Diff
Modified: trunk/Source/WTF/ChangeLog (273902 => 273903)
--- trunk/Source/WTF/ChangeLog 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WTF/ChangeLog 2021-03-04 18:41:02 UTC (rev 273903)
@@ -1,3 +1,16 @@
+2021-03-04 Chris Dumez <cdu...@apple.com>
+
+ Set ownership of IOSurfaces from the GPUProcess instead of the WebProcess
+ https://bugs.webkit.org/show_bug.cgi?id=222391
+ <rdar://74748353>
+
+ Reviewed by Simon Fraser.
+
+ Add HAVE_IOSURFACE_SET_OWNERSHIP_IDENTITY feature flag to protect uses of the
+ new IOSurfaceSetOwnershipIdentity() SPI.
+
+ * wtf/PlatformHave.h:
+
2021-03-03 Alex Christensen <achristen...@webkit.org>
Limit HashTable entry size to 500 bytes
Modified: trunk/Source/WTF/wtf/PlatformHave.h (273902 => 273903)
--- trunk/Source/WTF/wtf/PlatformHave.h 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WTF/wtf/PlatformHave.h 2021-03-04 18:41:02 UTC (rev 273903)
@@ -305,6 +305,13 @@
#define HAVE_IOSURFACE_SET_OWNERSHIP 1
#endif
+#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 120000) \
+ || (((PLATFORM(IOS) && !PLATFORM(IOS_FAMILY_SIMULATOR)) || PLATFORM(MACCATALYST)) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 150000) \
+ || (PLATFORM(WATCHOS) && !PLATFORM(IOS_FAMILY_SIMULATOR) && __WATCH_OS_VERSION_MIN_REQUIRED >= 80000) \
+ || (PLATFORM(APPLETV) && !PLATFORM(IOS_FAMILY_SIMULATOR) && __TV_OS_VERSION_MIN_REQUIRED >= 150000)
+#define HAVE_IOSURFACE_SET_OWNERSHIP_IDENTITY 1
+#endif
+
#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MAX_ALLOWED >= 110300) \
|| (((PLATFORM(IOS) && !PLATFORM(IOS_FAMILY_SIMULATOR)) || PLATFORM(MACCATALYST)) && __IPHONE_OS_VERSION_MAX_ALLOWED >= 140500) \
|| (PLATFORM(WATCHOS) && !PLATFORM(IOS_FAMILY_SIMULATOR) && __WATCH_OS_VERSION_MAX_ALLOWED >= 70500) \
Modified: trunk/Source/WebCore/ChangeLog (273902 => 273903)
--- trunk/Source/WebCore/ChangeLog 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebCore/ChangeLog 2021-03-04 18:41:02 UTC (rev 273903)
@@ -1,3 +1,21 @@
+2021-03-04 Chris Dumez <cdu...@apple.com>
+
+ Set ownership of IOSurfaces from the GPUProcess instead of the WebProcess
+ https://bugs.webkit.org/show_bug.cgi?id=222391
+ <rdar://problem/74748353>
+
+ Reviewed by Simon Fraser.
+
+ Replace use of IOSurfaceSetOwnership() SPI with IOSurfaceSetOwnershipIdentity().
+ Both do the same thing but IOSurfaceSetOwnershipIdentity() only requires an identity token
+ for the new owner (instead of a control port). As a result, IOSurfaceSetOwnershipIdentity()
+ requires a lot less priviledges and can now be used directly in the GPUProcess instead of
+ the WebProcess.
+
+ * platform/graphics/cocoa/IOSurface.h:
+ * platform/graphics/cocoa/IOSurface.mm:
+ (WebCore::IOSurface::setOwnershipIdentity):
+
2021-03-04 Keith Miller <keith_mil...@apple.com>
window proxy of detached iframe doesn't respect updates to global values
Modified: trunk/Source/WebCore/PAL/ChangeLog (273902 => 273903)
--- trunk/Source/WebCore/PAL/ChangeLog 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebCore/PAL/ChangeLog 2021-03-04 18:41:02 UTC (rev 273903)
@@ -1,3 +1,16 @@
+2021-03-04 Chris Dumez <cdu...@apple.com>
+
+ Set ownership of IOSurfaces from the GPUProcess instead of the WebProcess
+ https://bugs.webkit.org/show_bug.cgi?id=222391
+ <rdar://74748353>
+
+ Reviewed by Simon Fraser.
