Diff
Modified: trunk/Source/WTF/ChangeLog (280450 => 280451)
--- trunk/Source/WTF/ChangeLog 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WTF/ChangeLog 2021-07-29 22:12:16 UTC (rev 280451)
@@ -1,3 +1,19 @@
+2021-07-29 Kate Cheney <katherine_che...@apple.com>
+
+ REGRESSION (r278877) [Cocoa] WebAuthn stopped working for non-Safari browsers
+ https://bugs.webkit.org/show_bug.cgi?id=228116
+ <rdar://problem/80693607>
+
+ Patch by Brent Fulgham.
+
+ Reviewed by Per Arne Vollan.
+
+ Add new SPI header for code signing features.
+
+ * WTF.xcodeproj/project.pbxproj:
+ * wtf/spi/cocoa/SecuritySPI.h:
+ * wtf/spi/darwin/CodeSignSPI.h: Added.
+
2021-07-29 Eric Carlson <eric.carl...@apple.com>
[iOS] Don't set capture attribution dynamically in the simulator
Modified: trunk/Source/WTF/WTF.xcodeproj/project.pbxproj (280450 => 280451)
--- trunk/Source/WTF/WTF.xcodeproj/project.pbxproj 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WTF/WTF.xcodeproj/project.pbxproj 2021-07-29 22:12:16 UTC (rev 280451)
@@ -451,6 +451,7 @@
795212021F42588800BD6421 /* SingleRootGraph.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SingleRootGraph.h; sourceTree = "<group>"; };
7A05093D1FB9DCC500B33FB8 /* JSONValues.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSONValues.h; sourceTree = "<group>"; };
7A05093E1FB9DCC500B33FB8 /* JSONValues.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSONValues.cpp; sourceTree = "<group>"; };
+ 7A4D4AAB26A8DEFC001182F1 /* CodeSignSPI.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = CodeSignSPI.h; sourceTree = "<group>"; };
7A6EBA3220746C33004F9C44 /* MachSendRight.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MachSendRight.h; sourceTree = "<group>"; };
7A6EBA3320746C34004F9C44 /* MachSendRight.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MachSendRight.cpp; sourceTree = "<group>"; };
7AF023B32061E16C00A8EFD6 /* ProcessPrivilege.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ProcessPrivilege.h; sourceTree = "<group>"; };
@@ -1520,6 +1521,7 @@
CE73E02319DCB7AB00580D5C /* darwin */ = {
isa = PBXGroup;
children = (
+ 7A4D4AAB26A8DEFC001182F1 /* CodeSignSPI.h */,
14933E21228C22DF00F79E46 /* DataVaultSPI.h */,
E431CC4A21187ADB000C8A07 /* DispatchSPI.h */,
93DDE9311CDC052D00FD3491 /* dyldSPI.h */,
Modified: trunk/Source/WTF/wtf/spi/cocoa/SecuritySPI.h (280450 => 280451)
--- trunk/Source/WTF/wtf/spi/cocoa/SecuritySPI.h 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WTF/wtf/spi/cocoa/SecuritySPI.h 2021-07-29 22:12:16 UTC (rev 280451)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2015-2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2015-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -76,7 +76,9 @@
SecTaskRef SecTaskCreateWithAuditToken(CFAllocatorRef, audit_token_t);
SecTaskRef SecTaskCreateFromSelf(CFAllocatorRef);
+CFStringRef SecTaskCopySigningIdentifier(SecTaskRef, CFErrorRef *);
CFTypeRef SecTaskCopyValueForEntitlement(SecTaskRef, CFStringRef entitlement, CFErrorRef*);
+uint32_t SecTaskGetCodeSignStatus(SecTaskRef);
SecIdentityRef SecIdentityCreate(CFAllocatorRef, SecCertificateRef, SecKeyRef);
