ( 1317 1320 E38C41241EB4E04C0042957D /* CPUTimeCocoa.mm */, 1321 143DDE9520C8BC37007F76FA /* Entitlements.cpp */, 1322 143DDE9720C8BE99007F76FA /* Entitlements.h */, 1318 1323 7A6EBA3320746C34004F9C44 /* MachSendRight.cpp */, 1319 1324 ADF2CE651E39F106006889DB /* MemoryFootprintCocoa.cpp */, … … 1466 1471 A8A473B0151A825B004123FF /* double-conversion.cc in Sources */, 1467 1472 A8A473BA151A825B004123FF /* dtoa.cpp in Sources */, 1473 143DDE9620C8BC37007F76FA /* Entitlements.cpp in Sources */, 1468 1474 A8A473B3151A825B004123FF /* fast-dtoa.cc in Sources */, 1469 1475 0F7C5FB61D885CF20044F5E2 /* FastBitVector.cpp in Sources */, -
trunk/Source/WTF/wtf/PlatformMac.cmake
r230269 r232604 11 11 cf/TypeCastsCF.h 12 12 13 cocoa/Entitlements.h 13 14 cocoa/MachSendRight.h 14 15 cocoa/SoftLinking.h … … 44 45 45 46 cocoa/CPUTimeCocoa.mm 47 cocoa/Entitlements.cpp 46 48 cocoa/MachSendRight.cpp 47 49 cocoa/MemoryFootprintCocoa.cpp -
trunk/Source/WTF/wtf/cocoa/Entitlements.cpp
r232603 r232604 1 1 /* 2 * Copyright (C) 201 4Apple Inc. All rights reserved.2 * Copyright (C) 2018 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 24 24 */ 25 25 26 #pragma once 26 #include "config.h" 27 #include "Entitlements.h" 27 28 28 #import <sys/types.h> 29 #import <wtf/Forward.h> 30 #import <wtf/spi/darwin/XPCSPI.h> 29 #include <wtf/RetainPtr.h> 30 #include <wtf/spi/cocoa/SecuritySPI.h> 31 31 32 namespace W ebKit{32 namespace WTF { 33 33 34 bool connectedProcessIsSandboxed(xpc_connection_t); 35 bool currentProcessIsSandboxed(); 36 bool processHasContainer(); 34 bool processHasEntitlement(const char* entitlement) 35 { 36 auto task = adoptCF(SecTaskCreateFromSelf(kCFAllocatorDefault)); 37 if (!task) 38 return false; 37 39 38 // Returns an empty string if the process is not in a container. 39 String pathForProcessContainer(); 40 auto cfEntitlement = adoptCF(CFStringCreateWithCStringNoCopy(kCFAllocatorDefault, entitlement, kCFStringEncodingUTF8, kCFAllocatorNull)); 41 auto value = adoptCF(SecTaskCopyValueForEntitlement(task.get(), cfEntitlement.get(), nullptr)); 42 if (!value) 43 return false; 40 44 41 bool processHasEntitlement(NSString *entitlement); 42 bool connectedProcessHasEntitlement(xpc_connection_t, const char *entitlement);45 if (CFGetTypeID(value.get()) != CFBooleanGetTypeID()) 46 return false; 43 47 48 return CFBooleanGetValue(static_cast<CFBooleanRef>(value.get())); 44 49 } 50 51 } // namespace WTF -
trunk/Source/WTF/wtf/cocoa/Entitlements.h
r232603 r232604 1 1 /* 2 * Copyright (C) 201 4Apple Inc. All rights reserved.2 * Copyright (C) 2018 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 24 24 */ 25 25 26 # pragma once26 #if PLATFORM(COCOA) 27 27 28 #import <sys/types.h> 29 #import <wtf/Forward.h> 30 #import <wtf/spi/darwin/XPCSPI.h> 28 namespace WTF { 31 29 32 namespace WebKit { 30 WTF_EXPORT bool processHasEntitlement(const char* entitlement); 33 31 34 bool connectedProcessIsSandboxed(xpc_connection_t); 35 bool currentProcessIsSandboxed(); 36 bool processHasContainer(); 32 } // namespace WTF 37 33 38 // Returns an empty string if the process is not in a container. 39 String pathForProcessContainer(); 40 41 bool processHasEntitlement(NSString *entitlement); 42 bool connectedProcessHasEntitlement(xpc_connection_t, const char *entitlement); 43 44 } 34 #endif -