+
+ Add declaration for new IOSurfaceSetOwnershipIdentity() SPI, for the open source
+ SDK.
+
+ * pal/spi/cocoa/IOSurfaceSPI.h:
+
2021-03-04 Peng Liu <peng.l...@apple.com>
[GPUProcess] MediaController is using a ClockCM
Modified: trunk/Source/WebCore/PAL/pal/spi/cocoa/IOSurfaceSPI.h (273902 => 273903)
--- trunk/Source/WebCore/PAL/pal/spi/cocoa/IOSurfaceSPI.h 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebCore/PAL/pal/spi/cocoa/IOSurfaceSPI.h 2021-03-04 18:41:02 UTC (rev 273903)
@@ -102,6 +102,10 @@
IOReturn IOSurfaceSetOwnership(IOSurfaceRef buffer, task_t newOwner, int newLedgerTag, uint32_t newLedgerOptions);
#endif // HAVE(IOSURFACE_SET_OWNERSHIP)
+#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY)
+kern_return_t IOSurfaceSetOwnershipIdentity(IOSurfaceRef buffer, mach_port_t task_id_token, int newLedgerTag, uint32_t newLedgerOptions);
+#endif
+
WTF_EXTERN_C_END
#endif
Modified: trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.h (273902 => 273903)
--- trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.h 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.h 2021-03-04 18:41:02 UTC (rev 273903)
@@ -161,7 +161,9 @@
WEBCORE_EXPORT static void convertToFormat(std::unique_ptr<WebCore::IOSurface>&& inSurface, Format, WTF::Function<void(std::unique_ptr<WebCore::IOSurface>)>&&);
#endif // HAVE(IOSURFACE_ACCELERATOR)
- WEBCORE_EXPORT void setOwnership(task_t newOwner);
+#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY)
+ WEBCORE_EXPORT void setOwnershipIdentity(task_id_token_t newOwner);
+#endif
void migrateColorSpaceToProperties();
Modified: trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm (273902 => 273903)
--- trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebCore/platform/graphics/cocoa/IOSurface.mm 2021-03-04 18:41:02 UTC (rev 273903)
@@ -504,19 +504,14 @@
#endif // HAVE(IOSURFACE_ACCELERATOR)
-void IOSurface::setOwnership(task_t newOwner)
+#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY)
+void IOSurface::setOwnershipIdentity(task_id_token_t newOwner)
{
-#if HAVE(IOSURFACE_SET_OWNERSHIP)
- if (!m_surface)
- return;
-
- auto result = IOSurfaceSetOwnership(m_surface.get(), newOwner, kIOSurfaceMemoryLedgerTagGraphics, 0);
+ auto result = IOSurfaceSetOwnershipIdentity(m_surface.get(), newOwner, kIOSurfaceMemoryLedgerTagGraphics, 0);
if (result != kIOReturnSuccess)
- RELEASE_LOG_ERROR(IOSurface, "IOSurface::setOwnership: Failed to claim ownership of IOSurface %p. Error: %d", m_surface.get(), result);
-#else
- UNUSED_PARAM(newOwner);
+ RELEASE_LOG_ERROR(IOSurface, "IOSurface::setOwnershipIdentity: Failed to claim ownership of IOSurface %p, newOwner: %d, error: %d", m_surface.get(), (int)newOwner, result);
+}
#endif
-}
void IOSurface::migrateColorSpaceToProperties()
{
Modified: trunk/Source/WebKit/ChangeLog (273902 => 273903)
--- trunk/Source/WebKit/ChangeLog 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebKit/ChangeLog 2021-03-04 18:41:02 UTC (rev 273903)
@@ -1,3 +1,30 @@
+2021-03-04 Chris Dumez <cdu...@apple.com>
+
+ Set ownership of IOSurfaces from the GPUProcess instead of the WebProcess
+ https://bugs.webkit.org/show_bug.cgi?id=222391
+ <rdar://problem/74748353>
+
+ Reviewed by Simon Fraser.