SecAccessControlRef SecAccessControlCreateFromData(CFAllocatorRef, CFDataRef, CFErrorRef*);
CFDataRef SecAccessControlCopyData(SecAccessControlRef);
@@ -85,12 +87,10 @@
#if PLATFORM(MAC)
#include <Security/SecAsn1Types.h>
-CFStringRef SecTaskCopySigningIdentifier(SecTaskRef, CFErrorRef *);
ALLOW_DEPRECATED_DECLARATIONS_BEGIN
extern const SecAsn1Template kSecAsn1AlgorithmIDTemplate[];
extern const SecAsn1Template kSecAsn1SubjectPublicKeyInfoTemplate[];
ALLOW_DEPRECATED_DECLARATIONS_END
-uint32_t SecTaskGetCodeSignStatus(SecTaskRef);
#endif
#if HAVE(SEC_TRUST_SERIALIZATION)
Added: trunk/Source/WTF/wtf/spi/darwin/CodeSignSPI.h (0 => 280451)
--- trunk/Source/WTF/wtf/spi/darwin/CodeSignSPI.h (rev 0)
+++ trunk/Source/WTF/wtf/spi/darwin/CodeSignSPI.h 2021-07-29 22:12:16 UTC (rev 280451)
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2021 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#pragma once
+
+#if USE(APPLE_INTERNAL_SDK)
+
+#include <Kernel/kern/cs_blobs.h>
+
+#else
+
+#define CS_PLATFORM_BINARY 0x04000000
+
+#endif
Modified: trunk/Source/WebKit/ChangeLog (280450 => 280451)
--- trunk/Source/WebKit/ChangeLog 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/ChangeLog 2021-07-29 22:12:16 UTC (rev 280451)
@@ -1,3 +1,34 @@
+2021-07-29 Kate Cheney <katherine_che...@apple.com>
+
+ REGRESSION (r278877) [Cocoa] WebAuthn stopped working for non-Safari browsers
+ https://bugs.webkit.org/show_bug.cgi?id=228116
+ <rdar://problem/80693607>
+
+ Patch by Brent Fulgham.
+
+ Reviewed by Per Arne Vollan.
+
+ We should not be using the PAC key to confirm a valid WebContent process is the source of
+ WebAuthn-related messages. Instead, we should confirm the message source is an Apple-signed
+ executable, and that the signining identity is for the WebContent process.
+
+ * Shared/Cocoa/CodeSigning.h: Renamed from Source/WebKit/Shared/mac/CodeSigning.h.
+ * Shared/Cocoa/CodeSigning.mm: Renamed from Source/WebKit/Shared/mac/CodeSigning.mm.
+ (WebKit::codeSigningIdentifier):
+ (WebKit::codeSigningIdentifierForCurrentProcess):
+ (WebKit::currentProcessIsPlatformBinary):
+ (WebKit::codeSigningIdentifierAndPlatformBinaryStatus):
+ * Shared/Cocoa/XPCEndpoint.mm:
+ (WebKit::XPCEndpoint::XPCEndpoint):
+ * SourcesCocoa.txt:
+ * UIProcess/Cocoa/WebProcessProxyCocoa.mm:
+ (WebKit::WebProcessProxy::messageSourceIsValidWebContentProcess):
+ * UIProcess/WebProcessProxy.cpp:
+ (WebKit::WebProcessProxy::getWebAuthnProcessConnection):
+ * UIProcess/WebProcessProxy.h:
+ * UIProcess/mac/WebProcessProxyMac.mm:
+ * WebKit.xcodeproj/project.pbxproj:
+
2021-07-29 Peng Liu <peng.l...@apple.com>
The bundle path of downlevel Safari is wrong
Copied: trunk/Source/WebKit/Shared/Cocoa/CodeSigning.h (from rev 280450, trunk/Source/WebKit/Shared/mac/CodeSigning.h) (0 => 280451)
--- trunk/Source/WebKit/Shared/Cocoa/CodeSigning.h (rev 0)
+++ trunk/Source/WebKit/Shared/Cocoa/CodeSigning.h 2021-07-29 22:12:16 UTC (rev 280451)
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2016-2021 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include <wtf/Forward.h>
+#include <wtf/spi/darwin/XPCSPI.h>
+
+namespace WebKit {
+
+// These functions return a null string if the process is unsigned.