trunk/Source/WTF/wtf/spi/cocoa/SecuritySPI.h
r229168 r232604 38 38 #else 39 39 40 #include <Security/SecBase.h> 41 40 42 typedef uint32_t SecSignatureHashAlgorithm; 41 43 enum { … … 60 62 61 63 typedef struct __SecTask *SecTaskRef; 64 typedef struct __SecTrust *SecTrustRef; 62 65 63 66 WTF_EXTERN_C_BEGIN -
trunk/Source/WebKit/ChangeLog
r232601 r232604 1 2018-06-07 Tadeu Zagallo <tzagallo@apple.com> 2 3 Don't try to allocate JIT memory if we don't have the JIT entitlement 4 https://bugs.webkit.org/show_bug.cgi?id=182605 5 <rdar://problem/38271229> 6 7 Reviewed by Mark Lam. 8 9 Remove processHasEntitlement, which was moved into WTF and update all call sites. 10 11 * Shared/mac/SandboxUtilities.h: 12 * Shared/mac/SandboxUtilities.mm: 13 (WebKit::processHasEntitlement): Deleted. 14 * UIProcess/API/Cocoa/WKWebView.mm: 15 (-[WKWebView _initializeWithConfiguration:]): 16 * UIProcess/ApplicationStateTracker.mm: 17 (WebKit::applicationType): 18 * UIProcess/ios/WKActionSheetAssistant.mm: 19 (applicationHasAppLinkEntitlements): 20 1 21 2018-06-07 Tim Horton <timothy_horton@apple.com> 2 22 -
trunk/Source/WebKit/Shared/mac/SandboxUtilities.h
r228933 r232604 39 39 String pathForProcessContainer(); 40 40 41 bool processHasEntitlement(NSString *entitlement);42 41 bool connectedProcessHasEntitlement(xpc_connection_t, const char *entitlement); 43 42 -
trunk/Source/WebKit/Shared/mac/SandboxUtilities.mm
r228933 r232604 30 30 #import <sys/param.h> 31 31 #import <wtf/OSObjectPtr.h> 32 #import <wtf/ spi/cocoa/SecuritySPI.h>32 #import <wtf/cocoa/Entitlements.h> 33 33 #import <wtf/spi/darwin/SandboxSPI.h> 34 34 #import <wtf/spi/darwin/XPCSPI.h> … … 78 78 } 79 79 80 bool processHasEntitlement(NSString *entitlement)81 {82 auto task = adoptCF(SecTaskCreateFromSelf(CFAllocatorGetDefault()));83 if (!task)84 return false;85 86 auto value = adoptCF(SecTaskCopyValueForEntitlement(task.get(), (__bridge CFStringRef)entitlement, nullptr));87 if (!value)88 return false;89 90 if (CFGetTypeID(value.get()) != CFBooleanGetTypeID())91 return false;92 93 return CFBooleanGetValue(static_cast<CFBooleanRef>(value.get()));94 }95 96 80 bool connectedProcessHasEntitlement(xpc_connection_t connection, const char *entitlement) 97 81 { -
trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm
r232601 r232604 47 47 #import "RemoteObjectRegistry.h" 48 48 #import "RemoteObjectRegistryMessages.h" 49 #import "SandboxUtilities.h"50 49 #import "UIDelegate.h" 51 50 #import "UserMediaProcessManager.h" … … 152 151 #import <pal/spi/cg/CoreGraphicsSPI.h> 153 152 #import <pal/spi/cocoa/QuartzCoreSPI.h> 153 #import <wtf/cocoa/Entitlements.h> 154 154 155 155 #define RELEASE_LOG_IF_ALLOWED(...) RELEASE_LOG_IF(_page && _page->isAlwaysOnLoggingAllowed(), ViewState, __VA_ARGS__) … … 619 619 620 620 #if PLATFORM(IOS) && ENABLE(SERVICE_WORKER) 621 if (!W ebKit::processHasEntitlement(@"com.apple.developer.WebKit.ServiceWorkers"))621 if (!WTF::processHasEntitlement("com.apple.developer.WebKit.ServiceWorkers")) 622 622 pageConfiguration->preferenceValues().set(WebKit::WebPreferencesKey::serviceWorkersEnabledKey(), WebKit::WebPreferencesStore::Value(false)); 623 623 #endif -