+
+ Replace use of IOSurfaceSetOwnership() SPI with IOSurfaceSetOwnershipIdentity().
+ Both do the same thing but IOSurfaceSetOwnershipIdentity() only requires an identity token
+ for the new owner (instead of a control port). As a result, IOSurfaceSetOwnershipIdentity()
+ requires a lot less priviledges and can now be used directly in the GPUProcess instead of
+ the WebProcess.
+
+ * GPUProcess/graphics/RemoteGraphicsContextGLCocoa.cpp:
+ (WebKit::RemoteGraphicsContextGLCocoa::prepareForDisplay):
+ * GPUProcess/graphics/RemoteImageBuffer.h:
+ (WebKit::RemoteImageBuffer::setProcessOwnership):
+ * GPUProcess/graphics/RemoteRenderingBackend.cpp:
+ (WebKit::RemoteRenderingBackend::createImageBuffer):
+ * WebProcess/GPU/graphics/RemoteGraphicsContextGLProxy.cpp:
+ (WebKit::RemoteGraphicsContextGLProxy::prepareForDisplay):
+ * WebProcess/GPU/graphics/cocoa/ImageBufferShareableMappedIOSurfaceBackend.cpp:
+ (WebKit::ImageBufferShareableMappedIOSurfaceBackend::create):
+ (WebKit::ImageBufferShareableMappedIOSurfaceBackend::setProcessOwnership):
+ * WebProcess/GPU/graphics/cocoa/ImageBufferShareableMappedIOSurfaceBackend.h:
+
2021-03-04 Youenn Fablet <you...@apple.com>
REGRESSION (r273732): ASSERTION FAILED: Completion handler should always be called under WebKit::RemoteRealtimeMediaSourceProxy::~RemoteRealtimeMediaSourceProxy
Modified: trunk/Source/WebKit/GPUProcess/graphics/RemoteGraphicsContextGLCocoa.cpp (273902 => 273903)
--- trunk/Source/WebKit/GPUProcess/graphics/RemoteGraphicsContextGLCocoa.cpp 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebKit/GPUProcess/graphics/RemoteGraphicsContextGLCocoa.cpp 2021-03-04 18:41:02 UTC (rev 273903)
@@ -72,8 +72,14 @@
{
m_context->prepareForDisplay();
MachSendRight sendRight;
- if (auto* surface = m_swapChain.displayBuffer().surface.get())
+ if (auto* surface = m_swapChain.displayBuffer().surface.get()) {
+#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY)
+ // Mark the IOSurface as being owned by the WebProcess even though it was constructed by the GPUProcess so that Jetsam knows which process to kill.
+ if (m_gpuConnectionToWebProcess)
+ surface->setOwnershipIdentity(m_gpuConnectionToWebProcess->webProcessIdentityToken());
+#endif
sendRight = surface->createSendRight();
+ }
completionHandler(WTFMove(sendRight));
}
Modified: trunk/Source/WebKit/GPUProcess/graphics/RemoteImageBuffer.h (273902 => 273903)
--- trunk/Source/WebKit/GPUProcess/graphics/RemoteImageBuffer.h 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebKit/GPUProcess/graphics/RemoteImageBuffer.h 2021-03-04 18:41:02 UTC (rev 273903)
@@ -65,6 +65,14 @@
context().restore();
}
+#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY)
+ void setProcessOwnership(task_id_token_t newOwner)
+ {
+ if (m_backend)
+ m_backend->setProcessOwnership(newOwner);
+ }
+#endif
+
private:
bool apply(WebCore::DisplayList::ItemHandle item, WebCore::GraphicsContext& context) override
{
Modified: trunk/Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp (273902 => 273903)
--- trunk/Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp 2021-03-04 18:41:02 UTC (rev 273903)
@@ -147,8 +147,15 @@
RefPtr<ImageBuffer> imageBuffer;
- if (renderingMode == RenderingMode::Accelerated)
- imageBuffer = AcceleratedRemoteImageBuffer::create(logicalSize, resolutionScale, colorSpace, pixelFormat, *this, renderingResourceIdentifier);
+ if (renderingMode == RenderingMode::Accelerated) {
+ if (auto acceleratedImageBuffer = AcceleratedRemoteImageBuffer::create(logicalSize, resolutionScale, colorSpace, pixelFormat, *this, renderingResourceIdentifier)) {
+#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY)
+ // Mark the IOSurface as being owned by the WebProcess even though it was constructed by the GPUProcess so that Jetsam knows which process to kill.
