Context Navigation

← Previous Changeset
Next Changeset →

Changeset 265087 in webkit

Timestamp:

Jul 30, 2020 9:36:29 AM (4 years ago)

Author:

pvollan@apple.com

Message:

Remember to check entitlement before communicating over XPC
https://bugs.webkit.org/show_bug.cgi?id=214825

Reviewed by Brent Fulgham.

Remember to check entitlement before communicating over XPC with another WebKit process. This needs to be done
to make sure that it really is a WebKit process on the other end.

NetworkProcess/NetworkProcess.cpp:

(WebKit::m_messagePortChannelRegistry):

Shared/Cocoa/XPCEndpoint.mm:

(WebKit::XPCEndpoint::XPCEndpoint):

Shared/Cocoa/XPCEndpointClient.mm:

(WebKit::XPCEndpointClient::setEndpoint):

WebProcess/WebPage/Cocoa/WebPageCocoa.mm:

(WebKit::WebPage::platformDidReceiveLoadParameters):

WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::handleXPCEndpointMessages const):

Location:

trunk/Source/WebKit

Files:

: 6 edited

ChangeLog (modified) (1 diff)
NetworkProcess/NetworkProcess.cpp (modified) (1 diff)
Shared/Cocoa/XPCEndpoint.mm (modified) (1 diff)
Shared/Cocoa/XPCEndpointClient.mm (modified) (1 diff)
WebProcess/WebPage/Cocoa/WebPageCocoa.mm (modified) (1 diff)
WebProcess/cocoa/WebProcessCocoa.mm (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/Source/WebKit/ChangeLog

-                      r265085
+                      r265087
+-07-30  Per Arne Vollan  <pvollan@apple.com>
+        Remember to check entitlement before communicating over XPC
+        https://bugs.webkit.org/show_bug.cgi?id=214825
+        Reviewed by Brent Fulgham.
+        Remember to check entitlement before communicating over XPC with another WebKit process. This needs to be done
+        to make sure that it really is a WebKit process on the other end.
+        * NetworkProcess/NetworkProcess.cpp:
+        (WebKit::m_messagePortChannelRegistry):
+        * Shared/Cocoa/XPCEndpoint.mm:
+        (WebKit::XPCEndpoint::XPCEndpoint):
+        * Shared/Cocoa/XPCEndpointClient.mm:
+        (WebKit::XPCEndpointClient::setEndpoint):
+        * WebProcess/WebPage/Cocoa/WebPageCocoa.mm:
+        (WebKit::WebPage::platformDidReceiveLoadParameters):
+        * WebProcess/cocoa/WebProcessCocoa.mm:
+        (WebKit::WebProcess::handleXPCEndpointMessages const):
 -07-30  Kate Cheney  <katherine_cheney@apple.com>

trunk/Source/WebKit/NetworkProcess/NetworkProcess.cpp

r264846	r265087
166	166	addSupplement<LegacyCustomProtocolManager>();
167	167	#endif
168		#if ~~PLATFORM(COCOA~~)
	168	#if HAVE(LSDATABASECONTEXT)
169	169	addSupplement<LaunchServicesDatabaseObserver>();
170	170	#endif

trunk/Source/WebKit/Shared/Cocoa/XPCEndpoint.mm

-                      r264806
+                      r265087
         if (type == XPC_TYPE_CONNECTION) {
             OSObjectPtr<xpc_connection_t> connection = message;
+            audit_token_t auditToken;
+            xpc_connection_get_audit_token(connection.get(), &auditToken);
+            auto pid = xpc_connection_get_pid(connection.get());
+            if (!WTF::hasEntitlement(auditToken, "com.apple.private.webkit.use-xpc-endpoint")) {
+                // Uncomment before landing; this is commented out because the bots does not seem to update the entitlements on incremental builds.
+                // WTFLogAlways("Audit token does not have required entitlement");
+                // return;
+            if (pid != getpid() && !WTF::hasEntitlement(connection.get(), "com.apple.private.webkit.use-xpc-endpoint")) {
+                WTFLogAlways("Audit token does not have required entitlement com.apple.private.webkit.use-xpc-endpoint");
+                return;
+            }
             xpc_connection_set_target_queue(connection.get(), dispatch_get_main_queue());

trunk/Source/WebKit/Shared/Cocoa/XPCEndpointClient.mm

-                      r264199
+                      r265087
             if (!connection)
                 return;
+            audit_token_t auditToken;
+            xpc_connection_get_audit_token(connection, &auditToken);
+            if (!WTF::hasEntitlement(auditToken, "com.apple.private.webkit.use-xpc-endpoint")) {
+                // Uncomment before landing; this is commented out because the bots does not seem to update the entitlements on incremental builds.
+                // WTFLogAlways("Audit token does not have required entitlement");
+                // return;
+            auto pid = xpc_connection_get_pid(connection);
+            if (pid != getpid() && !WTF::hasEntitlement(connection, "com.apple.private.webkit.use-xpc-endpoint")) {
+                WTFLogAlways("Audit token does not have required entitlement com.apple.private.webkit.use-xpc-endpoint");
+                return;
+            }
             handleEvent(message);

trunk/Source/WebKit/WebProcess/WebPage/Cocoa/WebPageCocoa.mm

-                      r264546
+                      r265087
 void WebPage::platformDidReceiveLoadParameters(const LoadParameters& parameters)
+{
+#if HAVE(LSDATABASECONTEXT)
     bool databaseUpdated = LaunchServicesDatabaseManager::singleton().waitForDatabaseUpdate(5_s);
     ASSERT_UNUSED(databaseUpdated, databaseUpdated);
     if (!databaseUpdated)
         WTFLogAlways("Timed out waiting for Launch Services database update.");
+#endif
     m_dataDetectionContext = parameters.dataDetectionContext;

trunk/Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm

-                      r265081
+                      r265087
             return;
+#if HAVE(LSDATABASECONTEXT)
         if (messageName == LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseXPCEndpointMessageName) {
             auto endpoint = xpc_dictionary_get_value(event, LaunchServicesDatabaseXPCConstants::xpcLaunchServicesDatabaseXPCEndpointNameKey);
 …
             return;
+        }
+#endif
     });

Note: See TracChangeset for help on using the changeset viewer.