+String codeSigningIdentifierForCurrentProcess();
+String codeSigningIdentifier(xpc_connection_t);
+bool currentProcessIsPlatformBinary();
+std::pair<String, bool> codeSigningIdentifierAndPlatformBinaryStatus(xpc_connection_t);
+
+} // namespace WebKit
Copied: trunk/Source/WebKit/Shared/Cocoa/CodeSigning.mm (from rev 280450, trunk/Source/WebKit/Shared/mac/CodeSigning.mm) (0 => 280451)
--- trunk/Source/WebKit/Shared/Cocoa/CodeSigning.mm (rev 0)
+++ trunk/Source/WebKit/Shared/Cocoa/CodeSigning.mm 2021-07-29 22:12:16 UTC (rev 280451)
@@ -0,0 +1,72 @@
+/*
+ * Copyright (C) 2016-2021 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#import "config.h"
+#import "CodeSigning.h"
+
+#if PLATFORM(COCOA)
+
+#import <wtf/RetainPtr.h>
+#import <wtf/spi/cocoa/SecuritySPI.h>
+#import <wtf/spi/darwin/CodeSignSPI.h>
+#import <wtf/text/WTFString.h>
+
+namespace WebKit {
+
+static String codeSigningIdentifier(SecTaskRef task)
+{
+ return adoptCF(SecTaskCopySigningIdentifier(task, nullptr)).get();
+}
+
+String codeSigningIdentifierForCurrentProcess()
+{
+ return codeSigningIdentifier(adoptCF(SecTaskCreateFromSelf(kCFAllocatorDefault)).get());
+}
+
+String codeSigningIdentifier(xpc_connection_t connection)
+{
+ auto pair = codeSigningIdentifierAndPlatformBinaryStatus(connection);
+ return pair.first;
+}
+
+bool currentProcessIsPlatformBinary()
+{
+ auto task = adoptCF(SecTaskCreateFromSelf(kCFAllocatorDefault));
+ return SecTaskGetCodeSignStatus(task.get()) & CS_PLATFORM_BINARY;
+}
+
+std::pair<String, bool> codeSigningIdentifierAndPlatformBinaryStatus(xpc_connection_t connection)
+{
+ audit_token_t auditToken;
+ xpc_connection_get_audit_token(connection, &auditToken);
+ auto task = adoptCF(SecTaskCreateWithAuditToken(kCFAllocatorDefault, auditToken));
+ bool isPlatformBinary = SecTaskGetCodeSignStatus(task.get()) & CS_PLATFORM_BINARY;
+ auto signingIdentifier = codeSigningIdentifier(task.get());
+ return std::make_pair(signingIdentifier, isPlatformBinary);
+}
+
+} // namespace WebKit
+
+#endif // PLATFORM(COCOA)
Modified: trunk/Source/WebKit/Shared/Cocoa/XPCEndpoint.mm (280450 => 280451)
--- trunk/Source/WebKit/Shared/Cocoa/XPCEndpoint.mm 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/Shared/Cocoa/XPCEndpoint.mm 2021-07-29 22:12:16 UTC (rev 280451)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -30,9 +30,7 @@
#if PLATFORM(MAC)
#import "CodeSigning.h"
-#import <Kernel/kern/cs_blobs.h>
#import <wtf/RetainPtr.h>
-#import <wtf/spi/cocoa/SecuritySPI.h>
#import <wtf/text/WTFString.h>
#endif
@@ -55,10 +53,7 @@
if (pid != getpid() && !WTF::hasEntitlement(connection.get(), "com.apple.private.webkit.use-xpc-endpoint")) {
WTFLogAlways("Audit token does not have required entitlement com.apple.private.webkit.use-xpc-endpoint");
#if PLATFORM(MAC)
- audit_token_t auditToken;
- xpc_connection_get_audit_token(connection.get(), &auditToken);
- bool isPlatformBinary = SecTaskGetCodeSignStatus(adoptCF(SecTaskCreateWithAuditToken(kCFAllocatorDefault, auditToken)).get()) & CS_PLATFORM_BINARY;
- auto signingIdentifier = codeSigningIdentifier(connection.get());
+ auto [signingIdentifier, isPlatformBinary] = codeSigningIdentifierAndPlatformBinaryStatus(connection.get());
if (!isPlatformBinary || !signingIdentifier.startsWith("com.apple.WebKit.WebContent")) {
WTFLogAlways("XPC endpoint denied to connect with unknown client");
Deleted: trunk/Source/WebKit/Shared/mac/CodeSigning.h (280450 => 280451)
--- trunk/Source/WebKit/Shared/mac/CodeSigning.h 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/Shared/mac/CodeSigning.h 2021-07-29 22:12:16 UTC (rev 280451)
@@ -1,37 +0,0 @@
-/*
- * Copyright (C) 2016 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
- * THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#pragma once
-
-#include <wtf/Forward.h>
-#include <wtf/spi/darwin/XPCSPI.h>
-
-namespace WebKit {
-
-// These functions return a null string if the process is unsigned.