trunk/Source/WebKit/UIProcess/ApplicationStateTracker.mm
r222422 r232604 33 33 #import "UIKitSPI.h" 34 34 #import <wtf/ObjcRuntimeExtras.h> 35 #import <wtf/cocoa/Entitlements.h> 35 36 #import <wtf/spi/cocoa/SecuritySPI.h> 36 37 … … 55 56 return ApplicationType::Extension; 56 57 57 if ( processHasEntitlement(@"com.apple.UIKit.vends-view-services") && window._isHostedInAnotherProcess)58 if (WTF::processHasEntitlement("com.apple.UIKit.vends-view-services") && window._isHostedInAnotherProcess) 58 59 return ApplicationType::ViewService; 59 60 -
trunk/Source/WebKit/UIProcess/ios/WKActionSheetAssistant.mm
r232082 r232604 30 30 31 31 #import "APIUIClient.h" 32 #import "SandboxUtilities.h"33 32 #import "TCCSPI.h" 34 33 #import "UIKitSPI.h" … … 46 45 #import <wtf/SoftLinking.h> 47 46 #import <wtf/WeakObjCPtr.h> 47 #import <wtf/cocoa/Entitlements.h> 48 48 #import <wtf/text/WTFString.h> 49 49 … … 67 67 static bool applicationHasAppLinkEntitlements() 68 68 { 69 static bool hasEntitlement = processHasEntitlement(@"com.apple.private.canGetAppLinkInfo") && processHasEntitlement(@"com.apple.private.canModifyAppLinkPermissions");69 static bool hasEntitlement = WTF::processHasEntitlement("com.apple.private.canGetAppLinkInfo") && WTF::processHasEntitlement("com.apple.private.canModifyAppLinkPermissions"); 70 70 return hasEntitlement; 71 71 } -
trunk/Tools/ChangeLog
r232603 r232604 1 2018-06-07 Tadeu Zagallo <tzagallo@apple.com> 2 3 Don't try to allocate JIT memory if we don't have the JIT entitlement 4 https://bugs.webkit.org/show_bug.cgi?id=182605 5 <rdar://problem/38271229> 6 7 Reviewed by Mark Lam. 8 9 Add the Security framework to the TestWTF target, since it's required by the new function to check the entitlements. 10 11 * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: 12 1 13 2018-06-07 Mark Lam <mark.lam@apple.com> 2 14 -
trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
r232502 r232604 48 48 0F5651F91FCE513500310FBC /* scroll-to-anchor.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 0F5651F81FCE50E800310FBC /* scroll-to-anchor.html */; }; 49 49 115EB3431EE0BA03003C2C0A /* ViewportSizeForViewportUnits.mm in Sources */ = {isa = PBXBuildFile; fileRef = 115EB3421EE0B720003C2C0A /* ViewportSizeForViewportUnits.mm */; }; 50 143DDE9820C9018B007F76FA /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 574F55D0204D471C002948C6 /* Security.framework */; }; 50 51 1A02C870125D4CFD00E3F4BD /* find.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 1A02C84B125D4A5E00E3F4BD /* find.html */; }; 51 52 1A3524AE1D63A4FB0031729B /* Scope.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 1A3524AC1D63A4FB0031729B /* Scope.cpp */; }; … … 2021 2022 files = ( 2022 2023 93F56DA71E5F9174003EDE84 /* libicucore.dylib in Frameworks */, 2024 143DDE9820C9018B007F76FA /* Security.framework in Frameworks */, 2023 2025 ); 2024 2026 runOnlyForDeploymentPostprocessing = 0;
Note: See TracChangeset
for help on using the changeset viewer.