Context Navigation

Changeset 248440 in webkit

Timestamp:

Aug 8, 2019 1:32:41 PM (5 years ago)

Author:

pvollan@apple.com

Message:

[Mac] Use the PID of the WebContent process when issuing local file read sandbox extensions
https://bugs.webkit.org/show_bug.cgi?id=200543
Source/WebKit:

Reviewed by Brent Fulgham.

Adopt SPI to issue a process-specific sandbox extension for local file read, passing it the process
identifier of the WebContent process.

(WebKit::SandboxExtensionImpl::sandboxExtensionForType):
(WebKit::SandboxExtension::createHandleForReadByPid):

(WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):

Source/WTF:

<rdar://problem/49394015>

Reviewed by Brent Fulgham.

Add new SPI.

Location:

trunk/Source

Files:

-                      r248386
+                      r248440
+-08-08  Per Arne Vollan  <pvollan@apple.com>
+        [Mac] Use the PID of the WebContent process when issuing local file read sandbox extensions
+        https://bugs.webkit.org/show_bug.cgi?id=200543
+        <rdar://problem/49394015>
+        Reviewed by Brent Fulgham.
+        Add new SPI.
+        * wtf/Platform.h:
+        * wtf/spi/darwin/SandboxSPI.h:
 -08-07  Chris Dumez  <cdumez@apple.com>

-                      r248319
+                      r248440
 #endif
+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101400) || (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 130000)
+#define HAVE_SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_PID 1
+#endif
 #if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101500) || (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 130000)
 #define HAVE_MDNS_FAST_REGISTRATION 1

r243034	r248440
65	65	char sandbox_extension_issue_generic(const char extension_class, uint32_t flags);
66	66	char sandbox_extension_issue_mach_to_process_by_pid(const char extension_class, const char *name, uint32_t flags, pid_t);
	67	char sandbox_extension_issue_file_to_process_by_pid(const char extension_class, const char *path, uint32_t flags, pid_t);
67	68	int sandbox_check(pid_t, const char *operation, enum sandbox_filter_type, ...);
68	69	int sandbox_check_by_audit_token(audit_token_t, const char *operation, enum sandbox_filter_type, ...);

-                      r248438
+                      r248440
+-08-08  Per Arne Vollan  <pvollan@apple.com>
+        [Mac] Use the PID of the WebContent process when issuing local file read sandbox extensions
+        https://bugs.webkit.org/show_bug.cgi?id=200543
+        Reviewed by Brent Fulgham.
+        Adopt SPI to issue a process-specific sandbox extension for local file read, passing it the process
+        identifier of the WebContent process.
+        * Shared/Cocoa/SandboxExtensionCocoa.mm:
+        (WebKit::SandboxExtensionImpl::sandboxExtensionForType):
+        (WebKit::SandboxExtension::createHandleForReadByPid):
+        * Shared/SandboxExtension.h:
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
 -08-08  Said Abou-Hallawa  <sabouhallawa@apple.com>

-                      r244969
+                      r248440
         case SandboxExtension::Type::Generic:
             return sandbox_extension_issue_generic(path, 0);
+        case SandboxExtension::Type::ReadByPid:
+#if HAVE(SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_PID)
+            return sandbox_extension_issue_file_to_process_by_pid(APP_SANDBOX_READ, path, 0, pid.value());
+#else
+            UNUSED_PARAM(pid);
+            ASSERT_NOT_REACHED();
+            return nullptr;
+#endif
+        }
+    }
 …
+}
+bool SandboxExtension::createHandleForReadByPid(const String& path, ProcessID pid, Handle& handle)
+{
+    ASSERT(!handle.m_sandboxExtension);
+    handle.m_sandboxExtension = SandboxExtensionImpl::create(path.utf8().data(), Type::ReadByPid, pid);
+    if (!handle.m_sandboxExtension) {
+        WTFLogAlways("Could not create a '%s' sandbox extension", path.utf8().data());
+        return false;
+    }
+    return true;
+}
 SandboxExtension::SandboxExtension(const Handle& handle)
     : m_sandboxExtension(WTFMove(handle.m_sandboxExtension))

-                      r243054
+                      r248440
         Mach,
         Generic,
+        ReadByPid
     };
 …
     static bool createHandleForGenericExtension(const String& extensionClass, Handle&);
     static bool createHandleForMachLookupByPid(const String& service, ProcessID, Handle&);
+    static bool createHandleForReadByPid(const String& path, ProcessID, Handle&);
     ~SandboxExtension();

-                      r248338
+                      r248440
     ASSERT_WITH_SECURITY_IMPLICATION(!WebKit::isInspectorPage(*this));
+#if PLATFORM(MAC) && HAVE(SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_PID)
+    if (SandboxExtension::createHandleForReadByPid("/", processIdentifier(), sandboxExtensionHandle)) {
+#else
     if (SandboxExtension::createHandle("/", SandboxExtension::Type::ReadOnly, sandboxExtensionHandle)) {
+#endif
         willAcquireUniversalFileReadSandboxExtension(process);
         return;
 …
     auto baseURL = URL(URL(), url.baseAsString());
     auto basePath = baseURL.fileSystemPath();
+    if (!basePath.isNull() && SandboxExtension::createHandle(basePath, SandboxExtension::Type::ReadOnly, sandboxExtensionHandle))
+    if (basePath.isNull())
+        return;
+#if PLATFORM(MAC) && HAVE(SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_PID)
+    if (SandboxExtension::createHandleForReadByPid(basePath, processIdentifier(), sandboxExtensionHandle))
+#else
+    if (SandboxExtension::createHandle(basePath, SandboxExtension::Type::ReadOnly, sandboxExtensionHandle))
+#endif
         m_process->assumeReadAccessToBaseURL(*this, baseURL);
+}

Note: See TracChangeset for help on using the changeset viewer.