Title: [285903] branches/safari-613.1.9-branch/Source/WebKit
- Revision
- 285903
- Author
- repst...@apple.com
- Date
- 2021-11-16 17:08:34 -0800 (Tue, 16 Nov 2021)
Log Message
Cherry-pick r285886. rdar://problem/85473581
[iOS] Limit graphics related IOKit method filtering
https://bugs.webkit.org/show_bug.cgi?id=233209
<rdar://problem/85473581>
Reviewed by Brent Fulgham.
Limit graphics related IOKit method filtering based on OS version. This patch also adds an entitlement which
will enable a replacement for the disabled filtering.
* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
* Scripts/process-entitlements.sh:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@285886 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Diff
Modified: branches/safari-613.1.9-branch/Source/WebKit/ChangeLog (285902 => 285903)
--- branches/safari-613.1.9-branch/Source/WebKit/ChangeLog 2021-11-17 01:03:07 UTC (rev 285902)
+++ branches/safari-613.1.9-branch/Source/WebKit/ChangeLog 2021-11-17 01:08:34 UTC (rev 285903)
@@ -1,5 +1,38 @@
2021-11-16 Russell Epstein <repst...@apple.com>
+ Cherry-pick r285886. rdar://problem/85473581
+
+ [iOS] Limit graphics related IOKit method filtering
+ https://bugs.webkit.org/show_bug.cgi?id=233209
+ <rdar://problem/85473581>
+
+ Reviewed by Brent Fulgham.
+
+ Limit graphics related IOKit method filtering based on OS version. This patch also adds an entitlement which
+ will enable a replacement for the disabled filtering.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
+ * Scripts/process-entitlements.sh:
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@285886 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-11-16 Per Arne Vollan <pvol...@apple.com>
+
+ [iOS] Limit graphics related IOKit method filtering
+ https://bugs.webkit.org/show_bug.cgi?id=233209
+ <rdar://problem/85473581>
+
+ Reviewed by Brent Fulgham.
+
+ Limit graphics related IOKit method filtering based on OS version. This patch also adds an entitlement which
+ will enable a replacement for the disabled filtering.
+
+ * Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
+ * Scripts/process-entitlements.sh:
+
+2021-11-16 Russell Epstein <repst...@apple.com>
+
Cherry-pick r285889. rdar://problem/85430575
Adjust graphics related message filter
Modified: branches/safari-613.1.9-branch/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in (285902 => 285903)
--- branches/safari-613.1.9-branch/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2021-11-17 01:03:07 UTC (rev 285902)
+++ branches/safari-613.1.9-branch/Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in 2021-11-17 01:08:34 UTC (rev 285903)
@@ -261,7 +261,7 @@
iokit-external-method
)
(allow iokit-async-external-method
-#if PLATFORM(IOS)
+#if PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED < 160000
(iokit-method-number
43
44
@@ -269,7 +269,7 @@
#endif
)
(allow iokit-external-method
-#if PLATFORM(IOS)
+#if PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED < 160000
(iokit-method-number
0
2
Modified: branches/safari-613.1.9-branch/Source/WebKit/Scripts/process-entitlements.sh (285902 => 285903)
--- branches/safari-613.1.9-branch/Source/WebKit/Scripts/process-entitlements.sh 2021-11-17 01:03:07 UTC (rev 285902)
+++ branches/safari-613.1.9-branch/Source/WebKit/Scripts/process-entitlements.sh 2021-11-17 01:08:34 UTC (rev 285903)
@@ -32,6 +32,10 @@
then
plistbuddy add :com.apple.coreaudio.allow-vorbis-decode bool YES
fi
+ if (( "${TARGET_MAC_OS_X_VERSION_MAJOR}" >= 130000 ))
+ then
+ plistbuddy Add :com.apple.private.gpu-restricted bool YES
+ fi
fi
mac_process_webcontent_or_plugin_entitlements
@@ -61,6 +65,11 @@
plistbuddy Add :com.apple.security.cs.jit-write-allowlist bool YES
fi
+ if (( "${TARGET_MAC_OS_X_VERSION_MAJOR}" >= 130000 ))
+ then
+ plistbuddy Add :com.apple.private.gpu-restricted bool YES
+ fi
+
plistbuddy Add :com.apple.private.memory.ownership_transfer bool YES
plistbuddy Add :com.apple.private.webkit.use-xpc-endpoint bool YES
plistbuddy Add :com.apple.rootless.storage.WebKitGPUSandbox bool YES
@@ -280,6 +289,7 @@
plistbuddy Add :com.apple.private.allow-explicit-graphics-priority bool YES
plistbuddy Add :com.apple.private.coremedia.extensions.audiorecording.allow bool YES
plistbuddy Add :com.apple.private.coremedia.pidinheritance.allow bool YES
+ plistbuddy Add :com.apple.private.gpu-restricted bool YES
plistbuddy Add :com.apple.private.memorystatus bool YES
plistbuddy Add :com.apple.private.network.socket-delegate bool YES
plistbuddy Add :com.apple.private.pac.exception bool YES
@@ -308,6 +318,7 @@
plistbuddy Add :com.apple.mediaremote.set-playback-state bool YES
plistbuddy Add :com.apple.private.allow-explicit-graphics-priority bool YES
plistbuddy Add :com.apple.private.coremedia.extensions.audiorecording.allow bool YES
+ plistbuddy Add :com.apple.private.gpu-restricted bool YES
plistbuddy Add :com.apple.private.mediaexperience.startrecordinginthebackground.allow bool YES
plistbuddy Add :com.apple.private.mediaexperience.processassertionaudittokens.allow bool YES
plistbuddy Add :com.apple.private.coremedia.pidinheritance.allow bool YES
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