-String codeSigningIdentifierForCurrentProcess();
-String codeSigningIdentifier(xpc_connection_t);
-
-} // namespace WebKit
Deleted: trunk/Source/WebKit/Shared/mac/CodeSigning.mm (280450 => 280451)
--- trunk/Source/WebKit/Shared/mac/CodeSigning.mm 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/Shared/mac/CodeSigning.mm 2021-07-29 22:12:16 UTC (rev 280451)
@@ -1,56 +0,0 @@
-/*
- * Copyright (C) 2016 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
- * THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#import "config.h"
-#import "CodeSigning.h"
-
-#if PLATFORM(MAC) || PLATFORM(MACCATALYST)
-
-#import <wtf/RetainPtr.h>
-#import <wtf/spi/cocoa/SecuritySPI.h>
-#import <wtf/text/WTFString.h>
-
-namespace WebKit {
-
-static String codeSigningIdentifier(SecTaskRef task)
-{
- return adoptCF(SecTaskCopySigningIdentifier(task, nullptr)).get();
-}
-
-String codeSigningIdentifierForCurrentProcess()
-{
- return codeSigningIdentifier(adoptCF(SecTaskCreateFromSelf(kCFAllocatorDefault)).get());
-}
-
-String codeSigningIdentifier(xpc_connection_t connection)
-{
- audit_token_t auditToken;
- xpc_connection_get_audit_token(connection, &auditToken);
- return codeSigningIdentifier(adoptCF(SecTaskCreateWithAuditToken(kCFAllocatorDefault, auditToken)).get());
-}
-
-} // namespace WebKit
-
-#endif // PLATFORM(MAC)
Modified: trunk/Source/WebKit/SourcesCocoa.txt (280450 => 280451)
--- trunk/Source/WebKit/SourcesCocoa.txt 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/SourcesCocoa.txt 2021-07-29 22:12:16 UTC (rev 280451)
@@ -1,4 +1,4 @@
-// Copyright (C) 2018-2019 Apple Inc. All rights reserved.
+// Copyright (C) 2018-2021 Apple Inc. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions
@@ -161,6 +161,7 @@
Shared/Cocoa/APIObject.mm
Shared/Cocoa/ArgumentCodersCocoa.mm
Shared/Cocoa/AuxiliaryProcessCocoa.mm
+Shared/Cocoa/CodeSigning.mm
Shared/Cocoa/CompletionHandlerCallChecker.mm
Shared/Cocoa/CoreTextHelpers.mm
Shared/Cocoa/DataDetectionResult.mm
@@ -205,7 +206,6 @@
Shared/ios/WebTouchEventIOS.cpp
Shared/mac/AuxiliaryProcessMac.mm
-Shared/mac/CodeSigning.mm
Shared/mac/HangDetectionDisablerMac.mm
Shared/mac/NativeWebGestureEventMac.mm
Shared/mac/NativeWebKeyboardEventMac.mm
Modified: trunk/Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm (280450 => 280451)
--- trunk/Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm 2021-07-29 22:12:16 UTC (rev 280451)
@@ -27,6 +27,7 @@
#import "WebProcessProxy.h"
#import "AccessibilitySupportSPI.h"
+#import "CodeSigning.h"
#import "HighPerformanceGPUManager.h"
#import "Logging.h"
#import "ObjCObjectGraph.h"
@@ -309,7 +310,7 @@
});
}
-bool WebProcessProxy::hasCorrectPACEntitlement()
+bool WebProcessProxy::messageSourceIsValidWebContentProcess()
{
if (!hasConnection()) {
ASSERT_NOT_REACHED();
@@ -316,22 +317,25 @@
return false;
}
-#if HAVE(PAC_SHARED_REGION_ID)
- auto auditToken = connection()->getAuditToken();
- if (!auditToken) {
- ASSERT_NOT_REACHED();
- RELEASE_LOG_ERROR(Process, "Unable to get parent web process audit token");
- return false;
- }
+#if USE(APPLE_INTERNAL_SDK)
+#if PLATFORM(IOS)
+ // FIXME(rdar://80908833): On iOS, we can only perform the below checks for platform binaries until rdar://80908833 is fixed.
+ if (!currentProcessIsPlatformBinary())
+ return true;
+#endif
-#if USE(APPLE_INTERNAL_SDK)
+ // WebKitTestRunner does not pass the isPlatformBinary check, we should return early in this case.
