Context Navigation

← Previous Changeset
Next Changeset →

Changeset 248832 in webkit

Timestamp:

Aug 18, 2019 12:38:08 PM (5 years ago)

Author:

pvollan@apple.com

Message:

[Mac] Use the PID of the WebContent process when issuing local file read sandbox extensions
https://bugs.webkit.org/show_bug.cgi?id=200543
<rdar://problem/49394015>
Source/WebKit:

Reviewed by Brent Fulgham.

Adopt SPI to issue a process-specific sandbox extension for local file read, passing it the process
identifier of the WebContent process.

Shared/Cocoa/SandboxExtensionCocoa.mm:

(WebKit::SandboxExtensionImpl::sandboxExtensionForType):
(WebKit::SandboxExtension::createHandleForReadByPid):

Shared/SandboxExtension.h:
UIProcess/Cocoa/WebPageProxyCocoa.mm:

(WebKit::WebPageProxy::createSandboxExtensionsIfNeeded):

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
(WebKit::WebPageProxy::loadFile):

Source/WTF:

Reviewed by Brent Fulgham.

Add new SPI.

wtf/Platform.h:
wtf/spi/darwin/SandboxSPI.h:

Location:

trunk/Source

Files:

: 8 edited

WTF/ChangeLog (modified) (1 diff)
WTF/wtf/Platform.h (modified) (1 diff)
WTF/wtf/spi/darwin/SandboxSPI.h (modified) (1 diff)
WebKit/ChangeLog (modified) (1 diff)
WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm (modified) (2 diffs)
WebKit/Shared/SandboxExtension.h (modified) (2 diffs)
WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm (modified) (1 diff)
WebKit/UIProcess/WebPageProxy.cpp (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/Source/WTF/ChangeLog

-                      r248831
+                      r248832
+-08-18  Per Arne Vollan  <pvollan@apple.com>
+        [Mac] Use the PID of the WebContent process when issuing local file read sandbox extensions
+        https://bugs.webkit.org/show_bug.cgi?id=200543
+        <rdar://problem/49394015>
+        Reviewed by Brent Fulgham.
+        Add new SPI.
+        * wtf/Platform.h:
+        * wtf/spi/darwin/SandboxSPI.h:
 -08-17  Darin Adler  <darin@apple.com>

trunk/Source/WTF/wtf/Platform.h

-                      r248823
+                      r248832
 #endif
+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101400)
+#define HAVE_SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_PID 1
+#endif
 #if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101500) || (PLATFORM(IOS_FAMILY) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 130000)
 #define HAVE_MDNS_FAST_REGISTRATION 1

trunk/Source/WTF/wtf/spi/darwin/SandboxSPI.h

-                      r248731
+                      r248832
 extern const enum sandbox_filter_type SANDBOX_CHECK_NO_REPORT;
+extern const uint32_t SANDBOX_EXTENSION_USER_INTENT;
 char *sandbox_extension_issue_file(const char *extension_class, const char *path, uint32_t flags);
 char *sandbox_extension_issue_generic(const char *extension_class, uint32_t flags);
 char *sandbox_extension_issue_mach_to_process_by_pid(const char *extension_class, const char *name, uint32_t flags, pid_t);
+char *sandbox_extension_issue_file_to_process_by_pid(const char *extension_class, const char *path, uint32_t flags, pid_t);
 int sandbox_check(pid_t, const char *operation, enum sandbox_filter_type, ...);
 int sandbox_check_by_audit_token(audit_token_t, const char *operation, enum sandbox_filter_type, ...);

trunk/Source/WebKit/ChangeLog

-                      r248828
+                      r248832
+-08-18  Per Arne Vollan  <pvollan@apple.com>
+        [Mac] Use the PID of the WebContent process when issuing local file read sandbox extensions
+        https://bugs.webkit.org/show_bug.cgi?id=200543
+        <rdar://problem/49394015>
+        Reviewed by Brent Fulgham.
+        Adopt SPI to issue a process-specific sandbox extension for local file read, passing it the process
+        identifier of the WebContent process.
+        * Shared/Cocoa/SandboxExtensionCocoa.mm:
+        (WebKit::SandboxExtensionImpl::sandboxExtensionForType):
+        (WebKit::SandboxExtension::createHandleForReadByPid):
+        * Shared/SandboxExtension.h:
+        * UIProcess/Cocoa/WebPageProxyCocoa.mm:
+        (WebKit::WebPageProxy::createSandboxExtensionsIfNeeded):
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
+        (WebKit::WebPageProxy::loadFile):
 -08-17  Tim Horton  <timothy_horton@apple.com>