+ acceleratedImageBuffer->setProcessOwnership(m_gpuConnectionToWebProcess->webProcessIdentityToken());
+#endif
+ imageBuffer = WTFMove(acceleratedImageBuffer);
+ }
+ }
if (!imageBuffer)
imageBuffer = UnacceleratedRemoteImageBuffer::create(logicalSize, resolutionScale, colorSpace, pixelFormat, *this, renderingResourceIdentifier);
Modified: trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteGraphicsContextGLProxy.cpp (273902 => 273903)
--- trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteGraphicsContextGLProxy.cpp 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteGraphicsContextGLProxy.cpp 2021-03-04 18:41:02 UTC (rev 273903)
@@ -93,9 +93,6 @@
}
auto displayBuffer = IOSurface::createFromSendRight(WTFMove(displayBufferSendRight), sRGBColorSpaceRef());
if (displayBuffer) {
- // Claim in the WebProcess ownership of the IOSurface constructed by the GPUProcess so that Jetsam knows which processes to kill.
- displayBuffer->setOwnership(mach_task_self());
-
auto& sc = platformSwapChain();
sc.recycleBuffer();
sc.present({ WTFMove(displayBuffer), nullptr });
Modified: trunk/Source/WebKit/WebProcess/GPU/graphics/cocoa/ImageBufferShareableMappedIOSurfaceBackend.cpp (273902 => 273903)
--- trunk/Source/WebKit/WebProcess/GPU/graphics/cocoa/ImageBufferShareableMappedIOSurfaceBackend.cpp 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebKit/WebProcess/GPU/graphics/cocoa/ImageBufferShareableMappedIOSurfaceBackend.cpp 2021-03-04 18:41:02 UTC (rev 273903)
@@ -69,9 +69,6 @@
if (!surface)
return nullptr;
- // Claim in the WebProcess ownership of the IOSurface constructed by the GPUProcess so that Jetsam knows which processes to kill.
- surface->setOwnership(mach_task_self());
-
return makeUnique<ImageBufferShareableMappedIOSurfaceBackend>(parameters, WTFMove(surface));
}
@@ -80,6 +77,14 @@
return ImageBufferBackendHandle(m_surface->createSendRight());
}
+#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY)
+void ImageBufferShareableMappedIOSurfaceBackend::setProcessOwnership(task_id_token_t processIdentityToken)
+{
+ ASSERT(surface());
+ surface()->setOwnershipIdentity(processIdentityToken);
+}
+#endif
+
} // namespace WebKit
#endif // ENABLE(GPU_PROCESS) && HAVE(IOSURFACE)
Modified: trunk/Source/WebKit/WebProcess/GPU/graphics/cocoa/ImageBufferShareableMappedIOSurfaceBackend.h (273902 => 273903)
--- trunk/Source/WebKit/WebProcess/GPU/graphics/cocoa/ImageBufferShareableMappedIOSurfaceBackend.h 2021-03-04 18:28:40 UTC (rev 273902)
+++ trunk/Source/WebKit/WebProcess/GPU/graphics/cocoa/ImageBufferShareableMappedIOSurfaceBackend.h 2021-03-04 18:41:02 UTC (rev 273903)
@@ -45,6 +45,10 @@
using WebCore::ImageBufferIOSurfaceBackend::ImageBufferIOSurfaceBackend;
ImageBufferBackendHandle createImageBufferBackendHandle() const;
+
+#if HAVE(IOSURFACE_SET_OWNERSHIP_IDENTITY)
+ void setProcessOwnership(task_id_token_t);
+#endif
};
} // namespace WebKit