+ if (isRunningTest(WebCore::applicationBundleIdentifier()))
+ return true;
+
// Confirm that the connection is from a WebContent process:
- if (!WTF::hasEntitlementValue(auditToken.value(), "com.apple.pac.shared_region_id", "WebContent")) {
- RELEASE_LOG_ERROR(Process, "Process is not an entitled WebContent process. Process shared_region_id is incorrect.");
+ auto [signingIdentifier, isPlatformBinary] = codeSigningIdentifierAndPlatformBinaryStatus(connection()->xpcConnection());
+
+ if (!isPlatformBinary || !signingIdentifier.startsWith("com.apple.WebKit.WebContent")) {
+ RELEASE_LOG_ERROR(Process, "Process is not an entitled WebContent process.");
return false;
}
#endif
-#endif
return true;
}
Modified: trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp (280450 => 280451)
--- trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/UIProcess/WebProcessProxy.cpp 2021-07-29 22:12:16 UTC (rev 280451)
@@ -825,7 +825,7 @@
#if ENABLE(WEB_AUTHN)
void WebProcessProxy::getWebAuthnProcessConnection(Messages::WebProcessProxy::GetWebAuthnProcessConnection::DelayedReply&& reply)
{
- MESSAGE_CHECK_COMPLETION(hasCorrectPACEntitlement(), reply({ }));
+ MESSAGE_CHECK_COMPLETION(messageSourceIsValidWebContentProcess(), reply({ }));
m_processPool->getWebAuthnProcessConnection(*this, WTFMove(reply));
}
#endif
Modified: trunk/Source/WebKit/UIProcess/WebProcessProxy.h (280450 => 280451)
--- trunk/Source/WebKit/UIProcess/WebProcessProxy.h 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/UIProcess/WebProcessProxy.h 2021-07-29 22:12:16 UTC (rev 280451)
@@ -531,7 +531,7 @@
#endif
#if PLATFORM(COCOA)
- bool hasCorrectPACEntitlement();
+ bool messageSourceIsValidWebContentProcess();
#endif
enum class IsWeak { No, Yes };
Modified: trunk/Source/WebKit/UIProcess/mac/WebProcessProxyMac.mm (280450 => 280451)
--- trunk/Source/WebKit/UIProcess/mac/WebProcessProxyMac.mm 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/UIProcess/mac/WebProcessProxyMac.mm 2021-07-29 22:12:16 UTC (rev 280451)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2011 Apple Inc. All rights reserved.
+ * Copyright (C) 2011-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -29,11 +29,10 @@
#if PLATFORM(MAC)
+#import "CodeSigning.h"
#import "WKFullKeyboardAccessWatcher.h"
-#import <Kernel/kern/cs_blobs.h>
#import <signal.h>
#import <wtf/ProcessPrivilege.h>
-#import <wtf/spi/cocoa/SecuritySPI.h>
namespace WebKit {
@@ -52,7 +51,7 @@
if (!isSystemWebKit)
return false;
- static bool isPlatformBinary = SecTaskGetCodeSignStatus(adoptCF(SecTaskCreateFromSelf(kCFAllocatorDefault)).get()) & CS_PLATFORM_BINARY;
+ static bool isPlatformBinary = currentProcessIsPlatformBinary();
if (isPlatformBinary)
return false;
Modified: trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj (280450 => 280451)
--- trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj 2021-07-29 21:55:11 UTC (rev 280450)
+++ trunk/Source/WebKit/WebKit.xcodeproj/project.pbxproj 2021-07-29 22:12:16 UTC (rev 280451)
@@ -8361,6 +8361,8 @@
A175C44921AA3170000037D0 /* ArgumentCodersCocoa.h */,
A175C44B21AA331B000037D0 /* ArgumentCodersCocoa.mm */,
1A698F171E4910220064E881 /* AuxiliaryProcessCocoa.mm */,
+ CE11AD511CBC482F00681EE5 /* CodeSigning.h */,
+ CE11AD4F1CBC47F800681EE5 /* CodeSigning.mm */,
37BEC4DF19491486008B4286 /* CompletionHandlerCallChecker.h */,
37BEC4DE19491486008B4286 /* CompletionHandlerCallChecker.mm */,
1C739E872347BD0F00C621EC /* CoreTextHelpers.h */,
@@ -10534,8 +10536,6 @@
children = (
A15799AC2584433100528236 /* MediaFormatReader */,
9F54F88E16488E87007DF81A /* AuxiliaryProcessMac.mm */,
- CE11AD511CBC482F00681EE5 /* CodeSigning.h */,
- CE11AD4F1CBC47F800681EE5 /* CodeSigning.mm */,
1AC75A1C1B33695E0056745B /* HangDetectionDisablerMac.mm */,
2D50365D1BCC793F00E20BB3 /* NativeWebGestureEventMac.mm */,
C02BFF1D1251502E009CCBEA /* NativeWebKeyboardEventMac.mm */,