trunk/Source/WebKit/Shared/Cocoa/SandboxExtensionCocoa.mm

-                      r248762
+                      r248832
         case SandboxExtension::Type::Generic:
             return sandbox_extension_issue_generic(path, 0);
+        case SandboxExtension::Type::ReadByPid:
+#if HAVE(SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_PID)
+            return sandbox_extension_issue_file_to_process_by_pid(APP_SANDBOX_READ, path, SANDBOX_EXTENSION_USER_INTENT, pid.value());
+#else
+            UNUSED_PARAM(pid);
+            ASSERT_NOT_REACHED();
+            return nullptr;
+#endif
+        }
+    }
 …
+}
+bool SandboxExtension::createHandleForReadByPid(const String& path, ProcessID pid, Handle& handle)
+{
+    ASSERT(!handle.m_sandboxExtension);
+    if (!pid)
+        return false;
+    handle.m_sandboxExtension = SandboxExtensionImpl::create(path.utf8().data(), Type::ReadByPid, pid);
+    if (!handle.m_sandboxExtension) {
+        WTFLogAlways("Could not create sandbox extension");
+        return false;
+    }
+    return true;
+}
 SandboxExtension::SandboxExtension(const Handle& handle)
     : m_sandboxExtension(WTFMove(handle.m_sandboxExtension))

trunk/Source/WebKit/Shared/SandboxExtension.h

-                      r248731
+                      r248832
         Mach,
         Generic,
+        ReadByPid
     };
 …
     static bool createHandleForGenericExtension(const String& extensionClass, Handle&);
     static bool createHandleForMachLookupByPid(const String& service, ProcessID, Handle&);
+    static bool createHandleForReadByPid(const String& path, ProcessID, Handle&);
     ~SandboxExtension();

trunk/Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm

-                      r248713
+                      r248832
         BOOL isDirectory;
         if ([[NSFileManager defaultManager] fileExistsAtPath:files[0] isDirectory:&isDirectory] && !isDirectory) {
+#if HAVE(SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_PID)
+            if (!SandboxExtension::createHandleForReadByPid("/", processIdentifier(), fileReadHandle))
+#endif
             SandboxExtension::createHandle("/", SandboxExtension::Type::ReadOnly, fileReadHandle);
             willAcquireUniversalFileReadSandboxExtension(m_process);

trunk/Source/WebKit/UIProcess/WebPageProxy.cpp

-                      r248731
+                      r248832
     ASSERT_WITH_SECURITY_IMPLICATION(!WebKit::isInspectorPage(*this));
+#if HAVE(SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_PID)
+    if (SandboxExtension::createHandleForReadByPid("/", process.processIdentifier(), sandboxExtensionHandle)) {
+        willAcquireUniversalFileReadSandboxExtension(process);
+        return;
+    }
+#endif
     if (SandboxExtension::createHandle("/", SandboxExtension::Type::ReadOnly, sandboxExtensionHandle)) {
         willAcquireUniversalFileReadSandboxExtension(process);
 …
     loadParameters.shouldOpenExternalURLsPolicy = ShouldOpenExternalURLsPolicy::ShouldNotAllow;
     loadParameters.userData = UserData(process().transformObjectsToHandles(userData).get());
+#if HAVE(SANDBOX_ISSUE_READ_EXTENSION_TO_PROCESS_BY_PID)
+    if (!SandboxExtension::createHandleForReadByPid(resourceDirectoryPath, processIdentifier(), loadParameters.sandboxExtensionHandle))
+#endif
     SandboxExtension::createHandle(resourceDirectoryPath, SandboxExtension::Type::ReadOnly, loadParameters.sandboxExtensionHandle);
     addPlatformLoadParameters(loadParameters);

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 248832 in webkit

Legend:

Download in other formats: